VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

win32/ psw papras.dr trojsky kun

https://forum.viry.cz:443/viewtopic.php?t=143558

Stránka 1 z 1

win32/ psw papras.dr trojsky kun

Napsal: 16 bře 2015 21:00
od CrazyTan
Zdravim,
prosím zda by mi nekdo nepomohl s odstranenim teto haveti, nejprve ho nod hlasil kazdy start PC, a z logu jsem zjistil, ze ho daval do karanteny co 5 minut. Tak sem to procistil vsim moznym, kontroloval pomoci aplikace hijackthis a webu www.hijackthis.cz, neco sem smazal ale nepomohlo. Tak jsem se vratil PC o mesic nazpet, ale porad tam neco zustalo. Jaky log budu potrebovat??

Re: win32/ psw papras.dr trojsky kun

Napsal: 16 bře 2015 21:05
od vyosek
Zdravim :)

:arrow: Dejte na uvod log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Re: win32/ psw papras.dr trojsky kun

Napsal: 16 bře 2015 21:20
od CrazyTan
Super, díky moc, zítra to tu hodím, nejak se mi to podarilo odstranit, ale PC se chova jinak, t?reba kdyz zapnu nejakou hru CS 1.6 tak je to nehratelne, vetrak se roztoci a pc se zacne strasne sekat,a kolikrat kdyz nic na pc nedelam tak procesor bezi i na 94 procent.Jeste dotaz, progam mi vyhodil 2 logy, frst a frst2 mam tady dat oba dva?

Re: win32/ psw papras.dr trojsky kun

Napsal: 17 bře 2015 16:53
od vyosek
OK, pockam

Re: win32/ psw papras.dr trojsky kun

Napsal: 21 bře 2015 12:01
od CrazyTan
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by CrazyTan (administrator) on PLAKORCZ on 22-03-2015 17:57:28
Running from C:\Documents and Settings\CrazyTan\Desktop
Loaded Profiles: CrazyTan & UpdatusUser (Available profiles: CrazyTan & UpdatusUser)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(http://www.pbus-167.com) C:\Program Files\Notebook Hardware Control\nhc.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\WINDOWS\system32\PnkBstrA.exe
() C:\WINDOWS\system32\PnkBstrB.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(PANTERASoft) C:\Program Files\HDD Health\hddhealth.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(forum.viry.cz) C:\Documents and Settings\CrazyTan\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2021400 2013-02-05] (ESET)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17567744 2009-03-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [NotebookHardwareControl] => C:\Program Files\Notebook Hardware Control\nhc.exe [2629632 2007-05-04] (http://www.pbus-167.com)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1982312 2013-01-31] ()
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\Run: [BigMeterPro] => C:\Program Files\Big Meter Pro\BigMeterPro.exe [481280 2009-08-15] (Microsys Com)
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\MountPoints2: {1e3772ce-68ce-11df-af79-002421f431d7} - F:\USBAutoRun.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\MountPoints2: {87152cb2-c407-11df-afe8-002421f431d7} - musko\\place.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\MountPoints2: {e7cd6dbb-8158-11e4-bb4e-002421f431d7} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\NiwradSoft.scr [1677312 2006-01-20] ()
HKU\S-1-5-21-1177238915-562591055-839522115-1010\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-1177238915-562591055-839522115-1010\...\Run: [LClock] => C:\Program Files\LClock\LClock.exe [65536 2004-09-20] ()
HKU\S-1-5-21-1177238915-562591055-839522115-1010\...\Run: [ViStart] => C:\Program Files\ViStart\ViStart.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1010\...\Run: [Vista Rainbar] => C:\Program Files\Vista Rainbar\launcher.exe [131778 2008-11-14] ()
HKU\S-1-5-21-1177238915-562591055-839522115-1010\...\Run: [VisualTooltip] => C:\Program Files\VisualTooltip\VisualToolTip.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1010\...\Run: [ViOrb] => C:\Program Files\ViOrb\ViOrb.exe
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HDDHealth.lnk
ShortcutTarget: HDDHealth.lnk -> C:\Program Files\HDD Health\hddhealth.exe (PANTERASoft)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1177238915-562591055-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
URLSearchHook: [S-1-5-21-1177238915-562591055-839522115-1010] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1177238915-562591055-839522115-1010 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINDOWS\system32\nvLsp.dll [270336] (NVIDIA)
Winsock: Catalog9 02 C:\WINDOWS\system32\nvLsp.dll [270336] (NVIDIA)
Winsock: Catalog9 03 C:\WINDOWS\system32\nvLsp.dll [270336] (NVIDIA)
Winsock: Catalog9 04 C:\WINDOWS\system32\nvLsp.dll [270336] (NVIDIA)
Winsock: Catalog9 05 C:\WINDOWS\system32\nvLsp.dll [270336] (NVIDIA)
Winsock: Catalog9 06 C:\WINDOWS\system32\nvLsp.dll [270336] (NVIDIA)
Winsock: Catalog9 45 C:\WINDOWS\system32\nvLsp.dll [270336] (NVIDIA)
Tcpip\Parameters: [DhcpNameServer] 212.158.128.2 212.158.128.3

FireFox:
========
FF ProfilePath: C:\Documents and Settings\CrazyTan\Application Data\Mozilla\Firefox\Profiles\kvjrgx13.default
FF SelectedSearchEngine: Google
FF Homepage: https://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=1.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2010-01-30] (the VideoLAN Team)
FF Plugin HKU\S-1-5-21-1177238915-562591055-839522115-1003: @kb-ext.cz/PKIComponent -> C:\Documents and Settings\CrazyTan\Application Data\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll [2013-09-26] (Komerční banka, a.s.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-02-06] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Extension: Noia 2.0 (eXtreme) - C:\Documents and Settings\CrazyTan\Application Data\Mozilla\Firefox\Profiles\kvjrgx13.default\Extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} [2010-02-17]
FF Extension: Seznam lištička - C:\Documents and Settings\CrazyTan\Application Data\Mozilla\Firefox\Profiles\kvjrgx13.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2015-03-21]
FF Extension: anonymoX - C:\Documents and Settings\CrazyTan\Application Data\Mozilla\Firefox\Profiles\kvjrgx13.default\Extensions\client@anonymox.net.xpi [2015-03-13]
FF Extension: Adblock Plus - C:\Documents and Settings\CrazyTan\Application Data\Mozilla\Firefox\Profiles\kvjrgx13.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-02-17]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-09-09]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Documents and Settings\CrazyTan\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (AccelerateTab) - C:\Documents and Settings\CrazyTan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jgjafhkemfjfgdmjcmhofijphjmaanak [2014-03-07]
CHR Extension: (AD Block) - C:\Documents and Settings\CrazyTan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lfgjbmhakaffflkjecineeaadpidgikb [2014-01-15]
CHR Extension: (Google Wallet) - C:\Documents and Settings\CrazyTan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKLM\...\Chrome\Extension: [aaaapoomnboffjcgcebabolakmhbblbk] - C:\Documents and Settings\CrazyTan\Local Settings\Application Data\APN\GoogleCRXs\aaaapoomnboffjcgcebabolakmhbblbk_7.17.0.0.crx [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
S4 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [58368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [20680 2009-02-06] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [727720 2009-02-06] (ESET)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [450560 2008-09-08] () [File not signed]
S2 HDDHealth; C:\Program Files\HDD Health\HDDHealthService.exe [17760 2013-03-08] () [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-09-26] (Oracle Corporation)
S4 Micro Star SCM; C:\Program Files\System Control Manager\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
S4 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [53248 2008-04-14] (Microsoft Corporation) [File not signed]
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [184320 2008-09-08] () [File not signed]
R2 nTuneService; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [191080 2009-11-06] (NVIDIA)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [66872 2010-02-16] ()
R2 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [107832 2010-02-16] ()
S4 Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [155344 2010-10-26] (Avanquest Software) [File not signed]
S3 TuneUp.Defrag; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [435016 2010-02-16] (TuneUp Software)
R2 UpdateCenterService; C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe [195176 2009-11-06] (NVIDIA)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2014-02-22] (Creative)
R3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1584448 2009-09-07] (Atheros Communications, Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 CDDRV; C:\WINDOWS\System32\Drivers\CDDRV.sys [4608 2003-08-29] () [File not signed]
S3 CrystalSysInfo; C:\Program Files\MediaCoder\SysInfo.sys [15152 2007-09-25] ()
R2 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [113448 2009-02-06] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [106208 2009-02-06] (ESET)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [130952 2009-02-06] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [33096 2009-02-06] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [56280 2009-02-06] (ESET)
S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [62216 2012-04-13] (FTDI Ltd.)
S3 gdrv; C:\WINDOWS\gdrv.sys [16608 2015-03-15] (Windows (R) 2000 DDK provider)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2015-03-14] (REALiX(tm))
R1 ISODisk; C:\WINDOWS\system32\Drivers\ISODisk.sys [9600 2006-04-26] () [File not signed]
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2014-02-22] (Creative Technology Ltd.)
S3 MSI_DVD_010507; C:\Program Files\MSI\MSIWDev\DVDSYS32_100507.sys [22328 2010-05-10] (Your Corporation)
S3 MSI_MSIBIOS_010507; C:\Program Files\MSI\MSIWDev\msibios32_100507.sys [25912 2010-05-10] (Your Corporation)
S3 MSI_VGASYS_010507; C:\Program Files\MSI\MSIWDev\VGASYS32_100507.sys [16696 2010-05-10] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 nhcDriverDevice; C:\WINDOWS\system32\drivers\nhcDriver.sys [22528 2015-03-22] (pBUS-167 Software - http://www.pbus-167.com) [File not signed]
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54784 2008-07-08] (NVIDIA Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [124264 2012-07-03] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2008-07-08] (NVIDIA Corporation)
S3 pneteth; C:\WINDOWS\System32\DRIVERS\pneteth.sys [13440 2011-11-25] (June Fabrics Technology Inc.) [File not signed]
S4 RsFx0102; C:\WINDOWS\System32\DRIVERS\RsFx0102.sys [242712 2008-07-10] (Microsoft Corporation)
S3 s1039mdm; C:\WINDOWS\System32\DRIVERS\s1039mdm.sys [124016 2010-03-01] (MCCI Corporation)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2010-06-01] () [File not signed]
S3 tap0901_2gm; C:\WINDOWS\System32\DRIVERS\tap0901_2gm.sys [30720 2007-06-21] (The OpenVPN Project) [File not signed]
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation)
U3 astdq1qi; C:\WINDOWS\system32\Drivers\astdq1qi.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS [X]
S3 GPU-Z; \??\C:\DOCUME~1\CrazyTan\LOCALS~1\Temp\GPU-Z.sys [X]
S4 IntelIde; No ImagePath
S3 NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys [X]
S3 NTIOLib_1_0_6; \??\C:\Program Files\MSI\Live Update 5\MSISetup\NTIOLib.sys [X]
U5 P3; C:\Windows\System32\Drivers\P3.sys [42752 2008-04-13] (Microsoft Corporation)
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 Tosrfcom; No ImagePath
S3 UCORESYS; No ImagePath
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-22 17:54 - 2015-03-22 17:57 - 00019182 _____ () C:\Documents and Settings\CrazyTan\Desktop\FRST.txt
2015-03-22 17:54 - 2015-03-22 17:57 - 00000000 ____D () C:\FRST
