VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

FRST log -> Poprosím o kontrolu.

https://forum.viry.cz:443/viewtopic.php?t=147315

Stránka 1 z 1

FRST log -> Poprosím o kontrolu.

Napsal: 23 pro 2015 18:18
od Ouki
Zdravím dlouho jsem už nedělal nic s tímhle PC a prakticky s ním už nejsem v kontaktu, ale je opravdu hodně spomalený. A díky tomu, že nejsem jeho uživatelem je odkázán do rukou božích;) Proto budu rád, když mi to zkontrolujete.

Zde je log z FRST: Pokud bude potřeba nějaký další log přidám do vlákna;) Předem děkuji za vyřízení.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:23-12-2015
Ran by Ouki (administrator) on OUKILAND-A1E796 (23-12-2015 18:08:42)
Running from D:\Documents and Settings\Ouki\Plocha
Loaded Profiles: Ouki (Available Profiles: Ouki & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) D:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) D:\WINDOWS\system32\ati2evxx.exe
(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Lavasoft Limited) D:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
() D:\WINDOWS\system32\PnkBstrA.exe
(Samsung Electronics Co., Ltd.) D:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe
(Safer-Networking Ltd.) D:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) D:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
() D:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(PS Media s.r.o.) D:\WINDOWS\system32\ssins.exe
(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Advanced Micro Devices Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Nullsoft, Inc.) D:\Program Files\Winamp\winampa.exe
() D:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Realtek Semiconductor Corp.) D:\WINDOWS\soundman.exe
(Oracle Corporation) D:\Program Files\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) D:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
() D:\Program Files\USB TV\EM28XX\BDARemote.exe
(Samsung Electronics Co., Ltd.) D:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxTray.exe
(Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe
(ATI Technologies Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) D:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Piriform Ltd) D:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) D:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) D:\WINDOWS\system32\msiexec.exe
(Microsoft Corporation) D:\WINDOWS\system32\wuauclt.exe
(forum.viry.cz) D:\Documents and Settings\Ouki\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [WinampAgent] => D:\Program Files\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM\...\Run: [CDAServer] => D:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [350072 2012-03-09] ()
HKLM\...\Run: [avgnt] => D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-24] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SoundMan] => D:\WINDOWS\SOUNDMAN.EXE [577536 2007-06-07] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => D:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Run: [SDTray] => D:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\AtiExtEvent: D:\WINDOWS\system32\Ati2evxx.dll [2010-02-11] (ATI Technologies Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-507921405-308236825-839522115-1003\...\Run: [SpybotPostWindows10UpgradeReInstall] => D:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-507921405-308236825-839522115-1003\...\Run: [Steam] => D:\Program Files\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-507921405-308236825-839522115-1003\...\Run: [CCleaner Monitoring] => D:\Program Files\CCleaner\CCleaner.exe [6602152 2015-12-08] (Piriform Ltd)
Startup: D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\BDARemote.lnk [2014-03-08]
ShortcutTarget: BDARemote.lnk -> D:\Program Files\USB TV\EM28XX\BDARemote.exe ()
Startup: D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Samsung Network PC Fax.lnk [2014-03-17]
ShortcutTarget: Samsung Network PC Fax.lnk -> D:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxTray.exe (Samsung Electronics Co., Ltd.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 D:\WINDOWS\system32\LavasoftTcpService.dll [342016 2015-08-04] (Lavasoft Limited)
Winsock: Catalog9 02 D:\WINDOWS\system32\LavasoftTcpService.dll [342016 2015-08-04] (Lavasoft Limited)
Winsock: Catalog9 03 D:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2015-03-17] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 D:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2015-03-17] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 16 D:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2015-03-17] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 17 D:\WINDOWS\system32\LavasoftTcpService.dll [342016 2015-08-04] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{F22607F1-A05C-4B89-9E26-9CDAD5F7A0CA}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-507921405-308236825-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
HKU\S-1-5-21-507921405-308236825-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> DefaultScope {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {27C7AA82-AC5B-44D7-A5F3-063293587AA3} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_19068
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {2D28950B-C1E3-4392-97F3-8816211A28CC} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_19068
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {3F33734E-671A-4261-8382-7A6B89581A03} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_19068
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {523E19DC-78C0-4CA8-9B05-91AADA250748} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_19068
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {5AD07345-5479-48CF-8092-ACED9856BEBF} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_19068
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {B6CFE2DF-59E2-449F-B670-4A5434C18416} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_19068
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {B9155EC5-1E71-4494-B872-28D23E2C91E4} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_19068
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10195_swoc_campaign_150804__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {CE3C3688-5577-42D0-AE16-47EAE0E0FFF0} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_19068
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {E61B9BCD-0439-4DBE-BC6A-D531ECF30F73} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_19068
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-18] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-18] (Oracle Corporation)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-05] ()
Toolbar: HKLM - No Name - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - No File
Toolbar: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - D:\WINDOWS\system32\browseui.dll [2014-02-25] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-05] ()

FireFox:
========
FF ProfilePath: D:\Documents and Settings\Ouki\Data aplikací\Mozilla\Firefox\Profiles\5u4v6oyr.default-1396282542390
FF NewTab: hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcomp ... 0804__yaff
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> D:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> D:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> D:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-18] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> D:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> D:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: D:\Documents and Settings\Ouki\Data aplikací\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)
FF Extension: DAEMON Tools Toolbar - D:\Documents and Settings\Ouki\Data aplikací\Mozilla\Firefox\Profiles\5u4v6oyr.default-1396282542390\Extensions\DTToolbar@toolbarnet.com [2015-08-18] [not signed]
FF Extension: MyStart Toolbar - D:\Documents and Settings\Ouki\Data aplikací\Mozilla\Firefox\Profiles\5u4v6oyr.default-1396282542390\Extensions\{607b689f-7600-45e4-b8e5-887f72dab15c} [2014-12-25] [not signed]
FF Extension: Adblock Plus - D:\Documents and Settings\Ouki\Data aplikací\Mozilla\Firefox\Profiles\5u4v6oyr.default-1396282542390\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-11] [not signed]
FF HKU\S-1-5-21-507921405-308236825-839522115-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - D:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found

Chrome:
=======
CHR Profile: D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-23]
CHR Extension: (Dokumenty Google) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-23]
CHR Extension: (Disk Google) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-17]
CHR Extension: (YouTube) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-17]
CHR Extension: (Vyhledávání Google) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-17]
CHR Extension: (Tabulky Google) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-23]
CHR Extension: (Avira Browser Safety) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-11-17]
CHR Extension: (Dokumenty Google offline) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (AdBlock) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-06]
CHR Extension: (Gmail) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; D:\Program Files\Avira\AntiVir Desktop\avmailc.exe [916968 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; D:\Program Files\Avira\AntiVir Desktop\sched.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; D:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1210512 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed]
S2 ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [593920 2010-02-10] () [File not signed]
R2 LavasoftTcpService; D:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751792 2015-08-04] (Lavasoft Limited)
R2 PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [75136 2014-12-08] ()
R2 Samsung Network Fax Server; D:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe [379952 2013-07-01] (Samsung Electronics Co., Ltd.)
R2 SDScannerService; D:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; D:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; D:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SearchProtectionService; D:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [13312 2015-08-04] () [File not signed]
R2 ssinstall; D:\WINDOWS\System32\ssins.exe [2324216 2014-03-12] (PS Media s.r.o.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALCXWDM; D:\WINDOWS\System32\drivers\ALCXWDM.SYS [4024832 2007-06-07] (Realtek Semiconductor Corp.)
R1 AmdK8; D:\WINDOWS\System32\DRIVERS\AmdK8.sys [42496 2005-03-09] (Advanced Micro Devices)
R3 ati2mtag; D:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed]
R2 avgntflt; D:\WINDOWS\System32\DRIVERS\avgntflt.sys [108448 2015-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; D:\WINDOWS\System32\DRIVERS\avipbb.sys [136728 2015-07-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; D:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2015-05-05] (Avira Operations GmbH & Co. KG)
R0 nvatabus; D:\WINDOWS\System32\DRIVERS\nvatabus.sys [79360 2007-06-07] (NVIDIA Corporation)
R0 nv_agp; D:\WINDOWS\System32\DRIVERS\nv_agp.sys [21120 2007-06-07] (NVIDIA Corporation)
R3 RTL8023xp; D:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [70400 2004-07-16] (Realtek Semiconductor Corporation )
R0 sptd; D:\WINDOWS\System32\Drivers\sptd.sys [691696 2014-03-08] () [File not signed]
R1 ssmdrv; D:\WINDOWS\System32\DRIVERS\ssmdrv.sys [31848 2015-06-09] (Avira Operations GmbH & Co. KG)
S4 IntelIde; no ImagePath
U5 ScsiPort; D:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-23 18:08 - 2015-12-23 18:08 - 00018530 _____ D:\Documents and Settings\Ouki\Plocha\FRST.txt
2015-12-23 18:07 - 2015-12-23 18:08 - 00000000 ____D D:\FRST
2015-12-23 18:06 - 2015-12-23 18:06 - 00000845 _____ D:\Documents and Settings\All Users\Plocha\Avira Antivirus.lnk
2015-12-23 18:02 - 2015-12-23 18:02 - 00112640 _____ (forum.viry.cz) D:\Documents and Settings\Ouki\Plocha\FRSTLauncher.exe
2015-12-23 18:01 - 2015-12-23 18:01 - 00024242 _____ D:\Documents and Settings\Ouki\Dokumenty\cc_20151223_180105.reg
2015-12-23 18:01 - 2015-12-23 18:01 - 00004202 _____ D:\Documents and Settings\Ouki\Dokumenty\cc_20151223_180115.reg
2015-12-23 17:59 - 2015-12-23 17:59 - 01721856 _____ (Farbar) D:\Documents and Settings\Ouki\Plocha\FRST.exe
2015-12-23 17:55 - 2015-12-23 17:55 - 00000682 _____ D:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2015-12-23 17:55 - 2015-12-23 17:55 - 00000000 ____D D:\Program Files\CCleaner
2015-12-23 17:55 - 2015-12-23 17:55 - 00000000 ____D D:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2015-12-23 17:54 - 2015-12-23 17:55 - 06805328 _____ (Piriform Ltd) D:\Documents and Settings\Ouki\Plocha\ccsetup513.exe
2015-12-23 15:40 - 2008-04-14 08:51 - 00021504 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\hidserv.dll
2015-12-23 15:40 - 2008-04-14 08:51 - 00021504 _____ (Microsoft Corporation) D:\WINDOWS\system32\hidserv.dll
2015-12-23 15:40 - 2008-04-14 07:59 - 00014592 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdhid.sys
2015-12-23 15:40 - 2008-04-14 07:59 - 00014592 _____ (Microsoft Corporation) D:\WINDOWS\system32\Drivers\kbdhid.sys
2015-12-19 09:44 - 2015-12-19 15:24 - 00000000 ____D D:\Program Files\Mozilla Firefox
2015-12-13 21:22 - 2015-12-13 21:23 - 103927304 _____ D:\Documents and Settings\Ouki\Plocha\frána.AVI
2015-12-12 12:45 - 2015-12-12 15:35 - 3025763164 _____ D:\Documents and Settings\Ouki\Plocha\Steuben-Fritz---Tekumseh-(Audiokniha)(Mluvené-Slovo)[JoyTearz].zip
2015-12-06 20:47 - 2015-12-06 20:47 - 00013797 _____ D:\Documents and Settings\Ouki\Plocha\listopad 2015.ods
2015-11-29 13:08 - 2015-11-29 13:08 - 00267845 _____ D:\Documents and Settings\Ouki\Plocha\Komárek-Stanislav---Sto-esejů.rar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-23 18:08 - 2014-03-08 11:31 - 00000000 ____D D:\Documents and Settings\Ouki\Plocha
2015-12-23 18:08 - 2014-03-08 11:31 - 00000000 ____D D:\Documents and Settings\Ouki\Local Settings\Temp
2015-12-23 18:07 - 2014-03-08 12:05 - 00000000 ____D D:\WINDOWS
2015-12-23 18:06 - 2015-11-15 19:50 - 00000940 _____ D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-23 18:06 - 2015-04-06 09:42 - 00000000 ____D D:\Program Files\Avira
2015-12-23 18:06 - 2015-04-06 09:42 - 00000000 ____D D:\Documents and Settings\All Users\Nabídka Start\Programy\Avira
2015-12-23 18:06 - 2015-04-06 09:42 - 00000000 ____D D:\Documents and Settings\All Users\Data aplikací\Avira
2015-12-23 18:06 - 2014-03-08 12:14 - 00000000 ____D D:\Documents and Settings\All Users\Plocha
2015-12-23 18:06 - 2014-03-08 11:31 - 00000000 ___HD D:\Documents and Settings\Ouki\Local Settings\Data aplikací
2015-12-23 18:01 - 2014-03-08 11:31 - 00000000 ___RD D:\Documents and Settings\Ouki\Dokumenty
2015-12-23 17:58 - 2014-03-08 11:49 - 00000914 _____ D:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-23 17:56 - 2015-09-03 19:04 - 00000000 ____D D:\Program Files\Steam
2015-12-23 17:56 - 2015-07-06 15:19 - 00000000 ____D D:\WINDOWS\Minidump
2015-12-23 17:56 - 2015-02-24 17:58 - 00000000 ____D D:\Documents and Settings\Ouki\Data aplikací\MPC-HC
2015-12-23 17:56 - 2014-03-08 17:05 - 00000000 ____D D:\Documents and Settings\Ouki\Data aplikací\uTorrent
2015-12-23 17:56 - 2014-03-08 11:31 - 00000000 ____D D:\Documents and Settings\Ouki
2015-12-23 17:55 - 2014-03-08 12:14 - 00000000 ____D D:\Documents and Settings\All Users\Nabídka Start\Programy
2015-12-23 17:43 - 2014-03-08 12:13 - 00000000 __RHD D:\Documents and Settings\All Users\Data aplikací
2015-12-23 17:41 - 2015-08-19 07:30 - 00000644 _____ D:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-12-23 17:41 - 2004-08-18 13:00 - 00002206 _____ D:\WINDOWS\system32\wpa.dbl
2015-12-23 17:39 - 2015-11-15 19:50 - 00000936 _____ D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-23 17:39 - 2015-08-25 21:51 - 00000414 _____ D:\WINDOWS\Tasks\Opera scheduled Autoupdate 1440535902.job
2015-12-23 17:39 - 2015-04-07 18:43 - 00000220 _____ D:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-12-23 17:39 - 2014-03-08 11:30 - 00000006 ____H D:\WINDOWS\Tasks\SA.DAT
2015-12-23 15:40 - 2014-03-08 12:05 - 00000000 RSHDC D:\WINDOWS\system32\dllcache
2015-12-23 09:06 - 2014-03-08 11:30 - 00032618 ____N D:\WINDOWS\SchedLgU.Txt
2015-12-22 22:27 - 2014-03-08 12:06 - 00524288 _____ D:\WINDOWS\system32\config\ACEEvent.evt
2015-12-22 22:27 - 2014-03-08 11:31 - 00000178 ___SH D:\Documents and Settings\Ouki\ntuser.ini
2015-12-20 19:07 - 2014-03-08 11:57 - 00000000 ____D D:\Program Files\Mozilla Maintenance Service
2015-12-19 21:37 - 2015-11-15 19:49 - 00000958 _____ D:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-12-19 09:28 - 2014-03-12 18:52 - 00000000 ____D D:\Documents and Settings\Ouki\Plocha\miroslav
2015-12-18 19:24 - 2014-03-08 11:31 - 00000000 ___RD D:\Documents and Settings\Ouki\Dokumenty\Hudba
2015-12-17 21:12 - 2014-07-21 08:18 - 00000572 _____ D:\Documents and Settings\Ouki\Dokumenty\spider.sav
2015-12-17 09:08 - 2015-11-15 19:50 - 00001813 _____ D:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2015-12-16 19:27 - 2015-08-25 13:20 - 00000000 ____D D:\Documents and Settings\Ouki\Plocha\Jeseníky 2015
2015-12-15 20:44 - 2015-04-06 09:56 - 00000000 ____D D:\WINDOWS\system32\NtmsData
2015-12-15 20:43 - 2014-03-08 11:23 - 00000000 ____D D:\WINDOWS\Registration
2015-12-09 20:22 - 2015-06-03 21:39 - 00000000 ____D D:\WINDOWS\system32\MRT
2015-12-09 20:15 - 2015-04-07 13:25 - 137798368 _____ (Microsoft Corporation) D:\WINDOWS\system32\MRT.exe
2015-12-09 19:58 - 2015-10-17 18:58 - 19452096 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerInstaller.exe
2015-12-09 19:58 - 2014-03-08 11:49 - 00796864 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerApp.exe
2015-12-09 19:58 - 2014-03-08 11:49 - 00142528 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-12-09 18:24 - 2015-08-25 21:50 - 00000000 ____D D:\Program Files\Opera
2015-12-08 15:00 - 2015-04-07 18:43 - 00000214 _____ D:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-11-28 19:31 - 2014-03-19 17:40 - 00000000 ____D D:\Documents and Settings\Ouki\Dokumenty\Scan
2015-11-24 22:34 - 2014-03-08 15:05 - 00000000 ____D D:\Documents and Settings\Ouki\Dokumenty\Stažené soubory
2015-11-24 15:27 - 2014-03-08 11:31 - 00000000 __RHD D:\Documents and Settings\Ouki\Data aplikací

==================== Files in the root of some directories =======

2015-07-21 09:15 - 2015-07-21 09:15 - 2446176 _____ (Acro Software Inc. ) D:\Program Files\CuteWriter.exe
2015-07-22 19:20 - 2015-07-22 19:56 - 640092212 _____ () D:\Program Files\Mluvené-slovo-Audio-knihy-Rozhlasové-hry-Seznam-smrti-110645.rar
2015-07-21 12:39 - 2015-07-21 12:39 - 2524620 _____ () D:\Program Files\četnost-jména-obec.zip
2015-08-02 20:39 - 2015-08-02 20:39 - 0003584 _____ () D:\Documents and Settings\Ouki\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
D:\Documents and Settings\Ouki\Local Settings\Temp\avgnt.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

D:\WINDOWS\explorer.exe => File is digitally signed
D:\WINDOWS\system32\winlogon.exe => File is digitally signed
D:\WINDOWS\system32\svchost.exe => File is digitally signed
D:\WINDOWS\system32\services.exe => File is digitally signed
D:\WINDOWS\system32\User32.dll => File is digitally signed
D:\WINDOWS\system32\userinit.exe => File is digitally signed
D:\WINDOWS\system32\rpcss.dll => File is digitally signed
D:\WINDOWS\system32\dnsapi.dll => File is digitally signed
D:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: D:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => D:\WINDOWS\system32\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe
Task: D:\WINDOWS\Tasks\Adobe Flash Player Updater.job => D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: D:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => D:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => D:\Program Files\Google\Update\GoogleUpdate.exe
Task: D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => D:\Program Files\Google\Update\GoogleUpdate.exe
Task: D:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => D:\WINDOWS\system32\xp_eos.exe
Task: D:\WINDOWS\Tasks\Opera scheduled Autoupdate 1440535902.job => D:\Program Files\Opera\launcher.exe
Task: D:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => D:\WINDOWS\system32\xp_eos.exe
Task: D:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => D:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: D:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => D:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: D:\Documents and Settings\Ouki:gs5sys
AlternateDataStreams: D:\Documents and Settings\All Users\Šablony:gs5sys
AlternateDataStreams: D:\Documents and Settings\All Users\Data aplikací\desktop.ini:gs5sys
AlternateDataStreams: D:\Documents and Settings\All Users\Dokumenty\desktop.ini:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Cookies:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Plocha:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Šablony:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Data aplikací\desktop.ini:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Local Settings\Data aplikací:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Local Settings\History:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Dokumenty\desktop.ini:gs5sys

==================== Security Center ==================

AV: Avira Antivirus (Disabled - Out of date) {AD166499-45F9-482A-A743-FDD3350758C7}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "D:\Documents and Settings\Ouki\Plocha" je 46 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"D:\Documents and Settings\Ouki\Data aplikac\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"D:\Documents and Settings\Ouki\Data aplikac\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp
D:\WINDOWS\inf\msstp.vbe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive
D:\WINDOWS\system32\rundll32.exe ",EntryPoint -m l [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"D:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"D:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VolumeLock
"D:\Program Files\VolumeLock\vollock.exe" /m [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Web Companion
D:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^McAfee Security Scan Plus.lnk
D:\PROGRA~1\MCAFEE~1\311~1.149\SSSCHE~1.EXE [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DoNotAllowExceptions REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.2380\\Agent.exe"="D:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.2380\\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\\Program Files\\Battle.net\\Battle.net.exe"="D:\\Program Files\\Battle.net\\Battle.net.exe:*:Enabled:Battle.net"
"D:\\Program Files\\Hearthstone\\Hearthstone.exe"="D:\\Program Files\\Hearthstone\\Hearthstone.exe:*:Enabled:Hearthstone"
"D:\\WINDOWS\\system32\\dpvsetup.exe"="D:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"D:\\WINDOWS\\system32\\rundll32.exe"="D:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Run a DLL as an App"
"D:\\Program Files\\Winamp\\winamp.exe"="D:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"
"D:\\WINDOWS\\twain_32\\Samsung\\SLM2070\\ScanCDLM\\ScanCDLM.exe"="D:\\WINDOWS\\twain_32\\Samsung\\SLM2070\\ScanCDLM\\ScanCDLM.exe:*:Enabled:Samsung Scanner Discovery Module V3"
"D:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe"="D:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe:*:Enabled:Easy Printer Manager"
"D:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe"="D:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe:*:Enabled:EPM Order Supplies "
"D:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe"="D:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe:*:Enabled:EPM Alert "
"D:\\Program Files\\Samsung\\Easy Printer Manager\\uninstall.exe"="D:\\Program Files\\Samsung\\Easy Printer Manager\\uninstall.exe:*:Enabled:Samsung uninstaller "
"D:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe"="D:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe:*:Enabled:EPM CDA Scan2PC"
"D:\\Program Files\\Samsung\\Easy Document Creator\\EDC.exe"="D:\\Program Files\\Samsung\\Easy Document Creator\\EDC.exe:*:Enabled:Samsung Easy Document Creator"
"D:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\NetFaxMon.exe"="D:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\NetFaxMon.exe:LocalSubNet:Enabled:Samsung Network PC Fax Monitor"
"D:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.2717\\Agent.exe"="D:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.2717\\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.beta.2737\\Agent.exe"="D:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.beta.2737\\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\\Program Files\\HLSW\\hlsw.exe"="D:\\Program Files\\HLSW\\hlsw.exe:*:Enabled:HLSW Application"
"F:\\Game\\ETcko\\ET.exe"="F:\\Game\\ETcko\\ET.exe:*:Enabled:ET"
"D:\\Program Files\\mystarttb\\dtuser.exe"="D:\\Program Files\\mystarttb\\dtuser.exe:*:Enabled:MyStart Toolbar DTX Broker"
"D:\\Program Files\\mystarttb\\ToolbarCleaner.exe"="D:\\Program Files\\mystarttb\\ToolbarCleaner.exe:*:Enabled:ToolbarCleaner"
"D:\\Documents and Settings\\All Users\\Data aplikac\\EmailNotifier\\EmailNotifier.exe"="D:\\Documents and Settings\\All Users\\Data aplikac\\EmailNotifier\\EmailNotifier.exe:*:Enabled:Email Notifier"
"D:\\Program Files\\Java\\jre1.8.0_31\\launch4j-tmp\\frd.exe"="D:\\Program Files\\Java\\jre1.8.0_31\\launch4j-tmp\\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\\Program Files\\uTorrent\\uTorrent.exe"="D:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:uTorrent"
"D:\\Documents and Settings\\Ouki\\Data aplikac\\Spotify\\Spotify.exe"="D:\\Documents and Settings\\Ouki\\Data aplikac\\Spotify\\Spotify.exe:*:Enabled:Spotify"
"D:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.3427\\Agent.exe"="D:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.3427\\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\\Program Files\\Java\\jre1.8.0_51\\launch4j-tmp\\frd.exe"="D:\\Program Files\\Java\\jre1.8.0_51\\launch4j-tmp\\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"="D:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"D:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="D:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"D:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"="D:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"D:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="D:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
"D:\\Program Files\\Steam\\Steam.exe"="D:\\Program Files\\Steam\\Steam.exe:*:Enabled:Steam"
"D:\\Program Files\\Steam\\bin\\steamwebhelper.exe"="D:\\Program Files\\Steam\\bin\\steamwebhelper.exe:*:Enabled:Steam Web Helper"
"D:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="D:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"D:\\Program Files\\Mozilla Firefox\\firefox.exe"="D:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (D:\\Program Files\\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"58197:TCP"="58197:TCP:*:Enabled:Pando Media Booster"
"58197:UDP"="58197:UDP:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"58197:TCP"="58197:TCP:*:Enabled:Pando Media Booster"
"58197:UDP"="58197:UDP:*:Enabled:Pando Media Booster"
"139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: FRST log -> Poprosím o kontrolu.

Napsal: 23 pro 2015 19:20
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: FRST log -> Poprosím o kontrolu.

Napsal: 23 pro 2015 19:36
od Ouki
Zde je log z adwcleaneru:

# AdwCleaner v5.026 - Logfile created 23/12/2015 at 19:28:36
# Updated 21/12/2015 by Xplode
# Database : 2015-12-23.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Ouki - OUKILAND-A1E796
# Running from : D:\Documents and Settings\Ouki\Plocha\adwcleaner_5.026.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : D:\Documents and Settings\All Users\Data aplikací\EmailNotifier
[-] Folder Deleted : D:\Documents and Settings\All Users\Dokumenty\iWin
[-] Folder Deleted : D:\Documents and Settings\All Users\Nabídka Start\Programy\Play
[-] Folder Deleted : D:\Documents and Settings\Ouki\Data aplikací\RPEng
[-] Folder Deleted : D:\Documents and Settings\Ouki\Data aplikací\Mozilla\Firefox\Profiles\5u4v6oyr.default-1396282542390\mystarttb
[-] Folder Deleted : D:\Documents and Settings\Ouki\Data aplikací\Mozilla\Firefox\Profiles\5u4v6oyr.default-1396282542390\Extensions\{607b689f-7600-45e4-b8e5-887f72dab15c}
[-] Folder Deleted : D:\Documents and Settings\Ouki\Data aplikací\Mozilla\Firefox\Profiles\5u4v6oyr.default-1396282542390\Extensions\DTToolbar@toolbarnet.com
[-] Folder Deleted : D:\Documents and Settings\Ouki\Local Settings\Data aplikací\genienext
[-] Folder Deleted : D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Mobogenie
[-] Folder Deleted : D:\Program Files\DAEMON Tools Toolbar
[-] Folder Deleted : D:\Program Files\Play

***** [ Files ] *****

[-] File Deleted : D:\Documents and Settings\Ouki\daemonprocess.txt
[-] File Deleted : D:\Documents and Settings\Ouki\Data aplikací\Mozilla\Firefox\Profiles\5u4v6oyr.default-1396282542390\invalidprefs.js

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
[-] Key Deleted : HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\NextLive
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCB24E92-62C4-4C53-95D2-65F9EED476BC}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-] Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
[-] Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
[-] Key Deleted : HKLM\SOFTWARE\Email Notifier
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mystarttb
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - D:\AdwCleaner\AdwCleaner[C1].txt - [3951 bytes] ##########

Re: FRST log -> Poprosím o kontrolu.

Napsal: 23 pro 2015 20:49
od Rudy
Dejte nový log FRST.

Re: FRST log -> Poprosím o kontrolu.

Napsal: 23 pro 2015 21:47
od Ouki
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:23-12-2015
Ran by Ouki (administrator) on OUKILAND-A1E796 (23-12-2015 21:44:21)
Running from D:\Documents and Settings\Ouki\Plocha
Loaded Profiles: Ouki (Available Profiles: Ouki & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) D:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) D:\WINDOWS\system32\ati2evxx.exe
(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Lavasoft Limited) D:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
() D:\WINDOWS\system32\PnkBstrA.exe
(Samsung Electronics Co., Ltd.) D:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe
(Safer-Networking Ltd.) D:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) D:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
() D:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(PS Media s.r.o.) D:\WINDOWS\system32\ssins.exe
(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) D:\WINDOWS\system32\wscntfy.exe
(Nullsoft, Inc.) D:\Program Files\Winamp\winampa.exe
(Advanced Micro Devices Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() D:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Realtek Semiconductor Corp.) D:\WINDOWS\soundman.exe
(Oracle Corporation) D:\Program Files\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() D:\Program Files\USB TV\EM28XX\BDARemote.exe
(Samsung Electronics Co., Ltd.) D:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxTray.exe
(Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) D:\Documents and Settings\Ouki\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [WinampAgent] => D:\Program Files\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM\...\Run: [CDAServer] => D:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [350072 2012-03-09] ()
HKLM\...\Run: [avgnt] => D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-24] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SoundMan] => D:\WINDOWS\SOUNDMAN.EXE [577536 2007-06-07] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => D:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Run: [SDTray] => D:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\AtiExtEvent: D:\WINDOWS\system32\Ati2evxx.dll [2010-02-11] (ATI Technologies Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-507921405-308236825-839522115-1003\...\Run: [SpybotPostWindows10UpgradeReInstall] => D:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-507921405-308236825-839522115-1003\...\Run: [Steam] => D:\Program Files\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-507921405-308236825-839522115-1003\...\Run: [CCleaner Monitoring] => D:\Program Files\CCleaner\CCleaner.exe [6602152 2015-12-08] (Piriform Ltd)
Startup: D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\BDARemote.lnk [2014-03-08]
ShortcutTarget: BDARemote.lnk -> D:\Program Files\USB TV\EM28XX\BDARemote.exe ()
Startup: D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Samsung Network PC Fax.lnk [2014-03-17]
ShortcutTarget: Samsung Network PC Fax.lnk -> D:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxTray.exe (Samsung Electronics Co., Ltd.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{F22607F1-A05C-4B89-9E26-9CDAD5F7A0CA}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-507921405-308236825-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {27C7AA82-AC5B-44D7-A5F3-063293587AA3} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_19068
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {2D28950B-C1E3-4392-97F3-8816211A28CC} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_19068
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {3F33734E-671A-4261-8382-7A6B89581A03} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_19068
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {523E19DC-78C0-4CA8-9B05-91AADA250748} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_19068
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {5AD07345-5479-48CF-8092-ACED9856BEBF} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_19068
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {B6CFE2DF-59E2-449F-B670-4A5434C18416} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_19068
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {B9155EC5-1E71-4494-B872-28D23E2C91E4} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_19068
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10195_swoc_campaign_150804__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {CE3C3688-5577-42D0-AE16-47EAE0E0FFF0} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_19068
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> {E61B9BCD-0439-4DBE-BC6A-D531ECF30F73} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_19068
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-18] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-18] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - D:\WINDOWS\system32\browseui.dll [2014-02-25] (Společnost Microsoft)

FireFox:
========
FF ProfilePath: D:\Documents and Settings\Ouki\Data aplikací\Mozilla\Firefox\Profiles\5u4v6oyr.default-1396282542390
FF NewTab: hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcomp ... 0804__yaff
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> D:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> D:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> D:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-18] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> D:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> D:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: D:\Documents and Settings\Ouki\Data aplikací\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)
FF Extension: Adblock Plus - D:\Documents and Settings\Ouki\Data aplikací\Mozilla\Firefox\Profiles\5u4v6oyr.default-1396282542390\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-11] [not signed]
FF HKU\S-1-5-21-507921405-308236825-839522115-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - D:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found

Chrome:
=======
CHR Profile: D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-23]
CHR Extension: (Dokumenty Google) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-23]
CHR Extension: (Disk Google) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-17]
CHR Extension: (YouTube) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-17]
CHR Extension: (Vyhledávání Google) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-17]
CHR Extension: (Tabulky Google) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-23]
CHR Extension: (Avira Browser Safety) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-11-17]
CHR Extension: (Dokumenty Google offline) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (AdBlock) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-06]
CHR Extension: (Gmail) - D:\Documents and Settings\Ouki\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; D:\Program Files\Avira\AntiVir Desktop\avmailc.exe [916968 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; D:\Program Files\Avira\AntiVir Desktop\sched.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; D:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1210512 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed]
S2 ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [593920 2010-02-10] () [File not signed]
R2 LavasoftTcpService; D:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751792 2015-08-04] (Lavasoft Limited)
R2 PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [75136 2014-12-08] ()
R2 Samsung Network Fax Server; D:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe [379952 2013-07-01] (Samsung Electronics Co., Ltd.)
R2 SDScannerService; D:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; D:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; D:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SearchProtectionService; D:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [13312 2015-08-04] () [File not signed]
R2 ssinstall; D:\WINDOWS\System32\ssins.exe [2324216 2014-03-12] (PS Media s.r.o.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALCXWDM; D:\WINDOWS\System32\drivers\ALCXWDM.SYS [4024832 2007-06-07] (Realtek Semiconductor Corp.)
R1 AmdK8; D:\WINDOWS\System32\DRIVERS\AmdK8.sys [42496 2005-03-09] (Advanced Micro Devices)
R3 ati2mtag; D:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed]
R2 avgntflt; D:\WINDOWS\System32\DRIVERS\avgntflt.sys [108448 2015-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; D:\WINDOWS\System32\DRIVERS\avipbb.sys [136728 2015-07-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; D:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2015-05-05] (Avira Operations GmbH & Co. KG)
R0 nvatabus; D:\WINDOWS\System32\DRIVERS\nvatabus.sys [79360 2007-06-07] (NVIDIA Corporation)
R0 nv_agp; D:\WINDOWS\System32\DRIVERS\nv_agp.sys [21120 2007-06-07] (NVIDIA Corporation)
R3 RTL8023xp; D:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [70400 2004-07-16] (Realtek Semiconductor Corporation )
R0 sptd; D:\WINDOWS\System32\Drivers\sptd.sys [691696 2014-03-08] () [File not signed]
R1 ssmdrv; D:\WINDOWS\System32\DRIVERS\ssmdrv.sys [31848 2015-06-09] (Avira Operations GmbH & Co. KG)
S4 IntelIde; no ImagePath
U5 ScsiPort; D:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-23 19:25 - 2015-12-23 19:28 - 00000000 ____D D:\AdwCleaner
2015-12-23 19:23 - 2015-12-23 19:23 - 01743360 _____ D:\Documents and Settings\Ouki\Plocha\adwcleaner_5.026.exe
2015-12-23 18:15 - 2015-12-23 18:15 - 00006113 _____ D:\Documents and Settings\Ouki\Plocha\Addition.rar
2015-12-23 18:08 - 2015-12-23 21:44 - 00016344 _____ D:\Documents and Settings\Ouki\Plocha\FRST.txt
2015-12-23 18:07 - 2015-12-23 21:44 - 00000000 ____D D:\FRST
2015-12-23 18:06 - 2015-12-23 18:06 - 00000845 _____ D:\Documents and Settings\All Users\Plocha\Avira Antivirus.lnk
2015-12-23 18:02 - 2015-12-23 18:02 - 00112640 _____ (forum.viry.cz) D:\Documents and Settings\Ouki\Plocha\FRSTLauncher.exe
2015-12-23 18:01 - 2015-12-23 18:01 - 00024242 _____ D:\Documents and Settings\Ouki\Dokumenty\cc_20151223_180105.reg
2015-12-23 18:01 - 2015-12-23 18:01 - 00004202 _____ D:\Documents and Settings\Ouki\Dokumenty\cc_20151223_180115.reg
2015-12-23 17:59 - 2015-12-23 17:59 - 01721856 _____ (Farbar) D:\Documents and Settings\Ouki\Plocha\FRST.exe
2015-12-23 17:55 - 2015-12-23 17:55 - 00000682 _____ D:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2015-12-23 17:55 - 2015-12-23 17:55 - 00000000 ____D D:\Program Files\CCleaner
2015-12-23 17:55 - 2015-12-23 17:55 - 00000000 ____D D:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2015-12-23 17:54 - 2015-12-23 17:55 - 06805328 _____ (Piriform Ltd) D:\Documents and Settings\Ouki\Plocha\ccsetup513.exe
2015-12-23 15:40 - 2008-04-14 08:51 - 00021504 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\hidserv.dll
2015-12-23 15:40 - 2008-04-14 08:51 - 00021504 _____ (Microsoft Corporation) D:\WINDOWS\system32\hidserv.dll
2015-12-23 15:40 - 2008-04-14 07:59 - 00014592 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdhid.sys
2015-12-23 15:40 - 2008-04-14 07:59 - 00014592 _____ (Microsoft Corporation) D:\WINDOWS\system32\Drivers\kbdhid.sys
2015-12-19 09:44 - 2015-12-19 15:24 - 00000000 ____D D:\Program Files\Mozilla Firefox
2015-12-13 21:22 - 2015-12-13 21:23 - 103927304 _____ D:\Documents and Settings\Ouki\Plocha\frána.AVI
2015-12-12 12:45 - 2015-12-12 15:35 - 3025763164 _____ D:\Documents and Settings\Ouki\Plocha\Steuben-Fritz---Tekumseh-(Audiokniha)(Mluvené-Slovo)[JoyTearz].zip
2015-12-06 20:47 - 2015-12-06 20:47 - 00013797 _____ D:\Documents and Settings\Ouki\Plocha\listopad 2015.ods
2015-11-29 13:08 - 2015-11-29 13:08 - 00267845 _____ D:\Documents and Settings\Ouki\Plocha\Komárek-Stanislav---Sto-esejů.rar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-23 21:44 - 2014-03-08 12:05 - 00000000 ____D D:\WINDOWS
2015-12-23 21:44 - 2014-03-08 11:31 - 00000000 ___HD D:\Documents and Settings\Ouki\Local Settings\Data aplikací
2015-12-23 21:44 - 2014-03-08 11:31 - 00000000 ____D D:\Documents and Settings\Ouki\Plocha
2015-12-23 21:44 - 2014-03-08 11:31 - 00000000 ____D D:\Documents and Settings\Ouki\Local Settings\Temp
2015-12-23 21:43 - 2015-09-03 19:04 - 00000000 ____D D:\Program Files\Steam
2015-12-23 21:43 - 2014-03-08 17:05 - 00000000 ____D D:\Documents and Settings\Ouki\Data aplikací\uTorrent
2015-12-23 21:06 - 2015-11-15 19:50 - 00000940 _____ D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-23 20:58 - 2014-03-08 11:49 - 00000914 _____ D:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-23 19:34 - 2015-08-19 07:30 - 00000644 _____ D:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-12-23 19:33 - 2004-08-18 13:00 - 00002206 _____ D:\WINDOWS\system32\wpa.dbl
2015-12-23 19:31 - 2015-11-15 19:50 - 00000936 _____ D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-23 19:31 - 2015-08-25 21:51 - 00000414 _____ D:\WINDOWS\Tasks\Opera scheduled Autoupdate 1440535902.job
2015-12-23 19:31 - 2015-04-07 18:43 - 00000220 _____ D:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-12-23 19:31 - 2015-04-06 09:41 - 00000000 ____D D:\Documents and Settings\All Users\Data aplikací\Package Cache
2015-12-23 19:31 - 2014-03-08 11:30 - 00000006 ____H D:\WINDOWS\Tasks\SA.DAT
2015-12-23 19:29 - 2014-03-08 12:06 - 00524288 _____ D:\WINDOWS\system32\config\ACEEvent.evt
2015-12-23 19:29 - 2014-03-08 11:31 - 00000178 ___SH D:\Documents and Settings\Ouki\ntuser.ini
2015-12-23 19:29 - 2014-03-08 11:31 - 00000000 ____D D:\Documents and Settings\Ouki
2015-12-23 19:29 - 2014-03-08 11:30 - 00032618 _____ D:\WINDOWS\SchedLgU.Txt
2015-12-23 19:28 - 2014-03-08 12:14 - 00000000 ____D D:\Documents and Settings\All Users\Nabídka Start\Programy
2015-12-23 19:28 - 2014-03-08 12:13 - 00000000 __RHD D:\Documents and Settings\All Users\Data aplikací
2015-12-23 19:28 - 2014-03-08 11:31 - 00000000 __RHD D:\Documents and Settings\Ouki\Data aplikací
2015-12-23 18:06 - 2015-04-06 09:42 - 00000000 ____D D:\Program Files\Avira
2015-12-23 18:06 - 2015-04-06 09:42 - 00000000 ____D D:\Documents and Settings\All Users\Nabídka Start\Programy\Avira
2015-12-23 18:06 - 2015-04-06 09:42 - 00000000 ____D D:\Documents and Settings\All Users\Data aplikací\Avira
2015-12-23 18:06 - 2014-03-08 12:14 - 00000000 ____D D:\Documents and Settings\All Users\Plocha
2015-12-23 18:01 - 2014-03-08 11:31 - 00000000 ___RD D:\Documents and Settings\Ouki\Dokumenty
2015-12-23 17:56 - 2015-07-06 15:19 - 00000000 ____D D:\WINDOWS\Minidump
2015-12-23 17:56 - 2015-02-24 17:58 - 00000000 ____D D:\Documents and Settings\Ouki\Data aplikací\MPC-HC
2015-12-23 15:40 - 2014-03-08 12:05 - 00000000 RSHDC D:\WINDOWS\system32\dllcache
2015-12-20 19:07 - 2014-03-08 11:57 - 00000000 ____D D:\Program Files\Mozilla Maintenance Service
2015-12-19 21:37 - 2015-11-15 19:49 - 00000958 _____ D:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-12-19 09:28 - 2014-03-12 18:52 - 00000000 ____D D:\Documents and Settings\Ouki\Plocha\miroslav
2015-12-18 19:24 - 2014-03-08 11:31 - 00000000 ___RD D:\Documents and Settings\Ouki\Dokumenty\Hudba
2015-12-17 21:12 - 2014-07-21 08:18 - 00000572 _____ D:\Documents and Settings\Ouki\Dokumenty\spider.sav
2015-12-17 09:08 - 2015-11-15 19:50 - 00001813 _____ D:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2015-12-16 19:27 - 2015-08-25 13:20 - 00000000 ____D D:\Documents and Settings\Ouki\Plocha\Jeseníky 2015
2015-12-15 20:44 - 2015-04-06 09:56 - 00000000 ____D D:\WINDOWS\system32\NtmsData
2015-12-15 20:43 - 2014-03-08 11:23 - 00000000 ____D D:\WINDOWS\Registration
2015-12-09 20:22 - 2015-06-03 21:39 - 00000000 ____D D:\WINDOWS\system32\MRT
2015-12-09 20:15 - 2015-04-07 13:25 - 137798368 _____ (Microsoft Corporation) D:\WINDOWS\system32\MRT.exe
2015-12-09 19:58 - 2015-10-17 18:58 - 19452096 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerInstaller.exe
2015-12-09 19:58 - 2014-03-08 11:49 - 00796864 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerApp.exe
2015-12-09 19:58 - 2014-03-08 11:49 - 00142528 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-12-09 18:24 - 2015-08-25 21:50 - 00000000 ____D D:\Program Files\Opera
2015-12-08 15:00 - 2015-04-07 18:43 - 00000214 _____ D:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-11-28 19:31 - 2014-03-19 17:40 - 00000000 ____D D:\Documents and Settings\Ouki\Dokumenty\Scan
2015-11-24 22:34 - 2014-03-08 15:05 - 00000000 ____D D:\Documents and Settings\Ouki\Dokumenty\Stažené soubory

==================== Files in the root of some directories =======

2015-07-21 09:15 - 2015-07-21 09:15 - 2446176 _____ (Acro Software Inc. ) D:\Program Files\CuteWriter.exe
2015-07-22 19:20 - 2015-07-22 19:56 - 640092212 _____ () D:\Program Files\Mluvené-slovo-Audio-knihy-Rozhlasové-hry-Seznam-smrti-110645.rar
2015-07-21 12:39 - 2015-07-21 12:39 - 2524620 _____ () D:\Program Files\četnost-jména-obec.zip
2015-08-02 20:39 - 2015-08-02 20:39 - 0003584 _____ () D:\Documents and Settings\Ouki\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
D:\Documents and Settings\Ouki\Local Settings\Temp\avgnt.exe
D:\Documents and Settings\Ouki\Local Settings\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

D:\WINDOWS\explorer.exe => File is digitally signed
D:\WINDOWS\system32\winlogon.exe => File is digitally signed
D:\WINDOWS\system32\svchost.exe => File is digitally signed
D:\WINDOWS\system32\services.exe => File is digitally signed
D:\WINDOWS\system32\User32.dll => File is digitally signed
D:\WINDOWS\system32\userinit.exe => File is digitally signed
D:\WINDOWS\system32\rpcss.dll => File is digitally signed
D:\WINDOWS\system32\dnsapi.dll => File is digitally signed
D:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: D:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => D:\WINDOWS\system32\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe
Task: D:\WINDOWS\Tasks\Adobe Flash Player Updater.job => D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: D:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => D:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => D:\Program Files\Google\Update\GoogleUpdate.exe
Task: D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => D:\Program Files\Google\Update\GoogleUpdate.exe
Task: D:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => D:\WINDOWS\system32\xp_eos.exe
Task: D:\WINDOWS\Tasks\Opera scheduled Autoupdate 1440535902.job => D:\Program Files\Opera\launcher.exe
Task: D:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => D:\WINDOWS\system32\xp_eos.exe
Task: D:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => D:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: D:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => D:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: D:\Documents and Settings\Ouki:gs5sys
AlternateDataStreams: D:\Documents and Settings\All Users\Šablony:gs5sys
AlternateDataStreams: D:\Documents and Settings\All Users\Data aplikací\desktop.ini:gs5sys
AlternateDataStreams: D:\Documents and Settings\All Users\Dokumenty\desktop.ini:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Cookies:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Plocha:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Šablony:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Data aplikací\desktop.ini:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Local Settings\Data aplikací:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Local Settings\History:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Dokumenty\desktop.ini:gs5sys

==================== Security Center ==================

AV: Avira Antivirus (Disabled - Out of date) {AD166499-45F9-482A-A743-FDD3350758C7}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "D:\Documents and Settings\Ouki\Plocha" je 48 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"D:\Documents and Settings\Ouki\Data aplikac\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"D:\Documents and Settings\Ouki\Data aplikac\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp
D:\WINDOWS\inf\msstp.vbe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"D:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"D:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VolumeLock
"D:\Program Files\VolumeLock\vollock.exe" /m [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Web Companion
D:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^McAfee Security Scan Plus.lnk
D:\PROGRA~1\MCAFEE~1\311~1.149\SSSCHE~1.EXE [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DoNotAllowExceptions REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.2380\\Agent.exe"="D:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.2380\\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\\Program Files\\Battle.net\\Battle.net.exe"="D:\\Program Files\\Battle.net\\Battle.net.exe:*:Enabled:Battle.net"
"D:\\Program Files\\Hearthstone\\Hearthstone.exe"="D:\\Program Files\\Hearthstone\\Hearthstone.exe:*:Enabled:Hearthstone"
"D:\\WINDOWS\\system32\\dpvsetup.exe"="D:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"D:\\WINDOWS\\system32\\rundll32.exe"="D:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Run a DLL as an App"
"D:\\Program Files\\Winamp\\winamp.exe"="D:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"
"D:\\WINDOWS\\twain_32\\Samsung\\SLM2070\\ScanCDLM\\ScanCDLM.exe"="D:\\WINDOWS\\twain_32\\Samsung\\SLM2070\\ScanCDLM\\ScanCDLM.exe:*:Enabled:Samsung Scanner Discovery Module V3"
"D:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe"="D:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe:*:Enabled:Easy Printer Manager"
"D:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe"="D:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe:*:Enabled:EPM Order Supplies "
"D:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe"="D:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe:*:Enabled:EPM Alert "
"D:\\Program Files\\Samsung\\Easy Printer Manager\\uninstall.exe"="D:\\Program Files\\Samsung\\Easy Printer Manager\\uninstall.exe:*:Enabled:Samsung uninstaller "
"D:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe"="D:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe:*:Enabled:EPM CDA Scan2PC"
"D:\\Program Files\\Samsung\\Easy Document Creator\\EDC.exe"="D:\\Program Files\\Samsung\\Easy Document Creator\\EDC.exe:*:Enabled:Samsung Easy Document Creator"
"D:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\NetFaxMon.exe"="D:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\NetFaxMon.exe:LocalSubNet:Enabled:Samsung Network PC Fax Monitor"
"D:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.2717\\Agent.exe"="D:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.2717\\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.beta.2737\\Agent.exe"="D:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.beta.2737\\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\\Program Files\\HLSW\\hlsw.exe"="D:\\Program Files\\HLSW\\hlsw.exe:*:Enabled:HLSW Application"
"F:\\Game\\ETcko\\ET.exe"="F:\\Game\\ETcko\\ET.exe:*:Enabled:ET"
"D:\\Program Files\\mystarttb\\dtuser.exe"="D:\\Program Files\\mystarttb\\dtuser.exe:*:Enabled:MyStart Toolbar DTX Broker"
"D:\\Program Files\\mystarttb\\ToolbarCleaner.exe"="D:\\Program Files\\mystarttb\\ToolbarCleaner.exe:*:Enabled:ToolbarCleaner"
"D:\\Documents and Settings\\All Users\\Data aplikac\\EmailNotifier\\EmailNotifier.exe"="D:\\Documents and Settings\\All Users\\Data aplikac\\EmailNotifier\\EmailNotifier.exe:*:Enabled:Email Notifier"
"D:\\Program Files\\Java\\jre1.8.0_31\\launch4j-tmp\\frd.exe"="D:\\Program Files\\Java\\jre1.8.0_31\\launch4j-tmp\\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\\Program Files\\uTorrent\\uTorrent.exe"="D:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:uTorrent"
"D:\\Documents and Settings\\Ouki\\Data aplikac\\Spotify\\Spotify.exe"="D:\\Documents and Settings\\Ouki\\Data aplikac\\Spotify\\Spotify.exe:*:Enabled:Spotify"
"D:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.3427\\Agent.exe"="D:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.3427\\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\\Program Files\\Java\\jre1.8.0_51\\launch4j-tmp\\frd.exe"="D:\\Program Files\\Java\\jre1.8.0_51\\launch4j-tmp\\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"="D:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"D:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="D:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"D:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"="D:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"D:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="D:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
"D:\\Program Files\\Steam\\Steam.exe"="D:\\Program Files\\Steam\\Steam.exe:*:Enabled:Steam"
"D:\\Program Files\\Steam\\bin\\steamwebhelper.exe"="D:\\Program Files\\Steam\\bin\\steamwebhelper.exe:*:Enabled:Steam Web Helper"
"D:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="D:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"D:\\Program Files\\Mozilla Firefox\\firefox.exe"="D:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (D:\\Program Files\\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"58197:TCP"="58197:TCP:*:Enabled:Pando Media Booster"
"58197:UDP"="58197:UDP:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"58197:TCP"="58197:TCP:*:Enabled:Pando Media Booster"
"58197:UDP"="58197:UDP:*:Enabled:Pando Media Booster"
"139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: FRST log -> Poprosím o kontrolu.

Napsal: 23 pro 2015 21:56
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\...\Run: [SunJavaUpdateSched] => D:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF HKU\S-1-5-21-507921405-308236825-839522115-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - D:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
S4 IntelIde; no ImagePath
D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
D:\Documents and Settings\Ouki\Local Settings\Temp
AlternateDataStreams: D:\Documents and Settings\Ouki:gs5sys
AlternateDataStreams: D:\Documents and Settings\All Users\Šablony:gs5sys
AlternateDataStreams: D:\Documents and Settings\All Users\Data aplikací\desktop.ini:gs5sys
AlternateDataStreams: D:\Documents and Settings\All Users\Dokumenty\desktop.ini:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Cookies:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Plocha:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Šablony:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Data aplikací\desktop.ini:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Local Settings\Data aplikací:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Local Settings\History:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Dokumenty\desktop.ini:gs5sys
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp
D:\WINDOWS\inf\msstp.vbe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^McAfee Security Scan Plus.lnk
D:\PROGRA~1\MCAFEE~1\311~1.149\SSSCHE~1.EXE [x]
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: FRST log -> Poprosím o kontrolu.

Napsal: 23 pro 2015 23:11
od Ouki
Fix result of Farbar Recovery Scan Tool (x86) Version:23-12-2015
Ran by Ouki (2015-12-23 23:10:34) Run:1
Running from D:\Documents and Settings\Ouki\Plocha
Loaded Profiles: Ouki (Available Profiles: Ouki & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => D:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-507921405-308236825-839522115-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF HKU\S-1-5-21-507921405-308236825-839522115-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - D:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
S4 IntelIde; no ImagePath
D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
D:\Documents and Settings\Ouki\Local Settings\Temp
AlternateDataStreams: D:\Documents and Settings\Ouki:gs5sys
AlternateDataStreams: D:\Documents and Settings\All Users\Šablony:gs5sys
AlternateDataStreams: D:\Documents and Settings\All Users\Data aplikací\desktop.ini:gs5sys
AlternateDataStreams: D:\Documents and Settings\All Users\Dokumenty\desktop.ini:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Cookies:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Plocha:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Šablony:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Data aplikací\desktop.ini:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Local Settings\Data aplikací:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Local Settings\History:gs5sys
AlternateDataStreams: D:\Documents and Settings\Ouki\Dokumenty\desktop.ini:gs5sys
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp
D:\WINDOWS\inf\msstp.vbe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^McAfee Security Scan Plus.lnk
D:\PROGRA~1\MCAFEE~1\311~1.149\SSSCHE~1.EXE [x]
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-507921405-308236825-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-21-507921405-308236825-839522115-1003\Software\Mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8} => value removed successfully.
IntelIde => service removed successfully.
D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
D:\Documents and Settings\Ouki\Local Settings\Temp => moved successfully
D:\Documents and Settings\Ouki => ":gs5sys" ADS removed successfully..
D:\Documents and Settings\All Users\Šablony => ":gs5sys" ADS removed successfully..
D:\Documents and Settings\All Users\Data aplikací\desktop.ini => ":gs5sys" ADS removed successfully..
D:\Documents and Settings\All Users\Dokumenty\desktop.ini => ":gs5sys" ADS removed successfully..
D:\Documents and Settings\Ouki\Cookies => ":gs5sys" ADS removed successfully..
D:\Documents and Settings\Ouki\Plocha => ":gs5sys" ADS removed successfully..
D:\Documents and Settings\Ouki\Šablony => ":gs5sys" ADS removed successfully..
D:\Documents and Settings\Ouki\Data aplikací\desktop.ini => ":gs5sys" ADS removed successfully..
D:\Documents and Settings\Ouki\Local Settings\Data aplikací => ":gs5sys" ADS removed successfully..
D:\Documents and Settings\Ouki\Local Settings\History => ":gs5sys" ADS removed successfully..
D:\Documents and Settings\Ouki\Dokumenty\desktop.ini => ":gs5sys" ADS removed successfully..
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp => Error: No automatic fix found for this entry.
D:\WINDOWS\inf\msstp.vbe => moved successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^McAfee Security Scan Plus.lnk => Error: No automatic fix found for this entry.
"D:\PROGRA~1\MCAFEE~1\311~1.149\SSSCHE~1.EXE [x]" => not found.

==== End of Fixlog 23:10:34 ====

Re: FRST log -> Poprosím o kontrolu.

Napsal: 24 pro 2015 11:38
od Rudy
Smazáno. Nastala nějaká změna?

Re: FRST log -> Poprosím o kontrolu.

Napsal: 24 pro 2015 13:46
od Ouki
Těžko říct, počítač je stále spomalený. Nejvíce se projevuje při startu windows čekám řádově třeba 5minut nenaskáčou ikony. Ale to taky může být klidně příčina někde jinde. Jen nevím kde. Defragmentaci jsem není to tak dávno dělal. ALe je možné, že je tak nacpaný věcma, že to už nepomáhá je to spíš skladiště. Mám ho ještě od studentských let. Sám se divím, že ještě funguje po tolika letechco ho mám.

Re: FRST log -> Poprosím o kontrolu.

Napsal: 24 pro 2015 20:03
od Rudy
Ještě zkuste kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Re: FRST log -> Poprosím o kontrolu.

Napsal: 25 pro 2015 13:37
od Ouki
Zdravím při instalaci programu mi vypsalo tuto chybu, instalace se sice dokončila, ale program nejde spustit


Obrázek

Re: FRST log -> Poprosím o kontrolu.

Napsal: 25 pro 2015 18:47
od Rudy
Přehlédl jsem, že máte XP. Použijte tuto verzi: http://filehippo.com/download_malwareby ... are/14815/ .
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz