VIRY.CZ

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:19:41, on 29.12.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Petr\Plocha\RSIT.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\trend micro\Petr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: &Search - http://buttons.videodownloadconverter.c ... 20905&cv=3
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

--
End of file - 3119 bytes

Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-12-2013 01
Ran by Petr (administrator) on DOMA on 30-12-2013 08:18:28
Running from C:\Documents and Settings\Petr\Plocha
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\snmp.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\Petr\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.exe [16270848 2006-11-14] (Realtek Semiconductor Corp.)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4767304 2013-03-07] (AVAST Software)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\...\Policies\Explorer: [NoPopUpsOnBoot] 1
HKCU\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /syncC:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKCU - DefaultScope Yahoo! URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - Yahoo! URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software)
S3 LPDSVC; C:\Windows\system32\tcpsvcs.exe [19456 2004-08-18] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 ASNDIS5; C:\WINDOWS\system32\ASNDIS5.SYS [16269 2002-09-09] (Printing Communications Assoc., Inc. (PCAUSA))
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-03-07] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-03-07] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49248 2013-03-07] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368176 2013-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [62376 2013-03-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [164736 2013-03-07] ()
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [16384 2004-07-09] (Microsoft Corporation)
S3 EC168BDA; C:\Windows\System32\DRIVERS\EC168BDA.sys [87296 2007-09-11] (e3C, Inc.)
S3 EIO; C:\WINDOWS\system32\drivers\EIO.sys [8703 2003-01-29] (ASUSTeK Computer Inc.)
R2 Ethpdrv; C:\Windows\System32\DRIVERS\ethpdrv.sys [16376 2007-08-01] (Gemfor s.r.o.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15104 2004-07-09] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10112 2004-07-09] (Microsoft Corporation)
S3 nm; C:\Windows\System32\DRIVERS\NMnt.sys [40320 2008-04-13] (Microsoft Corporation)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [9856 2003-07-01] (Padus, Inc.)
R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology)
S3 ZD1211BU(ASUS); C:\Windows\System32\DRIVERS\zd1211Bu.sys [425472 2006-06-14] (ZyDAS Technology Corporation)
S2 ADILOADER; System32\Drivers\adildr.sys [x]
S3 adiusbaw; system32\DRIVERS\adiusbaw.sys [x]
S3 Ambfilt; system32\drivers\Ambfilt.sys [x]
S4 IntelIde; No ImagePath
S3 LgBttPort; system32\DRIVERS\lgbtport.sys [x]
S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [x]
S3 lgmdbus; system32\DRIVERS\lgmdbus.sys [x]
S3 lgmdmdfl; system32\DRIVERS\lgmdmdfl.sys [x]
S3 lgmdmdm; system32\DRIVERS\lgmdmdm.sys [x]
S3 lgmdmgmt; system32\DRIVERS\lgmdmgmt.sys [x]
S3 lgmdobex; system32\DRIVERS\lgmdobex.sys [x]
S3 LGVMODEM; system32\DRIVERS\lgvmodem.sys [x]
S3 Monfilt; system32\drivers\Monfilt.sys [x]
S3 MREMP50; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [x]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [x]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x]
S3 MRESP50; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [x]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [x]
U5 P3; C:\Windows\System32\Drivers\P3.sys [46592 2008-04-14] (Microsoft Corporation)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-30 08:18 - 2013-12-30 08:18 - 00006847 _____ C:\Documents and Settings\Petr\Plocha\FRST.txt
2013-12-30 07:58 - 2013-12-30 07:58 - 00000060 _____ C:\WINDOWS\setupact.log
2013-12-30 07:58 - 2013-12-30 07:58 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-12-29 19:22 - 2013-12-29 19:22 - 00000000 ____D C:\FRST
2013-12-29 19:18 - 2013-12-29 19:16 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Petr\Plocha\FRSTLauncher.exe
2013-12-29 19:14 - 2013-12-29 19:11 - 01064199 _____ (Farbar) C:\Documents and Settings\Petr\Plocha\FRST.exe
2013-12-29 18:46 - 2013-12-30 07:49 - 00006168 _____ C:\WINDOWS\setupapi.log
2013-12-29 13:01 - 2013-12-29 13:01 - 00000000 ____D C:\rsit
2013-12-29 12:12 - 2013-12-29 12:37 - 00217656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-20 12:34 - 2013-12-30 07:51 - 00000312 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-12-20 12:34 - 2013-12-20 12:34 - 00001593 _____ C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2013-12-20 12:34 - 2013-12-20 12:34 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
2013-12-20 12:34 - 2013-03-07 00:33 - 00765736 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-12-20 12:34 - 2013-03-07 00:33 - 00368176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-12-20 12:34 - 2013-03-07 00:33 - 00164736 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-12-20 12:34 - 2013-03-07 00:33 - 00066336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-12-20 12:34 - 2013-03-07 00:33 - 00062376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-12-20 12:34 - 2013-03-07 00:33 - 00049760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2013-12-20 12:34 - 2013-03-07 00:33 - 00049248 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-12-20 12:34 - 2013-03-07 00:33 - 00029816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys
2013-12-20 12:26 - 2013-03-07 00:32 - 00041664 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-12-20 12:25 - 2013-12-20 12:25 - 00000000 ____D C:\Program Files\AVAST Software
2013-12-20 12:18 - 2013-12-20 12:18 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-12-13 12:38 - 2013-12-13 12:38 - 00000000 ____D C:\Documents and Settings\Petr\Dokumenty\My Received Files
2013-12-11 10:49 - 2013-12-11 10:49 - 00005632 ___SH C:\WINDOWS\Thumbs.db
2013-12-09 11:41 - 2013-12-09 11:42 - 00000000 ____D C:\WINDOWS\system32\Lang
2013-12-09 11:41 - 2013-12-09 11:41 - 00000000 ____D C:\WINDOWS\system32\1029
2013-12-09 11:08 - 2013-12-09 11:08 - 00000000 ____D C:\Documents and Settings\Petr\Local Settings\Data aplikací\IAC
2013-12-07 10:05 - 2013-12-07 10:05 - 00000000 __SHD C:\Recycled
2013-12-06 11:40 - 2013-12-06 11:40 - 00000000 ___RD C:\Documents and Settings\Petr\Dokumenty\Obrázky
2013-12-06 11:40 - 2013-12-06 11:40 - 00000000 ___RD C:\Documents and Settings\Petr\Dokumenty\Hudba
2013-12-06 11:40 - 2013-12-06 11:40 - 00000000 ___RD C:\Documents and Settings\Petr\Dokumenty\Filmy
2013-12-06 11:37 - 2013-12-06 11:37 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Petr\Plocha\TFC.exe
2013-12-02 08:49 - 2013-12-02 08:49 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-02 08:49 - 2013-12-02 08:49 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== One Month Modified Files and Folders =======

2013-12-30 08:18 - 2013-12-30 08:18 - 00006847 _____ C:\Documents and Settings\Petr\Plocha\FRST.txt
2013-12-30 08:09 - 2013-03-27 10:37 - 01140875 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-30 07:58 - 2013-12-30 07:58 - 00000060 _____ C:\WINDOWS\setupact.log
2013-12-30 07:58 - 2013-12-30 07:58 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-12-30 07:51 - 2013-12-20 12:34 - 00000312 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-12-30 07:49 - 2013-12-29 18:46 - 00006168 _____ C:\WINDOWS\setupapi.log
2013-12-30 07:48 - 2013-03-27 10:38 - 00000299 _____ C:\WINDOWS\wiadebug.log
2013-12-30 07:48 - 2009-02-27 19:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-29 19:26 - 2013-03-27 10:38 - 00032566 _____ C:\WINDOWS\SchedLgU.Txt
2013-12-29 19:26 - 2013-03-27 10:38 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-12-29 19:26 - 2009-02-27 19:19 - 00000272 ___SH C:\Documents and Settings\Petr\ntuser.ini
2013-12-29 19:22 - 2013-12-29 19:22 - 00000000 ____D C:\FRST
2013-12-29 19:16 - 2013-12-29 19:18 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Petr\Plocha\FRSTLauncher.exe
2013-12-29 19:11 - 2013-12-29 19:14 - 01064199 _____ (Farbar) C:\Documents and Settings\Petr\Plocha\FRST.exe
2013-12-29 13:01 - 2013-12-29 13:01 - 00000000 ____D C:\rsit
2013-12-29 12:37 - 2013-12-29 12:12 - 00217656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-29 12:04 - 2010-03-24 14:21 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt
2013-12-29 11:11 - 2004-11-20 11:14 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2013-12-21 11:33 - 2013-10-09 15:16 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-12-20 12:34 - 2013-12-20 12:34 - 00001593 _____ C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2013-12-20 12:34 - 2013-12-20 12:34 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
2013-12-20 12:34 - 2012-10-22 11:16 - 00000002 _____ C:\WINDOWS\system32\config.nt
2013-12-20 12:25 - 2013-12-20 12:25 - 00000000 ____D C:\Program Files\AVAST Software
2013-12-20 12:18 - 2013-12-20 12:18 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-12-13 12:38 - 2013-12-13 12:38 - 00000000 ____D C:\Documents and Settings\Petr\Dokumenty\My Received Files
2013-12-11 10:49 - 2013-12-11 10:49 - 00005632 ___SH C:\WINDOWS\Thumbs.db
2013-12-09 11:42 - 2013-12-09 11:41 - 00000000 ____D C:\WINDOWS\system32\Lang
2013-12-09 11:41 - 2013-12-09 11:41 - 00000000 ____D C:\WINDOWS\system32\1029
2013-12-09 11:22 - 2009-02-27 19:01 - 01077316 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-09 11:08 - 2013-12-09 11:08 - 00000000 ____D C:\Documents and Settings\Petr\Local Settings\Data aplikací\IAC
2013-12-07 10:05 - 2013-12-07 10:05 - 00000000 __SHD C:\Recycled
2013-12-06 12:21 - 2004-11-20 11:14 - 00000227 _____ C:\WINDOWS\system.ini
2013-12-06 11:40 - 2013-12-06 11:40 - 00000000 ___RD C:\Documents and Settings\Petr\Dokumenty\Obrázky
2013-12-06 11:40 - 2013-12-06 11:40 - 00000000 ___RD C:\Documents and Settings\Petr\Dokumenty\Hudba
2013-12-06 11:40 - 2013-12-06 11:40 - 00000000 ___RD C:\Documents and Settings\Petr\Dokumenty\Filmy
2013-12-06 11:37 - 2013-12-06 11:37 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Petr\Plocha\TFC.exe
2013-12-03 12:22 - 2009-02-27 19:11 - 00000178 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2013-12-02 08:49 - 2013-12-02 08:49 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-02 08:49 - 2013-12-02 08:49 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-11-20 11:14] - [2008-04-14 04:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2004-11-20 11:14] - [2008-04-14 04:22] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2004-11-20 11:14] - [2008-04-14 04:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2004-11-20 11:14] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2004-11-20 11:14] - [2008-04-14 04:22] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2004-11-20 11:14] - [2008-04-14 04:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2004-11-20 11:14] - [2008-04-14 03:12] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================

11-12-2013 09:24:53 Installed Folder Size
11-12-2013 10:14:33 Removed Folder Size
12-12-2013 07:45:04 Installed Folder Size
12-12-2013 10:13:26 Removed Folder Size

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Petr\Plocha" je 2 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe


HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
EPSONStatusAgent2 REG_DWORD 0x2
EpsonBidirectionalService REG_DWORD 0x2

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe"="C:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe:*:Enabled:iMesh"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\System32\\USMT\\migwiz.exe"="C:\\WINDOWS\\System32\\USMT\\migwiz.exe:*:Enabled:Pr�vodce p�enesen�m soubor� a nastaven�"
"C:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe"="C:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe:*:Enabled:iMesh"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
End

Uložte na plochu jako fixlist.txt. Pak znovu spusťte FRST a klikněte na >Fix<. Zkopírujte sem pak log, který se na závěr vytvoří.

Při jaké činnost, nebo v jakém okamžiku se PC sekne?

PC se seká od spuštění....

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-12-2013 01
Ran by Petr at 2013-12-30 16:11:22 Run:1
Running from C:\Documents and Settings\Petr\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
End
*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} => Key not found.

==== End of Fixlog ====

OK. Pokud problém trvá, zkuste obnovu systému k datu, kdy korektně fungoval.

Asi nemám bod obnovy

Co jste instalovala těsně před tím, než se problém objevil?

Avast.

Avast na zkoušku vypněte, příp. odinstalujte a vyzkoušejte, zda se něco změní.

Vypadáto že to frčí
Jenom vypadává wifi-internet

OK. Problém s antivirem ale budete muset vyřešit, nebo si PC za chvíli zaneřádite viry. Avast buď přeinstalujte a v případě, že ten problém nezmizí, zvolte si jiný antivir.

Tak už se to zase seká a antivir nemám

Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ a přes Úpravy>kopírovat sem dejte log.

----------------------------------------------------------------------------
CrystalDiskInfo 6.0.2 (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2014/01/04 9:45:47

-- Controller Map ----------------------------------------------------------

-- Disk List ---------------------------------------------------------------
(1) ST9808210A : 80,0 GB [0/1/0, pd1] - st

----------------------------------------------------------------------------
(1) ST9808210A
----------------------------------------------------------------------------
Model : ST9808210A
Firmware : 3.08
Serial Number : 5LF0B0WE
Disk Size : 80,0 GB (8,4/80,0/80,0/80,0)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 156301488
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-6
Minor Version : ATA/ATAPI-6 T13 1410D version 2
Transfer Mode : UDMA/100 | UDMA/100
Power On Hours : 5345 hod.
Power On Count : 4826 krát
Temparature : 22 C (71 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _57 _50 _34 0000076C9C34 Počet chyb čtení
03 _96 _95 __0 000000000000 Čas na roztočení ploten
04 _96 _96 _20 000000001181 Počet spuštění/zastavení
05 100 100 _36 000000000026 Počet přemapovaných sektorů
07 _84 _60 _30 0000100ED221 Počet chybných hledání
09 _94 _94 __0 0000000014E1 Hodin v činnosti
0A 100 100 _34 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _96 _20 0000000012DA Počet cyklů zapnutí zařízení
C0 _98 _98 __0 0000000012DA Počet vypnutí disku
C1 __1 __1 __0 0000000335B8 Počet cyklů načítání/vymazání
C2 _22 _66 __0 000700000016 Teplota
C3 _57 _50 __0 0000076C9C34 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 354C 4630 4230 5745
020: 0000 4000 0004 332E 3038 2020 2020 5354 3938 3038
030: 3231 3041 2020 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: F8B0 0950 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 007E 001B 346B 7D09 4003 3469 3C09 4003 203F 0000
090: 0000 8080 FFFE 604F FE00 0000 0000 0000 0000 0000
100: F8B0 0950 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 F8B0
130: 0950 F8B0 0950 2020 0002 C2B6 0000 008A 3C06 3C06
140: FFFF 07C6 0100 0800 0F78 1800 0002 0080 0000 0000
150: 42A0 0000 0000 0000 0000 0000 0000 0000 0800 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 44A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 39 32 34 9C 6C 07 00 00 00 03 03
010: 00 60 5F 00 00 00 00 00 00 00 04 32 00 60 60 81
020: 11 00 00 00 00 00 05 33 00 64 64 26 00 00 00 00
030: 00 00 07 0F 00 54 3C 21 D2 0E 10 00 00 00 09 32
040: 00 5E 5E E1 14 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 60 60 DA 12 00 00 00
060: 00 00 C0 32 00 62 62 DA 12 00 00 00 00 00 C1 32
070: 00 01 01 B8 35 03 00 00 00 00 C2 22 00 16 42 16
080: 00 00 00 07 00 00 C3 1A 00 39 32 34 9C 6C 07 00
090: 00 00 C5 12 00 64 64 00 00 00 00 00 00 00 C6 10
0A0: 00 64 64 00 00 00 00 00 00 00 C7 3E 00 C8 C8 00
0B0: 00 00 00 00 00 00 C8 00 00 64 FD 00 00 00 00 00
0C0: 00 00 CA 32 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 AA 01 00 5B
170: 03 00 01 00 01 54 00 00 00 00 00 00 00 00 00 00
180: 00 00 5C 7A 11 00 04 05 05 05 05 05 03 05 05 00
190: 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00
1A0: 00 00 D5 F2 3B DB 7A 03 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 02 00 01 00 00 00 00 00 00 00 7D 59 08 C5 01 00
1D0: 00 00 F1 62 0F 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3A

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 22 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 22 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 C0 00 00 00 00 00 00 00 00 00 00 00 C1 00
070: 00 00 00 00 00 00 00 00 00 00 C2 00 00 00 00 00
080: 00 00 00 00 00 00 C3 00 00 00 00 00 00 00 00 00
090: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0A0: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0B0: 00 00 00 00 00 00 C8 00 00 00 00 00 00 00 00 00
0C0: 00 00 CA 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2B