Preventivní kontrola (problém s Malwarebytes)

Zpráva

Milann77 · #1 Příspěvek od **Milann77** » 29 led 2015 17:28

Počítač pracuje ne zrovna rychle a občas úplně zamrzne. Možná, že tohle můžu přičíst stáří a kvalitě počítače a stáří instalace windows.
Hlavní problém, který mě trápí je problém s instalací Malwarebyte anti malware. Pokaždé mi při instalaci vyskačí níže uvedené hlášky. Vím, že to není ojedinělý problém, zkoušel jsem už všechny možné postupy, které jsem našel, ale nic nepomáhá.
Prosím tedy o radu, jestli v logu nenajdete něco co by to mohlo působit.

Kód: Vybrat vše

interní chyba: expression error runtime error (at 85:109)
external exception E06D7363

runtime error (at 75:252)

interní chyba: expression error runtime error (at 53:89)
external exception E06D7363

Logfile of random's system information tool 1.10 (written by random/random)
Run by at 2015-01-29 16:52:01
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (5%) free of 40 GB
Total RAM: 1023 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:52:33, on 29.1.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\emmon.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\EPSON\TMCOMUSB\Service\EpsonPE.exe
C:\Program Files\epson\portcommunicationservice\DeviceControlLog.exe
C:\Program Files\epson\portcommunicationservice\PCSVC.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\OO Software\Defrag\oodag.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\uTorrent\utorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Last.fm\LastFM.exe
d:\RSIT.exe
C:\Program Files\trend micro\Milan.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [emMON] C:\WINDOWS\emmon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKCU\..\Run: [NVRCMS] c:\Program Files\SecuGuard_Basic_6.0\NVR_MainConsole.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {64865E5A-E8D7-44C1-89E1-99A84F6E56D0} - http://82.100.8.99:8362/VVTK_Plugin_Installer.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 11 CE Licensing Service (ABBYY.Licensing.FineReader.Corporate.11.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: TP-LINK Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: ArcGIS License Manager - Unknown owner - C:\Program Files\ESRI\License\arcgis9x\lmgrd.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Epson Port Emulator Service (EpsonPEService) - Seiko Epson Corporation - C:\Program Files\EPSON\TMCOMUSB\Service\EpsonPE.exe
O23 - Service: EPSON Device Control Log Service (EPSON_Device_Control_Log_Service) - SEIKO EPSON CORPORATION - C:\Program Files\epson\portcommunicationservice\DeviceControlLog.exe
O23 - Service: EPSON Port Communication Service (EPSON_Port_Communication_Service) - SEIKO EPSON CORPORATION - C:\Program Files\epson\portcommunicationservice\PCSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 12164 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\switchShakeIcon.job - C:\Program Files\NCH Swift Sound\Switch\switch.exe -shakeicon

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Milan\Data aplikací\Mozilla\Firefox\Profiles\i13qqdee.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"wrc@avast.com"=C:\PROGRA~1\AVASTS~1\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.296 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\WinLessPlugin]
"Description"=Camera Stream Controler
"Path"=C:\Program Files\Camera Stream Controler\npWinLessRtspCtrl.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\plugins\
npdjvu.dll
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll

C:\Documents and Settings\Milan\Data aplikací\Mozilla\Firefox\Profiles\i13qqdee.default\searchplugins\
sfd.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-02-20 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-08-16 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-21 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-21 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-02-20 798771]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"DU Meter"=C:\Program Files\DU Meter\DUMeter.exe [2001-10-13 1123328]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"emMON"=C:\WINDOWS\emmon.exe [2007-11-07 65536]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2013-01-03 15515576]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-01-03 1982312]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2013-01-29 5032752]
"WinFast Schedule"=C:\Program Files\WinFast\WFTVFM\WFWIZ.exe [2005-03-02 278528]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2012-09-10 101888]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-08-16 198160]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"WinFast Schedule"=C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2012-08-28 2916352]
"NVRCMS"=c:\Program Files\SecuGuard_Basic_6.0\NVR_MainConsole.exe [2012-01-13 1037824]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR11]
C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [2011-11-07 934152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Center Agent]
C:\Program Files\MSI\Digi VOX AD II\HyperMediaCenter\DTVR\Scheduled.exe [2006-10-19 867840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EpsonAPD4SV]
C:\Program Files\EPSON\EPSON Advanced Printer Driver 4\Tools\EAPSV\EAPSV.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hard Disk Sentinel]
C:\Program Files\Hard Disk Sentinel\hdsentinel.exe [2011-07-15 4007936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe [2013-01-29 5032752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-08-16 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe [2005-03-02 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2004-03-15 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^O&O Defrag Tray.lnk]
C:\WINDOWS\Installer\{45F266D8-52A1-4AF4-988F-B35547E89CC3}\DefragIcon.exe [2013-02-19 292878]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Select a coupon.lnk]
C:\PROGRA~1\EPSON\TMCOMM~1\POPUPW~1.EXE [2012-06-28 1622528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Translate Client.lnk]
C:\PROGRA~1\TRANSL~1\TRANSL~2.EXE /h []

C:\Documents and Settings\Milan\Nabídka Start\Programy\Po spuštění
Lingea Update Center.lnk - C:\Program Files\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2014-07-16 85832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x91000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Cerberus\Cerberus.exe"="C:\Program Files\Cerberus\Cerberus.exe:*:Enabled:Cerberus FTP Server"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\mozilla.org\Mozilla\mozilla.exe"="C:\Program Files\mozilla.org\Mozilla\mozilla.exe:*:Enabled:Mozilla"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Kerio Firewall GUI"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\Java\jre1.6.0_07\launch4j-tmp\JDownloader.exe"="C:\Program Files\Java\jre1.6.0_07\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\BPFTP\bpftp.exe"="C:\Program Files\BPFTP\bpftp.exe:*:Enabled:bpftp"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Xi\NetXfer\NetTransport.exe"="C:\Program Files\Xi\NetXfer\NetTransport.exe:*:Enabled:NetTransport"
"C:\Program Files\Xi\NetXfer\FTPTransport.exe"="C:\Program Files\Xi\NetXfer\FTPTransport.exe:*:Enabled:FTPTransport"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Documents and Settings\Milan\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\Milan\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=iyvu9_32.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\Iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.wmv3"=wmv9vcm.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.YV12"=yv12vfw.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"vidc.SEDG"=mcs_vfw.dll
"vidc.DIVX"=DivX.dll
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"VIDC.HFYU"=huffyuv.dll
"VIDC.X264"=x264vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 3 months======

2015-01-29 01:53:37 ----D---- C:\Program Files\Mozilla Firefox
2015-01-28 23:12:38 ----A---- C:\WINDOWS\system32\sdnclean.exe
2015-01-28 23:12:12 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2015-01-28 20:29:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
2015-01-28 20:29:33 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2015-01-01 15:00:00 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-01-01 15:00:00 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2015-01-01 15:00:00 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-12-28 19:44:44 ----A---- C:\WINDOWS\system32\WING32.DLL
2014-12-28 19:44:44 ----A---- C:\WINDOWS\system32\winbri21.dll
2014-12-28 19:38:47 ----D---- C:\Program Files\BSP Multimedia
2014-12-28 17:01:36 ----D---- C:\WINDOWS\A5W_DATA
2014-12-28 17:01:36 ----A---- C:\WINDOWS\A5W.INI
2014-12-12 09:00:54 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-11-23 04:18:00 ----D---- C:\Program Files\ChomikBox

======List of files/folders modified in the last 3 months======

2015-01-29 16:52:20 ----D---- C:\Program Files\trend micro
2015-01-29 16:51:07 ----D---- C:\Documents and Settings\Milan\Data aplikací\uTorrent
2015-01-29 16:50:49 ----D---- C:\Downloads
2015-01-29 16:44:01 ----D---- C:\WINDOWS\Prefetch
2015-01-29 15:32:11 ----D---- C:\WINDOWS\Temp
2015-01-29 14:59:43 ----A---- C:\WINDOWS\wincmd.ini
2015-01-29 11:26:32 ----D---- C:\Program Files\SpeedFan
2015-01-29 11:25:38 ----D---- C:\WINDOWS\system32\CatRoot2
2015-01-29 11:24:59 ----D---- C:\Documents and Settings\Milan\Data aplikací\SecuGuard6.0.3
2015-01-29 11:24:50 ----D---- C:\flexlm
2015-01-29 11:23:33 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-01-29 01:56:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-01-29 01:54:17 ----D---- C:\Program Files
2015-01-28 23:22:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2015-01-28 23:12:57 ----D---- C:\WINDOWS\system32\config
2015-01-28 23:12:56 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2015-01-28 23:12:38 ----D---- C:\WINDOWS\system32
2015-01-28 22:56:09 ----D---- C:\WINDOWS\Minidump
2015-01-28 22:55:54 ----AD---- C:\WINDOWS
2015-01-28 20:29:33 ----D---- C:\WINDOWS\system32\drivers
2015-01-28 19:51:41 ----D---- C:\FRST
2015-01-28 02:49:31 ----D---- C:\Documents and Settings\Milan\Data aplikací\vlc
2015-01-27 14:55:42 ----SD---- C:\WINDOWS\Tasks
2015-01-26 18:34:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\TrackMania
2015-01-13 23:57:44 ----D---- C:\Program Files\Common Files\Lingea Shared
2015-01-01 19:38:48 ----D---- C:\Program Files\Trell
2015-01-01 19:37:48 ----D---- C:\03. Filmy
2014-12-28 19:45:04 ----HD---- C:\WINDOWS\inf
2014-12-28 19:45:04 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-12-28 19:45:01 ----HD---- C:\Program Files\Uninstall Information
2014-12-28 19:44:39 ----HD---- C:\Program Files\InstallShield Installation Information
2014-12-28 19:37:09 ----D---- C:\Documents and Settings\Milan\Data aplikací\DAEMON Tools Lite
2014-12-18 22:34:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\ArcSoft
2014-11-23 13:05:07 ----HD---- C:\Config.Msi
2014-11-23 04:19:14 ----SHD---- C:\WINDOWS\Installer
2014-11-15 19:42:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-14 23:46:33 ----D---- C:\Program Files\Exact Audio Copy
2014-11-05 20:06:15 ----A---- C:\WINDOWS\win.ini
2014-10-30 18:33:16 ----D---- C:\Program Files\SeaMonkey

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-06-27 175176]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2004-10-19 28207]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2011-03-04 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-09-29 66048]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2011-03-18 25240]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2004-07-20 20096]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-12-01 770784]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-06-27 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 cpuidlep;CpuIdle Pro System Driver; C:\WINDOWS\system32\drivers\cpuidlep.sys [2008-02-04 4484]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-12-04 242240]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 mbmiodrvr;mbmiodrvr; \??\C:\WINDOWS\system32\mbmiodrvr.sys []
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2012-04-19 113072]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 EpsCe;EpsCe; \??\C:\WINDOWS\system32\Drivers\EpsCe.sys []
R2 EPSON_PCS_Parallel_Port_Driver;EPSON PCS Parallel Port Driver; \??\C:\WINDOWS\system32\DRIVERS\pcslpt.sys []
R2 Esdpdx01;Esdpdx01; \??\C:\WINDOWS\system32\Drivers\ESDPDX01.SYS []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2004-05-14 76288]
R3 appliandMP;appliandMP; C:\WINDOWS\system32\DRIVERS\appliand.sys [2011-06-26 28256]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2004-10-19 20096]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-01-13 12500]
R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2004-10-21 1275584]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2014-02-07 10144]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-01-03 12651256]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2004-11-05 82148]
R3 vsbus;Virtual Serial Bus Enumerator; C:\WINDOWS\system32\DRIVERS\vsb.sys [2007-02-27 17280]
R3 WFIOCTL;WFIOCTL; \??\c:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
R3 WFLR6654;WinFast TV2000 XP Expert (FM1216MK3); C:\WINDOWS\system32\drivers\wfeaglxt.sys [2009-10-21 433920]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2009-08-14 58208]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2004-10-27 223104]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
S2 nvcap;nVidia WDM Video Capture (universal); C:\WINDOWS\system32\DRIVERS\nvcap.sys [2005-04-14 141582]
S2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 appliand;Applian Network Service; C:\WINDOWS\system32\DRIVERS\appliand.sys [2011-06-26 28256]
S3 AR9271;Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw.sys [2009-08-14 1668352]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2004-09-21 10804]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-01-17 23000]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 DigiartyVirtualCDBus;Digiarty Virtual Driver; C:\WINDOWS\system32\drivers\DigiartyVirtualCDBus.sys [2012-08-13 163616]
S3 HdAudAddService;Ovladač funkcí Microsoft UAA pro služby sběrnice High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-02 20864]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-01-25 42000]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TMUSB;EPSON USB Device Driver for TM/BA/EU Printers; C:\WINDOWS\System32\DRIVERS\TMUSBXP.SYS [2013-01-21 49408]
S3 USB28xxBGA;USB 2881 Device; C:\WINDOWS\system32\DRIVERS\emBDA.sys [2008-03-06 530944]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\WINDOWS\system32\DRIVERS\emOEM.sys [2007-04-25 45696]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-02 8064]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\WINDOWS\System32\DRIVERS\vserial.sys [2007-02-27 45056]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WinUSB;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Corporate.11.0;ABBYY FineReader 11 CE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [2011-10-12 819976]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 ACS;TP-LINK Configuration Service; C:\WINDOWS\system32\acs.exe [2009-08-14 495700]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2004-07-20 90112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 EPSON_Device_Control_Log_Service;EPSON Device Control Log Service; C:\Program Files\epson\portcommunicationservice\DeviceControlLog.exe [2012-11-29 333824]
R2 EPSON_Port_Communication_Service;EPSON Port Communication Service; C:\Program Files\epson\portcommunicationservice\PCSVC.exe [2012-11-29 433152]
R2 EpsonPEService;Epson Port Emulator Service; C:\Program Files\EPSON\TMCOMUSB\Service\EpsonPE.exe [2012-01-30 914584]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-09-05 182696]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2013-01-03 156600]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2013-01-29 2026800]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ArcGIS License Manager;ArcGIS License Manager; C:\Program Files\ESRI\License\arcgis9x\lmgrd.exe [1999-12-01 467968]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-01-03 1259448]
S2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-29 114800]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-01-25 93048]
S3 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
S3 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
S4 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2004-12-24 106496]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Roli píše:log odstraně z CODE pro lepší čitelnost

#2 Příspěvek od **altrok** » 29 led 2015 18:02

Zdravim

MBAM odinstalujte.

Drzte se presne navodu! Win XP neni podporovan novou verzi 2.0

Stahnete a nainstalujte MBAM 1.75 http://www.bleepingcomputer.com/downloa ... i-malware/
na konci instalace zruste zatrzitko u polozky Povolit bezplatnou zkusebni verzi Malwarebytes Anti-Malware PRO
ted je dulezity krok - stahuje se aktualizace celeho programu a na konci vyskoci hlaska - zvolte Cancel, pripadne Storno
jako dalsi se sama stahla aktualizace virove databaze a dava Vam jedinou moznost -> OK
opet je Vam nabizena aktualizace celeho programu -> zvolte opet Cancel
v zalozce Kontrolor vyberte moznost Kompletni kontrola a kliknete na Prohledat
po dokonceni skenovani, ktere se muze protahnout az na nekolik hodin, na Vas vyskoci log, ktery mi zkopirujte do pristi odpovedi... pripadne jej najdete v karte Slozka protokolu

Milann77 · #3 Příspěvek od **Milann77** » 29 led 2015 22:33

Tak řešení s tím Malwarebytes bylo vlastně prostě. Taky mě mohlo napadnout instalovat starší verzi.
Děkuji za radu.

Tady log z MB:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2015.01.29.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Milan :: PC1 [administrátor]

29.1.2015 18:27:58
MBAM-log-2015-01-29 (21-41-16).txt

Typ: Kompletní kontrola (C:\|D:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 657895
Uplynulý čas: 3 hodin, 10 minut, 24 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Optional.OutBrowse.gen) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 8
C:\Documents and Settings\Milan\Dokumenty\Stažené soubory\produkey.zip (PUP.PSWTool.ProductKey) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Milan\Local Settings\Temp\setup.exe (PUP.Optional.OutBrowse.gen) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Milan\Local Settings\Temp\nsl15DC.tmp\ipa.dll (PUP.Optional.OutBrowse.gen) -> Nebyla provedena žádná instrukce.
C:\Program Files\SecuGuard_Basic_6.0\Apache\bin\ab.exe (Backdoor.Bot.gen) -> Nebyla provedena žádná instrukce.
D:\DTLite4454-0316.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
D:\veetle-0.9.19.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
D:\Programy\MediaCoder-0.6.2.4270.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
E:\SoftonicDownloader_for_last-fm-scrobbler.exe (PUP.Optional.Softonic) -> Nebyla provedena žádná instrukce.

(konec)

#4 Příspěvek od **altrok** » 29 led 2015 23:43

Vsechny nalezy muzete smazat/presunout do karanteny.

Spybot ma nejlepsi leta za sebou, takze je na soucasnou havet nedostatecny.

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Spustte jako spravce C:\Program Files\trend micro\Milan.exe

kliknete na Do a system scan only
zatrhnete (udelejte fajfku) nasledujici polozky
- O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
kliknete na Fix checked

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Clean
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Milann77 · #5 Příspěvek od **Milann77** » 30 led 2015 13:45

Adwcleaner log

# AdwCleaner v4.109 - Report created 30/01/2015 at 13:35:22
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Milan - PC1
# Running from : D:\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DD83BC36-D59B-4C2F-B900-5D04DC2B638B}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v35.0.1 (x86 cs)

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [10620 octets] - [04/09/2014 17:13:16]
AdwCleaner[R1].txt - [981 octets] - [30/01/2015 13:30:09]
AdwCleaner[S0].txt - [10703 octets] - [04/09/2014 17:25:39]
AdwCleaner[S1].txt - [905 octets] - [30/01/2015 13:35:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [964 octets] ##########

#6 Příspěvek od **altrok** » 30 led 2015 14:39

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Milann77 · #7 Příspěvek od **Milann77** » 30 led 2015 15:21

FRST log

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-01-2015 01
Ran by Milan (administrator) on PC1 on 30-01-2015 15:06:24
Running from C:\Documents and Settings\Milan\Plocha
Loaded Profiles: Milan (Available profiles: Milan & UpdatusUser & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Atheros) C:\WINDOWS\system32\acs.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
(ASUSTeK COMPUTER INC.) C:\WINDOWS\ATKKBService.exe
(Seiko Epson Corporation) C:\Program Files\EPSON\TMCOMUSB\Service\EpsonPE.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\portcommunicationservice\DeviceControlLog.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\portcommunicationservice\PCSVC.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Hagel Technologies) C:\Program Files\DU Meter\DUMeter.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(eMPIA Technology, Inc.) C:\WINDOWS\emMON.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
(Almico Software (http://www.almico.com)) C:\Program Files\SpeedFan\speedfan.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe
(Last.fm) C:\Program Files\Last.fm\LastFM.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\Milan\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cmaudio] => RunDll32 cmicnfg.cpl,CMICtrlWnd
HKLM\...\Run: [DU Meter] => C:\Program Files\DU Meter\DUMeter.exe [1123328 2001-10-13] (Hagel Technologies)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [emMON] => C:\WINDOWS\emmon.exe [65536 2007-11-07] (eMPIA Technology, Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1982312 2013-01-03] ()
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [5032752 2013-01-29] (O&O Software GmbH)
HKLM\...\Run: [WinFast Schedule] => C:\Program Files\WinFast\WFTVFM\WFWIZ.exe [278528 2005-03-02] (Leadtek Research Inc.)
HKLM\...\Run: [WinFastDTV] => C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [101888 2012-09-10] (Leadtek Research Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [413696 2009-05-26] (Apple Inc.)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [198160 2009-08-16] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\runonceex: [Flag] =>
Winlogon\Notify\LMIinit: C:\WINDOWS\system32\LMIinit.dll (LogMeIn, Inc.)
HKU\S-1-5-21-73586283-746137067-1417001333-1003\...\Run: [WinFast Schedule] => C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2916352 2012-08-28] (Leadtek Research Inc.)
HKU\S-1-5-21-73586283-746137067-1417001333-1003\...\Run: [NVRCMS] => c:\Program Files\SecuGuard_Basic_6.0\NVR_MainConsole.exe [1037824 2012-01-13] ()
HKU\S-1-5-21-73586283-746137067-1417001333-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-73586283-746137067-1417001333-1003\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-73586283-746137067-1417001333-1003\...\MountPoints2: {f11e2c9c-3d91-11e2-a782-0013d4f58147} - F:\start.exe
HKU\S-1-5-18\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
Startup: C:\Documents and Settings\Milan\Nabídka Start\Programy\Po spuštění\Lingea Update Center.lnk
ShortcutTarget: Lingea Update Center.lnk -> C:\Program Files\Common Files\Lingea Shared\luc.exe (Lingea)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-73586283-746137067-1417001333-1003] => localhost:8080
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-73586283-746137067-1417001333-1003 -> ${searchCLSID} URL = http://search.yahoo.com/search?ei=ISO-8 ... earchTerms}
SearchScopes: HKU\S-1-5-21-73586283-746137067-1417001333-1003 -> {D7DD1927-FA64-4597-8C13-7837692DD082} URL = http://www.google.cz/search?q={searchTe ... {startPage}
BHO: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKU\S-1-5-21-73586283-746137067-1417001333-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-73586283-746137067-1417001333-1003 -> No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKU\S-1-5-21-73586283-746137067-1417001333-1003 -> No Name - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab
DPF: {64865E5A-E8D7-44C1-89E1-99A84F6E56D0} http://82.100.8.99:8362/VVTK_Plugin_Installer.exe
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Milan\Data aplikací\Mozilla\Firefox\Profiles\i13qqdee.default
FF DefaultSearchUrl:
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF NetworkProxy: "ftp", "176.124.137.229"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "176.124.137.229"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "ssl", "176.124.137.229"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.69 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: WinLessPlugin -> C:\Program Files\Camera Stream Controler\npWinLessRtspCtrl.dll ( VIVOTEK INC.)
FF Plugin HKU\S-1-5-21-73586283-746137067-1417001333-1003: amtk.com/CBCamV -> C:\WINDOWS\system32\npAMTKCamV.dll (AMTK)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdjvu.dll (LizardTech)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Documents and Settings\Milan\Data aplikací\Mozilla\Firefox\Profiles\i13qqdee.default\searchplugins\sfd.xml
FF Extension: Adblock Plus - C:\Documents and Settings\Milan\Data aplikací\Mozilla\Firefox\Profiles\i13qqdee.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-02]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-01-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\PROGRA~1\AVASTS~1\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\PROGRA~1\AVASTS~1\Avast\WebRep\FF [2013-06-25]

Chrome:
=======
CHR Profile: C:\Documents and Settings\Milan\Local Settings\Data aplikací\Google\Chrome\User Data\Default

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [819976 2011-10-12] (ABBYY)
R2 ACS; C:\WINDOWS\system32\acs.exe [495700 2009-08-14] (Atheros) [File not signed]
R2 ATKKeyboardService; C:\WINDOWS\ATKKBService.exe [90112 2004-07-20] (ASUSTeK COMPUTER INC.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S4 BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [106496 2004-12-24] () [File not signed]
R2 EpsonPEService; C:\Program Files\EPSON\TMCOMUSB\Service\EpsonPE.exe [914584 2012-01-30] (Seiko Epson Corporation)
R2 EPSON_Device_Control_Log_Service; C:\Program Files\epson\portcommunicationservice\DeviceControlLog.exe [333824 2012-11-29] (SEIKO EPSON CORPORATION) [File not signed]
R2 EPSON_Port_Communication_Service; C:\Program Files\epson\portcommunicationservice\PCSVC.exe [433152 2012-11-29] (SEIKO EPSON CORPORATION) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-09-05] (Oracle Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2026800 2013-01-29] (O&O Software GmbH)
R2 SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [95528 2008-10-31] (Sunbelt Software, Inc.)
R2 SPF4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [1365288 2008-10-31] (Sunbelt Software, Inc.)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 appliand; C:\WINDOWS\System32\DRIVERS\appliand.sys [28256 2011-06-26] (Applian Technologies Inc.)
R3 appliandMP; C:\WINDOWS\System32\DRIVERS\appliand.sys [28256 2011-06-26] (Applian Technologies Inc.)
S3 AR9271; C:\WINDOWS\System32\DRIVERS\athuw.sys [1668352 2009-08-14] (Atheros Communications, Inc.) [File not signed]
R1 asuskbnt; C:\WINDOWS\System32\drivers\atkkbnt.sys [20096 2004-07-20] (ASUSTeK COMPUTER INC.) [File not signed]
R2 aswFsBlk; C:\WINDOWS\system32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\WINDOWS\system32\Drivers\aswSnx.sys [770784 2014-12-01] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\Drivers\aswSP.sys [369584 2013-06-27] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [175176 2013-06-27] ()
R3 BlueletAudio; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [20096 2004-10-19] (IVT Corporation) [File not signed]
S3 BT; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [10804 2004-09-21] (IVT Corporation) [File not signed]
S3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [23000 2005-01-17] (IVT Corporation) [File not signed]
R3 BTHidEnum; C:\WINDOWS\System32\DRIVERS\vbtenum.sys [12500 2005-01-13] () [File not signed]
R0 BTHidMgr; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [28207 2004-10-19] (IVT Corporation) [File not signed]
S3 BTNetFilter; C:\WINDOWS\system32\drivers\BTNetFilter.sys [13304 2004-12-16] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 cmudax; C:\WINDOWS\System32\drivers\cmudax.sys [1275584 2004-10-21] (C-Media Inc.)
R1 cpuidlep; C:\WINDOWS\system32\Drivers\cpuidlep.sys [4484 2008-02-04] ()
S3 CrystalSysInfo; C:\Program Files\MediaCoder\SysInfo.sys [15152 2007-09-25] ()
S3 DigiartyVirtualCDBus; C:\WINDOWS\System32\drivers\DigiartyVirtualCDBus.sys [163616 2012-08-13] (Digiarty Software, Inc.)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [242240 2012-12-04] (DT Soft Ltd)
R2 EpsCe; C:\WINDOWS\system32\Drivers\EpsCe.sys [71680 2013-01-21] (Seiko Epson Corporation) [File not signed]
R2 EPSON_PCS_Parallel_Port_Driver; C:\WINDOWS\system32\DRIVERS\pcslpt.sys [19592 2012-11-29] (SEIKO EPSON CORPORATION)
R2 Esdpdx01; C:\WINDOWS\system32\Drivers\ESDPDX01.SYS [95449 2003-01-19] (MK Systems CO., LTD.) [File not signed]
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [113664 2004-03-17] (Windows (R) Server 2003 DDK provider)
R1 mbmiodrvr; C:\WINDOWS\system32\mbmiodrvr.sys [2944 2004-04-10] (cansoft@livewiredev.com) [File not signed]
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 nm; C:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-13] (Microsoft Corporation)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [42000 2007-01-25] (CACE Technologies)
S2 nvcap; C:\WINDOWS\System32\DRIVERS\nvcap.sys [141582 2005-04-14] (NVIDIA Corporation) [File not signed]
R1 SbFw; C:\WINDOWS\System32\drivers\SbFw.sys [270888 2008-10-31] (Sunbelt Software, Inc.)
R3 SBFWIMCL; C:\WINDOWS\System32\DRIVERS\sbfwim.sys [65576 2008-06-21] (Sunbelt Software, Inc.)
R1 sbhips; C:\WINDOWS\system32\drivers\sbhips.sys [66600 2008-06-21] (Sunbelt Software, Inc.)
R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [113072 2012-04-19] (Power Software Ltd)
R2 Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [76288 2004-05-14] (Rainbow Technologies, Inc.) [File not signed]
R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [66048 2005-09-29] (Protection Technology) [File not signed]
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
S3 TMUSB; C:\WINDOWS\System32\DRIVERS\TMUSBXP.SYS [49408 2013-01-21] (Seiko Epson Corporation)
R3 ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [27392 2004-12-23] (Ulead Systems, Inc.) [File not signed]
S3 USB28xxBGA; C:\WINDOWS\System32\DRIVERS\emBDA.sys [530944 2008-03-06] (eMPIA Technology, Inc.) [File not signed]
S3 USB28xxOEM; C:\WINDOWS\System32\DRIVERS\emOEM.sys [45696 2007-04-25] (eMPIA Technology, Inc.) [File not signed]
S3 UsbserFilt; C:\WINDOWS\System32\DRIVERS\usbser_lowerfltj.sys [8064 2008-05-02] (Windows (R) Codename Longhorn DDK provider)
R3 VComm; C:\WINDOWS\System32\DRIVERS\VComm.sys [61312 2004-10-19] (IVT Corporation) [File not signed]
R3 VcommMgr; C:\WINDOWS\System32\Drivers\VcommMgr.sys [82148 2004-11-05] (IVT Corporation) [File not signed]
R3 vsbus; C:\WINDOWS\System32\DRIVERS\vsb.sys [17280 2007-02-27] (ELTIMA Software) [File not signed]
S3 vserial; C:\WINDOWS\System32\DRIVERS\vserial.sys [45056 2007-02-27] (ELTIMA Software) [File not signed]
R3 WFIOCTL; c:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS [9446 2005-01-06] (Leadtek Research Inc.) [File not signed]
R3 WFLR6654; C:\WINDOWS\System32\drivers\wfeaglxt.sys [433920 2009-10-21] (Leadtek Research Inc.)
R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [58208 2009-08-14] (Atheros Communications, Inc.) [File not signed]
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [223104 2004-10-27] (Marvell)
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
S4 LMIRfsClientNP; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S2 StarOpen; No ImagePath
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2008-05-02] () [File not signed]
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 15:06 - 2015-01-30 15:06 - 00023413 _____ () C:\Documents and Settings\Milan\Plocha\FRST.txt
2015-01-30 15:02 - 2015-01-29 16:30 - 01121792 _____ (Farbar) C:\Documents and Settings\Milan\Plocha\FRST.exe
2015-01-30 15:01 - 2015-01-30 15:01 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Milan\Plocha\FRSTLauncher.exe
2015-01-30 13:47 - 2015-01-30 13:47 - 00000079 _____ () C:\WINDOWS\wininit.ini
2015-01-29 18:23 - 2015-01-29 18:23 - 00000784 _____ () C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2015-01-29 18:23 - 2015-01-29 18:23 - 00000000 ____D () C:\Documents and Settings\Milan\Data aplikací\Malwarebytes
2015-01-29 18:23 - 2015-01-29 18:23 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2015-01-29 18:23 - 2015-01-29 18:23 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2015-01-29 18:22 - 2015-01-29 18:23 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2015-01-29 18:22 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-29 01:53 - 2015-01-29 01:54 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-28 23:17 - 2015-01-28 23:17 - 00000000 ____D () C:\Documents and Settings\LocalService\Nabídka Start\Programy
2015-01-28 23:17 - 2015-01-28 23:17 - 00000000 ____D () C:\Documents and Settings\LocalService\Nabídka Start
2015-01-28 23:12 - 2015-01-30 13:49 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-01-28 23:12 - 2015-01-29 01:56 - 00065536 _____ () C:\WINDOWS\system32\config\SpybotSD.evt
2015-01-28 22:56 - 2015-01-28 22:56 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012815-01.dmp
2015-01-28 20:29 - 2015-01-28 21:39 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 15:06 - 2014-09-04 22:27 - 00000000 ____D () C:\FRST
2015-01-30 15:06 - 2008-02-04 01:46 - 00005183 _____ () C:\WINDOWS\wincmd.ini
2015-01-30 15:06 - 2008-02-04 01:41 - 00000000 ____D () C:\Documents and Settings\Milan\Plocha
2015-01-30 15:06 - 2008-02-04 01:41 - 00000000 ____D () C:\Documents and Settings\Milan\Local Settings\Temp
2015-01-30 15:04 - 2008-02-04 01:41 - 00000000 ___HD () C:\Documents and Settings\Milan\Local Settings\Data aplikací
2015-01-30 15:00 - 2014-07-09 21:58 - 00000000 ____D () C:\Documents and Settings\Milan\Data aplikací\Mp3tag
2015-01-30 14:51 - 2014-07-09 21:56 - 00000654 _____ () C:\Documents and Settings\All Users\Plocha\Mp3tag.lnk
2015-01-30 14:51 - 2014-07-09 21:56 - 00000000 ____D () C:\Program Files\Mp3tag
2015-01-30 14:51 - 2008-02-04 02:24 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-01-30 13:56 - 2008-05-29 22:34 - 00000000 ____D () C:\Program Files\SpeedFan
2015-01-30 13:52 - 2014-08-01 22:18 - 00000000 ____D () C:\Documents and Settings\Milan\Data aplikací\SecuGuard6.0.3
2015-01-30 13:52 - 2014-03-19 18:41 - 01355859 _____ () C:\WINDOWS\setupapi.log
2015-01-30 13:51 - 2013-06-25 17:17 - 00000362 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-01-30 13:51 - 2008-02-04 01:34 - 01388062 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-30 13:50 - 2008-10-11 17:02 - 00000093 _____ () C:\WINDOWS\system32\LMGRD.LOG
2015-01-30 13:50 - 2008-10-11 17:02 - 00000000 ____D () C:\flexlm
2015-01-30 13:50 - 2008-02-04 02:28 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-01-30 13:50 - 2008-02-04 02:28 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-01-30 13:49 - 2008-02-04 01:40 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-30 13:48 - 2009-12-01 12:27 - 00524288 _____ () C:\WINDOWS\system32\config\ACS.evt
2015-01-30 13:48 - 2008-02-04 01:41 - 00000178 ___SH () C:\Documents and Settings\Milan\ntuser.ini
2015-01-30 13:48 - 2008-02-04 01:40 - 00032534 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-30 13:47 - 2008-02-04 02:24 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-01-30 13:35 - 2014-09-04 17:13 - 00000000 ____D () C:\AdwCleaner
2015-01-30 13:25 - 2011-06-22 19:14 - 00000000 ____D () C:\Program Files\trend micro
2015-01-30 01:28 - 2008-08-30 02:14 - 00000000 ____D () C:\Documents and Settings\Milan\Data aplikací\uTorrent
2015-01-30 01:24 - 2012-10-17 21:46 - 00000000 ____D () C:\Documents and Settings\Milan\Data aplikací\vlc
2015-01-29 21:45 - 2008-02-04 02:12 - 00000000 ____D () C:\WINDOWS\Media
2015-01-29 21:43 - 2009-03-24 22:14 - 00000000 ____D () C:\Documents and Settings\Milan\Dokumenty\Stažené soubory
2015-01-29 18:23 - 2008-02-04 02:22 - 00000000 ___HD () C:\Documents and Settings\All Users\Data aplikací
2015-01-29 18:23 - 2008-02-04 01:41 - 00000000 __RHD () C:\Documents and Settings\Milan\Data aplikací
2015-01-29 11:23 - 2012-03-17 17:22 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-28 23:22 - 2008-11-16 22:34 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2015-01-28 23:17 - 2008-02-04 01:40 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-01-28 22:56 - 2010-03-21 16:04 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-28 22:55 - 2009-08-24 22:56 - 1073037312 _____ () C:\WINDOWS\MEMORY.DMP
2015-01-28 19:31 - 2004-08-18 13:00 - 00013676 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-28 03:06 - 2008-02-04 01:41 - 00000000 ____D () C:\Documents and Settings\Milan
2015-01-27 17:52 - 2008-02-04 01:56 - 00000397 _____ () C:\WINDOWS\system\cmicnfg.ini
2015-01-27 15:10 - 2014-12-12 09:00 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-01-27 15:10 - 2014-12-12 09:00 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-01-27 15:10 - 2014-07-21 12:06 - 00000000 ____D () C:\Documents and Settings\Milan\Local Settings\Data aplikací\Adobe
2015-01-26 19:23 - 2011-01-05 00:07 - 00000000 ____D () C:\Documents and Settings\Milan\Dokumenty\TrackMania
2015-01-26 18:34 - 2013-10-17 23:30 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\TrackMania
2015-01-13 23:57 - 2010-03-13 20:09 - 00000802 _____ () C:\Documents and Settings\All Users\Plocha\Lingea EasyLex 2.lnk
2015-01-13 23:57 - 2010-03-06 00:42 - 00000000 ____D () C:\Program Files\Common Files\Lingea Shared
2015-01-13 23:57 - 2008-02-04 01:41 - 00000000 ___RD () C:\Documents and Settings\Milan\Nabídka Start\Programy\Po spuštění
2015-01-01 19:38 - 2014-01-10 02:04 - 00000000 ____D () C:\Program Files\Trell
2015-01-01 19:38 - 2013-01-21 00:50 - 00000005 _____ () C:\Program Files\trl.trl
2015-01-01 19:37 - 2008-05-29 21:04 - 00000000 ____D () C:\03. Filmy

==================== Files in the root of some directories =======

2013-01-21 00:50 - 2015-01-01 19:38 - 0000005 _____ () C:\Program Files\trl.trl
2008-09-09 17:18 - 2009-01-30 23:42 - 0000559 _____ () C:\Documents and Settings\Milan\Data aplikací\AutoGK.ini
2010-10-21 23:08 - 2010-10-21 23:08 - 0081920 _____ () C:\Documents and Settings\Milan\Data aplikací\ezpinst.exe
2012-04-02 18:02 - 2012-04-02 18:03 - 0001923 _____ () C:\Documents and Settings\Milan\Data aplikací\HPCOM_48BitScanUpdate.log
2008-10-31 21:28 - 2012-10-27 21:42 - 0087608 _____ () C:\Documents and Settings\Milan\Data aplikací\inst.exe
2009-05-09 00:40 - 2009-05-17 16:32 - 0000784 _____ () C:\Documents and Settings\Milan\Data aplikací\mpauth.dat
2008-10-31 21:28 - 2012-10-27 21:42 - 0007887 _____ () C:\Documents and Settings\Milan\Data aplikací\pcouffin.cat
2008-10-31 21:28 - 2012-10-27 21:42 - 0001144 _____ () C:\Documents and Settings\Milan\Data aplikací\pcouffin.inf
2008-10-31 21:29 - 2012-10-27 21:42 - 0000055 _____ () C:\Documents and Settings\Milan\Data aplikací\pcouffin.log
2008-10-31 21:28 - 2012-10-27 21:42 - 0047360 _____ (VSO Software) C:\Documents and Settings\Milan\Data aplikací\pcouffin.sys
2009-08-02 23:47 - 2014-01-30 19:44 - 0006233 _____ () C:\Documents and Settings\Milan\Data aplikací\PrimoPDFSet.xml
2010-02-21 15:25 - 2010-02-21 15:25 - 0038190 _____ () C:\Documents and Settings\Milan\Data aplikací\SLOVA.WAV
2010-02-21 15:25 - 2010-02-21 15:25 - 0037790 _____ () C:\Documents and Settings\Milan\Data aplikací\TMP.WAV
2008-02-04 02:35 - 2013-07-22 20:52 - 0090112 _____ () C:\Documents and Settings\Milan\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-02-18 13:04 - 2008-02-18 13:04 - 0000125 _____ () C:\Documents and Settings\Milan\Local Settings\Data aplikací\fusioncache.dat

Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\sfamcc00001.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\sfareca00001.dll
C:\Documents and Settings\Milan\Local Settings\Temp\bcjcabfbbgg.exe
C:\Documents and Settings\Milan\Local Settings\Temp\FooPlugin0.9Setup_2.1.exe
C:\Documents and Settings\Milan\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Milan\Local Settings\Temp\sfamcc00001.dll
C:\Documents and Settings\Milan\Local Settings\Temp\sfamcc00002.dll
C:\Documents and Settings\Milan\Local Settings\Temp\sfareca00001.dll
C:\Documents and Settings\Milan\Local Settings\Temp\sqlite3.dll
C:\Documents and Settings\Milan\Local Settings\Temp\uninst.exe
C:\Documents and Settings\Milan\Local Settings\Temp\vlc-2.1.5-win32.exe
C:\Documents and Settings\Milan\Local Settings\Temp\~21B.exe
C:\Documents and Settings\Milan\Local Settings\Temp\~21C.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:39.06 GB) (Free:2.88 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:244.14 GB) (Free:9.72 GB) NTFS
Drive e: () (Fixed) (Total:89.4 GB) (Free:1.23 GB) NTFS
Drive f: (Moorhuhn-Total 2) (CDROM) (Total:0.31 GB) (Free:0 GB) CDFS

Available physical RAM: 529.24 MB
Total physical RAM: 1023.23 MB
Percentage of memory in use: 48%

==================== MBR and Partition Table ==================

High Quality Photo Resizer 1.60 (HKLM\...\High Quality Photo Resizer_is1) (Version: - Naturpic Software)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\switchShakeIcon.job => C:\Program Files\NCH Swift Sound\Switch\switch.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\WINDOWS:3CC3A95F7E3A6137
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:1493A0EF
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:59756FA4
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:5C321E34
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:B42C512A
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:C581A570
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:C8B8CEBD
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall (Disabled) {82B1150E-9B37-49FC-83EB-D52197D900D0}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Milan\Plocha" je 385 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR11
"C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Center Agent
C:\Program Files\MSI\Digi VOX AD II\HyperMediaCenter\DTVR\Scheduled.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EpsonAPD4SV
C:\Program Files\EPSON\EPSON Advanced Printer Driver 4\Tools\EAPSV\EAPSV.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hard Disk Sentinel
"C:\Program Files\Hard Disk Sentinel\hdsentinel.exe" /AUTORUN [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager
"C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray
C:\Program Files\OO Software\Defrag\oodtray.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\qttask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^HP Digital Imaging Monitor.lnk
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^O&O Defrag Tray.lnk
C:\WINDOWS\Installer\{45F266D8-52A1-4AF4-988F-B35547E89CC3}\DefragIcon.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Select a coupon.lnk
C:\PROGRA~1\EPSON\TMCOMM~1\POPUPW~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Translate Client.lnk
C:\PROGRA~1\TRANSL~1\TRANSL~2.EXE /h [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Cerberus\\Cerberus.exe"="C:\\Program Files\\Cerberus\\Cerberus.exe:*:Enabled:Cerberus FTP Server"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\totalcmd\\TOTALCMD.EXE"="C:\\totalcmd\\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\\Program Files\\mozilla.org\\Mozilla\\mozilla.exe"="C:\\Program Files\\mozilla.org\\Mozilla\\mozilla.exe:*:Enabled:Mozilla"
"C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"="C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe:*:Enabled:Sunbelt Kerio Firewall GUI"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:uTorrent"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Program Files\\Java\\jre1.6.0_07\\launch4j-tmp\\JDownloader.exe"="C:\\Program Files\\Java\\jre1.6.0_07\\launch4j-tmp\\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\BPFTP\\bpftp.exe"="C:\\Program Files\\BPFTP\\bpftp.exe:*:Enabled:bpftp"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\SopCast\\SopCast.exe"="C:\\Program Files\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"="C:\\Program Files\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\\Program Files\\Vuze\\Azureus.exe"="C:\\Program Files\\Vuze\\Azureus.exe:*:Enabled:Azureus / Vuze"
"C:\\WINDOWS\\system32\\muzapp.exe"="C:\\WINDOWS\\system32\\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\\Program Files\\Xi\\NetXfer\\NetTransport.exe"="C:\\Program Files\\Xi\\NetXfer\\NetTransport.exe:*:Enabled:NetTransport"
"C:\\Program Files\\Xi\\NetXfer\\FTPTransport.exe"="C:\\Program Files\\Xi\\NetXfer\\FTPTransport.exe:*:Enabled:FTPTransport"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\\Documents and Settings\\Milan\\Data aplikac\\uTorrent\\utorrent.exe"="C:\\Documents and Settings\\Milan\\Data aplikac\\uTorrent\\utorrent.exe:*:Enabled:uTorrent"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"4668:TCP"="4668:TCP:*:Enabled:4668"
"4668:UDP"="4668:UDP:*:Enabled:4668UDP"
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"48803:TCP"="48803:TCP:*:Enabled:48803"
"48803:UDP"="48803:UDP:*:Enabled:48803udp"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

==================== End Of Log ==============================

#8 Příspěvek od **altrok** » 30 led 2015 17:15

Velikost plochy by nemela presahovat 200 MB. Zpomaluje se pak start i samotny chod celeho PC.

Toto mate schvalne?
FF NetworkProxy: "ftp", "176.124.137.229"
FF NetworkProxy: "ftp_port", 8080

Otestujte na virustotal.com C:\Documents and Settings\Milan\Data aplikací\inst.exe - pokud uz byl soubor otestovany, zvolte Reanalyze. Do pristiho prispevku dejte link (odkaz) s vysledky analyzy.

Ulozte na plochu OTM - http://oldtimer.geekstogo.com/OTM.exe
ukoncete vsechny programy
kliknete pravym na ikonu OTM.exe a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
obsah bileho pole zkopirujte do leveho okna OTM a kliknete na MoveIt!

po restartu vlozte log, ktery bude v C:\_OTM\MovedFiles\mmddyyyy_hhmmss.log

Kód: Vybrat vše

:commands
[Purity]
[EmptyTemp]
[EmptyFlash]
[EmptyJava]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:reg
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Java\\jre1.6.0_07\\launch4j-tmp\\JDownloader.exe"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"=-
"445:TCP"=-
"137:UDP"=-
"138:UDP"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"4668:TCP"=-
"4668:UDP"=-
"1900:UDP"=-
"2869:TCP"=-
"48803:TCP"=-
"48803:UDP"=-
"139:TCP"=-
"445:TCP"=-
"137:UDP"=-
"138:UDP"=-

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [413696 2009-05-26] (Apple Inc.)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [198160 2009-08-16] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\runonceex: [Flag] => 
HKU\S-1-5-21-73586283-746137067-1417001333-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-73586283-746137067-1417001333-1003\...\MountPoints2: {f11e2c9c-3d91-11e2-a782-0013d4f58147} - F:\start.exe

ProxyServer: [S-1-5-21-73586283-746137067-1417001333-1003] => localhost:8080
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-73586283-746137067-1417001333-1003 -> ${searchCLSID} URL = http://search.yahoo.com/search?ei=ISO-8 ... =megaup&q={searchTerms}
SearchScopes: HKU\S-1-5-21-73586283-746137067-1417001333-1003 -> {D7DD1927-FA64-4597-8C13-7837692DD082} URL = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
Toolbar: HKU\S-1-5-21-73586283-746137067-1417001333-1003 -> No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKU\S-1-5-21-73586283-746137067-1417001333-1003 -> No Name - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
FF DefaultSearchUrl: 

S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
S4 LMIRfsClientNP; No ImagePath
S2 StarOpen; No ImagePath
2015-01-30 15:01 - 2015-01-30 15:01 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Milan\Plocha\FRSTLauncher.exe
2015-01-30 13:35 - 2014-09-04 17:13 - 00000000 ____D () C:\AdwCleaner
2015-01-30 13:25 - 2011-06-22 19:14 - 00000000 ____D () C:\Program Files\trend micro

AlternateDataStreams: C:\WINDOWS:3CC3A95F7E3A6137
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:1493A0EF
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:59756FA4
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:5C321E34
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:B42C512A
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:C581A570
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:C8B8CEBD
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe" /f
Hosts:
EmptyTemp:
End

Milann77 · #9 Příspěvek od **Milann77** » 30 led 2015 19:03

Toto mate schvalne?
FF NetworkProxy: "ftp", "176.124.137.229"
FF NetworkProxy: "ftp_port", 8080

Myslím, že to mám na svědomí já. Asi už to bude dlouho, kdy jsem potřeboval otevřít stránku, která nebyla dostupná z české IP, tak jsem ve firefoxu nastavil tento proxy server. Každopádně teď už to nepotřebuji, ani nevím o jakou stránku šlo. Snad to nepůsobí žádné jiné problémy v PC?

výsledek testu souboru inst.exe

Kód: Vybrat vše

https://www.virustotal.com/cs/file/c74d2fa6374b5f1e251e3205de0efe99ed026b8b7a0ad5ee549ee3700f8e63d7/analysis/1422636034/

OTM log

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 485060 bytes
->Temporary Internet Files folder emptied: 96285 bytes
->FireFox cache emptied: 61434175 bytes
->Flash cache emptied: 602 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Milan
->Temp folder emptied: 426289292 bytes
->Temporary Internet Files folder emptied: 6138609 bytes
->Java cache emptied: 5219197 bytes
->FireFox cache emptied: 465472420 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 8275622 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: oov1

User: Software

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 221184 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 117777787 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 041,00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: Milan
->Flash cache emptied: 0 bytes

User: NetworkService

User: oov1

User: Software

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: Milan
->Java cache emptied: 0 bytes

User: NetworkService

User: oov1

User: Software

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb

========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP12.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP175.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP178.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP203.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP205.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP243.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP244.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP286.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B8.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DB.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2EC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP300.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP31.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP357.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4CB.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP52.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA6.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA65.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE4.tmp folder moved successfully.
C:\WINDOWS\CSC\csc1.tmp moved successfully.
C:\WINDOWS\Installer\MSI14D.tmp moved successfully.
C:\WINDOWS\Installer\MSI159.tmp moved successfully.
C:\WINDOWS\Installer\MSIDC.tmp moved successfully.
C:\WINDOWS\Installer\MSIE6.tmp moved successfully.
C:\WINDOWS\Installer\MSIF9B.tmp moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\\Program Files\\Java\\jre1.6.0_07\\launch4j-tmp\\JDownloader.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\139:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\445:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\137:UDP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\138:UDP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\4668:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\4668:UDP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\48803:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\48803:UDP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 01302015_174858

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

FRST log

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 28-01-2015 01
Ran by Milan at 2015-01-30 18:18:10 Run:1
Running from C:\Documents and Settings\Milan\Plocha
Loaded Profiles: Milan (Available profiles: Milan & UpdatusUser & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [413696 2009-05-26] (Apple Inc.)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [198160 2009-08-16] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\runonceex: [Flag] =>
HKU\S-1-5-21-73586283-746137067-1417001333-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-73586283-746137067-1417001333-1003\...\MountPoints2: {f11e2c9c-3d91-11e2-a782-0013d4f58147} - F:\start.exe

ProxyServer: [S-1-5-21-73586283-746137067-1417001333-1003] => localhost:8080
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-73586283-746137067-1417001333-1003 -> ${searchCLSID} URL = http://search.yahoo.com/search?ei=ISO-8 ... =megaup&q={searchTerms}
SearchScopes: HKU\S-1-5-21-73586283-746137067-1417001333-1003 -> {D7DD1927-FA64-4597-8C13-7837692DD082} URL = http://www.google.cz/search?q={searchTe ... {startPage}
Toolbar: HKU\S-1-5-21-73586283-746137067-1417001333-1003 -> No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKU\S-1-5-21-73586283-746137067-1417001333-1003 -> No Name - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
FF DefaultSearchUrl:

S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
S4 LMIRfsClientNP; No ImagePath
S2 StarOpen; No ImagePath
2015-01-30 15:01 - 2015-01-30 15:01 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Milan\Plocha\FRSTLauncher.exe
2015-01-30 13:35 - 2014-09-04 17:13 - 00000000 ____D () C:\AdwCleaner
2015-01-30 13:25 - 2011-06-22 19:14 - 00000000 ____D () C:\Program Files\trend micro

AlternateDataStreams: C:\WINDOWS:3CC3A95F7E3A6137
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:1493A0EF
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:59756FA4
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:5C321E34
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:B42C512A
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:C581A570
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:C8B8CEBD
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe" /f
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\runonceex\\Flag => value deleted successfully.
HKU\S-1-5-21-73586283-746137067-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
"HKU\S-1-5-21-73586283-746137067-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f11e2c9c-3d91-11e2-a782-0013d4f58147}" => Key deleted successfully.
HKCR\CLSID\{f11e2c9c-3d91-11e2-a782-0013d4f58147} => Key not found.
HKU\S-1-5-21-73586283-746137067-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-73586283-746137067-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\${searchCLSID}" => Key deleted successfully.
HKCR\CLSID\${searchCLSID} => Key not found.
"HKU\S-1-5-21-73586283-746137067-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D7DD1927-FA64-4597-8C13-7837692DD082}" => Key deleted successfully.
HKCR\CLSID\{D7DD1927-FA64-4597-8C13-7837692DD082} => Key not found.
HKU\S-1-5-21-73586283-746137067-1417001333-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} => value deleted successfully.
HKCR\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} => Key not found.
HKU\S-1-5-21-73586283-746137067-1417001333-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} => value deleted successfully.
HKCR\CLSID\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} => Key not found.
Firefox DefaultSearchUrl deleted successfully.
Lbd => Service deleted successfully.
LMIInfo => Service deleted successfully.
LMIRfsClientNP => Service deleted successfully.
StarOpen => Service deleted successfully.
C:\Documents and Settings\Milan\Plocha\FRSTLauncher.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\WINDOWS => ":3CC3A95F7E3A6137" ADS removed successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":1493A0EF" ADS removed successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":59756FA4" ADS removed successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":5C321E34" ADS removed successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":B42C512A" ADS removed successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":C581A570" ADS removed successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":C8B8CEBD" ADS removed successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":CB0AACC9" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokončena úspěšně.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========

Operace byla dokončena úspěšně.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========

Operace byla dokončena úspěšně.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe" /f =========

Operace byla dokončena úspěšně.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 42.1 MB temporary data.

The system needed a reboot.

==== End of Fixlog 18:21:34 ====

#10 Příspěvek od **altrok** » 30 led 2015 20:22

proxyny jsou neskodne, ale pokud uz je nepotrebujete, maznul bych je

mimochodem jste mel otevrene porty... opet nevim, zda umyslne

Kód: Vybrat vše

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"4668:TCP"="4668:TCP:*:Enabled:4668"
"4668:UDP"="4668:UDP:*:Enabled:4668UDP"
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"48803:TCP"="48803:TCP:*:Enabled:48803"
"48803:UDP"="48803:UDP:*:Enabled:48803udp"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
FF NetworkProxy: "ftp", "176.124.137.229"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "176.124.137.229"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "ssl", "176.124.137.229"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
EmptyTemp:
End

A protoze uz se jedna o starsi kousek, jeste bych zkontroloval stav HDD.

Stahnete Crystal Disk Info (CDI) http://sourceforge.jp/frs/redir.php?m=j ... o6_2_2.zip
archiv extrahujte a spustte vyextrahovany soubor DiskInfo.exe
ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
log vlozte do dalsi odpovedi (Ctrl + V)

Pozorujete nejake zlepseni/zhorseni stavu PC? Pamatujte taky na volne misto na Cecko, at se Vam system nezacne dusit

Milann77 · #11 Příspěvek od **Milann77** » 30 led 2015 22:49

K čemu jsou ty otevřené porty netuším. Vím jen, že port 4668 jsem měl přesměrován pro P2P, ale to bylo už před delší dobou a teď už to nepoužívám. U těch ostatních nevím a asi by bylo možno je zakázat, pokud to nezpůsobí nějaké nevratné problémy.
Přikládám obrázek z programu Currports, jestli to bude k něčemu dobré.
Určitě pozoruji menší zrychlení - pri spouštění programů, otevření a zavření dokumentů. Výrazná je změna v prohlížeči, kde se teď vše načte o dost rychleji.

FRST log

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 28-01-2015 01
Ran by Milan at 2015-01-30 21:36:01 Run:2
Running from C:\Documents and Settings\Milan\Plocha
Loaded Profiles: Milan (Available profiles: Milan & UpdatusUser & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
FF NetworkProxy: "ftp", "176.124.137.229"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "176.124.137.229"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "ssl", "176.124.137.229"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
EmptyTemp:
End
*****************

Processes closed successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
EmptyTemp: => Removed 43.2 MB temporary data.

The system needed a reboot.

==== End of Fixlog 21:36:22 ====

Crystaldiskinfo

----------------------------------------------------------------------------
CrystalDiskInfo 6.2.2 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2015/01/30 21:48:12

-- Controller Map ----------------------------------------------------------
+ Řadiče úložiště Ultra ATA Intel(R) 82801FB/FBM - 266F [ATA]
+ Primární kanál IDE (0)
- HL-DT-ST DVDRAM GSA-4163B
- Sekundární kanál IDE (1)
+ Řadiče úložiště Ultra ATA Intel(R) 82801FB - 2652 [ATA]
- Primární kanál IDE (0)
+ Sekundární kanál IDE (1)
- WDC WD4000AAKS-00TMA0

-- Disk List ---------------------------------------------------------------
(1) WDC WD4000AAKS-00TMA0 : 400,0 GB [0/3/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD4000AAKS-00TMA0
----------------------------------------------------------------------------
Model : WDC WD4000AAKS-00TMA0
Firmware : 12.01C01
Serial Number : WD-WCAPW5432378
Disk Size : 400,0 GB (8,4/137,4/400,0/400,0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 781422768
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 20114 hod.
Power On Count : 2403 krát
Temperature : 45 C (113 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 171 171 _21 000000001910 Čas na roztočení ploten
04 _98 _98 __0 000000000971 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _73 _73 __0 000000004E92 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000963 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000026 Počet vypnutí disku
C1 200 200 __0 000000000973 Počet cyklů načítání/vymazání
C2 105 _97 __0 00000000002D Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4150 5735 3433 3233 3738
020: 0000 8000 0032 3132 2E30 3143 3031 5744 4320 5744
030: 3430 3030 4141 4B53 2D30 3054 4D41 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0706 0000 0044 0040
080: 00FE 0000 746B 7F61 4123 7469 BC41 4123 207F 0033
090: 0000 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 90B0 2E93 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 560A 8B00 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 1681 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C6A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 C8 C8 00 00 00 00 00 00 00 03 03
010: 00 AB AB 10 19 00 00 00 00 00 04 32 00 62 62 71
020: 09 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 0E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 49 49 92 4E 00 00 00 00 00 0A 12 00 64 64 00
050: 00 00 00 00 00 00 0B 12 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 63 09 00 00 00 00 00 C0 32
070: 00 C8 C8 26 00 00 00 00 00 00 C1 32 00 C8 C8 73
080: 09 00 00 00 00 00 C2 22 00 69 61 2D 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 12
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 10 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 E8 26 01 7B
170: 03 00 01 00 02 7E 06 00 00 00 00 00 00 00 00 00
180: 00 00 01 05 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FC

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 C8 C8 C8 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 33 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 33 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21

#12 Příspěvek od **altrok** » 30 led 2015 23:12

Zjednodusene receno, otevrene porty havet vyuziva ke komunikaci (soucast botnetu - DDoS ci nove instrukce.. cokoliv) a v kroku s OTM jsme je jiz smazaly (zavrely).

Disk je v poradku

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

Milann77 · #13 Příspěvek od **Milann77** » 30 led 2015 23:21

Ok. Myslím, že to bude vše. Děkuji za pomoc a za čas, který jste mi věnoval.

#14 Příspěvek od **altrok** » 30 led 2015 23:35

Nemate zac, rad jsem pomohl

Mejte se krasne a treba zase nekdy

VIRY.CZ

Preventivní kontrola (problém s Malwarebytes)

Preventivní kontrola (problém s Malwarebytes)

Re: Preventivní kontrola (problém s Malwarebytes)

Re: Preventivní kontrola (problém s Malwarebytes)

Re: Preventivní kontrola (problém s Malwarebytes)

Re: Preventivní kontrola (problém s Malwarebytes)

Re: Preventivní kontrola (problém s Malwarebytes)

Re: Preventivní kontrola (problém s Malwarebytes)

Re: Preventivní kontrola (problém s Malwarebytes)

Re: Preventivní kontrola (problém s Malwarebytes)

Re: Preventivní kontrola (problém s Malwarebytes)

Re: Preventivní kontrola (problém s Malwarebytes)

Re: Preventivní kontrola (problém s Malwarebytes)

Re: Preventivní kontrola (problém s Malwarebytes)

Re: Preventivní kontrola (problém s Malwarebytes)