2015-03-22 17:46 - 2015-03-22 17:46 - 00000670 _____ () C:\Documents and Settings\CrazyTan\Desktop\Big Meter Pro.lnk
2015-03-22 17:46 - 2015-03-22 17:46 - 00000000 ____D () C:\Program Files\Big Meter Pro
2015-03-22 17:46 - 2015-03-22 17:46 - 00000000 ____D () C:\Documents and Settings\CrazyTan\My Documents\Microsys
2015-03-22 17:46 - 2015-03-22 17:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Big Meter Pro
2015-03-22 17:44 - 2015-03-22 17:44 - 00000040 _____ () C:\Testovací soubor pro program test HDD
2015-03-22 17:42 - 2015-03-22 17:42 - 00000000 ____D () C:\Program Files\HDD Health
2015-03-22 17:42 - 2015-03-22 17:42 - 00000000 ____D () C:\Documents and Settings\CrazyTan\Application Data\HDDHealth
2015-03-22 17:42 - 2015-03-22 17:42 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HDD Health
2015-03-22 00:15 - 2015-03-22 00:15 - 00000000 ____D () C:\Program Files\Western Digital Corporation
2015-03-22 00:15 - 2015-03-22 00:15 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Western Digital Corporation
2015-03-22 00:14 - 2015-03-22 00:16 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-21 23:49 - 2008-08-21 15:08 - 00006320 _____ () C:\WINDOWS\system32\nvnrm.nvu
2015-03-21 23:49 - 2008-07-02 15:14 - 00446464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvunrm.exe
2015-03-21 23:38 - 2015-03-21 23:38 - 00000000 ____D () C:\Program Files\Atheros
2015-03-21 23:38 - 2009-09-09 21:30 - 00045983 _____ () C:\WINDOWS\system32\netathw.cat
2015-03-21 23:38 - 2009-09-07 18:59 - 01584448 _____ (Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athw.sys
2015-03-21 23:38 - 2009-09-07 18:59 - 01584448 _____ (Atheros Communications, Inc.) C:\WINDOWS\system32\athw.sys
2015-03-21 23:37 - 2015-03-21 23:37 - 00000000 ____D () C:\Documents and Settings\CrazyTan\Application Data\InstallShield
2015-03-21 23:37 - 2008-07-02 15:14 - 00118784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvconrm.dll
2015-03-21 23:36 - 2008-07-08 02:15 - 00954496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvnrm.sys
2015-03-21 23:36 - 2008-07-08 02:15 - 00054784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NVENETFD.sys
2015-03-21 23:36 - 2008-07-08 02:15 - 00022016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvnetbus.sys
2015-03-21 23:36 - 2008-07-08 02:14 - 00200704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\fdco1.dll
2015-03-21 23:36 - 2008-07-08 02:13 - 00009216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\bdco1.dll
2015-03-21 23:34 - 2008-08-25 03:22 - 00014208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvsmu.sys
2015-03-21 23:34 - 2008-08-21 15:17 - 00122880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NVCOSMU.DLL
2015-03-21 23:34 - 2008-08-20 18:35 - 00453152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvusmb.exe
2015-03-21 23:34 - 2008-08-20 18:35 - 00122880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NVCOSMB.DLL
2015-03-21 23:22 - 2015-03-21 23:22 - 00000468 _____ () C:\Documents and Settings\CrazyTan\Desktop\Shortcut to Stažené soubory.lnk
2015-03-21 23:22 - 2015-03-21 23:22 - 00000438 _____ () C:\Documents and Settings\CrazyTan\Desktop\Shortcut to Downloads.lnk
2015-03-21 17:12 - 2015-03-21 17:12 - 00000000 ____D () C:\Documents and Settings\CrazyTan\Desktop\Dum
2015-03-21 17:10 - 2015-03-21 17:13 - 00000000 ____D () C:\Documents and Settings\CrazyTan\Desktop\Prace
2015-03-21 17:06 - 2015-03-21 17:06 - 00000364 _____ () C:\Documents and Settings\CrazyTan\Desktop\Shortcut to Fotky.lnk
2015-03-21 17:05 - 2015-03-21 17:06 - 00000000 ____D () C:\Fotky
2015-03-21 17:05 - 2015-03-21 17:05 - 00000359 _____ () C:\Documents and Settings\CrazyTan\Desktop\Shortcut to Moje.lnk
2015-03-20 21:23 - 2015-03-20 21:23 - 00001840 _____ () C:\Documents and Settings\All Users\Desktop\System Update.lnk
2015-03-20 20:58 - 2015-03-20 20:58 - 00001891 _____ () C:\Documents and Settings\All Users\Desktop\NVIDIA System Monitor.lnk
2015-03-20 20:54 - 2015-03-20 20:55 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\NVIDIA Corporation
2015-03-20 20:54 - 2015-03-20 20:54 - 00001926 _____ () C:\Documents and Settings\All Users\Desktop\Performance.lnk
2015-03-20 20:38 - 2015-03-20 20:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\boost_interprocess
2015-03-20 20:22 - 2013-01-31 12:22 - 00015449 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-03-16 21:17 - 2015-03-16 21:17 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\CrazyTan\Desktop\FRSTLauncher.exe
2015-03-16 21:16 - 2015-03-16 21:21 - 01135104 _____ (Farbar) C:\Documents and Settings\CrazyTan\Desktop\FRST.exe
2015-03-16 21:15 - 2015-03-21 17:12 - 00000000 ____D () C:\Documents and Settings\CrazyTan\Desktop\FRst LOG
2015-03-16 21:07 - 2015-03-16 21:07 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\Local Settings\Application Data\NVIDIA Corporation
2015-03-16 20:54 - 2015-03-16 20:54 - 00000000 ____D () C:\rsit
2015-03-16 20:54 - 2015-03-16 20:54 - 00000000 ____D () C:\Program Files\trend micro
2015-03-15 18:03 - 2015-03-15 18:03 - 00000000 ____D () C:\Documents and Settings\CrazyTan\Application Data\eTeks
2015-03-15 17:53 - 2015-03-15 17:53 - 00000814 _____ () C:\Documents and Settings\CrazyTan\Desktop\Sweet Home 3D.lnk
2015-03-15 17:45 - 2015-03-20 20:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2015-03-15 17:45 - 2015-03-20 20:29 - 00000178 ___SH () C:\Documents and Settings\UpdatusUser\ntuser.ini
2015-03-15 17:45 - 2015-03-15 17:45 - 00000000 __SHD () C:\Documents and Settings\UpdatusUser\IETldCache
2015-03-15 17:45 - 2014-02-03 03:30 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\My Documents\Visual Studio 2008
2015-03-15 17:45 - 2014-02-03 03:11 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\Local Settings\Application Data\Microsoft Help
2015-03-15 17:45 - 2011-11-22 17:04 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\Application Data\Macromedia
2015-03-15 17:45 - 2010-06-02 00:10 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\Local Settings\Temp
2015-03-15 17:45 - 2010-06-01 02:19 - 00001599 _____ () C:\Documents and Settings\UpdatusUser\Start Menu\Programs\Remote Assistance.lnk
2015-03-15 17:45 - 2010-06-01 02:19 - 00000792 _____ () C:\Documents and Settings\UpdatusUser\Start Menu\Programs\Windows Media Player.lnk
2015-03-15 17:45 - 2010-06-01 02:19 - 00000000 ___RD () C:\Documents and Settings\UpdatusUser\Start Menu\Programs\Accessories
2015-03-15 17:44 - 2013-01-31 10:06 - 00335872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrshe.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00335872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsar.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00286720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsfr.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00282624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsit.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00282624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrses.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00282624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsel.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsde.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrspt.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsnl.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsja.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsesm.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00270336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsru.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00270336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsptb.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00266240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsko.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00262144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrshu.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrstr.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrssl.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrssk.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrspl.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsth.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrssv.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsno.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsda.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsfi.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrseng.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrscs.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00229376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrszhc.dll
2015-03-15 17:44 - 2013-01-31 10:06 - 00126976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrszht.dll
2015-03-15 17:44 - 2013-01-31 10:02 - 15517472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-03-15 17:44 - 2013-01-31 10:02 - 00156448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
2015-03-15 17:44 - 2013-01-31 10:02 - 00144160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcolor.exe
2015-03-15 17:44 - 2013-01-31 10:02 - 00108832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-03-15 17:44 - 2013-01-31 10:02 - 00054272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwddi.dll
2015-03-15 17:42 - 2015-03-20 20:43 - 01072544 _____ () C:\WINDOWS\system32\nvdrsdb1.bin
2015-03-15 17:42 - 2015-03-20 20:43 - 01072544 _____ () C:\WINDOWS\system32\nvdrsdb0.bin
2015-03-15 17:42 - 2015-03-20 20:43 - 00000001 _____ () C:\WINDOWS\system32\nvdrssel.bin
2015-03-15 17:42 - 2015-03-15 17:42 - 00000000 _____ () C:\WINDOWS\system32\nvdrswr.lk
2015-03-15 17:40 - 2013-01-31 12:22 - 19189760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglnt.dll
2015-03-15 17:40 - 2013-01-31 12:22 - 07536640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-03-15 17:40 - 2013-01-31 12:22 - 05967872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-03-15 17:40 - 2013-01-31 12:22 - 02816504 _____ () C:\WINDOWS\system32\nvdata.data
2015-03-15 17:40 - 2013-01-31 12:22 - 02581792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-03-15 17:40 - 2013-01-31 12:22 - 01869088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2015-03-15 17:40 - 2013-01-31 12:22 - 01010464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco32.dll
2015-03-15 17:40 - 2013-01-31 12:22 - 00892704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco32.dll
2015-03-15 17:39 - 2013-01-31 12:22 - 17551360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-03-15 17:39 - 2013-01-31 12:22 - 02389504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll
2015-03-15 12:10 - 2015-03-15 12:26 - 00000000 ____D () C:\WINDOWS\system32\MpEngineStore
2015-03-15 11:35 - 2015-03-15 11:35 - 00000900 _____ () C:\Documents and Settings\CrazyTan\Desktop\GPU Caps Viewer.lnk
2015-03-15 11:35 - 2015-03-15 11:35 - 00000000 ____D () C:\Program Files\Geeks3D
2015-03-15 11:35 - 2015-03-15 11:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Geeks3D
2015-03-15 11:11 - 2015-03-15 11:11 - 00000638 _____ () C:\Documents and Settings\CrazyTan\Desktop\TechPowerUp GPU-Z.lnk
2015-03-15 11:11 - 2015-03-15 11:11 - 00000000 ____D () C:\Program Files\GPU-Z
2015-03-15 11:11 - 2015-03-15 11:11 - 00000000 ____D () C:\Documents and Settings\CrazyTan\Start Menu\Programs\TechPowerUp GPU-Z
2015-03-15 10:58 - 2015-03-15 10:58 - 00000796 _____ () C:\Documents and Settings\CrazyTan\Desktop\HWMonitor.lnk
2015-03-15 10:58 - 2015-03-15 10:58 - 00000778 _____ () C:\Documents and Settings\All Users\Desktop\CPUID HWMonitor.lnk
2015-03-15 10:58 - 2015-03-15 10:58 - 00000000 ____D () C:\Program Files\CPUID
2015-03-15 10:58 - 2015-03-15 10:58 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\CPUID
2015-03-15 10:36 - 2015-03-15 10:36 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Application Data\NVIDIA Corporation
2015-03-15 10:15 - 2015-03-20 20:47 - 00000000 ____D () C:\Documents and Settings\CrazyTan\Local Settings\Application Data\NVIDIA Corporation
2015-03-15 10:15 - 2015-03-15 10:15 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\NVIDIA Corporation
2015-03-15 10:09 - 2015-03-22 00:01 - 00022528 _____ (pBUS-167 Software - http://www.pbus-167.com) C:\WINDOWS\system32\Drivers\nhcDriver.sys
2015-03-15 10:08 - 2015-03-15 10:08 - 00000000 ____D () C:\Program Files\Notebook Hardware Control
2015-03-15 10:08 - 2015-03-15 10:08 - 00000000 ____D () C:\Documents and Settings\CrazyTan\Start Menu\Programs\Notebook Hardware Control
2015-03-15 09:34 - 2015-03-15 09:34 - 00016608 _____ (Windows (R) 2000 DDK provider) C:\WINDOWS\gdrv.sys
2015-03-15 09:20 - 2015-03-21 22:57 - 00000000 ____D () C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2015-03-14 12:22 - 2015-03-14 12:22 - 00001672 _____ () C:\WINDOWS\KB867795.log
2015-03-14 12:22 - 2015-03-14 12:22 - 00000000 ____D () C:\fff
2015-03-14 12:21 - 2004-08-13 12:55 - 00377064 _____ (Microsoft Corporation) C:\WindowsXP-KB867795-x86-csy.exe
2015-03-14 12:21 - 2004-08-13 12:11 - 00061160 _____ (Microsoft Corporation) C:\WindowsXP-KB867795-x86-Symbols-csy.exe
2015-03-14 11:55 - 2015-03-21 22:54 - 00000000 ____D () C:\Program Files\MSI Afterburner
2015-03-14 11:24 - 2015-03-20 20:35 - 00000000 ____D () C:\Program Files\SpeedFan
2015-03-14 11:24 - 2015-03-20 20:29 - 00000682 _____ () C:\Documents and Settings\CrazyTan\Desktop\SpeedFan.lnk
2015-03-14 11:24 - 2015-03-20 20:29 - 00000045 _____ () C:\WINDOWS\system32\initdebug.nfo
2015-03-14 11:24 - 2015-03-14 11:24 - 00000000 ____D () C:\Documents and Settings\CrazyTan\Start Menu\Programs\SpeedFan
2015-03-14 11:22 - 2015-03-14 11:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HWiNFO32
2015-03-14 11:22 - 2015-03-14 11:22 - 00023840 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO32.SYS
2015-03-14 11:22 - 2015-03-14 11:22 - 00000694 _____ () C:\Documents and Settings\CrazyTan\Desktop\HWiNFO32 Program.lnk
2015-03-14 11:22 - 2015-03-14 11:22 - 00000000 ____D () C:\Program Files\HWiNFO32

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-22 17:57 - 2010-06-01 02:23 - 00000000 ____D () C:\Documents and Settings\CrazyTan\Local Settings\Temp
2015-03-22 17:54 - 2010-06-01 02:18 - 01063671 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-22 17:53 - 2014-06-02 20:06 - 00780059 _____ () C:\WINDOWS\setupapi.log
2015-03-22 17:52 - 2010-06-01 05:56 - 00000000 ____D () C:\Documents and Settings\CrazyTan\My Documents\Stažené soubory
2015-03-22 17:09 - 2012-05-25 21:27 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-22 11:51 - 2010-01-22 18:40 - 00000572 _____ () C:\WINDOWS\Tasks\Automatic troubleshooting.job
2015-03-22 11:30 - 2012-06-06 20:15 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-22 00:25 - 2010-02-16 19:53 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-03-22 00:06 - 2010-06-21 15:02 - 00000000 ____D () C:\Program Files\Intel
2015-03-22 00:04 - 2007-07-27 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-22 00:01 - 2014-05-03 11:35 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2015-03-22 00:01 - 2014-05-03 11:35 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-03-22 00:01 - 2014-03-27 08:41 - 00000228 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-03-22 00:01 - 2010-06-01 02:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-21 23:58 - 2014-05-03 11:34 - 00032388 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-21 23:58 - 2010-06-01 02:23 - 00000278 ___SH () C:\Documents and Settings\CrazyTan\ntuser.ini
2015-03-21 23:50 - 2010-11-28 17:06 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-21 23:37 - 2010-06-01 02:28 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-03-21 23:23 - 2013-10-06 09:42 - 00000000 ____D () C:\Documents and Settings\CrazyTan\Start Menu\Programs\SubtitleCreator
2015-03-21 23:23 - 2011-03-10 23:49 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\eLearn
2015-03-21 23:23 - 2011-01-29 22:05 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\GOM Player
2015-03-21 23:23 - 2010-06-01 07:22 - 00000000 ___RD () C:\Documents and Settings\CrazyTan\Desktop\Programy
2015-03-21 23:23 - 2010-01-28 19:28 - 00000000 ____D () C:\Documents and Settings\CrazyTan\Desktop\Hry
2015-03-21 23:13 - 2010-02-09 17:03 - 00173568 _____ () C:\Documents and Settings\CrazyTan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-21 23:05 - 2010-11-01 00:38 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Activision
2015-03-21 23:05 - 2010-06-02 00:10 - 00006940 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-21 22:59 - 2012-05-26 03:10 - 00000000 ____D () C:\Documents and Settings\CrazyTan\Local Settings\Application Data\Unity
2015-03-21 22:57 - 2010-11-01 13:02 - 00000000 ____D () C:\Documents and Settings\CrazyTan\Local Settings\Application Data\Rockstar Games
2015-03-21 22:57 - 2010-10-31 23:21 - 00000000 ____D () C:\Program Files\Rockstar Games
2015-03-21 22:57 - 2010-10-31 23:21 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Rockstar Games
2015-03-21 22:55 - 2010-06-01 05:22 - 00000000 ____D () C:\Program Files\QIP
2015-03-21 22:54 - 2013-08-17 10:12 - 00000000 ____D () C:\Program Files\NSS
2015-03-21 22:52 - 2012-01-06 16:37 - 00000000 ____D () C:\Program Files\Handbrake
2015-03-21 22:46 - 2013-03-09 15:47 - 00000000 ____D () C:\Program Files\Valve
2015-03-21 22:45 - 2014-07-09 17:03 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2015-03-21 22:44 - 2010-06-01 02:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Atheros
2015-03-21 17:10 - 2010-02-16 20:45 - 00000000 ___RD () C:\Moje
2015-03-21 12:13 - 2014-08-12 16:54 - 00000000 ____D () C:\AdwCleaner
2015-03-16 20:56 - 2012-08-05 19:35 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2015-03-15 17:53 - 2012-08-12 14:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\eTeks Sweet Home 3D
2015-03-15 17:53 - 2012-08-12 14:51 - 00000000 ____D () C:\Program Files\Sweet Home 3D
2015-03-15 17:45 - 2013-08-22 18:56 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\NVIDIA
2015-03-15 17:45 - 2010-06-02 00:03 - 00000000 ____D () C:\WINDOWS\Help
2015-03-15 11:11 - 2013-12-09 19:06 - 00000000 ____D () C:\Documents and Settings\CrazyTan\Application Data\NVIDIA
2015-03-15 10:13 - 2010-01-28 20:56 - 00000000 ____D () C:\NVIDIA
2015-03-15 09:33 - 2010-06-01 05:39 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2015-03-14 19:24 - 2014-06-14 10:55 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-03-14 19:22 - 2014-06-14 11:42 - 00000223 _____ () C:\WINDOWS\wininit.ini
2015-03-14 11:57 - 2015-01-03 17:44 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2015-03-14 11:57 - 2010-06-01 02:18 - 00000000 ____D () C:\WINDOWS\system32\DirectX
2015-03-12 03:19 - 2012-03-05 20:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2015-03-12 03:17 - 2013-07-30 08:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-08 19:06 - 2010-01-28 15:55 - 00000000 ____D () C:\Program Files\MSI
2015-03-08 15:00 - 2014-03-27 08:41 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-02-26 21:20 - 2010-01-22 18:41 - 119837696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-21 13:57 - 2012-03-24 18:53 - 00108553 _____ () C:\WINDOWS\system32\epfwdata.bin

==================== Files in the root of some directories =======

2014-04-16 18:56 - 2008-08-31 20:38 - 0012288 _____ () C:\Program Files\PSP Pandora Deluxe;msipl.bin
2011-11-22 20:47 - 2011-11-22 20:47 - 0002528 _____ () C:\Documents and Settings\CrazyTan\Application Data\$_hpcst$.hpc
2010-02-20 07:09 - 2013-01-17 19:50 - 0000214 _____ () C:\Documents and Settings\CrazyTan\Application Data\default.rss
2012-03-18 14:36 - 2012-03-18 14:36 - 0000000 _____ () C:\Documents and Settings\CrazyTan\Application Data\downloads.m3u
2010-02-16 19:50 - 2010-02-16 19:50 - 0022328 _____ () C:\Documents and Settings\CrazyTan\Application Data\PnkBstrK.sys
2010-02-09 17:03 - 2015-03-21 23:13 - 0173568 _____ () C:\Documents and Settings\CrazyTan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-25 10:17 - 2013-09-25 10:17 - 0000001 _____ () C:\Documents and Settings\CrazyTan\Local Settings\Application Data\llftool.4.05.agreement
2013-08-19 09:46 - 2013-08-19 09:46 - 0002196 _____ () C:\Documents and Settings\CrazyTan\Local Settings\Application Data\recently-used.xbel

Some content of TEMP:
====================
C:\Documents and Settings\CrazyTan\Local Settings\Temp\jre-7u71-windows-i586-iftw.exe
C:\Documents and Settings\CrazyTan\Local Settings\Temp\jre-8u40-windows-au.exe
C:\Documents and Settings\CrazyTan\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\CrazyTan\Local Settings\Temp\sfamcc00001.dll
C:\Documents and Settings\CrazyTan\Local Settings\Temp\sfextra.dll
C:\Documents and Settings\CrazyTan\Local Settings\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe
[2007-07-27 13:00] - [2008-04-14 01:12] - 1540608 ____A (Microsoft Corporation) e8f86c92d7f9f712227d952160fb7ac3




C:\WINDOWS\system32\winlogon.exe
[2007-07-27 13:00] - [2008-04-14 01:12] - 0547328 ____A (Microsoft Corporation) a55b8899d2ea2e800061bcfd456e34dc




C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll
[2007-07-27 13:00] - [2008-04-14 01:12] - 0578048 ____A (Microsoft Corporation) 894b313c52589628bb996e175b581e3a




C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:298.09 GB) (Free:117.17 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Removable) (Total:0.96 GB) (Free:0.53 GB) FAT32

Available physical RAM: 1965.96 MB
Total physical RAM: 2815.17 MB
Percentage of memory in use: 30%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: BAB21F87)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
Disk: 1 (Size: 984 MB) (Disk ID: 91F72D24)
Partition 1: (Active) - (Size=984 MB) - (Type=0B)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Automatic troubleshooting.job => C:\Program Files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:538F87FF
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

==================== Security Center ==================

AV: ESET Smart Security 4.0 (Enabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\CrazyTan\Desktop" je 100 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Opera\\opera.exe"="C:\\Program Files\\Opera\\opera.exe:*:Enabled:Opera Internet Browser"
"C:\\Program Files\\Activision\\Call of Duty - Black Ops\\BlackOps.exe"="C:\\Program Files\\Activision\\Call of Duty - Black Ops\\BlackOps.exe:*:Enabled:BlackOps"
"C:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"="C:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\\Program Files\\Electronic Arts\\Need for Speed(TM) Hot Pursuit\\Launcher.exe"="C:\\Program Files\\Electronic Arts\\Need for Speed(TM) Hot Pursuit\\Launcher.exe:*:Enabled:Need for Speed(TM) Hot Pursuit"
"C:\\Program Files\\Electronic Arts\\Need for Speed(TM) Hot Pursuit\\NFS11.exe"="C:\\Program Files\\Electronic Arts\\Need for Speed(TM) Hot Pursuit\\NFS11.exe:*:Enabled:Need for Speed(TM) Hot Pursuit Application"
"C:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\farcry2.exe"="C:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\farcry2.exe:*:Enabled:Far CryR 2"
"C:\\Program Files\\Activision\\Prototype\\prototypef.exe"="C:\\Program Files\\Activision\\Prototype\\prototypef.exe:*:Enabled:Prototype(TM)"
"C:\\Program Files\\Ubisoft\\Heroes 3 Complete\\HEROES3.EXE"="C:\\Program Files\\Ubisoft\\Heroes 3 Complete\\HEROES3.EXE:*:Enabled:Heroes of Might and MagicR III"
"C:\\Program Files\\Raspberry Software\\True Connect\\TrueConnect.exe"="C:\\Program Files\\Raspberry Software\\True Connect\\TrueConnect.exe:*:Enabled:TrueConnect"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\WINDOWS\\system32\\muzapp.exe"="C:\\WINDOWS\\system32\\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\\Program Files\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat"="C:\\Program Files\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"="C:\\Program Files\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\Counter-Strike 1.6 Non-Steam11\\hl.exe"="C:\\Counter-Strike 1.6 Non-Steam11\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Counter-Strike 1.6 Non-Steam11\\Counter-Strike 1.6 Non-Steam\\hl.exe"="C:\\Counter-Strike 1.6 Non-Steam11\\Counter-Strike 1.6 Non-Steam\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.3023\\Agent.exe"="C:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.3023\\Agent.exe:*:Enabled:Battle.net Update Agent"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP"="5985:TCP:*:Disabled:Windows Remote Management "
"80:TCP"="80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In) "
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: win32/ psw papras.dr trojsky kun

Napsal: 23 bře 2015 10:12
od CrazyTan
Prosím HELP zda je ten log OK

Re: win32/ psw papras.dr trojsky kun

Napsal: 23 bře 2015 10:17
od vyosek
:arrow: Omlouvam se, pracovni povinnosti

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\MountPoints2: {1e3772ce-68ce-11df-af79-002421f431d7} - F:\USBAutoRun.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\MountPoints2: {87152cb2-c407-11df-afe8-002421f431d7} - musko\\place.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\MountPoints2: {e7cd6dbb-8158-11e4-bb4e-002421f431d7} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1010\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by CrazyTan (administrator) on PLAKORCZ on 22-03-2015 17:57:28
Running from C:\Documents and Settings\CrazyTan\Desktop
Loaded Profiles: CrazyTan & UpdatusUser (Available profiles: CrazyTan & UpdatusUser)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(http://www.pbus-167.com) C:\Program Files\Notebook Hardware Control\nhc.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\WINDOWS\system32\PnkBstrA.exe
() C:\WINDOWS\system32\PnkBstrB.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(PANTERASoft) C:\Program Files\HDD Health\hddhealth.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(forum.viry.cz) C:\Documents and Settings\CrazyTan\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2021400 2013-02-05] (ESET)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17567744 2009-03-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [NotebookHardwareControl] => C:\Program Files\Notebook Hardware Control\nhc.exe [2629632 2007-05-04] (http://www.pbus-167.com)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1982312 2013-01-31] ()
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\Run: [BigMeterPro] => C:\Program Files\Big Meter Pro\BigMeterPro.exe [481280 2009-08-15] (Microsys Com)
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\MountPoints2: {1e3772ce-68ce-11df-af79-002421f431d7} - F:\USBAutoRun.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\MountPoints2: {87152cb2-c407-11df-afe8-002421f431d7} - musko\\place.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\MountPoints2: {e7cd6dbb-8158-11e4-bb4e-002421f431d7} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\NiwradSoft.scr [1677312 2006-01-20] ()
HKU\S-1-5-21-1177238915-562591055-839522115-1010\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-1177238915-562591055-839522115-1010\...\Run: [LClock] => C:\Program Files\LClock\LClock.exe [65536 2004-09-20] ()
HKU\S-1-5-21-1177238915-562591055-839522115-1010\...\Run: [ViStart] => C:\Program Files\ViStart\ViStart.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1010\...\Run: [Vista Rainbar] => C:\Program Files\Vista Rainbar\launcher.exe [131778 2008-11-14] ()
HKU\S-1-5-21-1177238915-562591055-839522115-1010\...\Run: [VisualTooltip] => C:\Program Files\VisualTooltip\VisualToolTip.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1010\...\Run: [ViOrb] => C:\Program Files\ViOrb\ViOrb.exe
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HDDHealth.lnk
ShortcutTarget: HDDHealth.lnk -> C:\Program Files\HDD Health\hddhealth.exe (PANTERASoft)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1177238915-562591055-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
URLSearchHook: [S-1-5-21-1177238915-562591055-839522115-1010] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1177238915-562591055-839522115-1010 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

CHR HKLM\...\Chrome\Extension: [aaaapoomnboffjcgcebabolakmhbblbk] - C:\Documents and Settings\CrazyTan\Local Settings\Application Data\APN\GoogleCRXs\aaaapoomnboffjcgcebabolakmhbblbk_7.17.0.0.crx [Not Found]

U3 astdq1qi; C:\WINDOWS\system32\Drivers\astdq1qi.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS [X]
S3 GPU-Z; \??\C:\DOCUME~1\CrazyTan\LOCALS~1\Temp\GPU-Z.sys [X]
S4 IntelIde; No ImagePath
S3 NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys [X]
S3 NTIOLib_1_0_6; \??\C:\Program Files\MSI\Live Update 5\MSISetup\NTIOLib.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 Tosrfcom; No ImagePath
S3 UCORESYS; No ImagePath
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:538F87FF
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Automatic troubleshooting.job => C:\Program Files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

Hosts:
EmptyTemp:
Reboot:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: win32/ psw papras.dr trojsky kun

Napsal: 23 bře 2015 16:10
od CrazyTan
Mam stim problem, nemuze byt chyba ve skriptu? frst launcher mi vyhazuje chybu ,,warning,looks you dont know what to do.To prevent damage to the system the tool will exit"

Udelal jsem něco špatně?postupoval jsem presne podle navodu

Re: win32/ psw papras.dr trojsky kun

Napsal: 23 bře 2015 17:51
od vyosek
:arrow: Ha, chybka :?:

