Zvukové zařízení neexistuje, sndvol32

[Blinkoka]

Dobrý den,
při spuštění PC jako administrátor mi na hlavním panelu zatuhla ikona hlasitosti, v ovládacích panelech ve zvucích a zvukových zařízeních mi to psalo, že zvukové zařízení neexistuje a ve správci úloh se, tuším, několikanásobně spustil proces sndvol32. Poté se počítač začal chovat podivně a začal vydávat zvláštní zvuky, tak jsem ho radši vypnul. Ted' jsem přihlášen jako uživatel s omezenými oprávněními, zvuk mi zatím vůbec nefunguje.

Zde je log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17.02.2018
Ran by Antim (ATTENTION: The user is not administrator) on COMPUTER-B59025 (18-02-2018 14:55:51)
Running from C:\Documents and Settings\Antim\Plocha
Loaded Profiles: Antim (Available Profiles: Name & Antim)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> winlogon.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> AvastSvc.exe
Failed to access process -> spoolsv.exe
Failed to access process -> svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastUI.exe
Failed to access process -> Agent.exe
(Microsoft Corporation) E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
Failed to access process -> NvNetworkService.exe
Failed to access process -> nvsvc32.exe
Failed to access process -> svchost.exe
Failed to access process -> wuauclt.exe
Failed to access process -> CALMAIN.exe
Failed to access process -> TodoBackupService.exe
Failed to access process -> alg.exe
Failed to access process -> wmiprvse.exe
(Mozilla Corporation) E:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\Antim\Plocha\FRSTLauncher.exe
Failed to access process -> wmiprvse.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [JMB36X IDE Setup] => C:\WINDOWS\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM\...\Run: [36X Raid Configurer] => C:\WINDOWS\system32\xRaidSetup.exe [1953792 2007-03-21] (JMicron Technology Corp.)
HKLM\...\Run: [AvastUI.exe] => E:\Program Files\AVAST Software\Avast\AvLaunch.exe [243496 2018-02-14] (AVAST Software)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2591888 2016-07-11] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [Jet Detection] => C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [28672 2001-11-29] ()
HKLM\...\Run: [KeePass 2 PreLoad] => E:\Program Files\KeePass Password Safe 2\KeePass.exe [2867712 2017-01-09] (Dominik Reichl)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16126464 2007-03-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKU\S-1-5-21-1844237615-484763869-1801674531-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7814656 2017-10-18] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [_nltide_2] => regsvr32 /s /n /i:U shell32
Startup: C:\Documents and Settings\Antim\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2017-12-20]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{242990B7-B62B-4AC4-999F-CF622C6D68DA}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKU\S-1-5-21-1844237615-484763869-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-14] (AVAST Software)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Antim\Data aplikací\Mozilla\Firefox\Profiles\pbwkgiuu.default [2018-02-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2017-12-21] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin: Adobe Reader -> E:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - E:\Program Files\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"TlntSvr" => service could not be unlocked. <==== ATTENTION
"WmiApRpl" => service could not be unlocked. <==== ATTENTION

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-02-07] (Adobe Systems Incorporated) [File not signed]
S3 aswbIDSAgent; E:\Program Files\AVAST Software\Avast\aswidsagent.exe [5931184 2018-02-14] (AVAST Software)
R2 avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [300600 2018-02-14] (AVAST Software)
R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96334 2009-09-08] (Canon Inc.) [File not signed]
S3 Disc Soft Lite Bus Service; E:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1082560 2016-03-03] (Disc Soft Ltd) [File not signed]
R2 EaseUS Agent; E:\Program Files\EaseUS\Todo Backup\bin\Agent.exe [40128 2017-06-19] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 Microsoft Office Groove Audit Service; E:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [65824 2006-10-27] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [164928 2018-02-14] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [255584 2018-01-04] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [157376 2018-01-04] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [276696 2018-01-04] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [50344 2018-01-04] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [150808 2018-02-14] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42808 2018-02-14] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [124392 2018-02-14] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70576 2018-02-14] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [70816 2018-02-14] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [783600 2018-02-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [391344 2018-02-14] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [205344 2018-02-14] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [310784 2018-02-14] (AVAST Software)
R3 AtcL001; C:\WINDOWS\System32\DRIVERS\atl01_xp.sys [38656 2007-03-15] (Attansic Technology corporation.)
S3 ctljystk; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\DRIVERS\dtlitescsibus.sys [26168 2017-11-11] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\DRIVERS\dtliteusbbus.sys [40504 2017-11-11] (Disc Soft Ltd)
S3 emu10k; C:\WINDOWS\System32\drivers\emu10k1m.sys [283904 2001-08-17] (Creative Technology Ltd.)
S3 emu10k1; C:\WINDOWS\System32\drivers\ctlfacem.sys [6912 2001-08-17] (Creative Technology Ltd.)
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [57080 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [45816 2016-12-06] () [File not signed]
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [19960 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [193784 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [998004 2002-07-24] (Creative Technology Ltd)
R0 JGOGO; C:\WINDOWS\System32\DRIVERS\JGOGO.sys [6912 2006-02-07] (JMicron )
R0 JRAID; C:\WINDOWS\System32\DRIVERS\jraid.sys [46208 2007-03-24] (JMicron Technology Corp.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [145608 2016-07-11] (NVIDIA Corporation)
S3 sfman; C:\WINDOWS\System32\drivers\sfmanm.sys [36480 2001-08-17] (Creative Technology Ltd.)
S4 IntelIde; no ImagePath
S5 TlntSvr; <==== ATTENTION: Locked Service
U5 WmiApRpl; <==== ATTENTION: Locked Service
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-18 14:55 - 2018-02-18 14:56 - 000012198 _____ C:\Documents and Settings\Antim\Plocha\FRST.txt
2018-02-18 14:54 - 2018-02-18 14:55 - 000000000 ____D C:\FRST
2018-02-18 14:46 - 2018-02-18 14:46 - 000112640 _____ (forum.viry.cz) C:\Documents and Settings\Antim\Plocha\FRSTLauncher.exe
2018-02-18 14:43 - 2018-02-18 14:43 - 001763840 _____ (Farbar) C:\Documents and Settings\Antim\Plocha\FRST.exe
2018-02-15 21:04 - 2018-02-15 21:04 - 000000000 ____D C:\Documents and Settings\Antim\Local Settings\Data aplikací\ESET
2018-02-15 19:52 - 2018-02-15 19:52 - 003373917 _____ C:\WINDOWS\{00000004-00000000-00000000-00001102-00000002-80271102}.BAK
2018-02-15 19:45 - 2018-02-15 19:45 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HD Tune
2018-02-15 19:13 - 2018-02-15 19:15 - 000000000 ____D C:\WINDOWS\pss
2018-02-14 20:06 - 2018-02-14 20:05 - 000319392 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-02-04 00:07 - 2018-02-04 00:07 - 000000589 _____ C:\Documents and Settings\Antim\Plocha\Zástupce - L2.lnk
2018-01-27 21:34 - 2018-01-27 21:34 - 000000000 __SHD C:\Documents and Settings\Antim\PrivacIE

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-18 14:56 - 2017-11-02 15:47 - 000000000 ____D C:\Documents and Settings\Antim\Local Settings\Temp
2018-02-18 14:55 - 2017-11-02 15:47 - 000000000 ____D C:\Documents and Settings\Antim\Plocha
2018-02-18 14:54 - 2017-11-02 15:47 - 000000000 ___HD C:\Documents and Settings\Antim\Local Settings\Data aplikací
2018-02-18 14:53 - 2017-11-03 20:44 - 000003160 _____ C:\WINDOWS\system32\nvAppTimestamps
2018-02-18 14:51 - 2017-11-11 21:28 - 000000326 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2018-02-18 14:51 - 2017-11-02 17:01 - 000000220 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-02-18 14:51 - 2017-11-02 15:24 - 000000358 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job
2018-02-18 14:51 - 2017-11-02 13:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-18 14:50 - 2017-11-03 22:19 - 000016324 _____ C:\WINDOWS\system32\BMXStateBkp-{00000004-00000000-00000000-00001102-00000002-80271102}.rfx
2018-02-18 14:50 - 2017-11-03 22:19 - 000016324 _____ C:\WINDOWS\system32\BMXState-{00000004-00000000-00000000-00001102-00000002-80271102}.rfx
2018-02-18 14:50 - 2017-11-03 22:19 - 000001080 _____ C:\WINDOWS\system32\settingsbkup.sfm
2018-02-18 14:50 - 2017-11-03 22:19 - 000001080 _____ C:\WINDOWS\system32\settings.sfm
2018-02-18 14:50 - 2017-11-03 22:19 - 000000024 _____ C:\WINDOWS\system32\DVCStateBkp-{00000004-00000000-00000000-00001102-00000002-80271102}.dat
2018-02-18 14:50 - 2017-11-03 22:19 - 000000024 _____ C:\WINDOWS\system32\DVCState-{00000004-00000000-00000000-00001102-00000002-80271102}.dat
2018-02-18 14:50 - 2017-11-03 20:39 - 000024264 _____ C:\WINDOWS\system32\BMXCtrlState-{00000004-00000000-00000000-00001102-00000002-80271102}.rfx
2018-02-18 14:50 - 2017-11-03 20:39 - 000024264 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000004-00000000-00000000-00001102-00000002-80271102}.rfx
2018-02-18 14:50 - 2017-11-02 15:47 - 000000178 ___SH C:\Documents and Settings\Antim\ntuser.ini
2018-02-18 14:50 - 2017-11-02 15:47 - 000000000 ____D C:\Documents and Settings\Antim
2018-02-18 14:50 - 2017-11-02 13:55 - 000032638 _____ C:\WINDOWS\SchedLgU.Txt
2018-02-17 20:23 - 2001-10-25 12:00 - 000002206 _____ C:\WINDOWS\system32\wpa.dbl
2018-02-16 10:14 - 2017-11-03 23:23 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2018-02-15 20:51 - 2017-11-02 13:57 - 000000000 ____D C:\Documents and Settings\Name
2018-02-15 19:52 - 2017-11-03 20:40 - 003373917 _____ C:\WINDOWS\{00000004-00000000-00000000-00001102-00000002-80271102}.CDF
2018-02-15 19:45 - 2017-11-02 15:00 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-02-15 19:45 - 2017-11-02 14:42 - 000000000 ___HD C:\Documents and Settings\All Users\Data aplikací
2018-02-15 19:45 - 2017-11-02 14:42 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2018-02-15 19:45 - 2017-11-02 13:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-15 19:44 - 2017-11-02 14:38 - 000000000 ___HD C:\WINDOWS\inf
2018-02-15 19:16 - 2017-11-02 14:41 - 000000239 ___SH C:\boot.ini
2018-02-15 19:16 - 2001-10-25 12:00 - 000000552 _____ C:\WINDOWS\win.ini
2018-02-15 19:16 - 2001-10-25 12:00 - 000000227 _____ C:\WINDOWS\system.ini
2018-02-14 20:05 - 2018-01-04 19:29 - 000150808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-02-14 20:05 - 2017-11-09 22:34 - 000164928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-02-14 20:05 - 2017-11-02 15:23 - 000205344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2018-02-14 20:05 - 2017-11-02 14:49 - 000783600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-02-14 20:05 - 2017-11-02 14:49 - 000391344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-02-14 20:05 - 2017-11-02 14:49 - 000310784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-02-14 20:05 - 2017-11-02 14:49 - 000124392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-02-14 20:05 - 2017-11-02 14:49 - 000070816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-02-14 20:05 - 2017-11-02 14:49 - 000070576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2018-02-14 20:05 - 2017-11-02 14:49 - 000042808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-02-13 23:32 - 2017-11-12 14:47 - 000000000 ____D C:\Documents and Settings\Antim\Data aplikací\KeePass
2018-02-12 08:56 - 2017-11-09 20:19 - 000000000 ____D C:\Documents and Settings\Antim\Data aplikací\vlc
2018-02-09 22:24 - 2017-11-02 17:01 - 000000214 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-02-07 09:14 - 2017-11-04 22:14 - 006165504 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2018-02-07 09:14 - 2017-11-03 23:23 - 000803328 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2018-02-07 09:14 - 2017-11-03 23:23 - 000144896 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job =>
Task: C:\WINDOWS\Tasks\Avast Emergency Update.job =>
Task: C:\WINDOWS\Tasks\CCleaner Update.job =>
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job =>
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job =>

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {7591db91-41f0-48a3-b128-1a293fd8233d}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Antim\Plocha" je 1 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe"="C:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS)"
"D:\\Hry\\Counter-Strike 1.6\\hl.exe"="D:\\Hry\\Counter-Strike 1.6\\hl.exe:*:Disabled:Half-Life Launcher"
"E:\\Program Files\\EaseUS\\Todo Backup\\bin\\TbService.exe"="E:\\Program Files\\EaseUS\\Todo Backup\\bin\\TbService.exe:*:Enabled:TbService.exe"
"E:\\Program Files\\EaseUS\\Todo Backup\\bin\\TBConsoleUI.exe"="E:\\Program Files\\EaseUS\\Todo Backup\\bin\\TBConsoleUI.exe:*:Enabled:Local TBConsoleUI.exe"
"E:\\Program Files\\EaseUS\\Todo Backup\\bin\\TodoBackupService.exe"="E:\\Program Files\\EaseUS\\Todo Backup\\bin\\TodoBackupService.exe:*:Enabled:Local TodoBackupService.exe"
"E:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="E:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"E:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="E:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"E:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="E:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"E:\\Program Files\\Mozilla Firefox\\firefox.exe"="E:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (E:\\Program Files\\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Děkuji.

[Rudy]

Zdravím!
Zkuste nejprve obnovu systému k datu, kdy korektně fungoval.

[Blinkoka]

Onovení systému jsem zkoušel 2x. Napsalo mi to, že nedošlo k obnovení systému. Jinak jsem chtěl ještě dodat, že občas při startu PC se spouštěl pomalu firewall, hlásilo mi to, že počítač může být ohrožen, nakonec se ale firewall spustil. Děkuji.

[Rudy]

OK. Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[Blinkoka]

Ta nejnovější verze AdwCleaneru mi nešla spustit, tak jsem si musel stáhnout verzi 6.044.

# AdwCleaner v6.044 - Log vytvořen 18/02/2018 v 19:37:54
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-02-28.2 [Místní]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : Name - COMPUTER-B59025
# Spuštěno z : C:\Documents and Settings\Name\Plocha\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****



***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [834 Bajty] - [18/02/2018 19:37:54]
C:\AdwCleaner\AdwCleaner[S0].txt - [1405 Bajty] - [18/02/2018 19:30:37]
C:\AdwCleaner\AdwCleaner[S1].txt - [1478 Bajty] - [18/02/2018 19:37:40]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1052 Bajty] ##########

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-18\...\RunOnce: [_nltide_2] => regsvr32 /s /n /i:U shell32
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte. K provedení této akce musíte mít admin práva ke svému profilu.

[Blinkoka]

Fix result of Farbar Recovery Scan Tool (x86) Version: 17.02.2018
Ran by Name (18-02-2018 20:20:39) Run:1
Running from C:\Documents and Settings\Name\Plocha
Loaded Profiles: Name (Available Profiles: Name & Antim)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-18\...\RunOnce: [_nltide_2] => regsvr32 /s /n /i:U shell32
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2" => removed successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully.
"HKLM\System\CurrentControlSet\Services\IntelIde" => removed successfully.
IntelIde => service removed successfully.
"HKLM\System\CurrentControlSet\Services\WS2IFSL" => removed successfully.
WS2IFSL => service removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 11117 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 32768 B
Java, Flash, Steam htmlcache => 1170 B
Windows/system/dllcache/drivers => 16384 B
Edge => 0 B
Chrome => 0 B
Firefox => 13653141 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 66228 B
All Users => 0 B
systemprofile => 274663296 B
LocalService => 1172 B
NetworkService => 66228 B
Name => 1265898 B
Antim => 638784 B

RecycleBin => 16446592 B
EmptyTemp: => 292.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:20:44 ====

[Rudy]

Smazáno. Nastala nějaká změna?