preventivní kontrola + problém s update AV

Zpráva

tartaro · #1 Příspěvek od **tartaro** » 18 pro 2015 23:17

dobrý večer,
prosím o kontrolu logu. počítač mám asi dva týdny zasekaný na hranici snesitelnosti. Přede dvěma dny jsem odinstaloval AVG a nainstaloval AVIRA....našel mi sice hned nějakou havěť, nejde ale vůbec updatovat...čistil jsem Ccleaner, později i Adwcleaner. MBAM taky nic nenašel.
Nic, nejde, je to hrozný a ubíjející

zde:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Killer at 2015-12-18 23:10:04
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (7%) free of 15 GB
Total RAM: 1015 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:10:26, on 18.12.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\Antivirus\sched.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Avira\Antivirus\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Motorola\Bluetooth\obexsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Avira\Antivirus\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Avira\Antivirus\avshadow.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
C:\Program Files\Avira\Launcher\Avira.Systray.exe
C:\Program Files\Avira\Antivirus\avcenter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Killer\Plocha\RSIT.exe
C:\Program Files\trend micro\Killer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://totem.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe
O4 - HKLM\..\Run: [{d0e166af-1634-4c0b-ae96-2180e61f9d38}] "C:\Documents and Settings\All Users\Data aplikací\Package Cache\{d0e166af-1634-4c0b-ae96-2180e61f9d38}\Avira.OE.Setup.Bundle.exe" /quiet /norestart /burn.log.append "C:\WINDOWS\TEMP\Avira_Launcher_20151218225318.log" /install CALLER_PARTNER_ID=avira /burn.runonce
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 9436 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Killer\Data aplikací\Mozilla\Firefox\Profiles\ddbmk09v.default

prefs.js - "browser.startup.homepage" - "about:home"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.235 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Documents and Settings\Killer\Data aplikací\Mozilla\Firefox\Profiles\ddbmk09v.default\extensions\
jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack
{77d2ed30-4cd2-11e0-b8af-0800200c9a66}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-15 159744]
""= []
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-15 131072]
"avgnt"=C:\Program Files\Avira\Antivirus\avgnt.exe [2015-11-20 803200]
"Avira SystrayStartTrigger"=C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [2015-11-23 66320]
"{d0e166af-1634-4c0b-ae96-2180e61f9d38}"=C:\Documents and Settings\All Users\Data aplikací\Package Cache\{d0e166af-1634-4c0b-ae96-2180e61f9d38}\Avira.OE.Setup.Bundle.exe [2015-12-18 918848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2006-10-23 620152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent]
C:\Program Files\Motorola\Bluetooth\btmshell.dll [2010-07-28 20882696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Killer\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShaPlus Bandwidth Meter]
C:\Program Files\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter /s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
C:\WINDOWS\INSTAL~1\{AC76B~2\_SC_AC~1.EXE [2013-03-31 295606]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Synchronizer.lnk]
E:\PROGRA~1\Adobe\ACROBA~1.0\Acrobat\ADOBEC~1.EXE [2006-10-23 734872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2006-02-15 581693]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
C:\PROGRA~1\WINDOW~4\WINDOW~1.EXE []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Maxthon3\Bin\Maxthon.exe"="C:\Program Files\Maxthon3\Bin\Maxthon.exe:*:Enabled:Maxthon"
"C:\Program Files\Maxthon3\Bin\MxUp.exe"="C:\Program Files\Maxthon3\Bin\MxUp.exe:*:Enabled:MxUp"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-12-18 22:44:01 ----D---- C:\AdwCleaner
2015-12-18 21:35:57 ----D---- C:\Program Files\Mozilla Firefox
2015-12-17 06:03:23 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2015-12-17 00:00:21 ----D---- C:\WINDOWS\system32\NtmsData
2015-12-16 23:41:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Package Cache
2015-12-16 23:41:03 ----D---- C:\Documents and Settings\Killer\Data aplikací\Avira
2015-12-16 23:38:22 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2015-12-16 23:38:16 ----A---- C:\WINDOWS\system32\drivers\avkmgr.sys
2015-12-16 23:38:16 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2015-12-16 23:38:15 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2015-12-16 23:38:13 ----D---- C:\Program Files\Avira
2015-12-16 23:38:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira

======List of files/folders modified in the last 1 month======

2015-12-18 23:10:11 ----D---- C:\WINDOWS\temp
2015-12-18 23:10:10 ----D---- C:\WINDOWS\Prefetch
2015-12-18 23:10:09 ----D---- C:\Program Files\trend micro
2015-12-18 22:55:49 ----RD---- C:\Program Files
2015-12-18 22:55:49 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-12-18 22:55:02 ----D---- C:\WINDOWS\system32
2015-12-18 22:55:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-18 22:54:33 ----SHD---- C:\WINDOWS\Installer
2015-12-18 22:49:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-12-18 22:48:26 ----D---- C:\WINDOWS\system32\drivers
2015-12-18 21:56:46 ----D---- C:\Documents and Settings\Killer\Data aplikací\Apple Computer
2015-12-18 21:38:00 ----D---- C:\Documents and Settings\Killer\Data aplikací\Adobe
2015-12-17 13:58:58 ----D---- C:\WINDOWS
2015-12-17 12:00:36 ----D---- C:\WINDOWS\system32\CatRoot2
2015-12-17 11:59:13 ----D---- C:\Documents and Settings\Killer\Data aplikací\MediaMonkey
2015-12-17 00:43:25 ----D---- C:\Documents and Settings\Killer\Data aplikací\vlc
2015-12-17 00:00:21 ----D---- C:\WINDOWS\repair
2015-12-17 00:00:16 ----D---- C:\WINDOWS\Registration
2015-12-16 23:32:09 ----D---- C:\WINDOWS\SoftwareDistribution
2015-12-16 23:30:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2015-12-16 23:28:40 ----HD---- C:\WINDOWS\inf
2015-12-16 21:54:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG
2015-12-15 20:50:52 ----SD---- C:\WINDOWS\Tasks
2015-12-15 20:50:38 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-12-15 10:38:43 ----D---- C:\WINDOWS\Debug
2015-12-13 19:30:58 ----D---- C:\WINDOWS\system32\MRT
2015-12-10 08:14:43 ----SHD---- C:\WINDOWS\CSC
2015-12-07 23:07:53 ----D---- C:\Documents and Settings\Killer\Data aplikací\XnView
2015-12-04 11:56:38 ----A---- C:\WINDOWS\CDPlayer.ini
2015-12-01 09:13:23 ----D---- C:\Documents and Settings
2015-11-23 19:09:54 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2015-11-20 136272]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2015-11-20 37896]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2015-11-20 31848]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2015-11-20 106968]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-02-28 176128]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-06-07 152960]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2009-08-13 1163328]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-08-05 45312]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-02-15 401664]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-02-15 30363]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-02-15 1342570]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-02-15 148168]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-02-15 57096]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 NETwLx32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwLx32.sys [2010-10-07 6609920]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 BTMCOM;Bluetooth Serial Port; C:\WINDOWS\System32\Drivers\btmcom.sys [2010-06-30 41344]
S3 BTMUSB;Motorola Bluetooth Radio Service; C:\WINDOWS\System32\Drivers\btmusb.sys [2010-07-28 395776]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CTIpHook;CTIpHook; C:\WINDOWS\system32\Drivers\CTIpHook.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tpfiltdev;TP-LINK USB Filter Device; C:\WINDOWS\system32\DRIVERS\tpfiltdev.sys [2012-02-08 5632]
S3 tpusbnet;TP-LINK USB-NDIS miniport Driver; C:\WINDOWS\system32\DRIVERS\tpusbnet.sys [2011-12-08 129536]
S3 tpusbser;TP-LINK USB Device for Legacy Serial Communication Driver; C:\WINDOWS\system32\DRIVERS\tpusbser.sys [2011-12-08 107776]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-09-28 44544]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-03-27 14336]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\Antivirus\avguard.exe [2015-11-20 466408]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\Antivirus\sched.exe [2015-11-20 466408]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [2015-11-23 249624]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-07-16 508680]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-02-15 258103]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-07-26 3512072]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-01-04 647680]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files\Avira\Antivirus\avmailc.exe [2015-11-20 930944]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE [2015-11-20 1222952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-07-15 901384]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-11-28 552848]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-12-18 147624]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

tartaro · #2 Příspěvek od **tartaro** » 19 pro 2015 21:19

asi je vše v pořádku

#3 Příspěvek od **Márty84** » 19 pro 2015 21:33

Zdravim

tartaro píše:asi je vše v pořádku

Cili tema muzu uzavrit, kdyz uz je to v poradku?

tartaro · #4 Příspěvek od **tartaro** » 19 pro 2015 21:41

dobrý večer

to měla být ironie...totiž nikdo na můj log nereagoval. tak jsem myslel...

#5 Příspěvek od **Márty84** » 19 pro 2015 21:54

Priste si tu ironii odpustte. Akorat tim sobe skodite. Kdyz si sam odpovite, zapadnete, protoze hledame prednostne temata bez odpovedi. Kdybych na to zrovna nekoukal, kdovi kdy by si tematu nekdo vsiml. Navic tim akorat provokujete. Blizi se svatky, kazdy ma plno jinych veci na praci. Tady je to "jen" nas konicek, nikdo tady nemuze byt porad. Pokud potrebujete urgentni pomoc, musite se obratit na placene sluzby, tam se vas radi ujmou hned

Mate hrozne malo mista na disku, system se dusi.

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte ho. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

tartaro · #6 Příspěvek od **tartaro** » 19 pro 2015 22:06

omlouvám se

viselo to tu bez odpovědi 24 hodin. nechtěl jsem zakládat další thread...

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2015/12/19 22:05:08

-- Controller Map ----------------------------------------------------------
+ Intel(R) 82801GBM/GHM (ICH7-M Family) Serial ATA Storage Controller - 27C4 [ATA]
+ Primární kanál IDE (0)
- FUJITSU MHV2080BH PL
+ Sekundární kanál IDE (1)
- TSSTcorp CD/DVDW TS-L632D

-- Disk List ---------------------------------------------------------------
(1) FUJITSU MHV2080BH PL : 80,0 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) FUJITSU MHV2080BH PL
----------------------------------------------------------------------------
Model : FUJITSU MHV2080BH PL
Firmware : 892C
Serial Number : NW9ZT6B36W7T
Disk Size : 80,0 GB (8,4/80,0/80,0)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 156301488
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 4a
Transfer Mode : SATA/150
Power On Hours : 3 hod.
Power On Count : 3498 krát
Temparature : 43 C (109 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA
APM Level : 4080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _46 000000027B1F Počet chyb čtení
02 100 100 _30 0000011C011F Průchodnost disku
03 100 100 _25 000000000001 Čas na roztočení ploten
04 _99 _99 __0 00000000131F Počet spuštění/zastavení
05 100 100 _24 07D000000000 Počet přemapovaných sektorů
07 100 100 _47 000000000DA3 Počet chybných hledání
08 100 100 _19 000000000000 Čas potřebný na vyhledání
09 _76 _76 __0 000000003029 Hodin v činnosti
0A 100 100 _20 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000DAA Počet cyklů zapnutí zařízení
C0 100 100 __0 000000000012 Počet vypnutí disku
C1 _98 _98 __0 00000000B3FC Počet cyklů načítání/vymazání
C2 100 100 __0 0036000C002B Teplota
C3 100 100 __0 0000000005F0 Počet oprav chybného čtení
C4 100 100 __0 00001B590000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 _60 000000001731 Počet chyb při zápisu sektorů
CB 100 100 __0 0264FE0502FD Počet chyb v kódech na opravu chyb
F0 200 200 __0 000000000000 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 4E57 395A 5436 4233 3657 2020 2020 2020 2020 2020
020: 0003 4000 0004 3839 3243 2020 2020 4655 4A49 5453
030: 5520 4D48 5632 3038 3042 504C 504C 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: F8B0 0950 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0602 0602 0000 0048 0040
080: 00F8 0021 306B 7C09 6023 3C09 3C09 6023 203F 001F
090: 001F 4080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: F8B0 0950 0000 0000 0000 4000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 88A8 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 37A5

#7 Příspěvek od **Márty84** » 19 pro 2015 23:24

Disk hlasi spoustu chyb, i to muze delat potize.

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix.
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

tartaro · #8 Příspěvek od **tartaro** » 20 pro 2015 02:42

ComboFix 15-12-16.01 - Killer 20.12.2015 2:22.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1015.520 [GMT 1:00]
Spuštěný z: c:\documents and settings\Killer\Plocha\ComboFix.exe
AV: Avira Antivirus *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\Killer\LOCALS~1\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\documents and settings\Killer\Local Settings\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\system32\AdobePDF.dll
c:\windows\system32\Cache
c:\windows\system32\Cache\26c630d098e22dd5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\6f820075be5728de.fb
c:\windows\system32\Cache\92edc235759a1422.fb
c:\windows\system32\Cache\95f567698be8a182.fb
c:\windows\system32\Cache\9eea3eb6681cd7e7.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d13ff93fe82ccbd2.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-11-20 do 2015-12-20 )))))))))))))))))))))))))))))))
.
.
2015-12-18 21:44 . 2015-12-18 21:48 -------- d-----w- C:\AdwCleaner
2015-12-16 23:00 . 2015-12-16 23:56 -------- d-----w- c:\windows\system32\NtmsData
2015-12-16 22:41 . 2015-12-19 07:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Package Cache
2015-12-16 22:41 . 2015-12-16 22:41 -------- d-----w- c:\documents and settings\Killer\Data aplikací\Avira
2015-12-16 22:40 . 2015-12-16 22:40 -------- d-----w- c:\documents and settings\All Users\Data aplikacĂ
2015-12-16 22:38 . 2015-11-20 14:35 37896 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2015-12-16 22:38 . 2015-11-20 14:35 136272 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-12-16 22:38 . 2015-11-20 14:35 106968 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-12-16 22:38 . 2015-12-16 22:42 -------- d-----w- c:\program files\Avira
2015-12-16 22:38 . 2015-12-16 22:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Avira
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-15 19:50 . 2012-03-29 11:41 796864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-12-15 19:50 . 2012-01-04 20:30 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-05-02 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"avgnt"="c:\program files\Avira\Antivirus\avgnt.exe" [2015-11-20 803200]
"Avira SystrayStartTrigger"="c:\program files\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2015-11-23 66320]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Synchronizer.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Synchronizer.lnk
backup=c:\windows\pss\Adobe Acrobat Synchronizer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShaPlus Bandwidth Meter]
c:\program files\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2006-10-22 23:24 620152 ----a-w- e:\program files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-11-28 12:13 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent]
2010-07-28 17:57 20882696 ----a-w- c:\program files\Motorola\Bluetooth\btmshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 08:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [16.12.2015 23:38 37896]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\Antivirus\sched.exe [16.12.2015 23:38 466408]
R2 Avira.ServiceHost;Avira Service Host;c:\program files\Avira\Launcher\Avira.ServiceHost.exe [23.11.2015 14:46 249624]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [4.1.2012 21:17 508680]
R3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [4.1.2012 21:17 3512072]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [18.7.2014 16:51 22856]
R3 NETwLx32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [4.1.2012 21:16 6609920]
S2 AntiVirMailService;Avira Mail Protection;c:\program files\Avira\Antivirus\avmailc.exe [16.12.2015 23:38 930944]
S2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\Antivirus\avwebgrd.exe [16.12.2015 23:38 1222952]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [18.7.2014 16:51 701512]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [4.1.2012 21:17 901384]
S3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\drivers\btmcom.sys [4.1.2012 21:17 41344]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\drivers\btmusb.sys [4.1.2012 21:17 395776]
S3 CTIpHook;CTIpHook;c:\windows\system32\Drivers\CTIpHook.sys --> c:\windows\system32\Drivers\CTIpHook.sys [?]
S3 tpfiltdev;TP-LINK USB Filter Device;c:\windows\system32\drivers\tpfiltdev.sys [13.7.2015 18:32 5632]
S3 tpusbnet;TP-LINK USB-NDIS miniport Driver;c:\windows\system32\drivers\tpusbnet.sys [13.7.2015 18:32 129536]
S3 tpusbser;TP-LINK USB Device for Legacy Serial Communication Driver;c:\windows\system32\drivers\tpusbser.sys [13.7.2015 18:32 107776]
.
Obsah adresáře 'Naplánované úlohy'
.
2015-08-08 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-04-21 23:28]
.
2015-12-20 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-04-21 23:28]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://totem.cz/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést vybrané vazby do Adobe PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Přidat do stávajícího PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 193.85.174.174 217.196.117.36 178.238.45.88
FF - ProfilePath - c:\documents and settings\Killer\Data aplikací\Mozilla\Firefox\Profiles\ddbmk09v.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-Google Update - c:\documents and settings\Killer\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-12-20 02:32
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3528)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Avira\Antivirus\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Avira\Antivirus\avshadow.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Avira\Launcher\Avira.Systray.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
.
**************************************************************************
.
Celkový čas: 2015-12-20 02:36:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-12-20 01:36
.
Před spuštěním: 898 158 592
Po spuštění: 1 038 061 568
.
- - End Of File - - B1C77819C3493C79C1B97855D80F23DC
413FC2A0C716421B3158746D63736515

#9 Příspěvek od **Márty84** » 20 pro 2015 12:43

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

tartaro · #10 Příspěvek od **tartaro** » 20 pro 2015 14:18

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:19-12-2015
Ran by Killer (administrator) on NOTES (20-12-2015 14:12:38)
Running from C:\Documents and Settings\Killer\Plocha
Loaded Profiles: Killer (Available Profiles: Killer & Ivanica & Administrator & Guest)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(forum.viry.cz) C:\Documents and Settings\Killer\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [925696 2005-05-20] (Analog Devices, Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [803200 2015-11-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 193.85.174.174 217.196.117.36 178.238.45.88
Tcpip\..\Interfaces\{9A1B2AD4-EBD3-4C1F-8FFF-E8B2F3658C02}: [DhcpNameServer] 193.85.174.174 217.196.117.36 178.238.45.88

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-789336058-1708537768-1801674531-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-789336058-1708537768-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://totem.cz/
HKU\S-1-5-21-789336058-1708537768-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-789336058-1708537768-1801674531-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2011-11-01] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-789336058-1708537768-1801674531-1004 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems Incorporated)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Killer\Data aplikací\Mozilla\Firefox\Profiles\ddbmk09v.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-15] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Extension: Simple Youtube and Video Converter - C:\Documents and Settings\Killer\Data aplikací\Mozilla\Firefox\Profiles\ddbmk09v.default\Extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack [2015-10-25]
FF Extension: FT DeepDark - C:\Documents and Settings\Killer\Data aplikací\Mozilla\Firefox\Profiles\ddbmk09v.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-12-05]
FF Extension: Download YouTube Videos as MP4 - C:\Documents and Settings\Killer\Data aplikací\Mozilla\Firefox\Profiles\ddbmk09v.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-11-10]
FF Extension: Adblock Plus - C:\Documents and Settings\Killer\Data aplikací\Mozilla\Firefox\Profiles\ddbmk09v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2012-11-27]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-27] (LSI Corporation)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc.exe [930944 2015-11-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [466408 2015-11-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [466408 2015-11-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE [1222952 2015-11-20] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R3 Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [3512072 2010-07-26] (Motorola, Inc.)
S3 Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [901384 2010-07-15] (Motorola, Inc.)
R2 Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [508680 2010-07-16] (Motorola, Inc.)
R2 btwdins; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [258103 2006-02-15] (Broadcom Corporation.) [File not signed]
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2012-01-04] (Macrovision Europe Ltd.) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AEAudioService; C:\WINDOWS\System32\drivers\AEAudio.sys [152960 2005-06-07] (Andrea Electronics Corporation)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [106968 2015-11-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136272 2015-11-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2015-11-20] (Avira Operations GmbH & Co. KG)
R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [401664 2006-02-15] (Broadcom Corporation.) [File not signed]
R3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [30363 2006-02-15] (Broadcom Corporation.) [File not signed]
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [1342570 2006-02-15] (Broadcom Corporation.) [File not signed]
S3 BTMCOM; C:\WINDOWS\System32\Drivers\btmcom.sys [41344 2010-06-30] (Motorola, Inc.)
S3 BTMUSB; C:\WINDOWS\System32\Drivers\btmusb.sys [395776 2010-07-28] (Motorola, Inc.)
R3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [148168 2006-02-15] (Broadcom Corporation.) [File not signed]
R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [57096 2006-02-15] (Broadcom Corporation.) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NETwLx32; C:\WINDOWS\System32\DRIVERS\NETwLx32.sys [6609920 2010-10-07] (Intel Corporation)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [31848 2015-11-20] (Avira Operations GmbH & Co. KG)
S3 tpfiltdev; C:\WINDOWS\System32\DRIVERS\tpfiltdev.sys [5632 2012-02-08] ()
S3 tpusbnet; C:\WINDOWS\System32\DRIVERS\tpusbnet.sys [129536 2011-12-08] (QUALCOMM Incorporated)
S3 tpusbser; C:\WINDOWS\System32\DRIVERS\tpusbser.sys [107776 2011-12-08] (QUALCOMM Incorporated)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CTIpHook; \SystemRoot\system32\Drivers\CTIpHook.sys [X]
S3 SNPSTD3; system32\DRIVERS\snpstd3.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-20 14:12 - 2015-12-20 14:13 - 00011916 _____ C:\Documents and Settings\Killer\Plocha\FRST.txt
2015-12-20 14:11 - 2015-12-20 14:12 - 00000000 ____D C:\FRST
2015-12-20 14:10 - 2015-12-20 14:10 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Killer\Plocha\FRSTLauncher.exe
2015-12-20 13:58 - 2015-12-20 13:58 - 01721344 _____ (Farbar) C:\Documents and Settings\Killer\Plocha\FRST.exe
2015-12-20 02:36 - 2015-12-20 02:36 - 00013331 _____ C:\ComboFix.txt
2015-12-20 02:36 - 2015-12-20 02:36 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2015-12-20 02:36 - 2015-12-20 02:36 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2015-12-20 02:36 - 2015-12-20 02:36 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2015-12-20 02:29 - 2015-12-20 14:13 - 00000000 ____D C:\Documents and Settings\Killer\Local Settings\temp
2015-12-20 02:20 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2015-12-20 02:20 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2015-12-20 02:20 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-12-20 02:20 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-12-20 02:20 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-12-20 02:20 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-12-20 02:20 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe
2015-12-20 02:20 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe
2015-12-20 02:20 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe
2015-12-20 02:19 - 2015-12-20 02:35 - 00000000 ____D C:\WINDOWS\erdnt
2015-12-20 01:11 - 2015-12-20 01:11 - 05639940 ____R (Swearware) C:\Documents and Settings\Killer\Plocha\ComboFix.exe
2015-12-18 22:44 - 2015-12-18 22:48 - 00000000 ____D C:\AdwCleaner
2015-12-18 22:41 - 2015-12-18 22:41 - 01107968 _____ C:\Documents and Settings\Killer\Plocha\RSIT.exe
2015-12-18 22:16 - 2015-12-18 22:16 - 01740288 _____ C:\Documents and Settings\Killer\Plocha\adwcleaner_5.025.exe
2015-12-18 21:35 - 2015-12-18 22:55 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-12-17 14:03 - 2015-12-17 14:03 - 00000000 ____D C:\Documents and Settings\Ivanica\Data aplikací\Avira
2015-12-17 12:00 - 2015-12-20 02:46 - 00457600 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-789336058-1708537768-1801674531-1004-0.dat
2015-12-17 12:00 - 2015-12-20 02:46 - 00355766 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2015-12-17 06:03 - 2015-12-17 06:03 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2015-12-17 00:00 - 2015-12-17 00:56 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2015-12-16 23:41 - 2015-12-19 08:35 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Package Cache
2015-12-16 23:41 - 2015-12-16 23:41 - 00000000 ____D C:\Documents and Settings\Killer\Data aplikací\Avira
2015-12-16 23:40 - 2015-12-16 23:40 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikacĂ
2015-12-16 23:39 - 2015-12-18 22:54 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Avira
2015-12-16 23:38 - 2015-12-16 23:42 - 00000000 ____D C:\Program Files\Avira
2015-12-16 23:38 - 2015-12-16 23:42 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Avira
2015-12-16 23:38 - 2015-11-20 15:36 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2015-12-16 23:38 - 2015-11-20 15:35 - 00136272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-12-16 23:38 - 2015-11-20 15:35 - 00106968 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-12-16 23:38 - 2015-11-20 15:35 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-12-16 23:32 - 2015-12-16 23:32 - 00004716 _____ C:\Documents and Settings\Killer\Dokumenty\cc_20151216_233238.reg
2015-12-16 22:17 - 2015-12-16 22:17 - 00001004 _____ C:\Documents and Settings\Killer\Dokumenty\cc_20151216_221729.reg
2015-12-09 23:09 - 2015-12-09 23:09 - 00000900 _____ C:\Documents and Settings\Killer\Dokumenty\cc_20151209_230908.reg
2015-12-07 16:00 - 2015-12-09 09:01 - 00047104 ___SH C:\Documents and Settings\Ivanica\Plocha\Thumbs.db
2015-12-01 09:02 - 2015-12-01 09:02 - 00000414 _____ C:\Documents and Settings\Killer\Plocha\Filmy.lnk
2015-11-25 23:14 - 2015-11-25 23:14 - 00002004 _____ C:\Documents and Settings\Killer\Dokumenty\cc_20151125_231431.reg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-20 14:12 - 2012-01-04 20:31 - 00000000 ____D C:\Documents and Settings\Killer\Plocha
2015-12-20 14:11 - 2012-01-04 20:55 - 00000000 ____D C:\WINDOWS
2015-12-20 14:11 - 2012-01-04 20:31 - 00000000 ___HD C:\Documents and Settings\Killer\Local Settings\Data aplikací
2015-12-20 13:46 - 2004-08-18 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-12-20 13:44 - 2014-04-21 19:50 - 00000224 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-12-20 13:44 - 2012-01-04 20:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-20 02:46 - 2012-01-04 20:31 - 00000272 ___SH C:\Documents and Settings\Killer\ntuser.ini
2015-12-20 02:46 - 2012-01-04 20:31 - 00000000 ____D C:\Documents and Settings\Killer
2015-12-20 02:46 - 2012-01-04 20:26 - 00032464 _____ C:\WINDOWS\SchedLgU.Txt
2015-12-20 02:36 - 2013-01-10 21:01 - 00000000 ____D C:\Qoobox
2015-12-20 02:35 - 2012-01-04 21:04 - 01061226 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-20 02:35 - 2004-08-18 13:00 - 00444856 _____ C:\WINDOWS\system32\perfh005.dat
2015-12-20 02:35 - 2004-08-18 13:00 - 00084396 _____ C:\WINDOWS\system32\perfc005.dat
2015-12-20 02:30 - 2004-08-18 13:00 - 00000227 _____ C:\WINDOWS\system.ini
2015-12-20 02:22 - 2012-01-04 20:31 - 00000000 __RHD C:\Documents and Settings\Killer\Data aplikací
2015-12-20 01:12 - 2012-01-04 21:03 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-12-19 22:02 - 2012-01-04 21:30 - 00000000 ____D C:\Documents and Settings\Killer\Data aplikací\Adobe
2015-12-19 08:59 - 2012-01-04 21:20 - 00000000 __SHD C:\WINDOWS\CSC
2015-12-19 08:35 - 2012-05-03 06:27 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-12-19 00:57 - 2014-07-22 21:15 - 00000000 ____D C:\Documents and Settings\Killer\Data aplikací\vlc
2015-12-18 23:10 - 2013-01-10 19:30 - 00000000 ____D C:\Program Files\trend micro
2015-12-18 21:56 - 2012-02-06 10:52 - 00000000 ____D C:\Documents and Settings\Killer\Data aplikací\Apple Computer
2015-12-18 20:14 - 2015-06-08 23:08 - 00000178 ___SH C:\Documents and Settings\Ivanica\ntuser.ini
2015-12-18 20:14 - 2015-06-08 23:07 - 00000000 ____D C:\Documents and Settings\Ivanica\Local Settings\Temp
2015-12-18 20:14 - 2015-06-08 23:07 - 00000000 ____D C:\Documents and Settings\Ivanica
2015-12-17 19:43 - 2015-06-08 23:07 - 00000000 ____D C:\Documents and Settings\Ivanica\Plocha
2015-12-17 14:03 - 2015-06-08 23:07 - 00000000 __RHD C:\Documents and Settings\Ivanica\Data aplikací
2015-12-17 12:00 - 2012-01-04 20:26 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2015-12-17 11:59 - 2012-01-05 17:04 - 00000000 ____D C:\Documents and Settings\Killer\Data aplikací\MediaMonkey
2015-12-17 00:00 - 2012-01-04 20:55 - 00000000 ____D C:\WINDOWS\repair
2015-12-17 00:00 - 2012-01-04 20:18 - 00000000 ____D C:\WINDOWS\Registration
2015-12-16 23:41 - 2012-01-04 21:03 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2015-12-16 23:40 - 2012-01-04 21:02 - 00000000 ____D C:\Documents and Settings\All Users
2015-12-16 23:39 - 2012-01-04 21:03 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-12-16 23:32 - 2012-01-04 20:31 - 00000000 ___RD C:\Documents and Settings\Killer\Dokumenty
2015-12-16 23:30 - 2015-06-08 23:07 - 00000000 ___HD C:\Documents and Settings\Ivanica\Local Settings\Data aplikací
2015-12-16 23:30 - 2014-07-18 13:18 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MFAData
2015-12-16 23:28 - 2012-01-04 20:55 - 00000000 ___HD C:\WINDOWS\inf
2015-12-16 21:54 - 2013-10-13 13:23 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVG
2015-12-16 16:52 - 2015-06-30 14:07 - 00000000 ____D C:\Documents and Settings\Ivanica\Data aplikací\vlc
2015-12-15 20:50 - 2012-03-29 12:41 - 00796864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-12-15 20:50 - 2012-01-04 21:30 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-12-13 19:30 - 2013-07-23 08:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-07 23:07 - 2015-07-24 21:22 - 00000000 ____D C:\Documents and Settings\Killer\Data aplikací\XnView
2015-12-04 11:56 - 2012-01-13 11:30 - 00040205 _____ C:\WINDOWS\CDPlayer.ini
2015-12-01 09:13 - 2012-01-04 21:02 - 00000000 ____D C:\Documents and Settings
2015-12-01 09:08 - 2012-01-04 21:17 - 00000000 ____D C:\Documents and Settings\Killer\Dokumenty\Mé přijaté soubory
2015-12-01 08:40 - 2012-01-04 20:31 - 00000000 ___RD C:\Documents and Settings\Killer\Nabídka Start\Programy
2015-11-27 21:27 - 2012-01-05 21:36 - 00000000 ____D C:\Documents and Settings\Killer\Local Settings\Data aplikací\Adobe
2015-11-27 21:12 - 2013-08-08 13:01 - 00002347 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader XI.lnk
2015-11-25 22:15 - 2014-07-18 13:53 - 00000000 ____D C:\Documents and Settings\Killer\Local Settings\Data aplikací\AVG
2015-11-23 19:09 - 2012-01-04 22:07 - 137798368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-22 13:58 - 2015-10-23 09:38 - 00000000 ____D C:\Documents and Settings\Ivanica\Dokumenty\Stažené soubory

==================== Files in the root of some directories =======

2013-01-14 11:25 - 2013-01-14 11:25 - 0000748 _____ () C:\Documents and Settings\Killer\Data aplikací\imagetuner.ini
2012-01-17 13:03 - 2012-01-20 13:57 - 0000016 _____ () C:\Documents and Settings\Killer\Data aplikací\msregsvv.dll
2012-01-06 23:03 - 2014-02-22 18:37 - 0053248 _____ () C:\Documents and Settings\Killer\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-01-17 13:03 - 2012-01-20 13:57 - 0000016 _____ () C:\Documents and Settings\All Users\Data aplikací\autobk.inc

Some files in TEMP:
====================
C:\Documents and Settings\Ivanica\Local Settings\temp\avgnt.exe
C:\Documents and Settings\Killer\Local Settings\temp\avgnt.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avira Antivirus (Disabled - Out of date) {AD166499-45F9-482A-A743-FDD3350758C7}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Killer\Plocha" je 9 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
"E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent
rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\qttask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShaPlus Bandwidth Meter
"C:\Program Files\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter" /s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Adobe Acrobat Speed Launcher.lnk
C:\WINDOWS\INSTAL~1\{AC76B~2\_SC_AC~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Adobe Acrobat Synchronizer.lnk
E:\PROGRA~1\Adobe\ACROBA~1.0\Acrobat\ADOBEC~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Windows Search.lnk
C:\PROGRA~1\WINDOW~4\WINDOW~1.EXE [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

==================== End Of Log ==============================

#11 Příspěvek od **Márty84** » 20 pro 2015 21:19

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-789336058-1708537768-1801674531-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-789336058-1708537768-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://totem.cz/
HKU\S-1-5-21-789336058-1708537768-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShaPlus Bandwidth Meter
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Adobe Acrobat Speed Launcher.lnk
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Adobe Acrobat Synchronizer.lnk

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

tartaro · #12 Příspěvek od **tartaro** » 20 pro 2015 21:37

Fix result of Farbar Recovery Scan Tool (x86) Version:19-12-2015
Ran by Killer (2015-12-20 21:28:57) Run:1
Running from C:\Documents and Settings\Killer\Plocha
Loaded Profiles: Killer (Available Profiles: Killer & Ivanica & Administrator & Guest)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-789336058-1708537768-1801674531-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-789336058-1708537768-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://totem.cz/
HKU\S-1-5-21-789336058-1708537768-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShaPlus Bandwidth Meter
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Adobe Acrobat Speed Launcher.lnk
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Adobe Acrobat Synchronizer.lnk

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-789336058-1708537768-1801674531-1004\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
HKU\S-1-5-21-789336058-1708537768-1801674531-1004\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-789336058-1708537768-1801674531-1004\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
catchme => service removed successfully.
C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => moved successfully
C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => moved successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShaPlus Bandwidth Meter => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Adobe Acrobat Speed Launcher.lnk => key not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Adobe Acrobat Synchronizer.lnk => key not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 156 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 21:30:20 ====

#13 Příspěvek od **Márty84** » 21 pro 2015 18:11

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak to s pc vypada.

tartaro · #14 Příspěvek od **tartaro** » 21 pro 2015 21:16

Márty84 píše:
Mate hrozne malo mista na disku, system se dusi.

pomohla by nějaká změna velikosti partials disku na kterém je Win? koukal jsem na nějaký aplikace, který to uměj. Můžete mi prosím napsat co si o tom myslíte?

teď defragmentuji...po celkem rychlém restartu docela pohodička. Avira ale nejde pořád aktualizovat. Podle referencí není tak náročná na systém, proto jsem jí dal přednost před Avastem...atd. Jinak na ní nějak nelpím. Problém s updatem Avira má docela dost uživatelů dle diskuzí...

#15 Příspěvek od **Márty84** » 22 pro 2015 02:25

S Avirou nic nenadelam, osobne ji nemam rad. Davam prednost Avastu

Zkuste ji kdyztak preinstalovat.

Jinak tedy vse bezi jak ma a muzem tema uzavrit? Nebo se koukneme hloubeji?

VIRY.CZ

preventivní kontrola + problém s update AV

preventivní kontrola + problém s update AV

Re: preventivní kontrola + problém s update AV

Re: preventivní kontrola + problém s update AV

Re: preventivní kontrola + problém s update AV

Re: preventivní kontrola + problém s update AV

Re: preventivní kontrola + problém s update AV

Re: preventivní kontrola + problém s update AV

Re: preventivní kontrola + problém s update AV

Re: preventivní kontrola + problém s update AV

Re: preventivní kontrola + problém s update AV

Re: preventivní kontrola + problém s update AV

Re: preventivní kontrola + problém s update AV

Re: preventivní kontrola + problém s update AV

Re: preventivní kontrola + problém s update AV

Re: preventivní kontrola + problém s update AV