Restart PC hned po přihlášení uživatele

[funkymusic]

Zdravím, prosím o laskavou pomoc. PC se hned po zobrazení plochy restartuje. Log jsem provedl v nouzovém režimu.

Díky moc.



Logfile of random's system information tool 1.10 (written by random/random)
Run by Iva at 2015-02-18 09:55:27
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 128 GB (81%) free of 157 GB
Total RAM: 1023 MB (79% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\SDMsgUpdate (TE).job - C:\PROGRA~1\SMARTD~1\Messages\SDNotify.exe -PTE -V1813 -SSDU.ini -A -Mhttp://www.smartdraw.com/msgs/messagecheck.aspx -D0 -T -N -X
C:\WINDOWS\tasks\WGASetup.job - C:\WINDOWS\system32\KB905474\wgasetup.exe /autoauto

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1b0cf41e-334a-4984-a8a0-aa5affeb5482}]
ResultsBay 1.0.0.7 - C:\Program Files\ResultsBay\ResultsBayBHO.dll [2015-02-04 269040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-05 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-09 1001936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-18 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-18 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\listicka.dll [2009-11-02 1411736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-05 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-09-16 69632]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-03-04 172032]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [2004-02-18 49152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-18 148888]
"StatusClient 2.6"=C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe [2004-02-27 61440]
"TomcatStartup 2.5"=C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe [2004-05-20 188416]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"Kerio VPN Client"=C:\Program Files\Kerio\VPN Client\kvpncgui.exe [2010-07-18 5293928]
""= []
"pdfSaver3"= []
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"pdfSaver3"=C:\Program Files\PDF\pdfSaver\pdfSaver3.exe [2004-05-19 385024]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-09-13 39408]
"Yahoo! Search"=C:\Documents and Settings\Iva\Data aplikací\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrlte.exe [2015-01-18 644816]

C:\Documents and Settings\Iva\Nabídka Start\Programy\Po spuštění
SQLServer.lnk - C:\CENTURA\dbnt1sv.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe"="C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe:*:Enabled:javaw"
"C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe"="C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\IPClient\IPClient.exe"="C:\Program Files\IPClient\IPClient.exe:*:Enabled:IPClient"
"C:\Program Files\VideoViewer\VideoViewer.exe"="C:\Program Files\VideoViewer\VideoViewer.exe:*:Enabled:VideoViewer"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-02-18 09:55:28 ----D---- C:\Program Files\trend micro
2015-02-18 09:55:27 ----DC---- C:\rsit
2015-02-18 08:48:03 ----A---- C:\WINDOWS\ntbtlog.txt
2015-02-17 16:35:35 ----D---- C:\WINDOWS\Minidump
2015-02-17 16:30:59 ----A---- C:\WINDOWS\system32\drivers\{8f2fe4c6-327e-4d57-9cfc-f57bbfc7d05c}t.sys
2015-02-10 17:23:34 ----A---- C:\WINDOWS\system32\drivers\{f9bf5b7a-c875-4b69-af47-f9a60ab0f8c6}t.sys
2015-02-08 09:30:00 ----A---- C:\WINDOWS\system32\drivers\{e7040ff0-44bd-4369-95b8-ede045386420}t.sys
2015-02-05 20:14:58 ----A---- C:\WINDOWS\system32\drivers\{85c74733-05ab-4712-b709-690a78b239f8}t.sys
2015-01-25 11:28:05 ----A---- C:\WINDOWS\system32\drivers\{adffcaa5-8eaf-4d29-98de-cfac96868329}t.sys

======List of files/folders modified in the last 1 month======

2015-02-18 09:55:28 ----RD---- C:\Program Files
2015-02-18 09:54:14 ----D---- C:\WINDOWS\system32\CatRoot2
2015-02-18 09:52:42 ----D---- C:\WINDOWS
2015-02-18 09:42:08 ----D---- C:\WINDOWS\Temp
2015-02-18 08:52:16 ----D---- C:\WINDOWS\system32
2015-02-18 08:52:11 ----D---- C:\WINDOWS\system32\drivers
2015-02-18 08:45:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-02-18 08:44:16 ----HD---- C:\WINDOWS\inf
2015-02-17 16:36:57 ----A---- C:\WINDOWS\win.ini
2015-02-17 16:34:10 ----D---- C:\WINDOWS\Prefetch
2015-02-17 16:30:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\9a9a3a17-f94f-404b-a59a-2dbabe68e70b
2015-02-08 10:24:02 ----SHD---- C:\WINDOWS\Installer
2015-02-08 10:19:34 ----SD---- C:\WINDOWS\Tasks
2015-02-05 21:08:23 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-05 20:46:58 ----D---- C:\Program Files\ResultsBay

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 {0a76474a-6444-4592-bf0c-76e7ec6a7cd7}t;{0a76474a-6444-4592-bf0c-76e7ec6a7cd7}t; C:\WINDOWS\system32\drivers\{0a76474a-6444-4592-bf0c-76e7ec6a7cd7}t.sys [2014-12-17 55872]
S1 {22a91d06-afc2-49fc-a96f-6562bfb2db80}t;{22a91d06-afc2-49fc-a96f-6562bfb2db80}t; C:\WINDOWS\system32\drivers\{22a91d06-afc2-49fc-a96f-6562bfb2db80}t.sys [2014-10-23 55872]
S1 {2930ffde-ef38-481a-99f8-bec779f19c42}t;{2930ffde-ef38-481a-99f8-bec779f19c42}t; C:\WINDOWS\system32\drivers\{2930ffde-ef38-481a-99f8-bec779f19c42}t.sys [2014-11-15 55872]
S1 {3800c333-b52b-4af7-9e68-ac167654bbca}t;{3800c333-b52b-4af7-9e68-ac167654bbca}t; C:\WINDOWS\system32\drivers\{3800c333-b52b-4af7-9e68-ac167654bbca}t.sys [2014-12-01 55872]
S1 {804ed8bf-87ab-41d2-9d5f-084b8f921ab6}t;{804ed8bf-87ab-41d2-9d5f-084b8f921ab6}t; C:\WINDOWS\system32\drivers\{804ed8bf-87ab-41d2-9d5f-084b8f921ab6}t.sys [2014-10-30 55872]
S1 {80967689-5bac-408f-bcc8-ff2c708bbe9e}t;{80967689-5bac-408f-bcc8-ff2c708bbe9e}t; C:\WINDOWS\system32\drivers\{80967689-5bac-408f-bcc8-ff2c708bbe9e}t.sys [2015-01-12 55824]
S1 {85c74733-05ab-4712-b709-690a78b239f8}t;{85c74733-05ab-4712-b709-690a78b239f8}t; C:\WINDOWS\system32\drivers\{85c74733-05ab-4712-b709-690a78b239f8}t.sys [2015-02-04 55824]
S1 {88704c5f-8dc4-4583-8a38-638e1e57c933}t;{88704c5f-8dc4-4583-8a38-638e1e57c933}t; C:\WINDOWS\system32\drivers\{88704c5f-8dc4-4583-8a38-638e1e57c933}t.sys [2015-01-18 55824]
S1 {8f2fe4c6-327e-4d57-9cfc-f57bbfc7d05c}t;{8f2fe4c6-327e-4d57-9cfc-f57bbfc7d05c}t; C:\WINDOWS\system32\drivers\{8f2fe4c6-327e-4d57-9cfc-f57bbfc7d05c}t.sys [2015-02-16 55824]
S1 {9d2d15b9-c3d6-43c9-9ae9-c5272f79f036}t;{9d2d15b9-c3d6-43c9-9ae9-c5272f79f036}t; C:\WINDOWS\system32\drivers\{9d2d15b9-c3d6-43c9-9ae9-c5272f79f036}t.sys [2014-12-10 55872]
S1 {aa772a4b-d510-413d-87e1-5f45804f3f8f}t;{aa772a4b-d510-413d-87e1-5f45804f3f8f}t; C:\WINDOWS\system32\drivers\{aa772a4b-d510-413d-87e1-5f45804f3f8f}t.sys [2014-11-09 55872]
S1 {adffcaa5-8eaf-4d29-98de-cfac96868329}t;{adffcaa5-8eaf-4d29-98de-cfac96868329}t; C:\WINDOWS\system32\drivers\{adffcaa5-8eaf-4d29-98de-cfac96868329}t.sys [2015-01-24 55824]
S1 {c0c69ebd-4ee7-4114-8b49-15390766507e}t;{c0c69ebd-4ee7-4114-8b49-15390766507e}t; C:\WINDOWS\system32\drivers\{c0c69ebd-4ee7-4114-8b49-15390766507e}t.sys [2015-01-09 55824]
S1 {c1f03e90-6f61-4ede-ad9e-eab2cc1f2e36}t;{c1f03e90-6f61-4ede-ad9e-eab2cc1f2e36}t; C:\WINDOWS\system32\drivers\{c1f03e90-6f61-4ede-ad9e-eab2cc1f2e36}t.sys [2014-11-11 55872]
S1 {ce4b0e98-4d66-4d97-8af3-ec2264c8222f}t;{ce4b0e98-4d66-4d97-8af3-ec2264c8222f}t; C:\WINDOWS\system32\drivers\{ce4b0e98-4d66-4d97-8af3-ec2264c8222f}t.sys [2014-11-18 55872]
S1 {cf659afe-27fc-4e2d-9c49-88406fa09c42}t;{cf659afe-27fc-4e2d-9c49-88406fa09c42}t; C:\WINDOWS\system32\drivers\{cf659afe-27fc-4e2d-9c49-88406fa09c42}t.sys [2014-12-29 55824]
S1 {e34ff9ce-e6b6-450a-ace7-3acd1926facd}t;{e34ff9ce-e6b6-450a-ace7-3acd1926facd}t; C:\WINDOWS\system32\drivers\{e34ff9ce-e6b6-450a-ace7-3acd1926facd}t.sys [2014-07-03 55232]
S1 {e7040ff0-44bd-4369-95b8-ede045386420}t;{e7040ff0-44bd-4369-95b8-ede045386420}t; C:\WINDOWS\system32\drivers\{e7040ff0-44bd-4369-95b8-ede045386420}t.sys [2015-02-07 55824]
S1 {f9bf5b7a-c875-4b69-af47-f9a60ab0f8c6}t;{f9bf5b7a-c875-4b69-af47-f9a60ab0f8c6}t; C:\WINDOWS\system32\drivers\{f9bf5b7a-c875-4b69-af47-f9a60ab0f8c6}t.sys [2015-02-09 55824]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys []
S1 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2008-10-20 52544]
S1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys []
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys []
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys []
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys []
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys []
S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-09-21 2278784]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-14 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 kvnet;Kerio Virtual Network Adapter; C:\WINDOWS\system32\DRIVERS\kvnet.sys [2010-07-15 30208]
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-04-13 70144]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 602SQLFS;602SQL Server; C:\Program Files\Software602\602SQL11FS\602svc11fs.exe [2008-05-19 2048000]
S2 Apache2;Apache2; C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe [2007-01-09 20539]
S2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe []
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-18 152984]
S2 KVPNCSvc;Kerio VPN Client Service; C:\Program Files\Kerio\VPN Client\kvpncsvc.exe [2010-07-18 1103720]
S2 MaintainerSvc6.96.773180;MaintainerSvc6.96.773180; C:\Documents and Settings\All Users\Data aplikací\9a9a3a17-f94f-404b-a59a-2dbabe68e70b\maintainer.exe [2015-02-17 123632]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
S2 Update ResultsBay;Update ResultsBay; C:\Program Files\ResultsBay\updateResultsBay.exe [2015-02-17 409328]
S2 Util ResultsBay;Util ResultsBay; C:\Program Files\ResultsBay\bin\utilResultsBay.exe [2015-02-17 409328]
S2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe /service []
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe /service []
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-15 194032]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-10-22 65536]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[vyosek]

Zdravim

Pracujte stale v nouzaku

PC se jen restartuje nebo spadne do modre smrti?

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[funkymusic]

Jen se restartoval, bez modré smrti. Po tomto cleanu už jede .

Tady je log:


# AdwCleaner v4.110 - Logfile created 18/02/2015 at 11:41:22
# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Iva - PC
# Running from : C:\Documents and Settings\Iva\Dokumenty\adwcleaner_4.110.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : Update ResultsBay
[#] Service Deleted : Util ResultsBay
[#] Service Deleted : {0a76474a-6444-4592-bf0c-76e7ec6a7cd7}t
[#] Service Deleted : {22a91d06-afc2-49fc-a96f-6562bfb2db80}t
[#] Service Deleted : {2930ffde-ef38-481a-99f8-bec779f19c42}t
[#] Service Deleted : {3800c333-b52b-4af7-9e68-ac167654bbca}t
[#] Service Deleted : {804ed8bf-87ab-41d2-9d5f-084b8f921ab6}t
[#] Service Deleted : {80967689-5bac-408f-bcc8-ff2c708bbe9e}t
[#] Service Deleted : {85c74733-05ab-4712-b709-690a78b239f8}t
[#] Service Deleted : {88704c5f-8dc4-4583-8a38-638e1e57c933}t
[#] Service Deleted : {8f2fe4c6-327e-4d57-9cfc-f57bbfc7d05c}t
[#] Service Deleted : {9d2d15b9-c3d6-43c9-9ae9-c5272f79f036}t
[#] Service Deleted : {aa772a4b-d510-413d-87e1-5f45804f3f8f}t
[#] Service Deleted : {adffcaa5-8eaf-4d29-98de-cfac96868329}t
[#] Service Deleted : {c0c69ebd-4ee7-4114-8b49-15390766507e}t
[#] Service Deleted : {c1f03e90-6f61-4ede-ad9e-eab2cc1f2e36}t
[#] Service Deleted : {ce4b0e98-4d66-4d97-8af3-ec2264c8222f}t
[#] Service Deleted : {cf659afe-27fc-4e2d-9c49-88406fa09c42}t
[#] Service Deleted : {e34ff9ce-e6b6-450a-ace7-3acd1926facd}t
[#] Service Deleted : {e7040ff0-44bd-4369-95b8-ede045386420}t
[#] Service Deleted : {f9bf5b7a-c875-4b69-af47-f9a60ab0f8c6}t

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Deleted : C:\Program Files\ResultsBay
Folder Deleted : C:\Documents and Settings\Iva\Data aplikací\pay-by-ads
Folder Deleted : C:\Documents and Settings\Iva\Dokumenty\smart pc cleaner
File Deleted : C:\WINDOWS\system32\drivers\{0a76474a-6444-4592-bf0c-76e7ec6a7cd7}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{22a91d06-afc2-49fc-a96f-6562bfb2db80}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{2930ffde-ef38-481a-99f8-bec779f19c42}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{3800c333-b52b-4af7-9e68-ac167654bbca}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{804ed8bf-87ab-41d2-9d5f-084b8f921ab6}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{80967689-5bac-408f-bcc8-ff2c708bbe9e}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{85c74733-05ab-4712-b709-690a78b239f8}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{88704c5f-8dc4-4583-8a38-638e1e57c933}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{8f2fe4c6-327e-4d57-9cfc-f57bbfc7d05c}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{9d2d15b9-c3d6-43c9-9ae9-c5272f79f036}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{aa772a4b-d510-413d-87e1-5f45804f3f8f}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{adffcaa5-8eaf-4d29-98de-cfac96868329}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{c0c69ebd-4ee7-4114-8b49-15390766507e}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{c1f03e90-6f61-4ede-ad9e-eab2cc1f2e36}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{ce4b0e98-4d66-4d97-8af3-ec2264c8222f}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{cf659afe-27fc-4e2d-9c49-88406fa09c42}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{e34ff9ce-e6b6-450a-ace7-3acd1926facd}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{e7040ff0-44bd-4369-95b8-ede045386420}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{f9bf5b7a-c875-4b69-af47-f9a60ab0f8c6}t.sys

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Documents and Settings\All Users\Nabídka Start\Programy\Příslušenství\Systémové nástroje\Naplánované úlohy.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKCU\Software\Classes\keepmysearch
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update ResultsBay
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util ResultsBay
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1b0cf41e-334a-4984-a8a0-aa5affeb5482}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CF5D16C-D3B2-41C7-8617-228BB180FB3F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{f01c8228-e114-47a1-b79b-eabff2a34a02}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1b0cf41e-334a-4984-a8a0-aa5affeb5482}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1b0cf41e-334a-4984-a8a0-aa5affeb5482}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1b0cf41e-334a-4984-a8a0-aa5affeb5482}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1A111C1E-C5D2-4F5E-BE2A-362967405B01}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\ResultsBay
Key Deleted : HKLM\SOFTWARE\InstallIQ
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\ResultsBay
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ResultsBay
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ResultsBay
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Google Chrome v40.0.2214.111

[C:\Documents and Settings\Iva\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : hxxp://rts.dsrlte.com?affID=na

*************************

AdwCleaner[R0].txt - [7151 bytes] - [18/02/2015 11:37:13]
AdwCleaner[S0].txt - [6671 bytes] - [18/02/2015 11:41:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6730 bytes] ##########

[vyosek]

Supr, aspon nejaky pokrok

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[funkymusic]

tak je to tady:



Zoek.exe v5.0.0.0 Updated 17-February-2015
Tool run by Iva on st 18.02.2015 at 15:37:11,68.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Iva\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

18.2.2015 15:39:45 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Program Files\NeroInstall.bak deleted successfully
C:\Program Files\trend micro deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\jqs@sun.com deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MaintainerSvc6.96.773180 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MaintainerSvc6.96.773180 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MaintainerSvc6.96.773180 deleted successfully

==== Deleting Files \ Folders ======================

C:\DOCUME~1\ALLUSE~1\DATAAP~1\9a9a3a17-f94f-404b-a59a-2dbabe68e70b deleted
C:\Program Files\ComPlus Applications deleted
C:\WINDOWS\002683_.tmp deleted
C:\WINDOWS\SET3.tmp deleted
C:\WINDOWS\SET4.tmp deleted
C:\WINDOWS\SET8.tmp deleted
C:\WINDOWS\system32\GroupPolicy\ADM deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [04.09.2009 02:00]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{C265A13A-0EB7-4999-BE7F-18F3588E5D9D}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{22CC10DF-C285-4EC4-8769-CC9F481F7874} Slovník CZ/EN Url="http://slovnik.seznam.cz/?lg=cz_en&wd={ ... IElisticka"
{3EC4DBFF-46C7-4964-AB26-60E942F7387C} Encyklopedie Url="http://encyklopedie.seznam.cz/search?s= ... IElisticka"
{400375A6-E7C5-4CF5-8CB4-F18257510E53} Zboží.cz Url="http://zbozi.seznam.cz/?q={searchTerms} ... IElisticka"
{400375A6-E7C5-4CF5-8CB4-F18257510E53} Zboží.cz Url="http://zbozi.seznam.cz/?q={searchTerms} ... IElisticka"
{4921EDF0-1C7B-456E-8F03-FC43C10A97AF} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... IElisticka"
{75C3F1D5-F961-47FC-9C9F-5E573C85DDA6} Slovník EN/CZ Url="http://slovnik.seznam.cz/?lg=en_cz&wd={ ... IElisticka"
{9BA58561-8738-48B3-838D-5115098764CE} Firmy.cz Url="http://www.firmy.cz/phr/{searchTerms}?p ... IElisticka"
{A3B1A68E-51A6-4355-BBD8-4F9F33248A0A} Seznam Url="http://search.seznam.cz/searchScreen?w= ... IElisticka"
{C265A13A-0EB7-4999-BE7F-18F3588E5D9D} Google Url="http://www.google.com/search?q={searchT ... RU_csCZ501"

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Mirek\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Iva\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=8 folders=3 2450558 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Iva\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Iva\Local Settings\Temporary Internet Files\Content.IE5\index.dat" deleted
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on st 18.02.2015 at 15:53:56,25 ======================

[vyosek]

Poprosim o log z FRST http://forum.viry.cz/viewtopic.php?f=24&t=132509

[funkymusic]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-02-2015
Ran by Iva (administrator) on PC on 18-02-2015 18:14:31
Running from C:\Documents and Settings\Iva\Plocha
Loaded Profiles: Iva (Available profiles: Mirek & Iva)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Software602 a.s.) C:\Program Files\Software602\602SQL11FS\602svc11fs.exe
(Apache Software Foundation) C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Apache Software Foundation) C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe
(Kerio Technologies Inc.) C:\Program Files\Kerio\VPN Client\kvpncsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\WINDOWS\system32\IoctlSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Hewlett-Packard Company) C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Kerio Technologies Inc.) C:\Program Files\Kerio\VPN Client\kvpncgui.exe
(Tracker Software Products Ltd.) C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
() C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Documents and Settings\Iva\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [69632 2004-09-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [172032 2004-03-04] (HP)
HKLM\...\Run: [HP Component Manager] => C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [241664 2003-12-22] (Hewlett-Packard Company)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [49152 2004-02-18] (Hewlett-Packard Company)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [148888 2009-02-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [StatusClient 2.6] => C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe [61440 2004-02-27] (Hewlett-Packard)
HKLM\...\Run: [TomcatStartup 2.5] => C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe [188416 2004-05-20] (Hewlett-Packard)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Kerio VPN Client] => C:\Program Files\Kerio\VPN Client\kvpncgui.exe [5293928 2010-07-18] (Kerio Technologies Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [pdfSaver3] => [X]
HKU\S-1-5-21-1645522239-362288127-839522115-1004\...\Run: [pdfSaver3] => C:\Program Files\PDF\pdfSaver\pdfSaver3.exe [385024 2004-05-19] (Tracker Software Products Ltd.)
HKU\S-1-5-21-1645522239-362288127-839522115-1004\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-09-13] (Google Inc.)
HKU\S-1-5-21-1645522239-362288127-839522115-1004\...\Run: [Yahoo! Search] => C:\Documents and Settings\Iva\Data aplikací\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrlte.exe
HKU\S-1-5-21-1645522239-362288127-839522115-1004\...\MountPoints2: {7501c554-a4fa-11dd-9db7-0011098d298a} - E:\Web'n'walk_Helper.exe
Startup: C:\Documents and Settings\Iva\Nabídka Start\Programy\Po spuštění\SQLServer.lnk
ShortcutTarget: SQLServer.lnk -> C:\CENTURA\dbnt1sv.exe (Centura Software Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1645522239-362288127-839522115-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.seznam.cz/
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1645522239-362288127-839522115-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1645522239-362288127-839522115-1004 -> {22CC10DF-C285-4EC4-8769-CC9F481F7874} URL = http://slovnik.seznam.cz/?lg=cz_en&wd={ ... IElisticka
SearchScopes: HKU\S-1-5-21-1645522239-362288127-839522115-1004 -> {3EC4DBFF-46C7-4964-AB26-60E942F7387C} URL = http://encyklopedie.seznam.cz/search?s= ... IElisticka
SearchScopes: HKU\S-1-5-21-1645522239-362288127-839522115-1004 -> {400375A6-E7C5-4CF5-8CB4-F18257510E53} URL = http://zbozi.seznam.cz/?q={searchTerms} ... IElisticka
SearchScopes: HKU\S-1-5-21-1645522239-362288127-839522115-1004 -> {4921EDF0-1C7B-456E-8F03-FC43C10A97AF} URL = http://www.mapy.cz/?query={searchTerms} ... IElisticka
SearchScopes: HKU\S-1-5-21-1645522239-362288127-839522115-1004 -> {75C3F1D5-F961-47FC-9C9F-5E573C85DDA6} URL = http://slovnik.seznam.cz/?lg=en_cz&wd={ ... IElisticka
SearchScopes: HKU\S-1-5-21-1645522239-362288127-839522115-1004 -> {9BA58561-8738-48B3-838D-5115098764CE} URL = http://www.firmy.cz/phr/{searchTerms}?p ... IElisticka
SearchScopes: HKU\S-1-5-21-1645522239-362288127-839522115-1004 -> {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A} URL = http://search.seznam.cz/searchScreen?w= ... IElisticka
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: Lištička -> {EA837F48-5AD1-443E-AE34-FFE03CBF3099} -> C:\Program Files\Seznam.cz\listicka.dll ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1645522239-362288127-839522115-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-1645522239-362288127-839522115-1004 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/produ ... wsdc32.cab
DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} http://www.facebook.com/controls/contactx.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://sdlc-esd.sun.com/ESD7/JSCDL/jdk/ ... dl.sun.com
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 62.240.163.170 62.204.224.2

FireFox:
========
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-22]

Chrome:
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\25.0.1364.152\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\25.0.1364.152\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U12) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Documents and Settings\Iva\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Documents and Settings\Iva\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-13]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Iva\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-09-13]
CHR Extension: (Gmail) - C:\Documents and Settings\Iva\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-13]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 602SQLFS; C:\Program Files\Software602\602SQL11FS\602svc11fs.exe [2048000 2008-05-19] (Software602 a.s.) [File not signed]
R2 Apache2; C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe [20539 2007-01-09] (Apache Software Foundation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [152984 2009-02-18] (Sun Microsystems, Inc.)
R2 KVPNCSvc; C:\Program Files\Kerio\VPN Client\kvpncsvc.exe [1103720 2010-07-18] (Kerio Technologies Inc.)
R2 PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
S3 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [65536 2003-10-22] (HP) [File not signed]
S2 aswUpdSv; "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" [X]
S2 avast! Antivirus; "C:\Program Files\Alwil Software\Avast4\ashServ.exe" [X]
S3 avast! Mail Scanner; "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service [X]
S3 avast! Web Scanner; "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [2278784 2004-09-21] (Realtek Semiconductor Corp.)
R1 Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [52544 2008-10-20] (Identcode Ltd.) [File not signed]
R3 kvnet; C:\WINDOWS\System32\DRIVERS\kvnet.sys [30208 2010-07-15] (Kerio Technologies Inc.)
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [70144 2004-04-13] (Realtek Semiconductor Corporation )
S1 Aavmker4; No ImagePath
S2 ADILOADER; System32\Drivers\adildr.sys [X]
S3 adiusbaw; system32\DRIVERS\adiusbaw.sys [X]
S2 aswFsBlk; system32\DRIVERS\aswFsBlk.sys [X]
S2 aswMon2; No ImagePath
S3 aswRdr; No ImagePath
S1 aswSP; No ImagePath
S1 aswTdi; No ImagePath
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]
S3 MSICPL; \??\D:\install4\MSICPL.sys [X]
S3 NTACCESS; \??\D:\NTACCESS.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SetupNTGLM7X; \??\D:\NTGLM7X.sys [X]
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-18 18:14 - 2015-02-18 18:14 - 00015427 _____ () C:\Documents and Settings\Iva\Plocha\FRST.txt
2015-02-18 18:14 - 2015-02-18 18:14 - 00000000 ___DC () C:\FRST
2015-02-18 18:12 - 2015-02-18 18:12 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Iva\Plocha\FRSTLauncher.exe
2015-02-18 18:11 - 2015-02-18 18:12 - 01125888 _____ (Farbar) C:\Documents and Settings\Iva\Plocha\FRST.exe
2015-02-18 15:49 - 2015-02-18 18:14 - 00000000 ___DC () C:\Documents and Settings\Iva\Local Settings\Temp
2015-02-18 15:49 - 2015-02-18 15:36 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-02-18 15:39 - 2015-02-18 15:53 - 00006965 ____C () C:\zoek-results.log
2015-02-18 15:36 - 2015-02-18 15:47 - 00000000 ___DC () C:\zoek_backup
2015-02-18 15:35 - 2015-02-18 15:35 - 01304576 _____ () C:\Documents and Settings\Iva\Plocha\zoek.exe
2015-02-18 11:36 - 2015-02-18 11:42 - 00000000 ___DC () C:\AdwCleaner
2015-02-18 11:35 - 2015-02-18 11:29 - 02112512 _____ () C:\Documents and Settings\Iva\Dokumenty\adwcleaner_4.110.exe
2015-02-18 11:32 - 2015-02-18 11:32 - 00000000 __SHD () C:\WINDOWS\CSC
2015-02-18 09:55 - 2015-02-18 09:55 - 00000000 ___DC () C:\rsit
2015-02-18 09:55 - 2015-02-18 09:50 - 01107968 _____ () C:\Documents and Settings\Iva\Dokumenty\RSIT.exe
2015-02-18 09:52 - 2015-02-18 09:52 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021815-08.dmp
2015-02-18 09:45 - 2015-02-18 09:45 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021815-07.dmp
2015-02-18 09:41 - 2015-02-18 09:41 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021815-06.dmp
2015-02-18 09:33 - 2015-02-18 09:32 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021815-05.dmp
2015-02-18 09:10 - 2015-02-18 09:10 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021815-04.dmp
2015-02-18 09:08 - 2015-02-18 09:08 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021815-03.dmp
2015-02-18 08:55 - 2015-02-18 08:54 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021815-02.dmp
2015-02-18 08:48 - 2015-02-18 08:47 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021815-01.dmp
2015-02-17 19:55 - 2015-02-17 19:55 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-19.dmp
2015-02-17 19:53 - 2015-02-17 19:53 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-18.dmp
2015-02-17 18:43 - 2015-02-17 18:43 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-17.dmp
2015-02-17 18:42 - 2015-02-17 18:41 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-16.dmp
2015-02-17 18:40 - 2015-02-17 18:40 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-15.dmp
2015-02-17 17:11 - 2015-02-17 17:11 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-14.dmp
2015-02-17 17:10 - 2015-02-17 17:10 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-13.dmp
2015-02-17 17:08 - 2015-02-17 17:08 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-12.dmp
2015-02-17 17:06 - 2015-02-17 17:06 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-11.dmp
2015-02-17 17:04 - 2015-02-17 17:04 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-10.dmp
2015-02-17 17:03 - 2015-02-17 17:03 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-09.dmp
2015-02-17 17:01 - 2015-02-17 17:01 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-08.dmp
2015-02-17 16:59 - 2015-02-17 16:59 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-07.dmp
2015-02-17 16:57 - 2015-02-17 16:57 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-06.dmp
2015-02-17 16:56 - 2015-02-17 16:56 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-05.dmp
2015-02-17 16:53 - 2015-02-17 16:52 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-04.dmp
2015-02-17 16:51 - 2015-02-17 16:51 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-03.dmp
2015-02-17 16:50 - 2015-02-17 16:50 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-02.dmp
2015-02-17 16:35 - 2015-02-18 09:41 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-17 16:35 - 2015-02-17 16:35 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-18 18:14 - 2008-10-20 20:55 - 00000000 ____D () C:\Documents and Settings\Iva\Plocha
2015-02-18 18:13 - 2008-10-20 20:55 - 00000000 ___HD () C:\Documents and Settings\Iva\Local Settings\Data aplikací
2015-02-18 18:08 - 2012-09-13 21:07 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-18 17:24 - 2012-09-13 21:07 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-18 17:24 - 2008-10-02 08:09 - 00032616 _____ () C:\WINDOWS\SchedLgU.Txt
2015-02-18 15:54 - 2010-02-20 20:52 - 00004124 ____C () C:\statusclient.log
2015-02-18 15:54 - 2008-10-02 08:04 - 01389207 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-18 15:52 - 2014-03-30 17:19 - 00000218 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-02-18 15:52 - 2012-09-13 21:07 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-18 15:52 - 2010-05-16 18:45 - 00000460 _____ () C:\WINDOWS\Tasks\SDMsgUpdate (TE).job
2015-02-18 15:52 - 2009-04-25 18:55 - 00000260 _____ () C:\WINDOWS\Tasks\WGASetup.job
2015-02-18 15:52 - 2004-08-18 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-02-18 15:51 - 2008-10-02 08:09 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-18 15:50 - 2008-10-20 20:55 - 00000272 ___SH () C:\Documents and Settings\Iva\ntuser.ini
2015-02-18 15:47 - 2008-10-22 16:33 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2015-02-18 15:47 - 2008-10-02 09:54 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-02-18 11:51 - 2008-10-02 09:54 - 00719553 _____ () C:\WINDOWS\setupapi.log
2015-02-18 11:42 - 2008-10-20 20:55 - 00000000 ___RD () C:\Documents and Settings\Iva\Dokumenty
2015-02-18 09:31 - 2008-10-02 08:10 - 00000000 ____D () C:\Documents and Settings\Mirek\Local Settings\Temp
2015-02-18 09:30 - 2008-10-02 09:54 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2015-02-18 09:30 - 2008-10-02 08:10 - 00000178 ___SH () C:\Documents and Settings\Mirek\ntuser.ini
2015-02-18 09:30 - 2008-10-02 08:10 - 00000000 ____D () C:\Documents and Settings\Mirek\Plocha
2015-02-18 08:52 - 2008-10-02 09:54 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-02-18 08:52 - 2008-10-02 09:54 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-02-18 08:52 - 2008-10-02 08:05 - 00002546 _____ () C:\WINDOWS\system32\config.nt
2015-02-17 16:36 - 2004-08-18 13:00 - 00000705 _____ () C:\WINDOWS\win.ini
2015-02-10 17:35 - 2009-02-08 17:57 - 00001859 _____ () C:\Documents and Settings\All Users\Plocha\Money S3.lnk
2015-02-10 17:35 - 2008-11-26 19:16 - 00001864 _____ () C:\Documents and Settings\All Users\Plocha\S3 Kasa.lnk
2015-02-10 17:23 - 2014-03-30 17:19 - 00000212 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-02-08 11:00 - 2008-10-20 20:55 - 00000000 ____D () C:\Documents and Settings\Iva
2015-02-08 10:25 - 2012-09-13 21:09 - 00001813 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2015-02-05 21:08 - 2012-09-13 21:07 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-05 21:08 - 2012-09-13 21:07 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2009-05-24 09:57 - 2011-08-15 14:49 - 0005632 _____ () C:\Documents and Settings\Iva\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-11-25 18:14 - 2008-11-25 18:14 - 0000123 _____ () C:\Documents and Settings\Iva\Local Settings\Data aplikací\fusioncache.dat

Some content of TEMP:
====================
C:\Documents and Settings\Mirek\Local Settings\Temp\jre-6u17-windows-i586-iftw-rv.exe
C:\Documents and Settings\Mirek\Local Settings\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Documents and Settings\Mirek\Local Settings\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Documents and Settings\Mirek\Local Settings\Temp\jre-7u17-windows-i586-iftw.exe
C:\Documents and Settings\Mirek\Local Settings\Temp\jre-7u21-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:153.38 GB) (Free:125.48 GB) NTFS ==>[Drive with boot components (Windows XP)]

Available physical RAM: 502.6 MB
Total physical RAM: 1023.48 MB
Percentage of memory in use: 50%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 153.4 GB) (Disk ID: 23712370)
Partition 1: (Active) - (Size=153.4 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\SDMsgUpdate (TE).job => C:\PROGRA~1\SMARTD~1\Messages\SDNotify.exe
Task: C:\WINDOWS\Tasks\WGASetup.job => C:\WINDOWS\system32\KB905474\wgasetup.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================




===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Iva\Plocha" je 1286 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Hewlett-Packard\\Toolbox\\jre\\bin\\javaw.exe"="C:\\Program Files\\Hewlett-Packard\\Toolbox\\jre\\bin\\javaw.exe:*:Enabled:javaw"
"C:\\Program Files\\Apache Software Foundation\\Apache2.2\\bin\\httpd.exe"="C:\\Program Files\\Apache Software Foundation\\Apache2.2\\bin\\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\\Program Files\\IPClient\\IPClient.exe"="C:\\Program Files\\IPClient\\IPClient.exe:*:Enabled:IPClient"
"C:\\Program Files\\VideoViewer\\VideoViewer.exe"="C:\\Program Files\\VideoViewer\\VideoViewer.exe:*:Enabled:VideoViewer"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

[JaRon]

jednorazovo zaskocim:
Velikost slozky "C:\Documents and Settings\Iva\Plocha" je 1286 MB.
uprac aby to nebolo viac ako 300MB

[vyosek]

Je tam nejaky poskozeny Avast - odstrante zbytky pomoci jejich removeru https://www.avast.com/cs-cz/uninstall-utility a pak jej nainstalujte znovu

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [148888 2009-02-18] (Sun Microsystems, Inc.)
  HKLM\...\Run: [TomcatStartup 2.5] => C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe [188416 2004-05-20] (Hewlett-Packard)
  HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
  HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
  HKLM\...\Run: [Kerio VPN Client] => C:\Program Files\Kerio\VPN Client\kvpncgui.exe [5293928 2010-07-18] (Kerio Technologies Inc.)
  HKLM\...\Run: [] => [X]
  HKLM\...\Run: [pdfSaver3] => [X]
  HKU\S-1-5-21-1645522239-362288127-839522115-1004\...\Run: [pdfSaver3] => C:\Program Files\PDF\pdfSaver\pdfSaver3.exe [385024 2004-05-19] (Tracker Software Products Ltd.)
  HKU\S-1-5-21-1645522239-362288127-839522115-1004\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-09-13] (Google Inc.)
  HKU\S-1-5-21-1645522239-362288127-839522115-1004\...\Run: [Yahoo! Search] => C:\Documents and Settings\Iva\Data aplikací\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrlte.exe
  HKU\S-1-5-21-1645522239-362288127-839522115-1004\...\MountPoints2: {7501c554-a4fa-11dd-9db7-0011098d298a} - E:\Web'n'walk_Helper.exe
  
  HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  BHO: Lištička -> {EA837F48-5AD1-443E-AE34-FFE03CBF3099} -> C:\Program Files\Seznam.cz\listicka.dll ()
  
  S2 aswUpdSv; "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" [X]
  S2 avast! Antivirus; "C:\Program Files\Alwil Software\Avast4\ashServ.exe" [X]
  S3 avast! Mail Scanner; "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service [X]
  S3 avast! Web Scanner; "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service [X]
  S1 Aavmker4; No ImagePath
  S2 ADILOADER; System32\Drivers\adildr.sys [X]
  S3 adiusbaw; system32\DRIVERS\adiusbaw.sys [X]
  S2 aswFsBlk; system32\DRIVERS\aswFsBlk.sys [X]
  S2 aswMon2; No ImagePath
  S3 aswRdr; No ImagePath
  S1 aswSP; No ImagePath
  S1 aswTdi; No ImagePath
  S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]
  S3 MSICPL; \??\D:\install4\MSICPL.sys [X]
  S3 NTACCESS; \??\D:\NTACCESS.sys [X]
  S3 SetupNTGLM7X; \??\D:\NTGLM7X.sys [X]
  U1 WS2IFSL; No ImagePath
  
  C:\Documents and Settings\Iva\Data aplikací\Pay-By-Ads
  2015-02-18 18:14 - 2015-02-18 18:14 - 00015427 _____ () C:\Documents and Settings\Iva\Plocha\FRST.txt
  2015-02-18 18:12 - 2015-02-18 18:12 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Iva\Plocha\FRSTLauncher.exe
  2015-02-18 15:49 - 2015-02-18 15:36 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
  2015-02-18 15:39 - 2015-02-18 15:53 - 00006965 ____C () C:\zoek-results.log
  2015-02-18 15:36 - 2015-02-18 15:47 - 00000000 ___DC () C:\zoek_backup
  2015-02-18 15:35 - 2015-02-18 15:35 - 01304576 _____ () C:\Documents and Settings\Iva\Plocha\zoek.exe
  2015-02-18 11:36 - 2015-02-18 11:42 - 00000000 ___DC () C:\AdwCleaner
  2015-02-18 11:35 - 2015-02-18 11:29 - 02112512 _____ () C:\Documents and Settings\Iva\Dokumenty\adwcleaner_4.110.exe
  2015-02-18 09:55 - 2015-02-18 09:55 - 00000000 ___DC () C:\rsit
  2015-02-18 09:55 - 2015-02-18 09:50 - 01107968 _____ () C:\Documents and Settings\Iva\Dokumenty\RSIT.exe
  
  Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
  Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
  Task: C:\WINDOWS\Tasks\SDMsgUpdate (TE).job => C:\PROGRA~1\SMARTD~1\Messages\SDNotify.exe
  Task: C:\WINDOWS\Tasks\WGASetup.job => C:\WINDOWS\system32\KB905474\wgasetup.exe
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[funkymusic]

Tak tady to je:


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 18-02-2015 01
Ran by Iva at 2015-02-19 09:24:12 Run:2
Running from C:\Documents and Settings\Iva\Plocha
Loaded Profiles: Iva (Available profiles: Mirek & Iva)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [148888 2009-02-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [TomcatStartup 2.5] => C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe [188416 2004-05-20] (Hewlett-Packard)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Kerio VPN Client] => C:\Program Files\Kerio\VPN Client\kvpncgui.exe [5293928 2010-07-18] (Kerio Technologies Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [pdfSaver3] => [X]
HKU\S-1-5-21-1645522239-362288127-839522115-1004\...\Run: [pdfSaver3] => C:\Program Files\PDF\pdfSaver\pdfSaver3.exe [385024 2004-05-19] (Tracker Software Products Ltd.)
HKU\S-1-5-21-1645522239-362288127-839522115-1004\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-09-13] (Google Inc.)
HKU\S-1-5-21-1645522239-362288127-839522115-1004\...\Run: [Yahoo! Search] => C:\Documents and Settings\Iva\Data aplikací\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrlte.exe
HKU\S-1-5-21-1645522239-362288127-839522115-1004\...\MountPoints2: {7501c554-a4fa-11dd-9db7-0011098d298a} - E:\Web'n'walk_Helper.exe

HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lištička -> {EA837F48-5AD1-443E-AE34-FFE03CBF3099} -> C:\Program Files\Seznam.cz\listicka.dll ()

S2 aswUpdSv; "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" [X]
S2 avast! Antivirus; "C:\Program Files\Alwil Software\Avast4\ashServ.exe" [X]
S3 avast! Mail Scanner; "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service [X]
S3 avast! Web Scanner; "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service [X]
S1 Aavmker4; No ImagePath
S2 ADILOADER; System32\Drivers\adildr.sys [X]
S3 adiusbaw; system32\DRIVERS\adiusbaw.sys [X]
S2 aswFsBlk; system32\DRIVERS\aswFsBlk.sys [X]
S2 aswMon2; No ImagePath
S3 aswRdr; No ImagePath
S1 aswSP; No ImagePath
S1 aswTdi; No ImagePath
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]
S3 MSICPL; \??\D:\install4\MSICPL.sys [X]
S3 NTACCESS; \??\D:\NTACCESS.sys [X]
S3 SetupNTGLM7X; \??\D:\NTGLM7X.sys [X]
U1 WS2IFSL; No ImagePath

C:\Documents and Settings\Iva\Data aplikací\Pay-By-Ads
2015-02-18 18:14 - 2015-02-18 18:14 - 00015427 _____ () C:\Documents and Settings\Iva\Plocha\FRST.txt
2015-02-18 18:12 - 2015-02-18 18:12 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Iva\Plocha\FRSTLauncher.exe
2015-02-18 15:49 - 2015-02-18 15:36 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-02-18 15:39 - 2015-02-18 15:53 - 00006965 ____C () C:\zoek-results.log
2015-02-18 15:36 - 2015-02-18 15:47 - 00000000 ___DC () C:\zoek_backup
2015-02-18 15:35 - 2015-02-18 15:35 - 01304576 _____ () C:\Documents and Settings\Iva\Plocha\zoek.exe
2015-02-18 11:36 - 2015-02-18 11:42 - 00000000 ___DC () C:\AdwCleaner
2015-02-18 11:35 - 2015-02-18 11:29 - 02112512 _____ () C:\Documents and Settings\Iva\Dokumenty\adwcleaner_4.110.exe
2015-02-18 09:55 - 2015-02-18 09:55 - 00000000 ___DC () C:\rsit
2015-02-18 09:55 - 2015-02-18 09:50 - 01107968 _____ () C:\Documents and Settings\Iva\Dokumenty\RSIT.exe

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\SDMsgUpdate (TE).job => C:\PROGRA~1\SMARTD~1\Messages\SDNotify.exe
Task: C:\WINDOWS\Tasks\WGASetup.job => C:\WINDOWS\system32\KB905474\wgasetup.exe

Hosts:
EmptyTemp:
Reboot:
End


*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\TomcatStartup 2.5 => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Kerio VPN Client => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\pdfSaver3 => Value not found.
HKU\S-1-5-21-1645522239-362288127-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\pdfSaver3 => Value not found.
HKU\S-1-5-21-1645522239-362288127-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\swg => value deleted successfully.
HKU\S-1-5-21-1645522239-362288127-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Yahoo! Search => Value not found.
HKU\S-1-5-21-1645522239-362288127-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7501c554-a4fa-11dd-9db7-0011098d298a} => Key not found.
HKCR\CLSID\{7501c554-a4fa-11dd-9db7-0011098d298a} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099} => Key not found.
"HKCR\CLSID\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}" => Key deleted successfully.
aswUpdSv => Service deleted successfully.
avast! Antivirus => Service not found.
avast! Mail Scanner => Service deleted successfully.
avast! Web Scanner => Service deleted successfully.
Aavmker4 => Service not found.
ADILOADER => Service deleted successfully.
adiusbaw => Service deleted successfully.
aswFsBlk => Service not found.
aswMon2 => Service not found.
aswRdr => Service not found.
aswSP => Service not found.
aswTdi => Service not found.
GMSIPCI => Service deleted successfully.
MSICPL => Service deleted successfully.
NTACCESS => Service deleted successfully.
SetupNTGLM7X => Service deleted successfully.
WS2IFSL => Service deleted successfully.
"C:\Documents and Settings\Iva\Data aplikací\Pay-By-Ads" => File/Directory not found.
C:\Documents and Settings\Iva\Plocha\FRST.txt => Moved successfully.
"C:\Documents and Settings\Iva\Plocha\FRSTLauncher.exe" => File/Directory not found.
C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Documents and Settings\Iva\Plocha\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Documents and Settings\Iva\Dokumenty\adwcleaner_4.110.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Documents and Settings\Iva\Dokumenty\RSIT.exe => Moved successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => Moved successfully.
C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => Moved successfully.
C:\WINDOWS\Tasks\SDMsgUpdate (TE).job => Moved successfully.
C:\WINDOWS\Tasks\WGASetup.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 970.1 MB temporary data.


The system needed a reboot.

==== End of Fixlog 09:25:20 ====

[vyosek]

Jak se chova PC??

[funkymusic]

Vzhledem k svému stáří normálně.

[vyosek]

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

[funkymusic]

Skvělá práce, díky moc.

[vyosek]

Nemate zac, rad jsem pomohl Zase nekdy


A na zaklade Pravidla o zamykani temat