:arrow: Pouzijte tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\MountPoints2: {1e3772ce-68ce-11df-af79-002421f431d7} - F:\USBAutoRun.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\MountPoints2: {87152cb2-c407-11df-afe8-002421f431d7} - musko\\place.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\MountPoints2: {e7cd6dbb-8158-11e4-bb4e-002421f431d7} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1010\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)

KLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1177238915-562591055-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
URLSearchHook: [S-1-5-21-1177238915-562591055-839522115-1010] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1177238915-562591055-839522115-1010 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

CHR HKLM\...\Chrome\Extension: [aaaapoomnboffjcgcebabolakmhbblbk] - C:\Documents and Settings\CrazyTan\Local Settings\Application Data\APN\GoogleCRXs\aaaapoomnboffjcgcebabolakmhbblbk_7.17.0.0.crx [Not Found]

U3 astdq1qi; C:\WINDOWS\system32\Drivers\astdq1qi.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS [X]
S3 GPU-Z; \??\C:\DOCUME~1\CrazyTan\LOCALS~1\Temp\GPU-Z.sys [X]
S4 IntelIde; No ImagePath
S3 NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys [X]
S3 NTIOLib_1_0_6; \??\C:\Program Files\MSI\Live Update 5\MSISetup\NTIOLib.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 Tosrfcom; No ImagePath
S3 UCORESYS; No ImagePath
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:538F87FF
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Automatic troubleshooting.job => C:\Program Files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

Hosts:
EmptyTemp:
Reboot:
End

Re: win32/ psw papras.dr trojsky kun

Napsal: 23 bře 2015 18:48
od CrazyTan
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by CrazyTan at 2015-03-23 18:44:22 Run:1
Running from C:\Documents and Settings\CrazyTan\Desktop
Loaded Profiles: CrazyTan & UpdatusUser (Available profiles: CrazyTan & UpdatusUser)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\MountPoints2: {1e3772ce-68ce-11df-af79-002421f431d7} - F:\USBAutoRun.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\MountPoints2: {87152cb2-c407-11df-afe8-002421f431d7} - musko\\place.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1003\...\MountPoints2: {e7cd6dbb-8158-11e4-bb4e-002421f431d7} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1177238915-562591055-839522115-1010\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)

KLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1177238915-562591055-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
URLSearchHook: [S-1-5-21-1177238915-562591055-839522115-1010] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1177238915-562591055-839522115-1010 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

CHR HKLM\...\Chrome\Extension: [aaaapoomnboffjcgcebabolakmhbblbk] - C:\Documents and Settings\CrazyTan\Local Settings\Application Data\APN\GoogleCRXs\aaaapoomnboffjcgcebabolakmhbblbk_7.17.0.0.crx [Not Found]

U3 astdq1qi; C:\WINDOWS\system32\Drivers\astdq1qi.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS [X]
S3 GPU-Z; \??\C:\DOCUME~1\CrazyTan\LOCALS~1\Temp\GPU-Z.sys [X]
S4 IntelIde; No ImagePath
S3 NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys [X]
S3 NTIOLib_1_0_6; \??\C:\Program Files\MSI\Live Update 5\MSISetup\NTIOLib.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 Tosrfcom; No ImagePath
S3 UCORESYS; No ImagePath
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:538F87FF
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Automatic troubleshooting.job => C:\Program Files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\LinkResolveIgnoreLinkInfo => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value deleted successfully.
HKU\S-1-5-21-1177238915-562591055-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\LinkResolveIgnoreLinkInfo => value deleted successfully.
"HKU\S-1-5-21-1177238915-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e3772ce-68ce-11df-af79-002421f431d7}" => Key deleted successfully.
HKCR\CLSID\{1e3772ce-68ce-11df-af79-002421f431d7} => Key not found.
"HKU\S-1-5-21-1177238915-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87152cb2-c407-11df-afe8-002421f431d7}" => Key deleted successfully.
HKCR\CLSID\{87152cb2-c407-11df-afe8-002421f431d7} => Key not found.
"HKU\S-1-5-21-1177238915-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e7cd6dbb-8158-11e4-bb4e-002421f431d7}" => Key deleted successfully.
HKCR\CLSID\{e7cd6dbb-8158-11e4-bb4e-002421f431d7} => Key not found.
HKU\S-1-5-21-1177238915-562591055-839522115-1010\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value not found.
HKU\KLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION\SOFTWARE\Policies\Microsoft\Internet Explorer => Key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKU\S-1-5-21-1177238915-562591055-839522115-1003\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
Error setting Default URLSearchHook.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-1177238915-562591055-839522115-1010\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\aaaapoomnboffjcgcebabolakmhbblbk" => Key deleted successfully.
astdq1qi => Service not found.
Cardex => Service deleted successfully.
GPU-Z => Service deleted successfully.
IntelIde => Service deleted successfully.
NTIOLib_1_0_4 => Service deleted successfully.
NTIOLib_1_0_6 => Service deleted successfully.
pccsmcfd => Service deleted successfully.
RtsUIR => Service deleted successfully.
Tosrfcom => Service deleted successfully.
UCORESYS => Service deleted successfully.
USBAAPL => Service deleted successfully.
USBCCID => Service deleted successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":538F87FF" ADS removed successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":CB0AACC9" ADS removed successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\Automatic troubleshooting.job => Moved successfully.
C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => Moved successfully.
C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 2.6 GB temporary data.


The system needed a reboot.

==== End of Fixlog 18:46:06 ====

Re: win32/ psw papras.dr trojsky kun

Napsal: 23 bře 2015 21:11
od vyosek
Jak se chova PC :???:

Re: win32/ psw papras.dr trojsky kun

Napsal: 24 bře 2015 15:55
od CrazyTan
Super, vypada to ze vse je OK, konecne se da s NB pracovat, dekuji mnohokrat, a rad bych se zeptal cim jsem to mel zamarasene??

Re: win32/ psw papras.dr trojsky kun

Napsal: 29 bře 2015 08:09
od vyosek
Tak jeste uklidime :James008:

:arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remote disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz