zpomalený, blue screen, sekání, padá internetové připojení

Zpráva

hagal · #1 Příspěvek od **hagal** » 28 zář 2015 13:30

Dobrý den, prosím o pomoc s notebookem. Celkově je zpomalený, padá mi internetové připojení jak přes wifi tak i přes kabel (na jiných počítačích je připojení stabilní), občas se nechce vypnout, zobrazí se akorát obrazovka "vypínání", ale takhle zůstane klidně hodiny, při instalaci aktualizací se zobrazila blue screen. Mám trochu i podezření, jestli to vypínání a blue screen nezpůsobuje Avast, hodně těchto problému se začlo projevovat až po instalaci poslední aktualizace. Při pokusu Avast odinstalovat se opět objevil blue screen a odinstalace se nezdařila. Generování přiloženého logu trvalo skoro 10 minut.

Díky za pomoc

Logfile of random's system information tool 1.10 (written by random/random)
Run by John at 2015-09-28 13:24:58
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 107 GB (36%) free of 295 GB
Total RAM: 2046 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:25:10, on 28.9.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16696)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\OEM13Mon.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\TP-LINK\USB Printer Controller\USB Printer Controller.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Spybot2\TeaTimer.exe
C:\Program Files\Seznam.cz\bin\postak.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_18_0_0_232_ActiveX.exe
C:\Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LOLPKDDN\RSIT.exe
C:\Program Files\trend micro\John.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\listicka.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [OEM13Mon.exe] C:\Windows\OEM13Mon.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TP-LINK USB Printer Controller] C:\Program Files\TP-LINK\USB Printer Controller\USB Printer Controller.exe -mini
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot2\TeaTimer.exe
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2740727072-2080102920-725536451-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - https://download.seznam.cz/listicka/toolbar2007.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bluetooth Feature Support (BthFilterHelper) - CSR, plc - C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe
O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: O2 Internet. OUC (O2 Internet. RunOuc) - Unknown owner - C:\Program Files\O2 Internet\UpdateDog\ouc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot2\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 9082 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-29 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-29 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\bin\listicka.dll [2011-12-12 1508896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll [2011-12-12 188960]
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2008-02-22 159744]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-02-22 4907008]
"OEM13Mon.exe"=C:\Windows\OEM13Mon.exe [2008-07-17 36864]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-07-03 3563520]
"DELL Webcam Manager"=C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [2007-07-27 118784]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-09-21 6134544]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-08-04 597552]
"TP-LINK USB Printer Controller"=C:\Program Files\TP-LINK\USB Printer Controller\USB Printer Controller.exe [2014-06-19 4265984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"SpybotSD TeaTimer"=C:\Program Files\Spybot2\TeaTimer.exe [2009-03-05 2260480]
"Seznam Postak"=C:\Program Files\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-08-07 53735968]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files\Samsung\Kies\Kies.exe [2013-05-23 1561968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-05-23 311152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMail]
C:\Program Files\Seznam\Postak\Postak.exe [2008-02-21 453936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^counter_widget.lnk]
C:\Program Files\counter_widget\counter_widget.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.sl_anet"=sl_anet.acm
"msacm.divxa32"=DivXa32.acm
"msacm.vorbis"=vorbis.acm
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.wmv3"=wmv9vcm.dll
"msacm.ac3filter"=ac3filter.acm
"vidc.divx"=divx.dll
"vidc.yv12"=divx.dll
"vidc.vp60"=vp6vfw.dll
"vidc.vp61"=vp6vfw.dll
"vidc.vp62"=vp6vfw.dll
"vidc.hfyu"=huffyuv.dll
"msacm.at3"=atrac3.acm
"msacm.lameacm"=LameACM.acm
"VIDC.FMVC"=fmcodec.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-09-28 13:24:58 ----D---- C:\rsit
2015-09-28 13:24:58 ----D---- C:\Program Files\trend micro
2015-09-23 16:46:02 ----D---- C:\snapshots
2015-09-21 20:24:24 ----A---- C:\Windows\system32\aswBoot.exe
2015-09-21 20:23:42 ----A---- C:\Windows\avastSS.scr
2015-09-14 17:21:18 ----A---- C:\Windows\system32\drivers\tplinkUDSTcpBus.sys
2015-09-14 17:21:18 ----A---- C:\Windows\system32\drivers\tplinkUDSMBus.sys
2015-09-14 17:20:26 ----D---- C:\Program Files\TP-LINK
2015-09-13 01:19:27 ----A---- C:\Windows\system32\drivers\srvnet.sys
2015-09-13 01:19:27 ----A---- C:\Windows\system32\drivers\srv.sys
2015-09-13 01:18:52 ----A---- C:\Windows\system32\msxml6.dll
2015-09-13 01:18:52 ----A---- C:\Windows\system32\msxml3.dll
2015-09-13 01:15:18 ----A---- C:\Windows\system32\tzres.dll
2015-09-13 01:14:10 ----A---- C:\Windows\system32\win32k.sys
2015-09-13 01:14:10 ----A---- C:\Windows\system32\atmlib.dll
2015-09-13 01:14:10 ----A---- C:\Windows\system32\atmfd.dll
2015-09-13 01:12:30 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-13 00:31:18 ----D---- C:\Windows\pss
2015-09-09 20:15:33 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 20:15:33 ----A---- C:\Windows\system32\msfeedssync.exe
2015-09-09 20:15:33 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-09-09 20:15:32 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 20:15:32 ----A---- C:\Windows\system32\url.dll
2015-09-09 20:15:32 ----A---- C:\Windows\system32\mshta.exe
2015-09-09 20:15:32 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 20:15:32 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 20:15:32 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 20:15:31 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 20:15:31 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 20:15:31 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 20:15:29 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 20:15:29 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 20:15:28 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 20:15:27 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 20:15:27 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 20:15:25 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 20:15:25 ----A---- C:\Windows\system32\ieframe.dll
2015-09-02 19:50:37 ----D---- C:\Program Files\Common Files\Skype
2015-09-02 19:50:34 ----RD---- C:\Program Files\Skype
2015-08-29 23:40:31 ----D---- C:\Program Files\Common Files\Java
2015-08-29 23:40:12 ----D---- C:\Users\John\AppData\Roaming\Sun

======List of files/folders modified in the last 1 month======

2015-09-28 13:25:09 ----D---- C:\Windows\Prefetch
2015-09-28 13:25:02 ----D---- C:\Windows\Temp
2015-09-28 13:24:58 ----D---- C:\Program Files
2015-09-28 13:24:11 ----D---- C:\Users\John\AppData\Roaming\Skype
2015-09-28 13:16:19 ----D---- C:\Windows\system32\Tasks
2015-09-28 13:15:29 ----D---- C:\Windows\Minidump
2015-09-28 13:15:29 ----D---- C:\Windows
2015-09-28 13:15:29 ----D---- C:\ProgramData\NVIDIA
2015-09-28 13:15:20 ----D---- C:\Windows\system32\drivers
2015-09-28 13:13:34 ----SHD---- C:\System Volume Information
2015-09-28 13:13:23 ----SD---- C:\Windows\system32\Microsoft
2015-09-23 16:45:58 ----D---- C:\Windows\system32\vbox
2015-09-21 20:28:24 ----D---- C:\Windows\System32
2015-09-21 20:28:24 ----D---- C:\Windows\inf
2015-09-21 20:28:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-17 20:27:39 ----D---- C:\Windows\system32\spool
2015-09-14 17:22:42 ----SHD---- C:\Windows\Installer
2015-09-14 17:21:58 ----D---- C:\Windows\system32\catroot
2015-09-13 12:14:12 ----D---- C:\Windows\Microsoft.NET
2015-09-13 11:22:57 ----D---- C:\Windows\rescache
2015-09-13 11:20:24 ----D---- C:\Windows\winsxs
2015-09-13 10:53:01 ----D---- C:\Windows\system32\cs-CZ
2015-09-13 10:53:00 ----D---- C:\Program Files\Windows Journal
2015-09-13 10:52:58 ----D---- C:\Windows\system32\migration
2015-09-13 10:52:58 ----D---- C:\Windows\PolicyDefinitions
2015-09-13 10:52:57 ----D---- C:\Program Files\Internet Explorer
2015-09-13 01:19:00 ----D---- C:\Windows\system32\catroot2
2015-09-13 01:18:39 ----D---- C:\ProgramData\Microsoft Help
2015-09-13 01:10:02 ----D---- C:\Windows\system32\MRT
2015-09-13 01:06:53 ----RSD---- C:\Windows\assembly
2015-09-13 01:00:22 ----D---- C:\Windows\ehome
2015-09-13 00:37:21 ----D---- C:\Instalačky
2015-09-02 19:50:59 ----D---- C:\ProgramData\Skype
2015-09-02 19:50:37 ----D---- C:\Program Files\Common Files
2015-08-29 23:41:23 ----D---- C:\ProgramData\Oracle
2015-08-29 23:41:07 ----D---- C:\Program Files\Java
2015-08-29 23:39:01 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2015-08-29 22:49:18 ----D---- C:\Windows\Tasks
2015-08-29 22:49:16 ----A---- C:\Windows\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2008-03-18 305176]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [2015-09-21 220752]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-02-22 155136]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2008-07-03 18424]
R3 BCM43XX;Ovladač bezdrátové karty Dell WLAN; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-07-03 1207288]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BTHFILT;Bluetooth Command Filter; C:\Windows\system32\DRIVERS\BthFilt.sys [2007-05-05 13824]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-08-20 76544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-02-22 2054872]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-03-01 10819392]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-02-22 48472]
R3 O2SDRDR;O2SDRDR; C:\Windows\system32\DRIVERS\o2sd.sys [2008-02-22 43480]
R3 OEM13Vfx;Creative Camera OEM013 Video VFX Driver; C:\Windows\system32\DRIVERS\OEM13Vfx.sys [2008-07-17 7424]
R3 OEM13Vid;Creative Camera OEM013 Driver; C:\Windows\system32\DRIVERS\OEM13Vid.sys [2008-07-17 235840]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-22 106496]
R3 TPLINKUDSMBus;TPLINKUDSMBus; C:\Windows\system32\drivers\TplinkUDSMBus.sys [2014-05-22 116224]
R3 tplinkUDSTcpBus;TPLINKUDSTcpBus; C:\Windows\system32\drivers\tplinkUDSTcpBus.sys [2014-05-22 180608]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 BthAudioHF;BthAudioHF Service; C:\Windows\system32\DRIVERS\BthAudioHF.sys [2007-05-05 29184]
S3 bthav;Bluetooth AV Profile; C:\Windows\system32\drivers\bthav.sys [2007-05-05 36352]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHprint;Třída tiskárny protokolu Bluetooth (Microsoft); C:\Windows\system32\DRIVERS\bthprint.sys [2009-04-11 29696]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-05-02 83864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-10-30 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-08-20 96000]
S3 huawei_cdcecm;huawei_cdcecm; C:\Windows\system32\DRIVERS\ew_jucdcecm.sys [2012-10-29 70272]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-08-20 27520]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2008-03-29 21248]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2008-03-29 20096]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-05-02 181912]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-03 65640]
R2 AERTFilters;Andrea RT Filters Service; C:\Windows\system32\AERTSrv.exe [2008-02-22 77824]
R2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
R2 BthFilterHelper;Bluetooth Feature Support; C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe [2006-11-07 127488]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HFGService;Handsfree Headset Service; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HWDeviceService.exe;HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [2011-03-14 271712]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-29 645440]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot2\SDWinSec.exe [2009-01-26 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-07-03 24064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 O2 Internet. RunOuc;O2 Internet. OUC; C:\Program Files\O2 Internet\UpdateDog\ouc.exe [2012-11-12 657504]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-10-20 85096]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [2015-09-21 3219136]
S3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 28 zář 2015 16:47

Zdravim

Odinstalujte Spybota, program je zastaraly.

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Kouknete do slozky C:\Windows\Minidump . Pokud v ni budou nejake soubory, uplodnete je treba na leteckou postu http://leteckaposta.cz/ a sem dejte odkaz na stazeni.

hagal · #3 Příspěvek od **hagal** » 28 zář 2015 20:05

Ve složce minidump je 5 souborů, nejdou mi ale nikam nahrát ani zabalit, protože nemám oprávnění vlastníka nebo správce a nevím, jak to překonat.

# AdwCleaner v5.009 - Logfile created 28/09/2015 at 20:50:56
# Updated 27/09/2015 by Xplode
# Database : 2015-09-27.1 [Server]
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Username : John - JOHN-PC
# Running from : C:\Users\John\Desktop\adwcleaner_5.009.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\abc
[-] Folder Deleted : C:\Program Files\myfree codec
[-] Folder Deleted : C:\ProgramData\Ask
[-] Folder Deleted : C:\ProgramData\DatacardService
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\abc
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Folder Deleted : C:\Users\John\AppData\Roaming\pdfforge
[-] Folder Deleted : C:\Windows\system32\C2MP

***** [ Files ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : IHUninstallTrackingTASK

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\YahooPartnerToolbar
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Web browsers ] *****

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3151 bytes] ##########

#4 Příspěvek od **Márty84** » 28 zář 2015 20:32

hagal píše:Ve složce minidump je 5 souborů, nejdou mi ale nikam nahrát ani zabalit, protože nemám oprávnění vlastníka nebo správce a nevím, jak to překonat.

Zkuste je zkopirovat treba na plochu a poslat je z plochy.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

hagal · #5 Příspěvek od **hagal** » 29 zář 2015 19:53

Soubor je uložen zde včetně souborů ze složky minidump
http://leteckaposta.cz/804349436

#6 Příspěvek od **Márty84** » 29 zář 2015 20:01

Vsechny nalezy nechte odstranit. Pak muzete MBAM odinstalovat.

Avast opravdu pad zpusobil. Zkuste jej preinstalovat.

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

hagal · #7 Příspěvek od **hagal** » 29 zář 2015 20:43

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows Vista Home Premium Edition SP2 [6.0 Build 6002] (x86)
Date : 2015/09/29 21:42:50

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH8M Ultra ATA Storage Controllers - 2850 [ATA]
+ Kanál IDE (0)
- Optiarc DVD+-RW AD-7640A ATA Device
- Kanál IDE (1)
+ Intel(R) 82801HEM/HBM SATA AHCI Controller [ATA]
- WDC WD3200BEVT-75ZCT1
- O2Micro Integrated MMC/SD controller [SCSI]
- O2Micro Integrated MS/xD Controller [SCSI]
- Iniciátor iSCSI společnosti Microsoft [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BEVT-75ZCT1 : 320,0 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) WDC WD3200BEVT-75ZCT1
----------------------------------------------------------------------------
Model : WDC WD3200BEVT-75ZCT1
Firmware : 11.01A11
Serial Number : WD-WXE808KE2274
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 4841 hod.
Power On Count : 1987 krát
Temparature : 42 C (107 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 192 184 _21 00000000056F Čas na roztočení ploten
04 _98 _98 __0 0000000009B7 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _94 _94 __0 0000000012E9 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 0000000007C3 Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000002B Počet vypnutí disku
C1 181 181 __0 00000000E5BD Počet cyklů načítání/vymazání
C2 105 _87 __0 00000000002A Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000002 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
F0 _94 _94 __0 0000000011FC Čas nastavování hlaviček - v hodinách
F1 _75 _75 __0 729213F481B0 Total LBAs Written
F2 200 200 __0 0004E0054E65 Total LBAs Read

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 3038 3038 4B45 3232 3734
020: 0000 4000 0032 3131 2E30 3131 3131 5744 4320 5744
030: 3332 3030 4245 5654 2D37 4354 4354 3120 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0706 0706 0000 004C 004C
080: 01FE 0000 746B 7F09 6163 BC09 BC09 6163 407F 0037
090: 0037 0080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 01E2 AE86 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 169E 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 303F 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 05A5

#8 Příspěvek od **Márty84** » 30 zář 2015 12:37

Dejte novy log z RSIT

a k tomu

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

hagal · #9 Příspěvek od **hagal** » 30 zář 2015 15:55

při spuštění FRSTLauncher se mi objeví hláška, že se nejedná o platnou aplikaci Win32. Systém mám 32-bitový, FRST jsem stáhnul pro tuto verzi, u Launcheru není volby z odkazu, v čem je problém?

log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by John at 2015-09-30 16:26:01
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 109 GB (37%) free of 295 GB
Total RAM: 2046 MB (10% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:32:13, on 30.9.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16696)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\OEM13Mon.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Seznam.cz\bin\postak.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_18_0_0_232_ActiveX.exe
C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
C:\Users\John\Desktop\RSIT.exe
C:\Program Files\trend micro\John.exe
C:\Windows\System32\wermgr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\listicka.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [OEM13Mon.exe] C:\Windows\OEM13Mon.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TP-LINK USB Printer Controller] C:\Program Files\TP-LINK\USB Printer Controller\USB Printer Controller.exe -mini
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2740727072-2080102920-725536451-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - https://download.seznam.cz/listicka/toolbar2007.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bluetooth Feature Support (BthFilterHelper) - CSR, plc - C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe
O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe (file missing)
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: O2 Internet. OUC (O2 Internet. RunOuc) - Unknown owner - C:\Program Files\O2 Internet\UpdateDog\ouc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 8658 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-29 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-09-21 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-29 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\bin\listicka.dll [2011-12-12 1508896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll [2011-12-12 188960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2008-02-22 159744]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-02-22 4907008]
"OEM13Mon.exe"=C:\Windows\OEM13Mon.exe [2008-07-17 36864]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-07-03 3563520]
"DELL Webcam Manager"=C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [2007-07-27 118784]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-09-21 6134544]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-08-04 597552]
"TP-LINK USB Printer Controller"=C:\Program Files\TP-LINK\USB Printer Controller\USB Printer Controller.exe [2014-06-19 4265984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Seznam Postak"=C:\Program Files\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-08-07 53735968]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files\Samsung\Kies\Kies.exe [2013-05-23 1561968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-05-23 311152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMail]
C:\Program Files\Seznam\Postak\Postak.exe [2008-02-21 453936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^counter_widget.lnk]
C:\Program Files\counter_widget\counter_widget.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.sl_anet"=sl_anet.acm
"msacm.divxa32"=DivXa32.acm
"msacm.vorbis"=vorbis.acm
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.wmv3"=wmv9vcm.dll
"msacm.ac3filter"=ac3filter.acm
"vidc.divx"=divx.dll
"vidc.yv12"=divx.dll
"vidc.vp60"=vp6vfw.dll
"vidc.vp61"=vp6vfw.dll
"vidc.vp62"=vp6vfw.dll
"vidc.hfyu"=huffyuv.dll
"msacm.at3"=atrac3.acm
"msacm.lameacm"=LameACM.acm
"VIDC.FMVC"=fmcodec.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-09-29 17:13:06 ----D---- C:\ProgramData\Malwarebytes
2015-09-28 21:10:43 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-09-28 21:10:43 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2015-09-28 21:10:43 ----A---- C:\Windows\system32\drivers\aswStmXP.sys
2015-09-28 21:10:43 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-09-28 21:10:42 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-09-28 21:10:42 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-09-28 21:10:42 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2015-09-28 21:10:42 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-09-28 21:10:42 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-09-28 21:10:41 ----A---- C:\Windows\system32\drivers\ngvss.sys
2015-09-28 21:10:34 ----A---- C:\Windows\system32\aswBoot.exe
2015-09-28 20:49:32 ----D---- C:\AdwCleaner
2015-09-28 13:24:58 ----D---- C:\rsit
2015-09-28 13:24:58 ----D---- C:\Program Files\trend micro
2015-09-23 16:46:02 ----D---- C:\snapshots
2015-09-21 20:23:42 ----A---- C:\Windows\avastSS.scr
2015-09-14 17:21:18 ----A---- C:\Windows\system32\drivers\tplinkUDSTcpBus.sys
2015-09-14 17:21:18 ----A---- C:\Windows\system32\drivers\tplinkUDSMBus.sys
2015-09-14 17:20:26 ----D---- C:\Program Files\TP-LINK
2015-09-13 01:19:27 ----A---- C:\Windows\system32\drivers\srvnet.sys
2015-09-13 01:19:27 ----A---- C:\Windows\system32\drivers\srv.sys
2015-09-13 01:18:52 ----A---- C:\Windows\system32\msxml6.dll
2015-09-13 01:18:52 ----A---- C:\Windows\system32\msxml3.dll
2015-09-13 01:15:18 ----A---- C:\Windows\system32\tzres.dll
2015-09-13 01:14:10 ----A---- C:\Windows\system32\win32k.sys
2015-09-13 01:14:10 ----A---- C:\Windows\system32\atmlib.dll
2015-09-13 01:14:10 ----A---- C:\Windows\system32\atmfd.dll
2015-09-13 01:12:30 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-13 00:31:18 ----D---- C:\Windows\pss
2015-09-09 20:15:33 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 20:15:33 ----A---- C:\Windows\system32\msfeedssync.exe
2015-09-09 20:15:33 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-09-09 20:15:32 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 20:15:32 ----A---- C:\Windows\system32\url.dll
2015-09-09 20:15:32 ----A---- C:\Windows\system32\mshta.exe
2015-09-09 20:15:32 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 20:15:32 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 20:15:32 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 20:15:31 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 20:15:31 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 20:15:31 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 20:15:29 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 20:15:29 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 20:15:28 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 20:15:27 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 20:15:27 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 20:15:25 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 20:15:25 ----A---- C:\Windows\system32\ieframe.dll
2015-09-02 19:50:37 ----D---- C:\Program Files\Common Files\Skype
2015-09-02 19:50:34 ----RD---- C:\Program Files\Skype

======List of files/folders modified in the last 1 month======

2015-09-30 16:25:55 ----D---- C:\Windows\Temp
2015-09-30 16:25:32 ----D---- C:\Users\John\AppData\Roaming\Skype
2015-09-30 16:17:47 ----D---- C:\Windows\system32\Tasks
2015-09-30 16:17:16 ----D---- C:\ProgramData\NVIDIA
2015-09-29 21:55:45 ----D---- C:\Windows\System32
2015-09-29 21:55:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-29 21:55:41 ----D---- C:\Windows\inf
2015-09-29 21:28:49 ----D---- C:\Windows\system32\drivers
2015-09-29 21:28:49 ----D---- C:\Program Files
2015-09-29 20:27:49 ----D---- C:\Windows\Minidump
2015-09-29 17:13:06 ----HD---- C:\ProgramData
2015-09-28 21:33:39 ----D---- C:\Windows\system32\catroot
2015-09-28 21:23:28 ----SHD---- C:\Windows\Installer
2015-09-28 21:23:23 ----SD---- C:\ProgramData\Microsoft
2015-09-28 21:23:23 ----D---- C:\Program Files\Microsoft
2015-09-28 21:21:01 ----SHD---- C:\System Volume Information
2015-09-28 21:18:32 ----DC---- C:\Windows\system32\DRVSTORE
2015-09-28 21:18:30 ----D---- C:\Windows\system32\drivers\UMDF
2015-09-28 21:16:23 ----D---- C:\Program Files\Nokia
2015-09-28 21:16:22 ----D---- C:\ProgramData\Nokia
2015-09-28 21:16:20 ----D---- C:\Program Files\Common Files\Nokia
2015-09-28 21:15:43 ----D---- C:\Users\John\AppData\Roaming\Nokia Suite
2015-09-28 21:15:43 ----D---- C:\Users\John\AppData\Roaming\Nokia
2015-09-28 21:14:33 ----D---- C:\Windows\system32\catroot2
2015-09-28 21:10:27 ----D---- C:\Windows
2015-09-28 21:02:09 ----D---- C:\Windows\Prefetch
2015-09-28 20:39:19 ----D---- C:\Program Files\Spybot
2015-09-28 20:39:00 ----D---- C:\Program Files\Spybot2
2015-09-28 20:38:59 ----D---- C:\ProgramData\Spybot - Search & Destroy
2015-09-28 13:13:23 ----SD---- C:\Windows\system32\Microsoft
2015-09-23 16:45:58 ----D---- C:\Windows\system32\vbox
2015-09-17 20:27:39 ----D---- C:\Windows\system32\spool
2015-09-13 12:14:12 ----D---- C:\Windows\Microsoft.NET
2015-09-13 11:22:57 ----D---- C:\Windows\rescache
2015-09-13 11:20:24 ----D---- C:\Windows\winsxs
2015-09-13 10:53:01 ----D---- C:\Windows\system32\cs-CZ
2015-09-13 10:53:00 ----D---- C:\Program Files\Windows Journal
2015-09-13 10:52:58 ----D---- C:\Windows\system32\migration
2015-09-13 10:52:58 ----D---- C:\Windows\PolicyDefinitions
2015-09-13 10:52:57 ----D---- C:\Program Files\Internet Explorer
2015-09-13 01:18:39 ----D---- C:\ProgramData\Microsoft Help
2015-09-13 01:10:02 ----D---- C:\Windows\system32\MRT
2015-09-13 01:06:53 ----RSD---- C:\Windows\assembly
2015-09-13 01:00:22 ----D---- C:\Windows\ehome
2015-09-13 00:37:21 ----D---- C:\Instalačky
2015-09-02 19:50:59 ----D---- C:\ProgramData\Skype
2015-09-02 19:50:37 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-21 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-21 208664]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2008-03-18 305176]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-09-21 107984]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-09-21 55200]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-21 789296]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-21 434184]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-21 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-21 76000]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [2015-09-21 220752]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-02-22 155136]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2015-09-21 157888]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2008-07-03 18424]
R3 BCM43XX;Ovladač bezdrátové karty Dell WLAN; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-07-03 1207288]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BTHFILT;Bluetooth Command Filter; C:\Windows\system32\DRIVERS\BthFilt.sys [2007-05-05 13824]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-08-20 76544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-02-22 2054872]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-03-01 10819392]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-02-22 48472]
R3 O2SDRDR;O2SDRDR; C:\Windows\system32\DRIVERS\o2sd.sys [2008-02-22 43480]
R3 OEM13Vfx;Creative Camera OEM013 Video VFX Driver; C:\Windows\system32\DRIVERS\OEM13Vfx.sys [2008-07-17 7424]
R3 OEM13Vid;Creative Camera OEM013 Driver; C:\Windows\system32\DRIVERS\OEM13Vid.sys [2008-07-17 235840]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-22 106496]
R3 TPLINKUDSMBus;TPLINKUDSMBus; C:\Windows\system32\drivers\TplinkUDSMBus.sys [2014-05-22 116224]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-09-21 57888]
S3 BthAudioHF;BthAudioHF Service; C:\Windows\system32\DRIVERS\BthAudioHF.sys [2007-05-05 29184]
S3 bthav;Bluetooth AV Profile; C:\Windows\system32\drivers\bthav.sys [2007-05-05 36352]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHprint;Třída tiskárny protokolu Bluetooth (Microsoft); C:\Windows\system32\DRIVERS\bthprint.sys [2009-04-11 29696]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-05-02 83864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-10-30 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-08-20 96000]
S3 huawei_cdcecm;huawei_cdcecm; C:\Windows\system32\DRIVERS\ew_jucdcecm.sys [2012-10-29 70272]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-08-20 27520]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2008-03-29 21248]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2008-03-29 20096]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-05-02 181912]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
S3 tplinkUDSTcpBus;TPLINKUDSTcpBus; C:\Windows\system32\drivers\tplinkUDSTcpBus.sys [2014-05-22 180608]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-03 65640]
R2 AERTFilters;Andrea RT Filters Service; C:\Windows\system32\AERTSrv.exe [2008-02-22 77824]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-09-21 146600]
R2 BthFilterHelper;Bluetooth Feature Support; C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe [2006-11-07 127488]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HFGService;Handsfree Headset Service; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-29 645440]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-07-03 24064]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [2015-09-21 3219136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 HWDeviceService.exe;HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe -/service []
S2 O2 Internet. RunOuc;O2 Internet. OUC; C:\Program Files\O2 Internet\UpdateDog\ouc.exe [2012-11-12 657504]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-10-20 85096]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#10 Příspěvek od **Márty84** » 01 říj 2015 19:46

Dejte log ze samotneho FRST, bez pouziti Launcheru.

hagal · #11 Příspěvek od **hagal** » 02 říj 2015 15:20

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-09-2015
Ran by John (administrator) on JOHN-PC (02-10-2015 16:13:28)
Running from C:\Users\John\Desktop
Loaded Profiles: John & UpdatusUser (Available Profiles: John & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\AERTSrv.exe
(CSR, plc) C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
() C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Creative Technology Ltd.) C:\Windows\OEM13Mon.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Creative Technology Ltd.) C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Avast Software) C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files\Seznam.cz\bin\postak.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TP-LINK) C:\Program Files\TP-LINK\USB Printer Controller\USB Printer Controller.exe
(Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_18_0_0_232_ActiveX.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [159744 2008-02-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4907008 2008-02-22] (Realtek Semiconductor)
HKLM\...\Run: [OEM13Mon.exe] => C:\Windows\OEM13Mon.exe [36864 2008-07-17] (Creative Technology Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2008-07-03] (Dell Inc.)
HKLM\...\Run: [DELL Webcam Manager] => C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [118784 2007-07-27] (Creative Technology Ltd.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [6134544 2015-09-21] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Run: [TP-LINK USB Printer Controller] => C:\Program Files\TP-LINK\USB Printer Controller\USB Printer Controller.exe [4265984 2014-06-19] (TP-LINK)
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\...\Run: [Seznam Postak] => C:\Program Files\Seznam.cz\bin\postak.exe [491040 2012-01-10] ()
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53735968 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\...\MountPoints2: {121303ed-66df-11e5-93bb-c6d1762f3f35} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\...\MountPoints2: {12ec78ef-e459-11e3-aab7-ccb3620b5098} - H:\AutoRun.exe
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\...\MountPoints2: {4fffd1b2-99cf-11dd-a2cd-001c2358e319} - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\dir32.exe
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\...\MountPoints2: {59cb4805-6e94-11e3-9e32-d16a2ce0d13e} - G:\AutoRun.exe
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\...\MountPoints2: {a2458a33-28d2-11e3-b7d6-e0533f81e526} - F:\AutoRun.exe
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\...\MountPoints2: {a2458a3e-28d2-11e3-b7d6-f0bd28a16257} - G:\AutoRun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2015-09-21] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-03] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-03] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk [2008-09-18]
ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1D651EE7-24A3-4351-9694-4A78BDB7058E}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{246B89A4-9736-48BE-84AB-23B4840AB4CE}: [DhcpNameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{9EC12395-9D94-46D2-A655-71B02EE5DA8E}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{BC6E1306-1DAE-4C59-B20D-7855B1B55EFF}: [DhcpNameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{E7951E5B-7A6D-4931-9481-785EC0F7BF7E}: [DhcpNameServer] 160.218.161.60 194.228.211.33

Internet Explorer:
==================
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> DefaultScope {0D0E0895-8BE8-4DF0-ACA2-D2EF892012D9} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... FA_csCZ469
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {056E7B31-08BE-4A67-A882-29DA993B9026} URL = hxxp://slovnik.seznam.cz/?lg=cz_en&wd={searchTerms}&sourceid=SearchBox
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {0D0E0895-8BE8-4DF0-ACA2-D2EF892012D9} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... FA_csCZ469
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {0DD7FF3E-49D2-439D-8438-0CE800AA68B1} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=SearchBox
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {38e0850d-64b4-4845-bc68-51a177591474} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {51ab35b2-57fe-46e1-a199-549280b05a26} URL = hxxp://www.firmy.cz/phr/{searchTerms}?sourceid=QuickSearch_12
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {703885d6-51b5-4a9d-9751-59cc440c1826} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... kSearch_12
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {98674DCB-D91A-49EB-86CF-240D2EB669C2} URL = hxxp://cs.wikipedia.org/w/index.php?title=Speci%C3%A1ln%C3%AD:Search&search={searchTerms}
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {d2dc1ff3-f7ad-494a-aca8-6fe35170f586} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... kSearch_12
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-29] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-09-21] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-29] (Oracle Corporation)
BHO: Lištička -> {EA837F48-5AD1-443E-AE34-FFE03CBF3099} -> C:\Program Files\Seznam.cz\bin\listicka.dll [2011-12-12] ()
Toolbar: HKLM - Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll [2011-12-12] ()
Toolbar: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> Nástroje Lištičky - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - C:\Program Files\Seznam.cz\bin\listicka.dll [2011-12-12] ()
Toolbar: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/s ... ab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} hxxps://download.seznam.cz/listicka/toolbar2007.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab

FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2010-10-22] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Windows\system32\C2MP\npdivx32.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-02-29] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-02-29] (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2105 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll [2007-04-30] (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll [2007-04-30] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll [2007-04-30] (RealNetworks, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2740727072-2080102920-725536451-1000: @kb-ext.cz/PKIComponent -> C:\Users\John\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll [2013-12-06] (Komerční banka, a.s.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2007-07-12] (Apple Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-16]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-04-11]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-05-05]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [77824 2008-02-22] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [146600 2015-09-21] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [3219136 2015-09-21] (Avast Software)
R2 BthFilterHelper; C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe [127488 2006-11-07] (CSR, plc) [File not signed]
R2 HFGService; C:\Windows\System32\HFGService.dll [356864 2007-05-05] (CSR, plc)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-01-18] (Hewlett-Packard) [File not signed]
S2 O2 Internet. RunOuc; C:\Program Files\O2 Internet\UpdateDog\ouc.exe [657504 2012-11-12] ()
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-01-18] (Hewlett-Packard) [File not signed]
S3 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [69632 2007-07-11] (MicroVision Development, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2008-07-03] (Dell Inc.) [File not signed]
S2 HWDeviceService.exe; "C:\ProgramData\DatacardService\HWDeviceService.exe" -/service [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-09-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-09-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-09-21] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-09-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [789296 2015-09-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [434184 2015-09-21] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [157888 2015-09-21] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-09-21] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-09-21] (AVAST Software)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-07-03] (Broadcom Corporation)
S3 BthAudioHF; C:\Windows\System32\DRIVERS\BthAudioHF.sys [29184 2007-05-05] (CSR, plc)
S3 bthav; C:\Windows\System32\drivers\bthav.sys [36352 2007-05-05] (CSR, plc)
R3 BTHFILT; C:\Windows\System32\DRIVERS\BthFilt.sys [13824 2007-05-05] (CSR, plc)
S3 BTHprint; C:\Windows\System32\DRIVERS\bthprint.sys [29696 2009-04-11] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [96000 2012-08-20] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\Windows\System32\DRIVERS\ew_jucdcecm.sys [70272 2012-10-29] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-08-20] (Huawei Technologies Co., Ltd.)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [107984 2015-09-21] (AVAST Software)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 OEM13Vfx; C:\Windows\System32\DRIVERS\OEM13Vfx.sys [7424 2008-07-17] (EyePower Games Pte. Ltd.)
R3 OEM13Vid; C:\Windows\System32\DRIVERS\OEM13Vid.sys [235840 2008-07-17] (Creative Technology Ltd.)
R3 TPLINKUDSMBus; C:\Windows\System32\drivers\TplinkUDSMBus.sys [116224 2014-05-22] (Windows (R) Codename Longhorn DDK provider)
R3 tplinkUDSTcpBus; C:\Windows\System32\drivers\tplinkUDSTcpBus.sys [180608 2014-05-22] (Windows (R) Codename Longhorn DDK provider)
R2 VBoxAswDrv; C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [220752 2015-09-21] (Avast Software)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [249472 2012-04-20] (Huawei Technologies Co., Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-02 16:13 - 2015-10-02 16:14 - 00020597 _____ C:\Users\John\Desktop\FRST.txt
2015-09-30 16:44 - 2015-10-02 16:13 - 00000000 ____D C:\FRST
2015-09-30 16:43 - 2015-09-30 16:44 - 01696256 _____ (Farbar) C:\Users\John\Desktop\FRST.exe
2015-09-30 16:24 - 2015-09-30 16:25 - 01107968 _____ C:\Users\John\Desktop\RSIT.exe
2015-09-29 21:41 - 2015-09-29 21:44 - 00000249 _____ C:\Users\John\Desktop\DiskInfo.ini
2015-09-29 21:41 - 2015-09-29 21:41 - 00000000 ____D C:\Users\John\Desktop\Smart
2015-09-29 21:41 - 2012-06-15 14:08 - 01149912 _____ (Crystal Dew World) C:\Users\John\Desktop\DiskInfo.exe
2015-09-29 21:41 - 2012-05-27 20:28 - 00000000 ____D C:\Users\John\Desktop\CdiResource
2015-09-29 21:41 - 2012-01-05 14:02 - 00001268 _____ C:\Users\John\Desktop\COPYRIGHT.txt
2015-09-29 21:41 - 2012-01-05 14:02 - 00001122 _____ C:\Users\John\Desktop\COPYRIGHT-ja.txt
2015-09-29 21:40 - 2015-09-29 21:40 - 01496172 _____ C:\Users\John\Desktop\CrystalDiskInfo5_0_0.zip
2015-09-29 20:25 - 2015-09-28 13:15 - 00163219 _____ C:\Users\John\Desktop\Mini092815-01.dmp
2015-09-29 20:25 - 2015-09-24 22:40 - 00163219 _____ C:\Users\John\Desktop\Mini092415-01.dmp
2015-09-29 20:22 - 2015-09-29 20:22 - 00001446 _____ C:\Users\John\Desktop\Malware.txt
2015-09-29 17:13 - 2015-09-29 17:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-28 21:10 - 2015-09-21 20:23 - 00789296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00434184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-09-28 21:10 - 2015-09-21 20:23 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00157888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00107984 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00057888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00055200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-09-28 20:49 - 2015-09-28 20:50 - 00000000 ____D C:\AdwCleaner
2015-09-28 20:47 - 2015-09-28 20:47 - 01670656 _____ C:\Users\John\Desktop\adwcleaner_5.009.exe
2015-09-28 13:24 - 2015-09-30 16:26 - 00000000 ____D C:\Program Files\trend micro
2015-09-28 13:24 - 2015-09-28 13:25 - 00000000 ____D C:\rsit
2015-09-23 16:46 - 2015-09-23 16:46 - 00000000 ____D C:\snapshots
2015-09-21 20:23 - 2015-09-21 20:23 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-09-14 17:21 - 2014-05-22 14:46 - 00116224 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\tplinkUDSMBus.sys
2015-09-14 17:21 - 2014-05-22 14:42 - 00180608 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\tplinkUDSTcpBus.sys
2015-09-14 17:20 - 2015-09-14 17:20 - 00002016 _____ C:\Users\Public\Desktop\USB Printer Controller.lnk
2015-09-14 17:20 - 2015-09-14 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2015-09-14 17:20 - 2015-09-14 17:20 - 00000000 ____D C:\Program Files\TP-LINK
2015-09-13 01:19 - 2015-08-13 16:15 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-09-13 01:19 - 2015-08-13 16:15 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-09-13 01:18 - 2015-09-02 23:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-13 01:18 - 2015-09-02 23:26 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-13 01:15 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-13 01:14 - 2015-09-02 23:26 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-13 01:14 - 2015-09-02 21:55 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-13 01:14 - 2015-09-02 21:54 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-13 01:12 - 2015-08-05 17:59 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-13 00:31 - 2015-09-29 21:20 - 00000000 ____D C:\Windows\pss
2015-09-12 22:40 - 2015-09-12 22:40 - 00000021 _____ C:\Users\John\Desktop\Hochman.txt
2015-09-09 20:15 - 2015-08-17 19:18 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 20:15 - 2015-08-17 19:17 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 20:15 - 2015-08-17 19:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 20:15 - 2015-08-17 19:13 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 20:15 - 2015-08-17 19:12 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 20:15 - 2015-08-17 19:12 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 20:15 - 2015-08-17 19:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 20:15 - 2015-08-17 19:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 20:15 - 2015-08-17 19:10 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-09-09 20:15 - 2015-08-17 19:10 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-09-09 20:15 - 2015-08-17 19:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-02 20:46 - 2015-09-20 18:18 - 00001033 _____ C:\Users\John\Desktop\Šaty.txt
2015-09-02 19:50 - 2015-09-02 19:50 - 00001896 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-02 19:50 - 2015-09-02 19:50 - 00000000 ___RD C:\Program Files\Skype
2015-09-02 19:50 - 2015-09-02 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-02 19:50 - 2015-09-02 19:50 - 00000000 ____D C:\Program Files\Common Files\Skype

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-02 16:10 - 2012-02-12 21:27 - 00000000 ____D C:\Users\John\AppData\Roaming\Skype
2015-10-02 16:09 - 2008-09-18 22:46 - 01872892 _____ C:\Windows\WindowsUpdate.log
2015-10-02 16:09 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-02 16:09 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-01 16:40 - 2008-09-18 21:17 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-01 16:40 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-30 19:50 - 2008-09-18 21:02 - 00003204 _____ C:\Windows\bthservsdp.dat
2015-09-30 19:50 - 2006-11-02 15:01 - 00032606 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-30 19:49 - 2008-01-21 08:47 - 01532794 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-30 16:17 - 2013-07-17 17:38 - 00308920 _____ C:\Windows\PFRO.log
2015-09-29 21:51 - 2013-06-28 22:13 - 00030818 _____ C:\Windows\setupact.log
2015-09-29 20:27 - 2010-01-01 18:38 - 00000000 ____D C:\Windows\Minidump
2015-09-28 21:18 - 2013-10-11 19:36 - 00012774 _____ C:\Windows\DPINST.LOG
2015-09-28 21:16 - 2010-06-06 11:23 - 00000000 ____D C:\ProgramData\Nokia
2015-09-28 21:16 - 2010-01-07 03:50 - 00000000 ____D C:\Program Files\Common Files\Nokia
2015-09-28 21:16 - 2008-10-28 23:56 - 00000000 ____D C:\Program Files\Nokia
2015-09-28 21:15 - 2012-12-31 16:07 - 00000000 ____D C:\Users\John\AppData\Roaming\Nokia Suite
2015-09-28 21:15 - 2009-01-08 17:01 - 00000000 ____D C:\Users\John\AppData\Roaming\Nokia
2015-09-28 21:11 - 2014-11-27 19:22 - 00001802 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-09-28 20:39 - 2010-01-23 17:06 - 00000000 ____D C:\Program Files\Spybot2
2015-09-28 20:39 - 2010-01-23 16:48 - 00000000 ____D C:\Program Files\Spybot
2015-09-28 20:38 - 2010-01-23 16:48 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-09-28 13:15 - 2008-09-19 06:27 - 00163219 _____ C:\Windows\Minidump\Mini092815-01.dmp
2015-09-24 22:40 - 2008-09-19 06:27 - 00163219 _____ C:\Windows\Minidump\Mini092415-01.dmp
2015-09-23 16:45 - 2014-11-29 22:02 - 00000000 ____D C:\Windows\system32\vbox
2015-09-21 22:02 - 2008-10-26 03:25 - 00112128 _____ C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-17 20:27 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2015-09-14 20:37 - 2008-10-21 23:37 - 00000000 ____D C:\Users\John\Documents\Honzík
2015-09-14 17:21 - 2008-10-14 11:09 - 00000000 ____D C:\Users\John
2015-09-13 12:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-09-13 11:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-09-13 10:56 - 2006-11-02 14:47 - 00340224 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-13 10:53 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-13 01:18 - 2008-09-18 21:12 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-13 01:10 - 2013-09-17 19:03 - 00000000 ____D C:\Windows\system32\MRT
2015-09-13 00:37 - 2008-10-21 23:14 - 00000000 ____D C:\Instalačky
2015-09-09 20:29 - 2008-10-16 02:25 - 00002635 _____ C:\Users\John\Desktop\Word.lnk
2015-09-09 20:03 - 2015-08-29 23:04 - 00000000 ____D C:\Users\John\Desktop\Aukro deska
2015-09-02 19:50 - 2012-02-12 21:26 - 00000000 ____D C:\ProgramData\Skype

==================== Files in the root of some directories =======

2011-11-15 20:07 - 2011-11-15 20:07 - 0000000 _____ () C:\Users\John\AppData\Roaming\.NANotifyHere
2011-05-23 09:12 - 2014-08-11 10:02 - 0008592 _____ () C:\Users\John\AppData\Local\d3d9caps.dat
2008-10-26 03:25 - 2015-09-21 22:02 - 0112128 _____ () C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-26 18:41 - 2013-10-11 19:52 - 0008704 _____ () C:\ProgramData\hpzinstall.log
2008-09-18 21:16 - 2012-03-24 21:46 - 0134376 _____ () C:\ProgramData\nvModes.001
2008-09-18 21:15 - 2012-03-24 21:46 - 0134376 _____ () C:\ProgramData\nvModes.dat
2013-09-17 20:02 - 2013-09-17 20:02 - 0001570 _____ () C:\ProgramData\QuickSet.xml

Some files in TEMP:
====================
C:\Users\John\AppData\Local\Temp\AcDeltree.exe
C:\Users\John\AppData\Local\Temp\IHU1209.tmp.exe
C:\Users\John\AppData\Local\Temp\IHU363C.tmp.exe
C:\Users\John\AppData\Local\Temp\IHU3BC7.tmp.exe
C:\Users\John\AppData\Local\Temp\IHU5031.tmp.exe
C:\Users\John\AppData\Local\Temp\IHU5169.tmp.exe
C:\Users\John\AppData\Local\Temp\IHU6824.tmp.exe
C:\Users\John\AppData\Local\Temp\IHU759C.tmp.exe
C:\Users\John\AppData\Local\Temp\IHU8E2B.tmp.exe
C:\Users\John\AppData\Local\Temp\IHUAA42.tmp.exe
C:\Users\John\AppData\Local\Temp\IHUB605.tmp.exe
C:\Users\John\AppData\Local\Temp\IHUD48D.tmp.exe
C:\Users\John\AppData\Local\Temp\IHUD99C.tmp.exe
C:\Users\John\AppData\Local\Temp\IHUF9B9.tmp.exe
C:\Users\John\AppData\Local\Temp\IHUFB8.tmp.exe
C:\Users\John\AppData\Local\Temp\IHUFF16.tmp.exe
C:\Users\John\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\John\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\John\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\John\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\John\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\John\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\John\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\John\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-10-01 17:01

==================== End of FRST.txt ============================

#12 Příspěvek od **Márty84** » 02 říj 2015 18:21

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

hagal · #13 Příspěvek od **hagal** » 02 říj 2015 23:15

ComboFix 15-10-01.01 - John 02.10.2015 23:54:41.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.809 [GMT 2:00]
Spuštěný z: c:\users\John\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\programfiles
c:\programfiles\totalcmd\CABRK.DLL
c:\programfiles\totalcmd\CGLPT64.SYS
c:\programfiles\totalcmd\CGLPT9X.VXD
c:\programfiles\totalcmd\CGLPTNT.SYS
c:\programfiles\totalcmd\DEFAULT.BAR
c:\programfiles\totalcmd\default.br2
c:\programfiles\totalcmd\descript.ion
c:\programfiles\totalcmd\FRERES32.DLL
c:\programfiles\totalcmd\HISTORY.TXT
c:\programfiles\totalcmd\KEYBOARD.TXT
c:\programfiles\totalcmd\LANGUAGE\WCMD_CZ.INC
c:\programfiles\totalcmd\LANGUAGE\WCMD_CZ.LNG
c:\programfiles\totalcmd\LANGUAGE\WCMD_CZ.MNU
c:\programfiles\totalcmd\NO.BAR
c:\programfiles\totalcmd\NOCLOSE.EXE
c:\programfiles\totalcmd\NOCLOSE64.EXE
c:\programfiles\totalcmd\REGISTER.RTF
c:\programfiles\totalcmd\SFXHEAD.SFX
c:\programfiles\totalcmd\SHARE_NT.EXE
c:\programfiles\totalcmd\SIZE!.TXT
c:\programfiles\totalcmd\TCLZMA64.DLL
c:\programfiles\totalcmd\TCMADM64.EXE
c:\programfiles\totalcmd\TCMADMIN.EXE
c:\programfiles\totalcmd\TCMDLZMA.DLL
c:\programfiles\totalcmd\TCMDX32.EXE
c:\programfiles\totalcmd\TCMDX64.EXE
c:\programfiles\totalcmd\TCUNIN64.EXE
c:\programfiles\totalcmd\TCUNIN64.WUL
c:\programfiles\totalcmd\TCUNINST.EXE
c:\programfiles\totalcmd\TCUNINST.WUL
c:\programfiles\totalcmd\TCUNZL64.DLL
c:\programfiles\totalcmd\TCUNZLIB.DLL
c:\programfiles\totalcmd\TcUsbRun.exe
c:\programfiles\totalcmd\TOTALCMD.EXE
c:\programfiles\totalcmd\TOTALCMD.EXE.MANIFEST
c:\programfiles\totalcmd\TOTALCMD.CHM
c:\programfiles\totalcmd\TOTALCMD.INC
c:\programfiles\totalcmd\TOTALCMD64.EXE
c:\programfiles\totalcmd\TOTALCMD64.EXE.MANIFEST
c:\programfiles\totalcmd\UNACEV2.DLL
c:\programfiles\totalcmd\UNRAR.DLL
c:\programfiles\totalcmd\UNRAR64.DLL
c:\programfiles\totalcmd\UNRAR9X.DLL
c:\programfiles\totalcmd\WC32TO16.EXE
c:\programfiles\totalcmd\WCMICONS.DLL
c:\programfiles\totalcmd\WCMICONS.INC
c:\programfiles\totalcmd\WCMZIP32.DLL
c:\programfiles\totalcmd\WCMZIP64.DLL
c:\programfiles\totalcmd\WCUNINST.WUL
c:\windows\IsUn0407.exe
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-09-02 do 2015-10-02 )))))))))))))))))))))))))))))))
.
.
2015-10-02 22:03 . 2015-10-02 22:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-10-02 22:03 . 2015-10-02 22:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-09-30 14:44 . 2015-10-02 14:16 -------- d-----w- C:\FRST
2015-09-29 20:36 . 2015-08-31 23:05 8884144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B69F53AF-465B-401B-AC20-E8E8C82A081F}\mpengine.dll
2015-09-29 15:13 . 2015-09-29 15:13 -------- d-----w- c:\programdata\Malwarebytes
2015-09-28 19:10 . 2015-09-21 18:23 57888 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2015-09-28 19:10 . 2015-09-21 18:23 157888 ----a-w- c:\windows\system32\drivers\aswStmXP.sys
2015-09-28 19:10 . 2015-09-21 18:23 434184 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-09-28 19:10 . 2015-09-21 18:23 208664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-09-28 19:10 . 2015-09-21 18:23 76000 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-09-28 19:10 . 2015-09-21 18:23 55200 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2015-09-28 19:10 . 2015-09-21 18:23 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-09-28 19:10 . 2015-09-21 18:23 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-09-28 19:10 . 2015-09-21 18:23 789296 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-09-28 19:10 . 2015-09-21 18:23 107984 ----a-w- c:\windows\system32\drivers\ngvss.sys
2015-09-28 19:10 . 2015-09-21 18:23 313472 ----a-w- c:\windows\system32\aswBoot.exe
2015-09-28 18:49 . 2015-09-28 18:50 -------- d-----w- C:\AdwCleaner
2015-09-28 11:24 . 2015-09-30 14:26 -------- d-----w- c:\program files\trend micro
2015-09-28 11:24 . 2015-09-28 11:25 -------- d-----w- C:\rsit
2015-09-23 14:46 . 2015-09-23 14:46 -------- d-----w- C:\snapshots
2015-09-21 18:23 . 2015-09-21 18:23 43112 ----a-w- c:\windows\avastSS.scr
2015-09-14 15:21 . 2014-05-22 12:46 116224 ----a-w- c:\windows\system32\drivers\tplinkUDSMBus.sys
2015-09-14 15:21 . 2014-05-22 12:42 180608 ----a-w- c:\windows\system32\drivers\tplinkUDSTcpBus.sys
2015-09-14 15:20 . 2015-09-14 15:20 -------- d-----w- c:\program files\TP-LINK
2015-09-12 23:19 . 2015-08-13 14:15 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2015-09-12 23:19 . 2015-08-13 14:15 102912 ----a-w- c:\windows\system32\drivers\srvnet.sys
2015-09-12 23:18 . 2015-09-02 21:26 1402368 ----a-w- c:\windows\system32\msxml6.dll
2015-09-12 23:18 . 2015-09-02 21:26 1253376 ----a-w- c:\windows\system32\msxml3.dll
2015-09-12 23:15 . 2015-07-10 14:21 2048 ----a-w- c:\windows\system32\tzres.dll
2015-09-12 23:14 . 2015-08-05 15:58 940032 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-09-12 23:14 . 2015-08-05 14:24 1850880 ----a-w- c:\program files\Windows Journal\Journal.exe
2015-09-12 23:14 . 2015-08-05 15:59 1220608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2015-09-12 23:14 . 2015-08-05 15:58 985600 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2015-09-12 23:14 . 2015-08-05 15:58 967680 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2015-09-12 23:14 . 2015-09-02 21:26 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-09-12 23:14 . 2015-09-02 19:55 2067456 ----a-w- c:\windows\system32\win32k.sys
2015-09-12 23:14 . 2015-09-02 19:54 297472 ----a-w- c:\windows\system32\atmfd.dll
2015-09-12 23:12 . 2015-08-05 15:59 602112 ----a-w- c:\windows\system32\schedsvc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-29 21:39 . 2014-09-15 16:18 97888 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-08-29 20:49 . 2012-05-12 21:15 778440 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-08-29 20:49 . 2011-05-23 21:21 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-08-04 22:03 . 2015-08-04 22:03 877152 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-08-04 22:03 . 2015-08-04 22:03 538208 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2015-07-31 21:46 . 2015-08-12 23:09 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-07-31 21:46 . 2015-08-12 23:09 189952 ----a-w- c:\windows\system32\d3d10core.dll
2015-07-31 21:46 . 2015-08-12 23:09 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2015-07-31 21:46 . 2015-08-12 23:09 1029120 ----a-w- c:\windows\system32\d3d10.dll
2015-07-31 20:41 . 2015-08-12 23:09 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2015-07-31 20:40 . 2015-08-12 23:09 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2015-07-31 20:35 . 2015-08-12 23:09 682496 ----a-w- c:\windows\system32\d2d1.dll
2015-07-31 20:33 . 2015-08-12 23:09 1072640 ----a-w- c:\windows\system32\DWrite.dll
2015-07-31 20:33 . 2015-08-12 23:09 802304 ----a-w- c:\windows\system32\FntCache.dll
2015-07-31 19:27 . 2015-08-12 23:28 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-21 20:55 . 2015-08-12 23:30 1206192 ----a-w- c:\windows\system32\ntdll.dll
2015-07-21 16:07 . 2015-08-12 23:30 56256 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-07-21 16:07 . 2015-08-12 23:30 3605440 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-07-21 16:07 . 2015-08-12 23:30 3553216 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-07-21 16:07 . 2015-08-12 23:30 140224 ----a-w- c:\windows\system32\drivers\ecache.sys
2015-07-21 16:03 . 2015-08-12 23:30 10752 ----a-w- c:\windows\system32\msmmsp.dll
2015-07-21 16:03 . 2015-08-12 23:30 564224 ----a-w- c:\windows\system32\emdmgmt.dll
2015-07-21 16:03 . 2015-08-12 23:30 49664 ----a-w- c:\windows\system32\csrsrv.dll
2015-07-18 16:03 . 2015-08-12 23:12 68608 ----a-w- c:\windows\system32\basesrv.dll
2015-07-10 19:37 . 2015-08-12 23:27 2067968 ----a-w- c:\windows\system32\mstscax.dll
2015-07-09 14:25 . 2015-08-12 23:07 151040 ----a-w- c:\windows\system32\notepad.exe
2015-07-09 14:25 . 2015-08-12 23:07 151040 ----a-w- c:\windows\notepad.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-09-21 18:23 696120 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2015-08-07 53735968]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-02-22 159744]
"RtHDVCpl"="RtHDVCpl.exe" [2008-02-22 4907008]
"OEM13Mon.exe"="c:\windows\OEM13Mon.exe" [2008-07-17 36864]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-07-03 3563520]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2015-09-21 6134544]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
"TP-LINK USB Printer Controller"="c:\program files\TP-LINK\USB Printer Controller\USB Printer Controller.exe" [2014-06-19 4265984]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^counter_widget.lnk]
path=c:\users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\counter_widget.lnk
backup=c:\windows\pss\counter_widget.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2009-11-18 14:13 54576 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2013-05-23 13:16 1561968 ----a-w- c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2013-05-23 13:16 311152 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMail]
2008-02-21 20:22 453936 ----a-w- c:\program files\Seznam\Postak\Postak.exe
.
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2008-02-22 77824]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
bthaudiosvc REG_MULTI_SZ HFGService
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\bin\listicka.dll
Trusted Zone: mojebanka.cz
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\sign
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojeplatba.cz\www
TCP: DhcpNameServer = 192.168.0.1
DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} - hxxps://download.seznam.cz/listicka/toolbar2007.cab
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-Wdf01000.sys
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-KiesAirMessage - c:\program files\Samsung\Kies\KiesAirMessage.exe
AddRemove-Cole2k Media - Codec Pack - c:\windows\system32\C2MP\Uninst.exe
AddRemove-Moorhuhn 2 V1.1 - c:\windows\IsUn0407.exe
AddRemove-Totalcmd - c:\programfiles\totalcmd\tcuninst.exe
AddRemove-{92C7D009-A464-4948-A980-7A3E28CB2F49}_is1 - c:\program files\ABC\Richard Burns Rally\unins000.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(744)
c:\windows\System32\BCMLogon.dll
.
Celkový čas: 2015-10-03 00:06:36
ComboFix-quarantined-files.txt 2015-10-02 22:06
.
Před spuštěním: Volných bajtů: 131 403 497 472
Po spuštění: Volných bajtů: 131 996 614 656
.
- - End Of File - - BCE6014515EDFB362E1B59E1824C4B2C
5C616939100B85E558DA92B899A0FC36

#14 Příspěvek od **Márty84** » 03 říj 2015 17:10

Vypnete trvale Windows Defender.

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
"WMPNSCFG"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"SunJavaUpdateSched"=-

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

hagal · #15 Příspěvek od **hagal** » 03 říj 2015 22:00

windows defender mi nejde spustit, objeví se pouze zpráva, že aplikaci nelze inicializovat. V čem je problém a co s tím?

VIRY.CZ

zpomalený, blue screen, sekání, padá internetové připojení

zpomalený, blue screen, sekání, padá internetové připojení

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje