Nelze spustit Avast a jiné

[Lenulex]

Zdravím. Přestal fungovat Antivir, nejde spustit ani pošťák od seznamu, při vytváření logu Rsit mi také vyskočila hláška:
"...byly uplatněny zásady pro omezení softwaru...."

Zde je log, předem děkuji za pomoc.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Lenka at 2014-05-20 18:10:51
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 67 GB (44%) free of 153 GB
Total RAM: 2985 MB (77% free)


======Scheduled tasks folder======

C:\windows\tasks\avast! Emergency Update.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Lenka\Data aplikací\Mozilla\Firefox\Profiles\8csubig4.default-1366784520796

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"

"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
nsIBitCometAgent.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npBitCometAgent.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nsIQTScriptablePlugin.xpt
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Documents and Settings\Lenka\Data aplikací\Mozilla\Firefox\Profiles\8csubig4.default-1366784520796\extensions\
2020Player_IKEA@2020Technologies.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\Lenka\Data aplikací\Mozilla\Firefox\Profiles\8csubig4.default-1366784520796\searchplugins\
google-peklada.xml
ividi.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-12 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2010-04-03 13670504]
"NvMediaCenter"=C:\windows\system32\NvMcTray.dll [2010-04-03 110696]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-05-20 3873704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=C:\Program Files\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"jilmfjvt"=regsvr32.exe C:\Documents and Settings\All Users\Data aplikací\jilmfjvt.dat []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Documents and Settings\Lenka\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Documents and Settings\Lenka\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ESDUSBMon.exe]
C:\windows\system32\ESDUSBMon.exe [2005-05-26 188416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry]
C:\Program Files\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\windows\system32\hkcmd.exe [2011-05-06 182552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\windows\system32\igfxtray.exe [2011-05-06 142616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\windows\system32\igfxpers.exe [2011-05-06 166680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\windows\RTHDCPL.EXE [2010-11-16 19722344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-01 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2014-05-20 5625624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TO2SSM_McciTrayApp]
C:\Program Files\TO2SSM\McciTrayApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Belkin Wireless Networking Utility.lnk]
C:\PROGRA~1\Belkin\F6D4050\v1\BELKIN~1.EXE -t []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SentinelKeysServer"=2
"ProtexisLicensing"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\windows\system32\Ati2evxx.dll [2008-09-24 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-05-02 268288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-09-05 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe"="C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe:*:Enabled:Sentinel Protection Server"
"C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe"="C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe:*:Enabled:Sentinel Keys Server"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\WINDOWS\system32\SAiLicSvr.exe"="C:\WINDOWS\system32\SAiLicSvr.exe:*:Enabled:SAi Production Suite_SAi License Service"
"C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Viber\Viber.exe"="C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Viber\Viber.exe:*:Enabled:Viber"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Viber\Viber.exe"="C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Viber\Viber.exe:*:Enabled:Viber"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=i420vfw.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\windows\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.lhacm"=lhacm.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"vidc.yv12"=yv12vfw.dll

======List of files/folders created in the last 1 month======

2014-05-20 18:10:51 ----D---- C:\rsit
2014-05-20 17:40:30 ----A---- C:\windows\system32\drivers\aswVmm.sys
2014-05-20 17:40:30 ----A---- C:\windows\system32\drivers\aswTdi.sys
2014-05-20 17:40:29 ----A---- C:\windows\system32\drivers\aswSP.sys
2014-05-20 17:40:29 ----A---- C:\windows\system32\drivers\aswSnx.sys
2014-05-20 17:40:29 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2014-05-20 17:40:29 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2014-05-20 17:40:28 ----A---- C:\windows\system32\drivers\aswRdr.sys
2014-05-20 17:40:27 ----A---- C:\windows\system32\aswBoot.exe
2014-05-20 17:40:25 ----A---- C:\windows\avastSS.scr
2014-05-20 17:39:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2014-05-20 17:31:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Motive
2014-05-20 17:31:12 ----A---- C:\windows\SchedLgU.Txt
2014-05-20 11:12:48 ----A---- C:\Documents and Settings\All Users\Data aplikací\jilmfjvt.dat
2014-05-12 08:16:29 ----D---- C:\Program Files\Mozilla Firefox
2014-05-09 12:20:55 ----A---- C:\windows\fonts\Jellyka Delicious Cake - Read Me.txt
2014-05-09 11:37:06 ----A---- C:\windows\fonts\License - READ THIS.txt
2014-05-02 14:32:26 ----D---- C:\Documents and Settings\Lenka\Data aplikací\ViberPC
2014-04-30 17:17:29 ----D---- C:\Documents and Settings\Lenka\Data aplikací\AVAST Software
2014-04-30 11:39:25 ----A---- C:\windows\system32\drivers\aswHwid.sys

======List of files/folders modified in the last 1 month======

2014-05-20 18:10:52 ----D---- C:\Program Files\trend micro
2014-05-20 17:58:02 ----SHD---- C:\windows\Installer
2014-05-20 17:58:02 ----D---- C:\windows\Tasks
2014-05-20 17:57:54 ----D---- C:\Program Files\Google
2014-05-20 17:52:17 ----D---- C:\windows\Temp
2014-05-20 17:46:05 ----D---- C:\Program Files
2014-05-20 17:40:45 ----D---- C:\windows\Prefetch
2014-05-20 17:40:30 ----D---- C:\windows\system32\drivers
2014-05-20 17:40:27 ----D---- C:\windows\system32
2014-05-20 17:40:26 ----D---- C:\WINDOWS
2014-05-20 17:39:59 ----D---- C:\Program Files\AVAST Software
2014-05-20 17:35:50 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-05-20 17:31:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\organiser
2014-05-20 17:31:29 ----D---- C:\Program Files\Common Files\Motive
2014-05-20 17:21:32 ----A---- C:\windows\WINCMD.INI
2014-05-20 17:06:28 ----D---- C:\windows\system32\CatRoot2
2014-05-20 15:16:29 ----D---- C:\windows\system
2014-05-20 15:03:49 ----D---- C:\Program Files\SUPERAntiSpyware
2014-05-13 17:12:28 ----D---- C:\Documents and Settings\Lenka\Data aplikací\gtk-2.0
2014-05-13 07:56:12 ----D---- C:\windows\Fonts
2014-05-13 07:26:43 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-05-08 15:22:06 ----D---- C:\Program Files\ProFact 3.0
2014-04-30 11:39:24 ----D---- C:\windows\WinSxS
2014-04-24 18:11:04 ----A---- C:\windows\win.ini
2014-04-24 18:11:04 ----A---- C:\windows\system.ini
2014-04-24 18:05:25 ----D---- C:\Program Files\Common Files
2014-04-24 18:05:25 ----D---- C:\Documents and Settings\Lenka\Data aplikací\DVDVideoSoft
2014-04-24 07:34:45 ----D---- C:\Documents and Settings\Lenka\Data aplikací\Seznam.cz

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-05-20 180632]
R0 nvata;nvata; C:\windows\system32\DRIVERS\nvata.sys [2006-04-24 100736]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2006-09-12 643072]
R0 Vax347b;Vax347b; C:\windows\system32\DRIVERS\Vax347b.sys [2005-04-25 159616]
R0 Vax347s;Vax347s; C:\windows\System32\Drivers\Vax347s.sys [2004-04-30 5248]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R0x01000000 papycpu2;papycpu2; C:\windows\System32\DRIVERS\papycpu2.sys [2003-01-17 1984]
R0x01000000 papyjoy;papyjoy; C:\windows\System32\DRIVERS\papyjoy.sys [2003-01-17 1856]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2014-05-20 54832]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-05-20 776976]
R1 aswTdi;aswTdi; C:\windows\system32\drivers\aswTdi.sys [2014-05-20 57672]
R1 intelppm;Řadič procesoru Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 NetworkX;NetworkX; C:\windows\system32\ckldrv.sys [2008-08-22 21638]
R1 nod32drv;nod32drv; C:\windows\system32\drivers\nod32drv.sys [2008-08-13 15424]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 SCDEmu;SCDEmu; C:\windows\system32\drivers\SCDEmu.sys [2006-11-06 30988]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\windows\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\windows\system32\DRIVERS\AegisP.sys [2010-01-03 21361]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2014-05-20 24184]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-05-20 67824]
R2 ElbyCDIO;ElbyCDIO Driver; C:\windows\System32\Drivers\ElbyCDIO.sys [2006-12-15 15440]
R2 Esdpdx01;Esdpdx01; \??\C:\windows\system32\Drivers\ESDPDX01.SYS []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\windows\system32\drivers\Haspnt.sys []
R2 NSHE;Guardant Emulator Driver; \??\C:\windows\system32\Drivers\NSHE.SYS []
R2 Sentinel;Sentinel; C:\windows\System32\Drivers\SENTINEL.SYS [2008-07-11 92712]
R3 asmthub3;ASMedia USB3 Hub Service; C:\windows\system32\DRIVERS\asmthub3.sys [2011-02-24 100328]
R3 asmtxhci;ASMEDIA XHCI Service; C:\windows\system32\DRIVERS\asmtxhci.sys [2011-02-24 308200]
R3 ElbyCDFL;ElbyCDFL; C:\windows\System32\Drivers\ElbyCDFL.sys [2006-12-15 34760]
R3 ElbyDelay;ElbyDelay; C:\windows\System32\Drivers\ElbyDelay.sys [2006-12-14 11984]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\windows\system32\DRIVERS\igxpmp32.sys [2011-05-02 2184736]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2010-11-23 6203496]
R3 mouhid;Ovladač myši standardu HID; C:\windows\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\windows\system32\DRIVERS\Rtenicxp.sys [2011-01-14 277352]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\windows\system32\drivers\WmBEnum.sys [2004-05-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\windows\system32\drivers\WmXlCore.sys [2004-05-14 44384]
S0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-05-20 49944]
S1 AmdK8;AMD Processor Driver; C:\windows\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
S1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-05-20 411552]
S2 AMON;AMON; C:\windows\system32\drivers\amon.sys [2008-08-13 512096]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501); C:\windows\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501); C:\windows\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
S3 Ambfilt;Ambfilt; C:\windows\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 ati2mtag;ati2mtag; C:\windows\system32\DRIVERS\ati2mtag.sys [2008-09-24 3331072]
S3 Bridge;Most MAC; C:\windows\system32\DRIVERS\bridge.sys [2008-04-14 71552]
S3 BridgeMP;Miniport mostu MAC; C:\windows\system32\DRIVERS\bridge.sys [2008-04-14 71552]
S3 BthEnum;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\windows\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2008-04-14 272896]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dtscsi;dtscsi; C:\windows\System32\Drivers\dtscsi.sys [2006-09-12 223128]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt []
S3 FTDIBUS;USB Serial Converter Driver; C:\windows\system32\drivers\ftdibus.sys [2005-12-19 28449]
S3 FTSER2K;USB Serial Port Driver; C:\windows\system32\drivers\ftser2k.sys [2005-12-19 60572]
S3 HS4R;HS4 Driver ; C:\windows\System32\Drivers\hs4r.sys [2005-09-16 11776]
S3 Monfilt;Monfilt; C:\windows\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2010-04-04 10232128]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\windows\system32\DRIVERS\NVENETFD.sys [2006-02-17 34176]
S3 nvnetbus;NVIDIA Network Bus Enumerator; C:\windows\system32\DRIVERS\nvnetbus.sys [2006-02-17 13056]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\Pcouffin.sys [2012-09-11 47360]
S3 PSSDK42;PSSDK42; \??\C:\windows\system32\Drivers\pssdk42.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 Ser2pl;MAT Serial port driver; C:\windows\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SNTNLUSB;SafeNet USB SuperPro/UltraPro/HardwareKey; C:\windows\system32\DRIVERS\SNTNLUSB.SYS [2008-07-11 37088]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 USBHS4L;HS4 Loader Driver; C:\windows\System32\Drivers\hs4l.sys [2005-09-16 16384]
S3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 vaxscsi;vaxscsi; C:\windows\System32\Drivers\vaxscsi.sys [2006-10-21 223128]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\windows\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\windows\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\windows\system32\drivers\WmFilter.sys [2004-05-14 21440]
S3 WmHidLo;Logitech WingMan USB Filter Driver; C:\windows\system32\drivers\WmHidLo.sys [2004-05-14 14720]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\windows\system32\drivers\WmVirHid.sys [2004-05-14 5600]
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-09-05 116608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\windows\system32\Ati2evxx.exe [2008-09-24 581632]
R2 Autodata Limited License Service;Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [2006-09-12 72704]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-20 50344]
R2 BthServ;Bluetooth Support Service; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 Crypkey License;Crypkey License; C:\windows\system32\crypserv.exe [2008-05-08 122880]
R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2006-06-07 942080]
R2 EPSON ESCPOS Status Service;EPSON ESC/POS Status Service; C:\windows\system32\EpStsSrv.exe [2006-05-17 77824]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\Documents and Settings\All Users\Data aplikací\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-06-12 182184]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 SAiDownloader;SAiDownloader; C:\WINDOWS\system32\SAiDownloader.exe [2007-09-11 438272]
R2 SAiLicSvr;SAiLicSvr; C:\WINDOWS\system32\SAiLicSvr.exe [2007-12-19 86016]
R2 SentinelProtectionServer;Sentinel Protection Server; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [2008-07-11 226592]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 STI Simulator;STI Simulator; C:\windows\System32\PAStiSvc.exe [2005-01-14 53248]
R2 UxTuneUp;TuneUp Design Expansion; C:\windows\System32\svchost.exe [2008-04-14 14336]
R2 WorkshopDBService;WorkshopDBService; C:\PROGRA~1\VIVIDW~1\WORKSH~1.EXE [2013-02-21 114688]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-09-23 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 MySQL;MySQL; C:\Program Files\AWIS\AWKasa\bin\mysqld-nt.exe [2009-01-10 2203648]
S2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2010-04-03 154216]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-12 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-10-20 630272]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 ProtexisLicensing;ProtexisLicensing; C:\Program Files\Common Files\Protexis\License Service\PSIService.exe [2006-11-02 174656]
S4 SentinelKeysServer;Sentinel Keys Server; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2008-07-11 328992]

-----------------EOF-----------------

[Rudy]

Zdravím!
Dejte log ComoboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[Lenulex]

Bohužel mi nejde stahnout, ani na jiném počítači nejde.

[Rudy]

Zkuste tento: http://uloz.to/xofrAa6z/combofix-rar .

[Lenulex]

Omlouvám se za zdržení, večer nešlo vůbec nic stáhnout do konce. Zde je log, Nod32 nemám v počítači vůbec a Avast nejde spustit.


ComboFix 14-05-19.01 - Lenka 21.05.2014 7:36.10.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2985.2470 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lenka\Plocha\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Eset NOD32 Antivirus 2.70 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-21 do 2014-05-21 )))))))))))))))))))))))))))))))
.
.
2014-05-20 16:10 . 2014-05-20 16:11 -------- d-----w- C:\rsit
2014-05-20 15:40 . 2014-05-20 15:40 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-05-20 15:40 . 2014-05-20 15:40 180632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-05-20 15:40 . 2014-05-20 17:06 777488 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-05-20 15:40 . 2014-05-20 17:06 411680 ----a-w- c:\windows\system32\drivers\aswsp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-20 15:40 . 2014-05-20 15:40 776976 ----a-w- c:\windows\system32\drivers\aswsnx.sys.1400605608359
2014-05-20 15:40 . 2014-05-20 15:40 54832 ----a-w- c:\windows\system32\drivers\aswrdr.sys.1400605608359
2014-04-30 09:39 . 2011-09-02 09:38 776976 ----a-w- c:\windows\system32\drivers\aswsnx.sys.1400146740421
2014-04-30 09:39 . 2011-09-02 09:38 54832 ----a-w- c:\windows\system32\drivers\aswrdr.sys.1400146740421
2014-03-19 16:50 . 2012-09-11 09:18 87608 ----a-w- c:\documents and settings\Lenka\Data aplikací\inst.exe
2014-03-19 16:50 . 2007-10-15 15:17 47360 ----a-w- c:\documents and settings\Lenka\Data aplikací\pcouffin.sys
2006-05-03 10:06 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 216064 --sha-r- c:\windows\system32\nbDX.dll
2010-01-06 22:00 107520 --sha-r- c:\windows\system32\TAKDSDecoder.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-20 15:40 260976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-05-20 3873704]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-09-05 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Belkin Wireless Networking Utility.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Belkin Wireless Networking Utility.lnk
backup=c:\windows\pss\Belkin Wireless Networking Utility.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
2013-05-16 13:25 1062472 ----a-w- c:\documents and settings\Lenka\Data aplikací\Seznam.cz\szninstall.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
2013-04-12 08:10 92664 ----a-w- c:\documents and settings\Lenka\Data aplikací\Seznam.cz\bin\wszndesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ESDUSBMon.exe]
2005-05-26 19:11 188416 ------w- c:\windows\system32\ESDUSBMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2011-05-06 05:46 182552 ----a-r- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2011-05-06 05:46 142616 ----a-r- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2011-05-06 05:46 166680 ----a-r- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2010-11-16 12:34 19722344 ----a-r- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
2013-05-16 13:25 1062472 ----a-w- c:\program files\Seznam.cz\distribution\szninstall.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-08-01 13:23 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2014-05-20 13:03 5625624 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SentinelKeysServer"=2 (0x2)
"ProtexisLicensing"=2 (0x2)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" "/background"
"EPSON Stylus Photo R285 Series"=c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE /FU "c:\windows\TEMP\E_S634.tmp" /EF "HKCU"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" /s
"PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
"Alcmtr"=ALCMTR.EXE
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"RTHDCPL"=RTHDCPL.EXE
"SkyTel"=SkyTel.EXE
"ISUSPM Startup"=c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Protection Server\\WinNT\\spnsrvnt.exe"=
"c:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Keys Server\\sntlkeyssrvr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\WINDOWS\\system32\\SAiLicSvr.exe"=
"c:\\Documents and Settings\\Lenka\\Local Settings\\Data aplikací\\Viber\\Viber.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"12855:TCP"= 12855:TCP:*:Disabled:BitComet 12855 TCP
"12855:UDP"= 12855:UDP:*:Disabled:BitComet 12855 UDP
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [20.5.2014 17:40 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [20.5.2014 17:40 180632]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.9.2006 16:32 643072]
R0 Vax347b;Vax347b;c:\windows\system32\drivers\Vax347b.sys [21.10.2006 23:19 159616]
R0 Vax347s;Vax347s;c:\windows\system32\drivers\Vax347s.sys [21.10.2006 23:19 5248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [20.5.2014 17:40 777488]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [20.5.2014 17:40 411680]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [13.8.2008 15:25 15424]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [17.2.2010 20:25 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 20:41 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [4.5.2011 19:54 116608]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [30.4.2014 11:39 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [20.5.2014 17:40 67824]
R2 EPSON ESCPOS Status Service;EPSON ESC/POS Status Service;EpStsSrv.exe --> EpStsSrv.exe [?]
R2 Esdpdx01;Esdpdx01;c:\windows\system32\drivers\ESDPDX01.SYS [11.5.2006 11:51 95485]
R2 NSHE;Guardant Emulator Driver;c:\windows\system32\drivers\NSHE.SYS [27.11.2008 18:56 97792]
R2 SAiDownloader;SAiDownloader;c:\windows\system32\SAiDownloader.exe [14.9.2013 18:10 438272]
R2 SAiLicSvr;SAiLicSvr;c:\windows\system32\SAiLicSvr.exe [14.9.2013 18:16 86016]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [18.11.2011 21:11 100328]
R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [18.11.2011 21:01 308200]
S2 WorkshopDBService;WorkshopDBService;c:\progra~1\VIVIDW~1\WORKSH~1.EXE -zglaxservice WorkshopDBService --> c:\progra~1\VIVIDW~1\WORKSH~1.EXE -zglaxservice WorkshopDBService [?]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501);c:\windows\system32\drivers\adusbmdm65.sys [10.9.2006 14:34 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501);c:\windows\system32\drivers\adusbser65.sys [10.9.2006 14:34 64896]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [18.11.2011 20:37 1691480]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt [18.8.2005 7168]
S3 HS4R;HS4 Driver ;c:\windows\system32\drivers\hs4r.sys [2.10.2007 23:58 11776]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [13.1.2011 17:01 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [13.1.2011 17:01 8320]
S3 Pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [29.9.2006 15:45 47360]
S3 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [23.10.2009 08:36 38976]
S3 USBHS4L;HS4 Loader Driver;c:\windows\system32\drivers\hs4l.sys [2.10.2007 23:58 16384]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [12.9.2006 16:34 223128]
S4 SentinelKeysServer;Sentinel Keys Server;c:\program files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [11.7.2008 02:02 328992]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-21 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-20 15:40]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\documents and settings\Lenka\Data aplikací\Mozilla\Firefox\Profiles\8csubig4.default-1366784520796\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-jilmfjvt - c:\documents and settings\All Users\Data aplikací\jilmfjvt.dat
MSConfigStartUp-FixMyRegistry - c:\program files\SmartTweak\FixMyRegistry\FixMyRegistry.exe
MSConfigStartUp-TO2SSM_McciTrayApp - c:\program files\TO2SSM\McciTrayApp.exe
AddRemove-_{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91} - c:\program files\Corel\CorelDRAW Graphics Suite 13\Programs\MSILauncher {7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-05-21 07:44
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(892)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3056)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2014-05-21 07:46:10
ComboFix-quarantined-files.txt 2014-05-21 05:46
.
Před spuštěním: Volných bajtů: 70 125 031 424
Po spuštění: Volných bajtů: 70 130 135 040
.
- - End Of File - - C8A27241710AF2B4A1474E15111917F3
413FC2A0C716421B3158746D63736515

[Rudy]

V PC jsou zbytky po Nodu. Odstraňte je pomocí uninstalleru: http://www.techsupportall.com/eset-remo ... -download/ (utilitu j nutné spustit v nouz. režimu. Pak vyzkoušejte Avast a pokud by byli tam problém, přeinstalujte.

[Lenulex]

V nouz. režimu nejde, napíše něco ve smyslu nebyly nalezeny žádné součásti Nod32. Avast nejde spustit, už jsem ho i přeinstalovala a nic.

[Rudy]

Tak to vyházíme ručně. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

File::
c:\windows\system32\drivers\nod32drv.sys

Driver::
nod32drv

Reboot::

UZložte na plochu jako CFScript.txt. Pak jej myšípřetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.



Pak Avast odinstalujte pomocí utilty: http://www.avast.com/cs-cz/uninstall-utility , stáhněte novou instalačku Avastu a nainstalujte.

[Lenulex]

Hotovo, ale Avast po nové instalaci nejde vůbec spustit, stejné jako předtím.

Ještě jsem teď zkusila spustit test SuperAntiSpyware a ten našel tohle:

Registry threats detected : 3
Disabled.SecurityCenterOption
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#ANTIVIRUSDISABLENOTIFY
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#FIREWALLDISABLENOTIFY
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#UPDATESDISABLENOTIFY

[Rudy]

Ještě proveďte tento sken: http://www.malwarebytes.org/mbam.php . MBAM nainstalujte a spusťte, udělejte kompletní sken a dejte log. Předem nic nemažte.

[Lenulex]

Tohle mi bohužel nejde nainstalovat a spustit, píše chyby.

[Rudy]

Zkuste to v nouz. režimu.

[Lenulex]

Nešlo ani v nouzovém režimu. Stáhla jsem starší verzi, ta šla nainstalovat, poté se aktualizovala a snad funguje jak má. Zde je log:

Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Verze: v2014.05.23.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Lenka :: LENKA-5E9112B8F [administrátor]

23.5.2014 08:17:17
MBAM-log-2014-05-23 (11-04-31).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 530423
Uplynulý čas: 1 hodin, 41 minut, 36 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 5
HKCR\AppID\{685F23D9-FCFD-475C-B56A-362645945C5A} (PUP.Optional.iVIDI.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Toggle\toggle (PUP.Optional.ToggleTB.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\iVIDI Plugin (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpeedUpMyComputer (PUP.Optional.SpeedupmyComputer) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Toggle\toggle (PUP.Optional.ToggleTB.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 3
HKLM\SOFTWARE\Microsoft\Security Center|ANTIVIRUSDISABLENOTIFY (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Security Center|FIREWALLDISABLENOTIFY (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Security Center|UPDATESDISABLENOTIFY (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.

Nalezené složky: 4
C:\Documents and Settings\Lenka\Data aplikací\41 (PUP.Optional.Amonetize.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SmartTweak\SpeedUpMyComputer (PUP.Optional.SpeedupmyComputer) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0 (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 19
C:\Documents and Settings\Lenka\Plocha\malwarebytes-anti-malware.exe (PUP.Optional.DownloadSponsor) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Data aplikací\41\Updater.xml (PUP.Optional.Amonetize.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Data aplikací\41\status.cfg (PUP.Optional.Amonetize.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe (PUP.Optional.SpeedupmyComputer) -> Nebyla provedena žádná instrukce.
C:\Program Files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.url (PUP.Optional.SpeedupmyComputer) -> Nebyla provedena žádná instrukce.
C:\Program Files\SmartTweak\SpeedUpMyComputer\uninst.exe (PUP.Optional.SpeedupmyComputer) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\appCntrl.js (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\bg.html (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\bg.js (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\CrmAdpt.dll (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\ct.js (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\CTB.dll (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\dpk.js (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\hprtkMsg.htm (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\hprtkMsg.js (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\json2.min.js (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\logo.png (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\manifest.json (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Lenka\Local Settings\Data aplikací\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\pref.json (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.

(konec)

[Rudy]

Vše nalezené smažte.

[Lenulex]

Smazáno, Avast ale stejně nejde spustit..