prosba o kontrolu logu - mizejí ikony

Zpráva

Tomas.11 · #1 Příspěvek od **Tomas.11** » 11 led 2016 21:34

Dobrý den, prosím o kontrolu logu, zdá se mi že se pc jakoby "zakušbává" než spustí běžné aplikace a taky občas zmizí ikona z plochy, nevysvětlitelně. Dále nejde nainstalovat mbam a občas se v thunderbirdu objeví hlášky že určitý soubor nelze uložit.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Alena Lipavská at 2016-01-11 21:29:11
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 8 GB (28%) free of 31 GB
Total RAM: 989 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:29:15, on 11.1.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cobian Backup 11\cbService.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TeamViewer\TeamViewer_Service.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\TeamViewer\TeamViewer.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TeamViewer\tv_w32.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
c:\program files\teamviewer\TeamViewer_Desktop.exe
C:\Program Files\ThunderbirdPortable\App\thunderbird\thunderbird.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Documents and Settings\Alena Lipavská\Plocha\RSIT.exe
C:\Program Files\trend micro\Alena Lipavská.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Mozilla Thunderbird.lnk = C:\Program Files\ThunderbirdPortable\App\thunderbird\thunderbird.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3814939691
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - http://adisepo.mfcr.cz/adistc/adis/idpr ... tsignx.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{107DA2AD-A5C0-4A35-BAC7-7861A81B8FBF}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{107DA2AD-A5C0-4A35-BAC7-7861A81B8FBF}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{107DA2AD-A5C0-4A35-BAC7-7861A81B8FBF}: NameServer = 192.168.1.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: orakutt - Invalid registry found
O20 - Winlogon Notify: vinitru - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) - Luis Cobian, CobianSoft - C:\Program Files\Cobian Backup 11\cbService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Samsung UPD Service - Samsung Electronics CO., LTD. - C:\WINDOWS\system32\SUPDSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: syshost32 - Unknown owner - C:\WINDOWS\Installer\{01D5DBA0-B65B-3EC4-30AE-51BC10893B18}\syshost.exe (file missing)
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 7026 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Security Center Update - 2125926583.job - C:\Documents and Settings\Alena Lipavská\Data aplikací\Iqugluwo\reuboco.exe

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Alena Lipavská\Data aplikací\Mozilla\Firefox\Profiles\satzjz0p.default

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-11 664184]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-10-27 150040]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-10-27 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-10-27 178712]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2010-08-11 40983152]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"AtiPTA"=C:\WINDOWS\system32\atiptaxx.exe [2005-11-23 344064]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-01-11 7021880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-12-08 50749056]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Mozilla Thunderbird.lnk - C:\Program Files\ThunderbirdPortable\App\thunderbird\thunderbird.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-11-23 47104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-10-21 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\orakutt]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vinitru]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\SUPDSvc.exe"="C:\WINDOWS\system32\SUPDSvc.exe:*:Enabled:Samsung UPD Service"
"C:\Program Files\Common Files\soft602\langserv.exe"="C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\AH2JKX6J\49[1].mp3"="C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\AH2JKX6J\49[1].mp3:*:Enacled:49[1]"
"\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:Enacled:winlogon"
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\6FIF6DKB\42[1].mp3"="C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\6FIF6DKB\42[1].mp3:*:Enacled:42[1]"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe"="C:\Program Files\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe:*:Enabled:Samsung ICCUpdater Module"
"C:\Program Files\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe"="C:\Program Files\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe:*:Enabled:Samsung Scanner Discovery Module V3"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TeamViewer\TeamViewer.exe"="C:\Program Files\TeamViewer\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=serwvdrv.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2016-01-11 21:29:11 ----D---- C:\rsit
2016-01-11 21:29:11 ----D---- C:\Program Files\trend micro
2016-01-11 21:23:18 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2016-01-11 21:23:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2016-01-11 21:23:18 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-01-11 21:23:18 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-01-11 21:18:37 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-01-11 21:14:13 ----SHD---- C:\Config.Msi
2016-01-11 21:04:26 ----D---- C:\AdwCleaner
2016-01-11 20:42:52 ----D---- C:\Program Files\Cobian Backup 11
2016-01-11 20:26:06 ----D---- C:\Program Files\TeamViewer
2016-01-11 16:24:15 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-01-11 16:23:25 ----D---- C:\Documents and Settings\Alena Lipavská\Data aplikací\AVAST Software
2016-01-11 16:23:20 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2016-01-11 16:23:17 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswStmXP.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2016-01-11 16:22:40 ----A---- C:\WINDOWS\avastSS.scr
2016-01-11 16:20:52 ----D---- C:\Program Files\AVAST Software
2016-01-11 16:20:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2016-01-11 15:44:44 ----D---- C:\Documents and Settings\Alena Lipavská\Data aplikací\Foxit Software
2015-12-15 08:04:17 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 month======

2016-01-11 21:29:11 ----RD---- C:\Program Files
2016-01-11 21:29:10 ----D---- C:\WINDOWS\Prefetch
2016-01-11 21:24:01 ----A---- C:\WINDOWS\wincmd.ini
2016-01-11 21:23:18 ----D---- C:\WINDOWS\system32\drivers
2016-01-11 21:19:38 ----D---- C:\WINDOWS\system32
2016-01-11 21:19:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-11 21:16:11 ----D---- C:\Documents and Settings\Alena Lipavská\Data aplikací\Skype
2016-01-11 21:15:30 ----D---- C:\WINDOWS\Temp
2016-01-11 21:15:22 ----AD---- C:\WINDOWS
2016-01-11 21:14:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2016-01-11 21:14:21 ----SHD---- C:\WINDOWS\Installer
2016-01-11 21:14:18 ----D---- C:\Program Files\Common Files\Acronis
2016-01-11 20:26:11 ----RSD---- C:\WINDOWS\Fonts
2016-01-11 16:23:20 ----HD---- C:\WINDOWS\inf
2016-01-11 16:23:02 ----D---- C:\WINDOWS\system32\CatRoot2
2016-01-11 16:22:46 ----SD---- C:\WINDOWS\Tasks
2016-01-11 16:22:44 ----D---- C:\WINDOWS\WinSxS
2016-01-11 15:46:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2016-01-11 15:44:22 ----D---- C:\Program Files\Foxit Software
2016-01-11 15:42:58 ----D---- C:\Program Files\SlySoft
2016-01-11 15:40:57 ----D---- C:\WINDOWS\Debug
2016-01-11 15:37:39 ----D---- C:\Temp
2016-01-11 15:35:30 ----D---- C:\1Instalace
2016-01-11 15:13:39 ----D---- C:\Documents and Settings\Alena Lipavská\Data aplikací\TeamViewer
2016-01-11 11:00:03 ----A---- C:\WINDOWS\system32\MRT.exe
2016-01-08 10:18:43 ----D---- C:\Program Files\Outlook Express
2016-01-07 07:59:36 ----D---- C:\Documents and Settings\Alena Lipavská\Data aplikací\Seznam Browser
2015-12-15 08:04:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2015-12-15 08:04:17 ----RD---- C:\Program Files\Skype
2015-12-15 08:04:17 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-01-11 49776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-01-11 209432]
R0 SiSide;SiSide; C:\WINDOWS\System32\DRIVERS\siside.sys [2003-03-25 4096]
R0 sisidex;sisidex; C:\WINDOWS\system32\drivers\sisidex.sys [2002-10-17 49024]
R0 sisperf;Add Performance Filter Driver; C:\WINDOWS\system32\drivers\sisperf.sys [2002-08-20 9472]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\System32\DRIVERS\snapman.sys [2012-04-10 170528]
R0 timounter;Acronis Backup Archive Explorer; C:\WINDOWS\System32\DRIVERS\timntr.sys [2012-04-10 600928]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2016-01-11 55200]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-01-11 794952]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-01-11 436360]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-01-11 24016]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-01-11 81168]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2003-04-16 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2003-04-16 55936]
R2 SVKP;SVKP; \??\C:\WINDOWS\System32\SVKP.sys []
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2016-01-11 165104]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-10-21 6048480]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2010-10-21 62576]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2010-08-04 2127728]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S0 27e4a9798243d42e;syshost.exe; C:\WINDOWS\System32\Drivers\27e4a9798243d42e.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\System32\Drivers\DgiVecp.sys []
S2 hardlock;hardlock; \??\C:\WINDOWS\System32\drivers\hardlock.sys []
S2 SSPORT;SSPORT; \??\C:\WINDOWS\System32\Drivers\SSPORT.sys []
S3 3dfxvs;3dfxvs; C:\WINDOWS\System32\DRIVERS\3dfxvsm.sys [2001-08-17 148352]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2016-01-11 58016]
S3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2008-04-14 701440]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
S3 Di1610VM11;KONICA MINOLTA Di1610 PCL; C:\WINDOWS\System32\Drivers\Di1610p.SYS [2001-08-17 13824]
S3 EthDriver;D-Link DGE-528T Vista 32-bit Driver; C:\WINDOWS\System32\DRIVERS\DLKRT32.sys [2007-01-24 70144]
S3 CH341SER;CH341SER; C:\WINDOWS\System32\Drivers\CH341SER.SYS [2009-06-02 39632]
S3 kvpndev;Kerio VPN adapter; C:\WINDOWS\System32\DRIVERS\kvpndrv.sys [2005-02-11 61440]
S3 ltmodem5;LT Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2004-08-17 606556]
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver.sys []
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\System32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\DRIVERS\serscan.sys [2001-10-24 6784]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2013-07-24 30720]
S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-05 6912]
S3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-06-06 11264]
S4 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41600]
S4 RTL8023xp;D-Link DGE-528T Gigabit Ethernet Adapter NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\DLKRTXP.SYS [2006-07-31 83456]
S4 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S4 sisagp;SiS AGP Filter; C:\WINDOWS\System32\DRIVERS\SISAGPX.sys [2003-07-18 36992]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-01-11 226440]
R2 CobianBackup11;Cobian Backup 11 Gravity; C:\Program Files\Cobian Backup 11\cbService.exe [2012-12-05 1131008]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 TeamViewer;TeamViewer 11; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-12-14 6889232]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2005-03-11 455632]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2005-11-23 393216]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-09-15 516096]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S2 syshost32;syshost32; C:\WINDOWS\Installer\{01D5DBA0-B65B-3EC4-30AE-51BC10893B18}\syshost.exe /service []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-11 146888]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Samsung UPD Service;Samsung UPD Service; C:\WINDOWS\system32\SUPDSvc.exe [2010-08-09 131888]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 11 led 2016 22:19

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Tomas.11 · #3 Příspěvek od **Tomas.11** » 11 led 2016 22:24

# AdwCleaner v5.027 - Logfile created 11/01/2016 at 21:14:22
# Updated 30/12/2015 by Xplode
# Database : 2016-01-11.4 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Alena Lipavská - SELI-KANCELAR2
# Running from : \\192.168.1.99\other\Instalacky\1CLEAN\adwcleaner_5.027.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Documents and Settings\Alena Lipavská\Data aplikací\Mozilla\Firefox\Profiles\satzjz0p.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [ Web browsers ] *****

[-] [C:\Documents and Settings\Alena Lipavská\Data aplikací\Mozilla\Firefox\Profiles\satzjz0p.default\prefs.js] [Preference] Deleted : user_pref("urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey", 1325233855);

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1475 bytes] ##########

#4 Příspěvek od **Rudy** » 11 led 2016 22:27

Dejte nový log RSIT.

Tomas.11 · #5 Příspěvek od **Tomas.11** » 11 led 2016 22:41

Logfile of random's system information tool 1.10 (written by random/random)
Run by Alena Lipavská at 2016-01-11 22:40:03
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 9 GB (30%) free of 31 GB
Total RAM: 989 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:40:57, on 11.1.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ThunderbirdPortable\App\thunderbird\thunderbird.exe
C:\Program Files\Cobian Backup 11\cbService.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Skype\Updater\Updater.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TeamViewer\TeamViewer_Service.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\TeamViewer\TeamViewer.exe
C:\Program Files\TeamViewer\tv_w32.exe
c:\program files\teamviewer\TeamViewer_Desktop.exe
C:\Documents and Settings\Alena Lipavská\Plocha\RSIT.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\trend micro\Alena Lipavská.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Mozilla Thunderbird.lnk = C:\Program Files\ThunderbirdPortable\App\thunderbird\thunderbird.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3814939691
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - http://adisepo.mfcr.cz/adistc/adis/idpr ... tsignx.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{107DA2AD-A5C0-4A35-BAC7-7861A81B8FBF}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{107DA2AD-A5C0-4A35-BAC7-7861A81B8FBF}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{107DA2AD-A5C0-4A35-BAC7-7861A81B8FBF}: NameServer = 192.168.1.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: orakutt - Invalid registry found
O20 - Winlogon Notify: vinitru - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) - Luis Cobian, CobianSoft - C:\Program Files\Cobian Backup 11\cbService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Samsung UPD Service - Samsung Electronics CO., LTD. - C:\WINDOWS\system32\SUPDSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: syshost32 - Unknown owner - C:\WINDOWS\Installer\{01D5DBA0-B65B-3EC4-30AE-51BC10893B18}\syshost.exe (file missing)
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 7220 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Security Center Update - 2125926583.job - C:\Documents and Settings\Alena Lipavská\Data aplikací\Iqugluwo\reuboco.exe

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Alena Lipavská\Data aplikací\Mozilla\Firefox\Profiles\satzjz0p.default

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-11 664184]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-10-27 150040]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-10-27 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-10-27 178712]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2010-08-11 40983152]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"AtiPTA"=C:\WINDOWS\system32\atiptaxx.exe [2005-11-23 344064]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-01-11 7021880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-12-08 50749056]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Mozilla Thunderbird.lnk - C:\Program Files\ThunderbirdPortable\App\thunderbird\thunderbird.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-11-23 47104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-10-21 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\orakutt]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vinitru]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\SUPDSvc.exe"="C:\WINDOWS\system32\SUPDSvc.exe:*:Enabled:Samsung UPD Service"
"C:\Program Files\Common Files\soft602\langserv.exe"="C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\AH2JKX6J\49[1].mp3"="C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\AH2JKX6J\49[1].mp3:*:Enacled:49[1]"
"\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:Enacled:winlogon"
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\6FIF6DKB\42[1].mp3"="C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\6FIF6DKB\42[1].mp3:*:Enacled:42[1]"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe"="C:\Program Files\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe:*:Enabled:Samsung ICCUpdater Module"
"C:\Program Files\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe"="C:\Program Files\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe:*:Enabled:Samsung Scanner Discovery Module V3"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TeamViewer\TeamViewer.exe"="C:\Program Files\TeamViewer\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=serwvdrv.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2016-01-11 22:23:08 ----A---- C:\AdwCleaner[S1].txt
2016-01-11 21:29:11 ----D---- C:\rsit
2016-01-11 21:29:11 ----D---- C:\Program Files\trend micro
2016-01-11 21:23:18 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2016-01-11 21:23:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2016-01-11 21:23:18 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-01-11 21:23:18 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-01-11 21:18:37 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-01-11 21:14:13 ----SHD---- C:\Config.Msi
2016-01-11 21:04:26 ----D---- C:\AdwCleaner
2016-01-11 20:42:52 ----D---- C:\Program Files\Cobian Backup 11
2016-01-11 20:26:06 ----D---- C:\Program Files\TeamViewer
2016-01-11 16:24:15 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-01-11 16:23:25 ----D---- C:\Documents and Settings\Alena Lipavská\Data aplikací\AVAST Software
2016-01-11 16:23:20 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2016-01-11 16:23:17 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswStmXP.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2016-01-11 16:22:40 ----A---- C:\WINDOWS\avastSS.scr
2016-01-11 16:20:52 ----D---- C:\Program Files\AVAST Software
2016-01-11 16:20:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2016-01-11 15:44:44 ----D---- C:\Documents and Settings\Alena Lipavská\Data aplikací\Foxit Software
2015-12-15 08:04:17 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 month======

2016-01-11 22:40:45 ----D---- C:\Documents and Settings\Alena Lipavská\Data aplikací\Skype
2016-01-11 22:40:40 ----D---- C:\WINDOWS\Temp
2016-01-11 22:40:40 ----D---- C:\WINDOWS\Prefetch
2016-01-11 22:38:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2016-01-11 22:38:16 ----A---- C:\WINDOWS\wincmd.ini
2016-01-11 21:29:11 ----RD---- C:\Program Files
2016-01-11 21:23:18 ----D---- C:\WINDOWS\system32\drivers
2016-01-11 21:19:38 ----D---- C:\WINDOWS\system32
2016-01-11 21:19:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-11 21:15:22 ----AD---- C:\WINDOWS
2016-01-11 21:14:21 ----SHD---- C:\WINDOWS\Installer
2016-01-11 21:14:18 ----D---- C:\Program Files\Common Files\Acronis
2016-01-11 20:26:11 ----RSD---- C:\WINDOWS\Fonts
2016-01-11 16:23:20 ----HD---- C:\WINDOWS\inf
2016-01-11 16:23:02 ----D---- C:\WINDOWS\system32\CatRoot2
2016-01-11 16:22:46 ----SD---- C:\WINDOWS\Tasks
2016-01-11 16:22:44 ----D---- C:\WINDOWS\WinSxS
2016-01-11 15:46:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2016-01-11 15:44:22 ----D---- C:\Program Files\Foxit Software
2016-01-11 15:42:58 ----D---- C:\Program Files\SlySoft
2016-01-11 15:40:57 ----D---- C:\WINDOWS\Debug
2016-01-11 15:37:39 ----D---- C:\Temp
2016-01-11 15:35:30 ----D---- C:\1Instalace
2016-01-11 15:13:39 ----D---- C:\Documents and Settings\Alena Lipavská\Data aplikací\TeamViewer
2016-01-11 11:00:03 ----A---- C:\WINDOWS\system32\MRT.exe
2016-01-08 10:18:43 ----D---- C:\Program Files\Outlook Express
2016-01-07 07:59:36 ----D---- C:\Documents and Settings\Alena Lipavská\Data aplikací\Seznam Browser
2015-12-15 08:04:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2015-12-15 08:04:17 ----RD---- C:\Program Files\Skype
2015-12-15 08:04:17 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-01-11 49776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-01-11 209432]
R0 SiSide;SiSide; C:\WINDOWS\System32\DRIVERS\siside.sys [2003-03-25 4096]
R0 sisidex;sisidex; C:\WINDOWS\system32\drivers\sisidex.sys [2002-10-17 49024]
R0 sisperf;Add Performance Filter Driver; C:\WINDOWS\system32\drivers\sisperf.sys [2002-08-20 9472]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\System32\DRIVERS\snapman.sys [2012-04-10 170528]
R0 timounter;Acronis Backup Archive Explorer; C:\WINDOWS\System32\DRIVERS\timntr.sys [2012-04-10 600928]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2016-01-11 55200]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-01-11 794952]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-01-11 436360]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-01-11 24016]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-01-11 81168]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2003-04-16 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2003-04-16 55936]
R2 SVKP;SVKP; \??\C:\WINDOWS\System32\SVKP.sys []
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2016-01-11 165104]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-10-21 6048480]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2010-10-21 62576]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2010-08-04 2127728]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S0 27e4a9798243d42e;syshost.exe; C:\WINDOWS\System32\Drivers\27e4a9798243d42e.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\System32\Drivers\DgiVecp.sys []
S2 hardlock;hardlock; \??\C:\WINDOWS\System32\drivers\hardlock.sys []
S2 SSPORT;SSPORT; \??\C:\WINDOWS\System32\Drivers\SSPORT.sys []
S3 3dfxvs;3dfxvs; C:\WINDOWS\System32\DRIVERS\3dfxvsm.sys [2001-08-17 148352]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2016-01-11 58016]
S3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2008-04-14 701440]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
S3 Di1610VM11;KONICA MINOLTA Di1610 PCL; C:\WINDOWS\System32\Drivers\Di1610p.SYS [2001-08-17 13824]
S3 EthDriver;D-Link DGE-528T Vista 32-bit Driver; C:\WINDOWS\System32\DRIVERS\DLKRT32.sys [2007-01-24 70144]
S3 CH341SER;CH341SER; C:\WINDOWS\System32\Drivers\CH341SER.SYS [2009-06-02 39632]
S3 kvpndev;Kerio VPN adapter; C:\WINDOWS\System32\DRIVERS\kvpndrv.sys [2005-02-11 61440]
S3 ltmodem5;LT Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2004-08-17 606556]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver.sys []
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\System32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\DRIVERS\serscan.sys [2001-10-24 6784]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2013-07-24 30720]
S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-05 6912]
S3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-06-06 11264]
S4 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41600]
S4 RTL8023xp;D-Link DGE-528T Gigabit Ethernet Adapter NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\DLKRTXP.SYS [2006-07-31 83456]
S4 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S4 sisagp;SiS AGP Filter; C:\WINDOWS\System32\DRIVERS\SISAGPX.sys [2003-07-18 36992]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-01-11 226440]
R2 CobianBackup11;Cobian Backup 11 Gravity; C:\Program Files\Cobian Backup 11\cbService.exe [2012-12-05 1131008]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
R2 TeamViewer;TeamViewer 11; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-12-14 6889232]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2005-03-11 455632]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2005-11-23 393216]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-09-15 516096]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 syshost32;syshost32; C:\WINDOWS\Installer\{01D5DBA0-B65B-3EC4-30AE-51BC10893B18}\syshost.exe /service []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-11 146888]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Samsung UPD Service;Samsung UPD Service; C:\WINDOWS\system32\SUPDSvc.exe [2010-08-09 131888]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 12 led 2016 18:19

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files\Skype\Toolbars
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Security Center Update - 2125926583.job
C:\Documents and Settings\Alena Lipavská\Data aplikací\Iqugluwo
C:\WINDOWS\Installer\{01D5DBA0-B65B-3EC4-30AE-51BC10893B18}

:services
Skype C2C Service
syshost32

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Tomas.11 · #7 Příspěvek od **Tomas.11** » 12 led 2016 18:55

All processes killed
========== FILES ==========
C:\Program Files\Skype\Toolbars\Shared folder moved successfully.
C:\Program Files\Skype\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files\Skype\Toolbars folder moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\Security Center Update - 2125926583.job moved successfully.
File/Folder C:\Documents and Settings\Alena Lipavská\Data aplikací\Iqugluwo not found.
C:\WINDOWS\Installer\{01D5DBA0-B65B-3EC4-30AE-51BC10893B18} folder moved successfully.
========== SERVICES/DRIVERS ==========
Service Skype C2C Service stopped successfully!
Service Skype C2C Service deleted successfully!
Service syshost32 stopped successfully!
Service syshost32 deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 905749 bytes

User: Alena Lipavská
->Temp folder emptied: 41179418 bytes
->Temporary Internet Files folder emptied: 132426777 bytes
->FireFox cache emptied: 5906457 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 739 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 78227 bytes

User: LANPAR

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 163542650 bytes
->Flash cache emptied: 963 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 303158 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 174797978 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 187930 bytes
RecycleBin emptied: 1745995 bytes

Total Files Cleaned = 497,00 mb

[EMPTYFLASH]

User: Administrator

User: Alena Lipavská
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LANPAR

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

OTM by OldTimer - Version 3.1.21.0 log created on 01122016_185040

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Tomas.11 · #8 Příspěvek od **Tomas.11** » 12 led 2016 18:56

Logfile of random's system information tool 1.10 (written by random/random)
Run by Alena Lipavská at 2016-01-12 18:55:46
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 10 GB (33%) free of 31 GB
Total RAM: 989 MB (16% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:55:47, on 12.1.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Cobian Backup 11\cbService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TeamViewer\TeamViewer_Service.exe
C:\Program Files\TightVNC\tvnserver.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\TeamViewer\TeamViewer.exe
C:\Program Files\TeamViewer\tv_w32.exe
c:\program files\teamviewer\TeamViewer_Desktop.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\TightVNC\tvnserver.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ThunderbirdPortable\App\thunderbird\thunderbird.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\Documents and Settings\Alena Lipavská\Plocha\RSIT.exe
C:\Program Files\trend micro\Alena Lipavská.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Mozilla Thunderbird.lnk = C:\Program Files\ThunderbirdPortable\App\thunderbird\thunderbird.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3814939691
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - http://adisepo.mfcr.cz/adistc/adis/idpr ... tsignx.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{107DA2AD-A5C0-4A35-BAC7-7861A81B8FBF}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{107DA2AD-A5C0-4A35-BAC7-7861A81B8FBF}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{107DA2AD-A5C0-4A35-BAC7-7861A81B8FBF}: NameServer = 192.168.1.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: orakutt - Invalid registry found
O20 - Winlogon Notify: vinitru - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) - Luis Cobian, CobianSoft - C:\Program Files\Cobian Backup 11\cbService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Samsung UPD Service - Samsung Electronics CO., LTD. - C:\WINDOWS\system32\SUPDSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\TightVNC\tvnserver.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 7006 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Alena Lipavská\Data aplikací\Mozilla\Firefox\Profiles\satzjz0p.default

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-11 664184]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-10-27 150040]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-10-27 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-10-27 178712]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2010-08-11 40983152]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"AtiPTA"=C:\WINDOWS\system32\atiptaxx.exe [2005-11-23 344064]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-01-11 7021880]
"tvncontrol"=C:\Program Files\TightVNC\tvnserver.exe [2013-07-19 1690096]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-12-08 50749056]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Mozilla Thunderbird.lnk - C:\Program Files\ThunderbirdPortable\App\thunderbird\thunderbird.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-11-23 47104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-10-21 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\orakutt]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vinitru]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\SUPDSvc.exe"="C:\WINDOWS\system32\SUPDSvc.exe:*:Enabled:Samsung UPD Service"
"C:\Program Files\Common Files\soft602\langserv.exe"="C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\AH2JKX6J\49[1].mp3"="C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\AH2JKX6J\49[1].mp3:*:Enacled:49[1]"
"\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:Enacled:winlogon"
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\6FIF6DKB\42[1].mp3"="C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\6FIF6DKB\42[1].mp3:*:Enacled:42[1]"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe"="C:\Program Files\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe:*:Enabled:Samsung ICCUpdater Module"
"C:\Program Files\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe"="C:\Program Files\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe:*:Enabled:Samsung Scanner Discovery Module V3"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TeamViewer\TeamViewer.exe"="C:\Program Files\TeamViewer\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\TightVNC\tvnserver.exe"="C:\Program Files\TightVNC\tvnserver.exe:*:Enabled:TightVNC"
"C:\Program Files\TightVNC\tvnviewer.exe"="C:\Program Files\TightVNC\tvnviewer.exe:*:Enabled:TightVNC"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=serwvdrv.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2016-01-12 18:50:40 ----D---- C:\_OTM
2016-01-12 06:47:31 ----D---- C:\Program Files\TightVNC
2016-01-12 06:47:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\TightVNC
2016-01-11 22:23:08 ----A---- C:\AdwCleaner[S1].txt
2016-01-11 21:29:11 ----D---- C:\rsit
2016-01-11 21:29:11 ----D---- C:\Program Files\trend micro
2016-01-11 21:23:18 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2016-01-11 21:23:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2016-01-11 21:23:18 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-01-11 21:23:18 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-01-11 21:18:37 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-01-11 21:04:26 ----D---- C:\AdwCleaner
2016-01-11 20:42:52 ----D---- C:\Program Files\Cobian Backup 11
2016-01-11 20:26:06 ----D---- C:\Program Files\TeamViewer
2016-01-11 16:24:15 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-01-11 16:23:25 ----D---- C:\Documents and Settings\Alena Lipavská\Data aplikací\AVAST Software
2016-01-11 16:23:20 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2016-01-11 16:23:17 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswStmXP.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2016-01-11 16:22:44 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2016-01-11 16:22:40 ----A---- C:\WINDOWS\avastSS.scr
2016-01-11 16:20:52 ----D---- C:\Program Files\AVAST Software
2016-01-11 16:20:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2016-01-11 15:44:44 ----D---- C:\Documents and Settings\Alena Lipavská\Data aplikací\Foxit Software
2015-12-15 08:04:17 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 month======

2016-01-12 18:54:46 ----D---- C:\WINDOWS\Temp
2016-01-12 18:54:28 ----D---- C:\Documents and Settings\Alena Lipavská\Data aplikací\Skype
2016-01-12 18:54:21 ----D---- C:\WINDOWS\Prefetch
2016-01-12 18:52:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2016-01-12 18:50:40 ----SHD---- C:\WINDOWS\Installer
2016-01-12 18:50:40 ----SD---- C:\WINDOWS\Tasks
2016-01-12 18:50:40 ----RD---- C:\Program Files\Skype
2016-01-12 06:52:57 ----A---- C:\WINDOWS\wincmd.ini
2016-01-12 06:50:01 ----D---- C:\WINDOWS\system32\CatRoot2
2016-01-12 06:47:31 ----RD---- C:\Program Files
2016-01-12 06:47:25 ----D---- C:\Program Files\Common Files\Acronis
2016-01-11 22:43:19 ----D---- C:\WINDOWS\system32
2016-01-11 22:43:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-11 21:23:18 ----D---- C:\WINDOWS\system32\drivers
2016-01-11 21:15:22 ----AD---- C:\WINDOWS
2016-01-11 20:26:11 ----RSD---- C:\WINDOWS\Fonts
2016-01-11 16:23:20 ----HD---- C:\WINDOWS\inf
2016-01-11 16:22:44 ----D---- C:\WINDOWS\WinSxS
2016-01-11 15:46:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2016-01-11 15:44:22 ----D---- C:\Program Files\Foxit Software
2016-01-11 15:42:58 ----D---- C:\Program Files\SlySoft
2016-01-11 15:40:57 ----D---- C:\WINDOWS\Debug
2016-01-11 15:37:39 ----D---- C:\Temp
2016-01-11 15:35:30 ----D---- C:\1Instalace
2016-01-11 15:13:39 ----D---- C:\Documents and Settings\Alena Lipavská\Data aplikací\TeamViewer
2016-01-11 11:00:03 ----A---- C:\WINDOWS\system32\MRT.exe
2016-01-08 10:18:43 ----D---- C:\Program Files\Outlook Express
2016-01-07 07:59:36 ----D---- C:\Documents and Settings\Alena Lipavská\Data aplikací\Seznam Browser
2015-12-15 08:04:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2015-12-15 08:04:17 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-01-11 49776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-01-11 209432]
R0 SiSide;SiSide; C:\WINDOWS\System32\DRIVERS\siside.sys [2003-03-25 4096]
R0 sisidex;sisidex; C:\WINDOWS\system32\drivers\sisidex.sys [2002-10-17 49024]
R0 sisperf;Add Performance Filter Driver; C:\WINDOWS\system32\drivers\sisperf.sys [2002-08-20 9472]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\System32\DRIVERS\snapman.sys [2012-04-10 170528]
R0 timounter;Acronis Backup Archive Explorer; C:\WINDOWS\System32\DRIVERS\timntr.sys [2012-04-10 600928]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2016-01-11 55200]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-01-11 794952]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-01-11 436360]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-01-11 24016]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-01-11 81168]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2003-04-16 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2003-04-16 55936]
R2 SVKP;SVKP; \??\C:\WINDOWS\System32\SVKP.sys []
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2016-01-11 165104]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-10-21 6048480]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2010-10-21 62576]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2013-07-03 14976]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2010-08-04 2127728]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S0 27e4a9798243d42e;syshost.exe; C:\WINDOWS\System32\Drivers\27e4a9798243d42e.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\System32\Drivers\DgiVecp.sys []
S2 hardlock;hardlock; \??\C:\WINDOWS\System32\drivers\hardlock.sys []
S2 SSPORT;SSPORT; \??\C:\WINDOWS\System32\Drivers\SSPORT.sys []
S3 3dfxvs;3dfxvs; C:\WINDOWS\System32\DRIVERS\3dfxvsm.sys [2001-08-17 148352]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2016-01-11 58016]
S3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2008-04-14 701440]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
S3 Di1610VM11;KONICA MINOLTA Di1610 PCL; C:\WINDOWS\System32\Drivers\Di1610p.SYS [2001-08-17 13824]
S3 EthDriver;D-Link DGE-528T Vista 32-bit Driver; C:\WINDOWS\System32\DRIVERS\DLKRT32.sys [2007-01-24 70144]
S3 CH341SER;CH341SER; C:\WINDOWS\System32\Drivers\CH341SER.SYS [2009-06-02 39632]
S3 kvpndev;Kerio VPN adapter; C:\WINDOWS\System32\DRIVERS\kvpndrv.sys [2005-02-11 61440]
S3 ltmodem5;LT Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2004-08-17 606556]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver.sys []
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\System32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\DRIVERS\serscan.sys [2001-10-24 6784]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2013-07-24 30720]
S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-05 6912]
S3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-06-06 11264]
S4 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41600]
S4 RTL8023xp;D-Link DGE-528T Gigabit Ethernet Adapter NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\DLKRTXP.SYS [2006-07-31 83456]
S4 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S4 sisagp;SiS AGP Filter; C:\WINDOWS\System32\DRIVERS\SISAGPX.sys [2003-07-18 36992]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-01-11 226440]
R2 CobianBackup11;Cobian Backup 11 Gravity; C:\Program Files\Cobian Backup 11\cbService.exe [2012-12-05 1131008]
R2 TeamViewer;TeamViewer 11; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-12-14 6889232]
R2 tvnserver;TightVNC Server; C:\Program Files\TightVNC\tvnserver.exe [2013-07-19 1690096]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2005-03-11 455632]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2005-11-23 393216]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-09-15 516096]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-11 146888]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Samsung UPD Service;Samsung UPD Service; C:\WINDOWS\system32\SUPDSvc.exe [2010-08-09 131888]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Bohužel chyba při instalaci MBAM přetrvává.

#9 Příspěvek od **Rudy** » 12 led 2016 19:25

Instalujete tuto verzi: http://forum.viry.cz/viewtopic.php?f=46&t=7478 ? Novější na XP nefunguje. Dále dvouklikem na soubor spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O20 - Winlogon Notify: orakutt - Invalid registry found
O20 - Winlogon Notify: vinitru - Invalid registry found

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Tomas.11 · #10 Příspěvek od **Tomas.11** » 12 led 2016 19:39

Na odkazu http://james008.net/w3b/modules/TDMDown ... id=1&lid=1 je ccleaner, co v něm mám spustit?

#11 Příspěvek od **Rudy** » 12 led 2016 19:47

To, co jsem vám napsal o odkaz výše, jste provedl? Nějak uháníte mílovým krokem a já ztrácím přehled o tom, zda děláte, co vám radím, či si "jedete" po vlastní parketě. V CC spusťte první 2 položky shora a vše odstraňte. Zálohu ragistry dělat nemusíte. CCodstraní ale pouze zbytečnosti v dočasných adresářích a zbytky v registry po nefunkčních aplikacích.

Tomas.11 · #12 Příspěvek od **Tomas.11** » 12 led 2016 20:06

Dobrý den, ano stáhnul jsem ccleaner z odkazu udělal první dvě věci, ale následující "Dále dvouklikem na soubor spusťte HijackThis. atd." už bohužel nevím kde najít HijackThis

#13 Příspěvek od **Rudy** » 12 led 2016 21:01

Pardon, zapoměl jsem zkopírovat: C:\Program Files\trend micro\Alena Lipavská.exe .

Tomas.11 · #14 Příspěvek od **Tomas.11** » 12 led 2016 21:07

Omlouvám se, nevím jak dál postupovat

, můžete prosím zopakovat co mám udělat po projetí CCleanerem?

#15 Příspěvek od **Rudy** » 12 led 2016 21:10

Tak ještě jednou:
Dále dvouklikem na soubor C:\Program Files\trend micro\Alena Lipavská.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O20 - Winlogon Notify: orakutt - Invalid registry found
O20 - Winlogon Notify: vinitru - Invalid registry found

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

VIRY.CZ

prosba o kontrolu logu - mizejí ikony

prosba o kontrolu logu - mizejí ikony

Re: prosba o kontrolu logu - mizejí ikony

Re: prosba o kontrolu logu - mizejí ikony

Re: prosba o kontrolu logu - mizejí ikony

Re: prosba o kontrolu logu - mizejí ikony

Re: prosba o kontrolu logu - mizejí ikony

Re: prosba o kontrolu logu - mizejí ikony

Re: prosba o kontrolu logu - mizejí ikony

Re: prosba o kontrolu logu - mizejí ikony

Re: prosba o kontrolu logu - mizejí ikony

Re: prosba o kontrolu logu - mizejí ikony

Re: prosba o kontrolu logu - mizejí ikony

Re: prosba o kontrolu logu - mizejí ikony

Re: prosba o kontrolu logu - mizejí ikony

Re: prosba o kontrolu logu - mizejí ikony