VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zpomalený počítač - prosím o kontrolu

https://forum.viry.cz:443/viewtopic.php?t=151611

Stránka 1 z 1

Zpomalený počítač - prosím o kontrolu

Napsal: 11 bře 2017 19:04
od craft
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2017
Ran by Lenka (administrator) on BEDROOM (11-03-2017 19:03:42)
Running from C:\Documents and Settings\Lenka\Plocha
Loaded Profiles: Lenka (Available Profiles: Lenka & MRP & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 7 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
(Microsoft Corporation) C:\WINDOWS\system32\inetsrv\inetinfo.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe
() C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Primax Electronics Ltd.) C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.exe
(LITE-ON TECHNOLOGY CORP.) C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\Skdaemon.exe
() C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\Lenka\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Daemon for Mouse Suite] => C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE [69632 2013-03-26] (Primax Electronics Ltd.)
HKLM\...\Run: [Enhanced Performance Keyboard] => C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe [3257344 2014-08-17] (LITE-ON TECHNOLOGY CORP.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20145368 2013-10-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-11] (AVAST Software)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2007-12-04] (ATI Technologies Inc.)
HKLM\...\Policies\Explorer: [NoDesktopCleanupWizard] 0
HKU\S-1-5-18\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-18\...\RunOnce: [tscuninstall] => C:\WINDOWS\system32\tscupgrd.exe [40960 2002-09-23] (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-03-11] (AVAST Software)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk [2009-06-28]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\Lenka\Nabídka Start\Programy\Po spuštění\subst.lnk [2016-07-11]
ShortcutTarget: subst.lnk -> C:\WINDOWS\system32\subst.exe (Microsoft Corporation)
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.195.165.131 192.168.21.3
Tcpip\..\Interfaces\{03884133-D6E7-4811-B44F-D17D5D4AB123}: [DhcpNameServer] 192.168.21.3 217.195.165.131 217.195.160.10
Tcpip\..\Interfaces\{36922D55-85E1-4B85-A607-DE383FCEFEAA}: [DhcpNameServer] 217.195.165.131 192.168.21.3
Tcpip\..\Interfaces\{5DB73A26-C691-40C0-845E-6D6761989555}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{8C0C08DC-FEB1-4373-A171-6562C75BBF67}: [DhcpNameServer] 212.24.128.8 192.168.21.3
Tcpip\..\Interfaces\{DF3368D8-38A8-4568-AF1A-167482009F86}: [DhcpNameServer] 217.195.165.131 192.168.21.3

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2052111302-1177238915-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2052111302-1177238915-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.cz/
HKU\S-1-5-21-2052111302-1177238915-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-2052111302-1177238915-725345543-1003 - Modul přiřazení adres URL - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2052111302-1177238915-725345543-1003 -> {01873D39-A25C-4528-9670-2B022F674CC2} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... Page}&rlz=
SearchScopes: HKU\S-1-5-21-2052111302-1177238915-725345543-1003 -> {90D3A80C-B9B6-4406-9080-679ACB5016E1} URL = hxxp://search.centrum.cz/index.php?charset=utf-8&q={searchTerms}&mt=2&mts=1&sec=mix&kibitz=0
SearchScopes: HKU\S-1-5-21-2052111302-1177238915-725345543-1003 -> {9B6970D9-FCFC-4AF8-B940-61B1E9A1207E} URL = hxxp://search.atlas.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2052111302-1177238915-725345543-1003 -> {F43C5C7D-B0AC-40FD-8D3A-6841B06379F4} URL = hxxp://search.seznam.cz/searchScreen?w={searchTerms}&mod=f
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2052111302-1177238915-725345543-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (SpoleÄŤnost Microsoft)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Lenka\Data aplikacĂ­\Mozilla\Firefox\Profiles\jsgszc6q.default-1469119246125 [2017-03-11]
FF Homepage: C:\Documents and Settings\Lenka\Data aplikacĂ­\Mozilla\Firefox\Profiles\jsgszc6q.default-1469119246125 -> hxxps://www.google.cz/
FF Extension: (Ghostery) - C:\Documents and Settings\Lenka\Data aplikacĂ­\Mozilla\Firefox\Profiles\jsgszc6q.default-1469119246125\Extensions\firefox@ghostery.com.xpi [2017-02-11]
FF Extension: (Session Manager) - C:\Documents and Settings\Lenka\Data aplikacĂ­\Mozilla\Firefox\Profiles\jsgszc6q.default-1469119246125\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2017-01-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-26] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2015-11-18] (Adobe Systems, Inc.)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2009-10-09] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2009-10-09] (RealNetworks, Inc.)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp(2).dll [2009-04-28] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2009-05-18] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-02-06] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2009-10-09] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2009-10-09] (RealNetworks, Inc.)

Chrome:
=======
CHR Profile: C:\Documents and Settings\Lenka\Local Settings\Data aplikacĂ­\Google\Chrome\User Data\Default [2017-03-11]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Lenka\Local Settings\Data aplikacĂ­\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-17]
CHR Extension: (Disk Google) - C:\Documents and Settings\Lenka\Local Settings\Data aplikacĂ­\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-17]
CHR Extension: (YouTube) - C:\Documents and Settings\Lenka\Local Settings\Data aplikacĂ­\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-17]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-17]
CHR Extension: (Avast Online Security (BETA)) - C:\Documents and Settings\Lenka\Local Settings\Data aplikacĂ­\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2017-02-23]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\Lenka\Local Settings\Data aplikacĂ­\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-17]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Lenka\Local Settings\Data aplikacĂ­\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-23]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Lenka\Local Settings\Data aplikacĂ­\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-08]
CHR Extension: (FormApps Chrome Extension) - C:\Documents and Settings\Lenka\Local Settings\Data aplikacĂ­\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2016-08-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Documents and Settings\Lenka\Local Settings\Data aplikacĂ­\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S4 ABRAG2AppServer; C:\ABRAG2\AppServerS.EXE [284160 2016-07-21] () [File not signed]
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 APCPBEAgent; C:\Program Files\APC\PowerChute Business Edition\agent\pbeagent.exe [34168 2011-01-26] (APC)
S3 APCPBEServer; C:\Program Files\APC\PowerChute Business Edition\server\pbeserver.exe [54728 2011-01-26] (APC)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5545144 2017-03-11] (AVAST Software s.r.o.)
S2 Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [405504 2007-12-04] (ATI Technologies Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-11] (AVAST Software)
R2 BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [166520 2007-09-30] ()
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe [81920 2009-07-22] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe [2736128 2009-07-22] (Firebird Project) [File not signed]
S2 gupdate1c9cbe97fcd4fb0; C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-02-17] (Google Inc.)
S3 HuaweiHiSuiteService.exe; C:\Documents and Settings\All Users\Data aplikacĂ­\HandSetService\HuaweiHiSuiteService.exe [161120 2012-05-03] ()
R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15872 2008-04-14] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [583680 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [637912 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S3 lmab_device; C:\WINDOWS\system32\LMabcoms.exe [491520 2005-06-14] () [File not signed]
R2 Sks8821; C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe [126464 2011-03-01] () [File not signed]
R2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15872 2008-04-14] (Microsoft Corporation)
R2 Start BT in service; C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [51816 2007-09-30] ()
R3 TermService; C:\WINDOWS\System32\termsrv.dll [295936 2014-09-21] (Microsoft Corporation) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
R2 W3SVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15872 2008-04-14] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriverx.sys [257288 2017-03-11] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidshx.sys [148720 2017-03-11] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswblogx.sys [267016 2017-03-11] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbunivx.sys [41176 2017-03-11] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [34136 2017-03-11] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [106392 2017-03-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [60632 2017-03-11] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [62152 2017-03-11] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [756200 2017-03-11] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [465024 2017-03-11] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [184208 2017-03-11] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [278776 2017-03-11] (AVAST Software)
R3 BlueletAudio; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [34312 2007-06-24] (IVT Corporation.)
R3 BlueletSCOAudio; C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys [27656 2007-06-24] (IVT Corporation.)
R3 BT; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [18320 2007-03-05] (IVT Corporation.)
S3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [38920 2007-06-24] (IVT Corporation.)
R0 BTHidEnum; C:\WINDOWS\System32\Drivers\vbtenum.sys [20880 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [35600 2007-03-05] (IVT Corporation.)
S3 BTNetFilter; C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys [22416 2006-11-22] (IVT Corporation.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 CrystalSysInfo; C:\Program Files\MediaCoder\SysInfo.sys [15152 2007-09-25] ()
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [37344 2013-06-14] () [File not signed]
S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [57800 2009-10-22] (FTDI Ltd.)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 ibmasr; C:\WINDOWS\System32\DRIVERS\ibmasr.sys [24992 2004-05-05] (IBM Corporation) [File not signed]
R0 imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [5504 2004-03-03] (Ahead Software AG) [File not signed]
R0 imagesrv; C:\WINDOWS\System32\DRIVERS\imagesrv.sys [125184 2004-03-03] (Ahead Software AG) [File not signed]
R3 IntcDAud; C:\WINDOWS\System32\DRIVERS\IntcDAud.sys [270080 2011-12-06] (Intel(R) Corporation) [File not signed]
S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [145280 2013-08-04] (ITE )
R3 MEI; C:\WINDOWS\System32\DRIVERS\HECI.sys [56432 2013-03-12] (Intel Corporation)
S3 mod7700; C:\WINDOWS\System32\DRIVERS\mod7700.sys [553344 2007-10-03] (DiBcom SA) [File not signed]
S3 MODRC; C:\WINDOWS\System32\DRIVERS\modrc.sys [13824 2007-07-11] (DiBcom S.A.) [File not signed]
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R2 NvNdis; C:\WINDOWS\system32\Drivers\NvNdis.sys [14848 2004-12-13] (NVIDIA Corporation.) [File not signed]
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [9856 2004-10-11] (Padus, Inc.) [File not signed]
S3 rtl8029; C:\WINDOWS\System32\DRIVERS\RTL8029.SYS [19017 2001-08-17] (Realtek Semiconductor Corporation)
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\System32\DRIVERS\Smb_driver_Intel.sys [28656 2013-07-09] (Synaptics Incorporated)
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R3 teamviewervpn; C:\WINDOWS\System32\DRIVERS\teamviewervpn.sys [25088 2012-09-12] (TeamViewer GmbH)
S3 UKBFLT; C:\WINDOWS\System32\DRIVERS\UKBFLT.sys [11672 2003-12-19] (Chicony)
R3 VComm; C:\WINDOWS\System32\DRIVERS\VComm.sys [34448 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\WINDOWS\System32\Drivers\VcommMgr.sys [44304 2007-03-05] (IVT Corporation.)
S3 VNUWL5B; C:\WINDOWS\System32\DRIVERS\VNUWL5B.SYS [135168 2006-09-19] (VIA Networking Technologies, Inc. )
S3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [248832 2006-07-26] (Marvell)
S1 {6080A529-897E-4629-A488-ABA0C29B635E}; C:\WINDOWS\System32\drivers\ialmsbw.sys [90336 2002-05-22] (Intel Corporation)
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}; C:\WINDOWS\System32\drivers\ialmkchw.sys [69504 2002-05-22] (Intel Corporation)
S3 aeaudio; system32\drivers\aeaudio.sys [X]
S3 catchme; \??\C:\DOCUME~1\Lenka\LOCALS~1\Temp\catchme.sys [X]
S3 cpuz134; \??\C:\DOCUME~1\Lenka\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S3 DSAPMem; \??\C:\Program Files\IBM\DSA\pmemnt.sys [X]
S3 EL90XBC; system32\DRIVERS\el90xbc5.sys [X]
S3 esihdrv; \??\C:\DOCUME~1\Lenka\LOCALS~1\Temp\esihdrv.sys [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.)
S1 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
S3 MidiSyn; system32\drivers\MidiSyn.sys [X]
S3 PCIDATA; \??\D:\PCIDATA.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 senfilt; system32\drivers\senfilt.sys [X]
S3 smwdm; system32\drivers\smwdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-11 18:50 - 2017-03-11 18:50 - 00003362 _____ C:\Documents and Settings\Lenka\Dokumenty\cc_20170311_185032.reg
2017-03-11 18:33 - 2017-03-11 18:55 - 00000358 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job
2017-03-11 18:33 - 2017-03-11 18:31 - 00267016 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswblogx.sys
2017-03-11 18:33 - 2017-03-11 18:31 - 00257288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdriverx.sys
2017-03-11 18:33 - 2017-03-11 18:31 - 00148720 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidshx.sys
2017-03-11 18:33 - 2017-03-11 18:31 - 00041176 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbunivx.sys
2017-03-11 18:32 - 2017-03-11 18:32 - 00328208 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-03-11 16:51 - 2017-03-11 19:04 - 00023957 _____ C:\Documents and Settings\Lenka\Plocha\FRST.txt
2017-03-11 16:50 - 2017-03-11 19:03 - 00000000 ____D C:\FRST
2017-03-11 16:50 - 2017-03-11 16:50 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Lenka\Plocha\FRSTLauncher.exe
2017-03-11 16:49 - 2017-03-11 16:49 - 01766912 _____ (Farbar) C:\Documents and Settings\Lenka\Plocha\FRST.exe
2017-03-11 13:03 - 2017-03-11 13:03 - 00399360 _____ C:\Documents and Settings\Lenka\Plocha\Duchodova_kalkulacka_161122.xls
2017-03-02 19:32 - 2017-03-02 19:32 - 00000000 ____D C:\WINDOWS\system32\%APPDATA%
2017-03-02 19:29 - 2017-03-02 19:31 - 57131432 _____ (Malwarebytes ) C:\Documents and Settings\Lenka\Plocha\mb3-setup-adwcl.adwcl-3.0.6.1469-1075.exe
2017-03-02 19:23 - 2017-03-11 16:44 - 00000000 ____D C:\AdwCleaner
2017-03-02 19:23 - 2017-03-02 19:23 - 04031440 _____ C:\Documents and Settings\Lenka\Plocha\adwcleaner_6.044.exe
2017-03-02 19:14 - 2017-03-02 19:14 - 00015235 _____ C:\ComboFix.txt
2017-03-02 19:14 - 2017-03-02 19:14 - 00000000 ____D C:\Documents and Settings\Nikola\Local Settings\temp
2017-03-02 19:14 - 2017-03-02 19:14 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2017-03-02 19:14 - 2017-03-02 19:14 - 00000000 ____D C:\Documents and Settings\MRP\Local Settings\temp
2017-03-02 19:14 - 2017-03-02 19:14 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2017-03-02 19:14 - 2017-03-02 19:14 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\temp
2017-03-02 19:14 - 2017-03-02 19:14 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2017-02-21 23:53 - 2017-02-21 23:53 - 00008192 __RSH C:\BOOTSECT.BAK

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-11 19:04 - 2014-05-19 21:56 - 00000000 ____D C:\Documents and Settings\Lenka\Local Settings\temp
2017-03-11 19:03 - 2008-02-18 23:35 - 00000000 ___HD C:\Documents and Settings\Lenka\Local Settings\Data aplikacĂ­
2017-03-11 19:03 - 2008-02-18 23:35 - 00000000 ____D C:\Documents and Settings\Lenka\Plocha
2017-03-11 19:00 - 2012-01-17 01:17 - 00002485 ____C C:\Documents and Settings\Lenka\Plocha\WinXP Manager.lnk
2017-03-11 19:00 - 2009-01-18 20:17 - 00000000 ____D C:\Documents and Settings\Lenka\Local Settings\Data aplikacĂ­\ApplicationHistory
2017-03-11 18:59 - 2008-02-18 23:18 - 01319622 ____C C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-11 18:59 - 2008-02-18 23:12 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-03-11 18:59 - 2002-09-23 12:00 - 00549484 ____C C:\WINDOWS\system32\perfh005.dat
2017-03-11 18:59 - 2002-09-23 12:00 - 00120672 ____C C:\WINDOWS\system32\perfc005.dat
2017-03-11 18:57 - 2016-02-17 22:35 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-03-11 18:56 - 2002-09-23 12:00 - 00011936 ____C C:\WINDOWS\system32\wpa.dbl
2017-03-11 18:55 - 2016-02-17 22:35 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-03-11 18:55 - 2014-03-14 10:09 - 00000222 ____C C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2017-03-11 18:55 - 2008-02-18 22:44 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2017-03-11 18:54 - 2008-02-18 23:35 - 00000178 __SHC C:\Documents and Settings\Lenka\ntuser.ini
2017-03-11 18:54 - 2008-02-18 22:44 - 00032512 _____ C:\WINDOWS\SchedLgU.Txt
2017-03-11 18:50 - 2008-02-18 23:35 - 00000000 ___RD C:\Documents and Settings\Lenka\Dokumenty
2017-03-11 18:49 - 2011-09-08 09:33 - 00000000 ____D C:\Documents and Settings\Lenka\Data aplikacĂ­\uTorrent
2017-03-11 18:48 - 2016-07-21 17:44 - 00000914 ____C C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-11 18:44 - 2010-12-08 08:51 - 00000682 ____C C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2017-03-11 18:37 - 2008-02-18 23:35 - 00000000 __RHD C:\Documents and Settings\Lenka\Data aplikacĂ­
2017-03-11 18:36 - 2008-02-18 23:35 - 00000000 ____D C:\Documents and Settings\Lenka
2017-03-11 18:34 - 2008-02-18 23:17 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikacĂ­
2017-03-11 18:34 - 2008-02-18 23:12 - 00000000 ___HD C:\WINDOWS\inf
2017-03-11 18:33 - 2016-07-19 21:27 - 00465024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2017-03-11 18:33 - 2013-07-14 14:15 - 00000000 ____D C:\MrpWin
2017-03-11 18:33 - 2008-02-18 23:18 - 00000000 ____D C:\Documents and Settings\All Users\NabĂ­dka Start\Programy
2017-03-11 18:32 - 2016-07-19 21:27 - 00278776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-03-11 18:32 - 2016-07-19 21:27 - 00184208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2017-03-11 18:32 - 2016-07-19 21:27 - 00106392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-11 18:32 - 2016-07-19 21:27 - 00062152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-11 18:32 - 2016-07-19 21:27 - 00060632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2017-03-11 18:32 - 2016-07-19 21:27 - 00034136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-11 18:31 - 2016-07-19 21:27 - 00756200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-03-11 16:28 - 2008-02-19 02:11 - 00000000 ____D C:\Documents and Settings\Lenka\Data aplikacĂ­\Adobe
2017-03-11 16:28 - 2008-02-19 01:46 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikacĂ­\Adobe
2017-03-11 13:23 - 2008-04-08 09:51 - 00001776 ____C C:\WINDOWS\system32\LexFiles.usr
2017-03-11 11:07 - 2008-10-26 13:45 - 00000000 ____D C:\Documents and Settings\Lenka\Data aplikacĂ­\TeamViewer
2017-03-11 11:06 - 2014-09-14 12:49 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-03-10 10:00 - 2008-02-19 00:04 - 00000000 ____D C:\Lenka
2017-03-10 09:29 - 2016-11-18 10:50 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-03-08 15:00 - 2014-03-14 10:09 - 00000216 ____C C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2017-03-08 11:17 - 2008-02-19 00:59 - 00002545 ____C C:\Documents and Settings\All Users\NabĂ­dka Start\Programy\Microsoft Word.lnk
2017-03-08 02:31 - 2013-12-29 12:49 - 00000000 ____D C:\Documents and Settings\Lenka\Data aplikacĂ­\vlc
2017-03-05 20:11 - 2008-02-18 23:35 - 00000000 ___HD C:\Documents and Settings\Lenka\OkolnĂ­ sĂ­ĹĄ
2017-03-04 23:16 - 2008-02-18 23:59 - 00005208 ____C C:\WINDOWS\wincmd.ini
2017-03-02 19:34 - 2013-10-16 18:20 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikacĂ­\Malwarebytes
2017-03-02 19:34 - 2008-02-18 23:18 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2017-03-02 19:24 - 2008-09-22 12:57 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikacĂ­\ICQ
2017-03-02 19:14 - 2012-11-01 21:45 - 00000000 ____D C:\Qoobox
2017-03-02 19:12 - 2002-09-23 12:00 - 00000227 _____ C:\WINDOWS\system.ini
2017-03-02 19:02 - 2012-11-01 21:31 - 05660168 ____R (Swearware) C:\Documents and Settings\Lenka\Plocha\ComboFix.exe
2017-02-28 10:27 - 2011-10-07 23:23 - 00000000 ____D C:\Documents and Settings\Lenka\Data aplikacĂ­\YouTube Downloader
2017-02-20 09:31 - 2008-02-19 02:10 - 00000000 ____D C:\Documents and Settings\Lenka\Local Settings\Data aplikacĂ­\Adobe
2017-02-20 09:30 - 2008-02-18 23:39 - 00000000 __SHD C:\Documents and Settings\Lenka\UserData
2017-02-19 13:09 - 2008-02-18 22:32 - 00000000 ____D C:\WINDOWS\system32\Macromed

==================== Files in the root of some directories =======

2015-05-15 19:04 - 2015-05-15 19:04 - 0000000 ____C () C:\Program Files\GUM6F.tmp
2008-04-19 11:06 - 2016-07-15 09:19 - 0070656 ____C () C:\Documents and Settings\Lenka\Local Settings\Data aplikacĂ­\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-08 10:16 - 2011-09-08 10:16 - 0085519 ____C () C:\Documents and Settings\Lenka\Local Settings\Data aplikacĂ­\FASTWiz.log
2009-01-18 20:17 - 2009-01-18 20:17 - 0000125 ____C () C:\Documents and Settings\Lenka\Local Settings\Data aplikacĂ­\fusioncache.dat
2010-07-05 16:55 - 2010-07-05 16:56 - 0007168 ____C () C:\Documents and Settings\All Users\Data aplikacĂ­\ppe_fleetdb.vdb

Some zero byte size files/folders:
==========================
C:\Windows\logo1_.exe
C:\Windows\rundl132.dll
C:\Windows\rundll16.exe
C:\Windows\zts2.exe
C:\Windows\System32\iifgfgf.dll
C:\Windows\System32\vcmgcd32.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:74.54 GB) (Free:26.69 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive e: () (Fixed) (Total:78.13 GB) (Free:26.06 GB) NTFS
Drive f: (NovĂ˝ svazek) (Fixed) (Total:145.42 GB) (Free:27.04 GB) NTFS
Drive u: () (Fixed) (Total:74.54 GB) (Free:26.69 GB) NTFS

Available physical RAM: 2528.16 MB
Total physical RAM: 3499.34 MB
Percentage of memory in use: 27%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 3F23B61A)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=145.4 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Avast Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\shutdown.job => C:\Windows\system32\shutdown.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {7591db91-41f0-48a3-b128-1a293fd8233d}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Lenka\Plocha" je 277 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
DisableUnicastResponsesToMulticastBroadcast REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
DisableUnicastResponsesToMulticastBroadcast REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\ICQ7.4\\ICQ.exe"="C:\\Program Files\\ICQ7.4\\ICQ.exe:*:Enabled:ICQ7.4"
"C:\\Program Files\\Dropbox\\Client\\Dropbox.exe"="C:\\Program Files\\Dropbox\\Client\\Dropbox.exe:*:Enabled:Dropbox"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\system32\\LMabcoms.exe"="C:\\WINDOWS\\system32\\LMabcoms.exe:*:Enabled:Lexmark Enhanced TCP/IP"
"C:\\Program Files\\StrongDC++\\rc10\\StrongDC.exe"="C:\\Program Files\\StrongDC++\\rc10\\StrongDC.exe:*:Enabled:StrongDC++"
"C:\\totalcmd\\TOTALCMD.EXE"="C:\\totalcmd\\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Program Files\\Voipwise.com\\Voipwise\\Voipwise.exe"="C:\\Program Files\\Voipwise.com\\Voipwise\\Voipwise.exe:*:Enabled:Voipwise"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\ICQ7.4\\ICQ.exe"="C:\\Program Files\\ICQ7.4\\ICQ.exe:*:Enabled:ICQ7.4"
"C:\\Program Files\\StrongDC++\\StrongDC.exe"="C:\\Program Files\\StrongDC++\\StrongDC.exe:*:Enabled:StrongDC++"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\APC\\PowerChute Business Edition\\agent\\pbeagent.exe"="C:\\Program Files\\APC\\PowerChute Business Edition\\agent\\pbeagent.exe:*:Enabled:PowerChute Business Edition Agent"
"C:\\Program Files\\APC\\PowerChute Business Edition\\server\\pbeserver.exe"="C:\\Program Files\\APC\\PowerChute Business Edition\\server\\pbeserver.exe:*:Enabled:PowerChute Business Edition Server"
"C:\\Program Files\\Java\\jre7\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre7\\bin\\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\WINDOWS\\system32\\muzapp.exe"="C:\\WINDOWS\\system32\\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\\Program Files\\Common Files\\soft602\\langserv.exe"="C:\\Program Files\\Common Files\\soft602\\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\\Documents and Settings\\Lenka\\Data aplikací\\uTorrent\\utorrent.exe"="C:\\Documents and Settings\\Lenka\\Data aplikací\\uTorrent\\utorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 5\\jrmcp.exe"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 5\\jrmcp.exe:*:Enabled:Replay Media Catcher 5"
"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 5\\jbp.exe"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 5\\jbp.exe:*:Enabled:Replay Media Catcher 5 Guide Module"
"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 5\\jwmpp.exe"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 5\\jwmpp.exe:*:Enabled:Replay Media Catcher 5 Player Module"
"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 5\\ffmpeg.exe"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 5\\ffmpeg.exe:*:Enabled:Replay Media Catcher 5 HLS Module"
"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 5\\aria2c.exe"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 5\\aria2c.exe:*:Enabled:Replay Media Catcher 5 Torrent Module"
"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 5\\qtCopy.exe"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 5\\qtCopy.exe:*:Enabled:Replay Media Catcher 5 QT Module"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"="C:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"="C:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
"3389:TCP"="3389:TCP:*:Disabled:@xpsp2res.dll,-22009"
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
"3389:TCP"="3389:TCP:*:Disabled:@xpsp2res.dll,-22009"
"5985:TCP"="5985:TCP:*:Disabled:Vzdálená správa systému Windows "


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Zpomalený počítač - prosím o kontrolu

Napsal: 11 bře 2017 20:10
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Zpomalený počítač - prosím o kontrolu

Napsal: 12 bře 2017 12:52
od craft
# AdwCleaner v6.044 - Log vytvořen 12/03/2017 v 12:51:40
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-02-28.2 [Místní]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : Lenka - BEDROOM
# Spuštěno z : C:\Documents and Settings\Lenka\Plocha\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****



***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [828 Bajty] - [12/03/2017 12:51:40]
C:\AdwCleaner\AdwCleaner[S0].txt - [1399 Bajty] - [12/03/2017 12:51:28]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [973 Bajty] ##########

Re: Zpomalený počítač - prosím o kontrolu

Napsal: 12 bře 2017 13:10
od Rudy
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2052111302-1177238915-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

EmptyTemp:
Resethosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Zpomalený počítač - prosím o kontrolu

Napsal: 12 bře 2017 14:13
od craft
Fix result of Farbar Recovery Scan Tool (x86) Version: 11-03-2017
Ran by Lenka (12-03-2017 14:08:10) Run:1
Running from C:\Documents and Settings\Lenka\Plocha
Loaded Profiles: Lenka (Available Profiles: Lenka & MRP & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2052111302-1177238915-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

EmptyTemp:
Resethosts:
End
*****************

C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully.
HKU\S-1-5-21-2052111302-1177238915-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => not found.
Resethosts: => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 25139 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 16384 B
Java, Flash, Steam htmlcache => 1529534 B
Windows/system/dllcache/drivers => 49635 B
Edge => 0 B
Chrome => 302843305 B
Firefox => 402232873 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 293 B
All Users => 0 B
systemprofile => 139342904 B
LocalService => 510 B
NetworkService => 360 B
Lenka => 1523747 B
Nikola => 845 B
MRP => 443 B
Administrator => 510 B

RecycleBin => 0 B
EmptyTemp: => 808.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:08:43 ====

Re: Zpomalený počítač - prosím o kontrolu

Napsal: 12 bře 2017 18:03
od Rudy
Smazáno. Nastala nějaká změna?

Re: Zpomalený počítač - prosím o kontrolu

Napsal: 12 bře 2017 19:16
od craft
Ano, odezva na na příkazy se zkrátila.

Re: Zpomalený počítač - prosím o kontrolu

Napsal: 12 bře 2017 19:43
od Rudy
Tak to jsem rád. :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz