zamrzání pc

[Constantine]

Zdravím, posledních pár dní mám velké problémy s notebookem. Nemůžu říct, že se seká, internet a prohlížeč, office fungují normálně. Ale po nějaké chvilce od startu se nemohu dostat do žádné složky, stále to jen načítá(takže ani do Tento Počítač). Nenačte to ani připojené USB. Když třeba něco smažu na ploše, projeví se to až po restartování PC. Když něco spustím, tak to za chvíli zamrzne. Měl jsem problém dostat i z PC nějaký ten log. Dále třeba dám vypnout počítat nebo restartovat, zamrzne to na hlášce "vypínání" a nevypne se.
Děje se to zhruba od doby, co se mi aktualizoval Comodo. Občas to po mě chce potvrzovat aplikace, to předchozí verze nedělala. Ale když vypnu firewall, tak se nic nezmění. Snažil jsme se ho odinstalovat, ale nejde to, zasekene se to na "shromažďování požadovaných informací" a neodinstaluje se to. Blbnul mi taky NOD32, po startu PC neustále kontroloval startovací soubory a když jsem chtěl dát hledání virů, sekl se a musel jsem restartovat PC. Toho se mi podařilo odinstalovat, ale taky mi to nepomohlo.


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Tomas (administrator) on TOMAS-NOTEBOOK on 06-04-2014 16:18:08
Running from E:\Users\Tomas\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(IObit) E:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
(COMODO) E:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
(COMODO) E:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(ATI Technologies Inc.) E:\Windows\system32\Ati2evxx.exe
(ATI Technologies Inc.) E:\Windows\system32\Ati2evxx.exe
() E:\Program Files\ATK Hotkey\ASLDRSrv.exe
() E:\Windows\AutoKMS.exe
(IObit) E:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(ATK) E:\Program Files\P4G\BatteryLife.exe
(ATK0100) E:\Program Files\ATK Hotkey\Hcontrol.exe
() E:\Program Files\ATKOSD2\ATKOSD2.exe
() E:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
(mst software GmbH, Germany) E:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS.exe
() E:\Program Files\ATK Hotkey\ATKOSD.exe
(COMODO) E:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Microsoft Corporation) E:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) E:\Program Files\Skype\Phone\Skype.exe
(Dropbox, Inc.) E:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
() E:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
() E:\Windows\system32\PnkBstrA.exe
(Skype Technologies) E:\Program Files\Skype\Updater\Updater.exe
(IObit) E:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
(Syntek America Inc.) E:\Windows\System32\StkCSrv.exe
(TeamViewer GmbH) E:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corporation) E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [COMODO Internet Security] - E:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1225944 2014-03-25] (COMODO)
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\.DEFAULT\...\Run: [Advanced SystemCare 6] - E:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [490880 2012-09-24] (IObit)
HKU\S-1-5-21-1422697769-3035029568-3433451993-1000\...\Run: [] - [X]
HKU\S-1-5-21-1422697769-3035029568-3433451993-1000\...\Run: [Skype] - E:\Program Files\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1422697769-3035029568-3433451993-1000\...\Policies\Explorer: [NoCDBurning] 1
HKU\S-1-5-21-1422697769-3035029568-3433451993-1000\...\MountPoints2: {b1bbf2d5-ce5c-11e0-98bb-001d6010d207} - H:\ZTE_Handset_USB_Driver.exe
HKU\S-1-5-21-1422697769-3035029568-3433451993-1000\...\MountPoints2: {d75368f1-d43f-11df-8d2c-001d60475a98} - G:\autorun.exe
Startup: E:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> E:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x809F839AE35CCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
SearchScopes: HKLM - DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL =
SearchScopes: HKCU - DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?utf8in=1&fr=ie ... earchTerms}
SearchScopes: HKCU - {293AA032-19DE-4B6A-AAEB-915C788A8BA6} URL = http://www.google.cz/search?q={searchTe ... {startPage}
SearchScopes: HKCU - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/search?query={searchTerms}&from=IE
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKCU - {E2F20DBC-9E4C-439F-9E68-BCF0D6AABA56} URL = http://search.seznam.cz/searchScreen?w= ... rms}&mod=f
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?utf8in=1&fr=ie ... earchTerms}
BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - E:\ProgramData\LangSoft\WebIE.dll ()
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - E:\Users\Tomas\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - E:\ProgramData\LangSoft\WebIE.dll ()
Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: E:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\q1sw6xmf.Pokus
FF user.js: detected! => E:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\q1sw6xmf.Pokus\user.js
FF DefaultSearchEngine: QIP Search
FF Plugin: @adobe.com/FlashPlayer - E:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - E:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.5.1 - E:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - E:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - E:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - E:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - E:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - E:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @tools.google.com/Google Update;version=3 - E:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - E:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 - E:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 - E:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin: Adobe Reader - E:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: E:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: E:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
FF Plugin ProgramFiles/Appdata: E:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: E:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: E:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: E:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: E:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: E:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: E:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\q1sw6xmf.Pokus\searchplugins\qip-search.xml
FF SearchPlugin: E:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: E:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: E:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: E:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: PrivDog - E:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\q1sw6xmf.Pokus\Extensions\PrivDog@AdTrustMedia.com.xpi [2014-04-03]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - E:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR Extension: (Seznam Lištička - Slovník) - E:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2013-09-14]
CHR Extension: (YouTube) - E:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-07]
CHR Extension: (Google Search) - E:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-07]
CHR Extension: (Mail.ru «Визуальные закладки») - E:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaocgokledfmfebefgbeokdodbbdjhdd [2013-08-21]
CHR Extension: (LemurLeap) - E:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof [2013-09-14]
CHR Extension: (Peněženka Google) - E:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-14]
CHR Extension: (Seznam Lištička - Rychlá volba) - E:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2013-09-14]
CHR Extension: (Gmail) - E:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-07]

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService6; E:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 AHDDC2; E:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1515352 2010-12-14] ()
R2 ASLDRService; E:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-02-05] ()
R2 CLPSLS; E:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe [148744 2010-02-19] (COMODO)
R2 cmdAgent; E:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5302384 2014-03-25] (COMODO)
S3 cmdvirth; E:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1663192 2014-03-25] (COMODO)
R2 DfSdkS; E:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS.exe [406016 2009-08-24] (mst software GmbH, Germany)
R2 IMFservice; E:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [820568 2011-07-20] (IObit)
R2 PassThru Service; E:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] ()
R2 PnkBstrA; E:\Windows\system32\PnkBstrA.exe [66872 2011-02-22] ()
R2 StkSSrv; E:\Windows\System32\StkCSrv.exe [24576 2010-09-25] (Syntek America Inc.)
S3 WO_LiveService; E:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe [885096 2013-05-15] ()
S2 ekrn; "E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe" [X]

==================== Drivers (Whitelisted) ====================

R3 Atc002; E:\Windows\System32\DRIVERS\l260x86.sys [29184 2009-07-14] (Atheros Communications, Inc.)
R3 BthAvrcp; E:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
R1 cmdGuard; E:\Windows\System32\DRIVERS\cmdguard.sys [607168 2014-03-25] (COMODO)
R1 cmdHlp; E:\Windows\System32\DRIVERS\cmdhlp.sys [43728 2014-03-25] (COMODO)
R1 inspect; E:\Windows\System32\DRIVERS\inspect.sys [92656 2014-03-25] (COMODO)
R2 LiveTunerPM; E:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor32.sys [12696 2011-03-08] ()
S3 MarvinBus; E:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
R3 MTsensor; E:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
R0 sptd; E:\Windows\System32\Drivers\sptd.sys [691696 2010-09-25] ()
R3 StkCMini; E:\Windows\System32\Drivers\StkCMini.sys [1260672 2010-09-25] (Syntek)
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; E:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [87536 2010-06-28] (CyberLink Corp.)
U3 aktixz95; E:\Windows\system32\Drivers\aktixz95.sys [0 ] (Microsoft Corporation)
S1 eamonm; system32\DRIVERS\eamonm.sys [X]
S1 ehdrv; system32\DRIVERS\ehdrv.sys [X]
S2 epfwwfpr; system32\DRIVERS\epfwwfpr.sys [X]
S3 gHidPnp; System32\Drivers\gHidPnp.Sys [X]
S3 gMouUsb; system32\DRIVERS\gMouUsb.sys [X]
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S3 massfilter_hs; system32\drivers\massfilter_hs.sys [X]
S3 Tosrfcom; No ImagePath
S3 zghsmdm; system32\DRIVERS\zghsmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-06 16:18 - 2014-04-06 16:18 - 00014930 _____ () E:\Users\Tomas\Desktop\FRST.txt
2014-04-06 16:17 - 2014-04-06 16:18 - 00000000 ____D () E:\FRST
2014-04-06 16:15 - 2014-04-06 16:15 - 00009501 _____ () E:\Users\Tomas\Desktop\sadfsdfd.txt
2014-04-06 16:11 - 2014-04-06 16:11 - 00112640 _____ (forum.viry.cz) E:\Users\Tomas\Desktop\FRSTLauncher.exe
2014-04-06 16:11 - 2014-04-06 16:11 - 00029696 _____ () E:\Users\Tomas\AppData\Local\MSGBOX.EXE
2014-04-06 16:11 - 2014-04-06 16:11 - 00015327 _____ () E:\Users\Tomas\AppData\Local\LM.bat
2014-04-06 16:10 - 2014-04-06 16:10 - 01145856 _____ (Farbar) E:\Users\Tomas\Desktop\FRST.exe
2014-04-06 16:06 - 2014-04-06 16:06 - 00009501 _____ () E:\Users\Tomas\Desktop\hijackthis.log
2014-04-06 15:54 - 2014-04-06 15:54 - 00009167 _____ () E:\Users\Tomas\Downloads\hijackthis.log
2014-04-06 15:54 - 2014-04-06 14:18 - 00388608 _____ (Trend Micro Inc.) E:\Users\Tomas\Desktop\hijackthis.exe
2014-04-06 15:21 - 2014-04-06 16:07 - 00001083 _____ () E:\Windows\AutoKMS.log
2014-04-06 15:19 - 2014-04-06 16:16 - 00000224 _____ () E:\Windows\setupact.log
2014-04-06 15:19 - 2014-04-06 15:19 - 00000000 _____ () E:\Windows\setuperr.log
2014-04-06 14:20 - 2014-04-06 14:20 - 00388608 _____ (Trend Micro Inc.) E:\Users\Tomas\Downloads\HiJackThis(1).exe
2014-04-06 14:18 - 2014-04-06 14:18 - 00388608 _____ (Trend Micro Inc.) E:\Users\Tomas\Downloads\hijackthis.exe
2014-04-06 13:59 - 2014-04-06 13:59 - 00000000 ___HD () E:\VTRoot
2014-04-06 13:58 - 2014-04-06 13:58 - 00002328 _____ () E:\Windows\system32\Drivers\fvstore.dat
2014-04-03 21:10 - 2014-04-03 21:10 - 00000000 ____D () E:\Users\Tomas\AppData\Local\AdTrustMedia
2014-04-03 21:08 - 2014-04-03 21:08 - 00000000 ____D () E:\Users\Tomas\AppData\Roaming\Comodo
2014-04-03 21:07 - 2014-04-03 21:07 - 00000000 ____D () E:\ProgramData\Comodo Downloader
2014-04-03 21:07 - 2014-04-03 21:07 - 00000000 ____D () E:\ProgramData\Adtrustmedia
2014-04-03 21:05 - 2014-04-03 21:05 - 00000000 ____D () E:\ProgramData\Shared Space
2014-04-03 21:04 - 2014-03-25 21:22 - 00284888 _____ (COMODO) E:\Windows\system32\cmdvrt32.dll
2014-04-03 21:04 - 2014-03-25 21:22 - 00040664 _____ (COMODO) E:\Windows\system32\cmdkbd32.dll
2014-03-24 22:42 - 2014-03-24 22:42 - 00000000 ____D () E:\Program Files\Mozilla Firefox
2014-03-23 11:26 - 2014-03-23 11:34 - 00000000 ____D () E:\Users\Tomas\Downloads\The Cabin in the Woods (2011) [1080p]
2014-03-13 17:41 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) E:\Windows\system32\mshtml.dll
2014-03-13 17:41 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) E:\Windows\system32\mshtml.tlb
2014-03-13 17:41 - 2014-03-01 06:10 - 00004096 _____ (Microsoft Corporation) E:\Windows\system32\ieetwcollectorres.dll
2014-03-13 17:41 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) E:\Windows\system32\iesetup.dll
2014-03-13 17:41 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) E:\Windows\system32\ieetwproxystub.dll
2014-03-13 17:41 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) E:\Windows\system32\iertutil.dll
2014-03-13 17:41 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) E:\Windows\system32\jsproxy.dll
2014-03-13 17:41 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) E:\Windows\system32\iernonce.dll
2014-03-13 17:41 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) E:\Windows\system32\ieui.dll
2014-03-13 17:41 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) E:\Windows\system32\ieUnatt.exe
2014-03-13 17:41 - 2014-03-01 05:38 - 00108032 _____ (Microsoft Corporation) E:\Windows\system32\ieetwcollector.exe
2014-03-13 17:41 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) E:\Windows\system32\jscript9diag.dll
2014-03-13 17:41 - 2014-03-01 05:31 - 00646144 _____ (Microsoft Corporation) E:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 17:41 - 2014-03-01 05:25 - 00208896 _____ (Microsoft Corporation) E:\Windows\system32\ie4uinit.exe
2014-03-13 17:41 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) E:\Windows\system32\msrating.dll
2014-03-13 17:41 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) E:\Windows\system32\jscript9.dll
2014-03-13 17:41 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) E:\Windows\system32\msfeeds.dll
2014-03-13 17:41 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) E:\Windows\system32\inetcpl.cpl
2014-03-13 17:41 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) E:\Windows\system32\ieframe.dll
2014-03-13 17:41 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) E:\Windows\system32\wininet.dll
2014-03-13 17:41 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) E:\Windows\system32\urlmon.dll
2014-03-13 17:41 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) E:\Windows\system32\ieapfltr.dll
2014-03-13 17:41 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) E:\Windows\system32\win32k.sys
2014-03-13 17:41 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) E:\Windows\system32\WindowsCodecs.dll
2014-03-13 17:41 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) E:\Windows\system32\qedit.dll
2014-03-13 17:41 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) E:\Windows\system32\wwansvc.dll
2014-03-13 17:40 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) E:\Windows\system32\wer.dll
2014-03-13 17:20 - 2014-03-13 17:20 - 00000000 ____D () E:\Users\Tomas\AppData\Local\Skype
2014-03-13 17:18 - 2014-03-13 17:18 - 00002719 _____ () E:\Users\Public\Desktop\Skype.lnk
2014-03-13 17:18 - 2014-03-13 17:18 - 00000000 ____D () E:\Program Files\Common Files\Skype

==================== One Month Modified Files and Folders =======

2014-04-06 16:18 - 2014-04-06 16:18 - 00014930 _____ () E:\Users\Tomas\Desktop\FRST.txt
2014-04-06 16:18 - 2014-04-06 16:17 - 00000000 ____D () E:\FRST
2014-04-06 16:18 - 2012-02-21 18:52 - 00000000 ____D () E:\Users\Tomas\AppData\Roaming\Dropbox
2014-04-06 16:17 - 2011-11-05 16:34 - 00000000 ____D () E:\Users\Tomas\AppData\Roaming\Skype
2014-04-06 16:17 - 2010-12-01 00:32 - 00000880 _____ () E:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-06 16:17 - 2010-10-21 18:36 - 00000200 _____ () E:\Windows\Tasks\AutoKMS.job
2014-04-06 16:17 - 2010-10-06 14:33 - 00065536 _____ () E:\Windows\system32\Ikeext.etl
2014-04-06 16:17 - 2010-09-25 18:11 - 00000376 _____ () E:\Windows\Tasks\AWC AutoSweep.job
2014-04-06 16:16 - 2014-04-06 15:19 - 00000224 _____ () E:\Windows\setupact.log
2014-04-06 16:16 - 2009-07-14 06:53 - 00000006 ____H () E:\Windows\Tasks\SA.DAT
2014-04-06 16:15 - 2014-04-06 16:15 - 00009501 _____ () E:\Users\Tomas\Desktop\sadfsdfd.txt
2014-04-06 16:12 - 2009-07-14 06:34 - 00014256 ____H () E:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-06 16:12 - 2009-07-14 06:34 - 00014256 ____H () E:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-06 16:11 - 2014-04-06 16:11 - 00112640 _____ (forum.viry.cz) E:\Users\Tomas\Desktop\FRSTLauncher.exe
2014-04-06 16:11 - 2014-04-06 16:11 - 00029696 _____ () E:\Users\Tomas\AppData\Local\MSGBOX.EXE
2014-04-06 16:11 - 2014-04-06 16:11 - 00015327 _____ () E:\Users\Tomas\AppData\Local\LM.bat
2014-04-06 16:10 - 2014-04-06 16:10 - 01145856 _____ (Farbar) E:\Users\Tomas\Desktop\FRST.exe
2014-04-06 16:09 - 2013-12-09 17:50 - 00000886 _____ () E:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef4f6676e9613.job
2014-04-06 16:09 - 2010-09-25 21:01 - 01619608 _____ () E:\Windows\system32\PerfStringBackup.INI
2014-04-06 16:07 - 2014-04-06 15:21 - 00001083 _____ () E:\Windows\AutoKMS.log
2014-04-06 16:06 - 2014-04-06 16:06 - 00009501 _____ () E:\Users\Tomas\Desktop\hijackthis.log
2014-04-06 16:02 - 2010-09-25 20:41 - 01865656 _____ () E:\Windows\WindowsUpdate.log
2014-04-06 15:54 - 2014-04-06 15:54 - 00009167 _____ () E:\Users\Tomas\Downloads\hijackthis.log
2014-04-06 15:50 - 2012-04-03 17:17 - 00000914 _____ () E:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-06 15:50 - 2012-02-21 18:55 - 00000000 ___RD () E:\Users\Tomas\Dropbox
2014-04-06 15:19 - 2014-04-06 15:19 - 00000000 _____ () E:\Windows\setuperr.log
2014-04-06 15:13 - 2013-11-21 18:53 - 00000000 ____D () E:\Users\Tomas\AppData\Roaming\AIMP3
2014-04-06 15:13 - 2010-09-25 16:05 - 00000000 ____D () E:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
2014-04-06 15:13 - 2010-09-25 13:50 - 00000000 ____D () E:\Users\Tomas\AppData\Roaming\BitTorrent
2014-04-06 14:52 - 2010-09-25 15:10 - 00000000 ____D () E:\Program Files\ESET
2014-04-06 14:40 - 2013-01-20 12:07 - 00000000 ____D () E:\Users\Tomas\AppData\Local\CrashDumps
2014-04-06 14:20 - 2014-04-06 14:20 - 00388608 _____ (Trend Micro Inc.) E:\Users\Tomas\Downloads\HiJackThis(1).exe
2014-04-06 14:18 - 2014-04-06 15:54 - 00388608 _____ (Trend Micro Inc.) E:\Users\Tomas\Desktop\hijackthis.exe
2014-04-06 14:18 - 2014-04-06 14:18 - 00388608 _____ (Trend Micro Inc.) E:\Users\Tomas\Downloads\hijackthis.exe
2014-04-06 13:59 - 2014-04-06 13:59 - 00000000 ___HD () E:\VTRoot
2014-04-06 13:58 - 2014-04-06 13:58 - 00002328 _____ () E:\Windows\system32\Drivers\fvstore.dat
2014-04-05 09:09 - 2010-12-07 23:05 - 00009216 _____ () E:\Users\Tomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-03 21:10 - 2014-04-03 21:10 - 00000000 ____D () E:\Users\Tomas\AppData\Local\AdTrustMedia
2014-04-03 21:08 - 2014-04-03 21:08 - 00000000 ____D () E:\Users\Tomas\AppData\Roaming\Comodo
2014-04-03 21:07 - 2014-04-03 21:07 - 00000000 ____D () E:\ProgramData\Comodo Downloader
2014-04-03 21:07 - 2014-04-03 21:07 - 00000000 ____D () E:\ProgramData\Adtrustmedia
2014-04-03 21:05 - 2014-04-03 21:05 - 00000000 ____D () E:\ProgramData\Shared Space
2014-04-03 21:02 - 2009-07-14 04:37 - 00000000 ____D () E:\Windows\tracing
2014-04-01 19:05 - 2009-07-14 06:53 - 00032588 _____ () E:\Windows\Tasks\SCHEDLGU.TXT
2014-03-28 16:53 - 2012-02-21 18:54 - 00000000 ____D () E:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-03-27 21:12 - 2011-05-11 17:38 - 00000000 ____D () E:\Users\Tomas\Documents\Soubory aplikace Outlook
2014-03-25 21:22 - 2014-04-03 21:04 - 00284888 _____ (COMODO) E:\Windows\system32\cmdvrt32.dll
2014-03-25 21:22 - 2014-04-03 21:04 - 00040664 _____ (COMODO) E:\Windows\system32\cmdkbd32.dll
2014-03-25 21:22 - 2011-10-22 17:04 - 00036000 _____ (COMODO) E:\Windows\system32\cmdcsr.dll
2014-03-25 21:22 - 2010-04-09 01:26 - 00363504 _____ (COMODO) E:\Windows\system32\guard32.dll
2014-03-25 21:22 - 2010-04-09 01:25 - 00607168 _____ (COMODO) E:\Windows\system32\Drivers\cmdGuard.sys
2014-03-25 21:22 - 2010-04-09 01:25 - 00092656 _____ (COMODO) E:\Windows\system32\Drivers\inspect.sys
2014-03-25 21:22 - 2010-04-09 01:25 - 00043728 _____ (COMODO) E:\Windows\system32\Drivers\cmdhlp.sys
2014-03-25 21:22 - 2010-04-09 01:25 - 00020072 _____ (COMODO) E:\Windows\system32\Drivers\cmderd.sys
2014-03-25 17:03 - 2012-04-26 17:54 - 00000000 ____D () E:\Program Files\Mozilla Maintenance Service
2014-03-24 22:42 - 2014-03-24 22:42 - 00000000 ____D () E:\Program Files\Mozilla Firefox
2014-03-23 11:34 - 2014-03-23 11:26 - 00000000 ____D () E:\Users\Tomas\Downloads\The Cabin in the Woods (2011) [1080p]
2014-03-18 18:26 - 2013-07-15 20:28 - 00000000 ____D () E:\Windows\system32\MRT
2014-03-18 18:12 - 2010-09-25 12:06 - 87350280 _____ (Microsoft Corporation) E:\Windows\system32\MRT.exe
2014-03-16 18:14 - 2012-12-16 13:59 - 00000082 _____ () E:\Users\Public\Documents\SP701A.dat
2014-03-15 21:11 - 2012-09-02 14:25 - 00002137 _____ () E:\Users\Public\Desktop\Google Chrome.lnk
2014-03-14 16:38 - 2009-07-14 06:33 - 03829640 _____ () E:\Windows\system32\FNTCACHE.DAT
2014-03-14 16:36 - 2010-09-25 14:33 - 00000000 ____D () E:\Program Files\Microsoft Silverlight
2014-03-13 20:01 - 2010-09-26 14:51 - 00000000 ____D () E:\ProgramData\Microsoft Help
2014-03-13 17:20 - 2014-03-13 17:20 - 00000000 ____D () E:\Users\Tomas\AppData\Local\Skype
2014-03-13 17:18 - 2014-03-13 17:18 - 00002719 _____ () E:\Users\Public\Desktop\Skype.lnk
2014-03-13 17:18 - 2014-03-13 17:18 - 00000000 ____D () E:\Program Files\Common Files\Skype
2014-03-13 17:18 - 2013-02-09 13:56 - 00000000 ___RD () E:\Program Files\Skype
2014-03-13 17:18 - 2011-11-05 16:33 - 00000000 ____D () E:\ProgramData\Skype
2014-03-12 20:50 - 2012-04-03 17:17 - 00692616 _____ (Adobe Systems Incorporated) E:\Windows\system32\FlashPlayerApp.exe
2014-03-12 20:50 - 2011-05-23 20:04 - 00071048 _____ (Adobe Systems Incorporated) E:\Windows\system32\FlashPlayerCPLApp.cpl

Files to move or delete:
====================
E:\ProgramData\PKP_DLeo.DAT
E:\ProgramData\PKP_DLes.DAT
E:\ProgramData\PKP_DLet.DAT
E:\ProgramData\PKP_DLev.DAT


Some content of TEMP:
====================
E:\Users\Tomas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvm9m3z.dll


==================== Bamital & volsnap Check =================

E:\Windows\explorer.exe => MD5 is legit
E:\Windows\system32\winlogon.exe => MD5 is legit
E:\Windows\system32\wininit.exe => MD5 is legit
E:\Windows\system32\svchost.exe => MD5 is legit
E:\Windows\system32\services.exe => MD5 is legit
E:\Windows\system32\User32.dll => MD5 is legit
E:\Windows\system32\userinit.exe => MD5 is legit
E:\Windows\system32\rpcss.dll => MD5 is legit
E:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

[Rudy]

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-1422697769-3035029568-3433451993-1000\...\Run: [] - [X]
HKU\S-1-5-21-1422697769-3035029568-3433451993-1000\...\MountPoints2: {b1bbf2d5-ce5c-11e0-98bb-001d6010d207} - H:\ZTE_Handset_USB_Driver.exe
HKU\S-1-5-21-1422697769-3035029568-3433451993-1000\...\MountPoints2: {d75368f1-d43f-11df-8d2c-001d60475a98} - G:\autorun.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
SearchScopes: HKLM - DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL =
SearchScopes: HKCU - DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?utf8in=1&fr=ie ... earchTerms}
SearchScopes: HKCU - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/search?query={searchTerms}&from=IE
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?utf8in=1&fr=ie ... earchTerms}
BHO: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - E:\Users\Tomas\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
FF user.js: detected! => E:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\q1sw6xmf.Pokus\user.js
FF DefaultSearchEngine: QIP Search
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 - E:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 - E:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Extension: (Mail.ru «Визуальные закладки») - E:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaocgokledfmfebefgbeokdodbbdjhdd [2013-08-21]
CHR Extension: (LemurLeap) - E:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof [2013-09-14]
U3 aktixz95; E:\Windows\system32\Drivers\aktixz95.sys [0 ] (Microsoft Corporation)
E:\Windows\AutoKMS.log
E:\Windows\Tasks\AutoKMS.job
E:\ProgramData\PKP_DLeo.DAT
E:\ProgramData\PKP_DLes.DAT
E:\ProgramData\PKP_DLet.DAT
E:\ProgramData\PKP_DLev.DAT
E:\Users\Tomas\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.


Dále nainstalujte SpeedFan: http://www.stahuj.centrum.cz/utility_a_ ... /speedfan/ a v průběhu chodu PC sledujte teploty zejména CPU a GPU. Neměly by trvale překračovat 65°C (u NB 75°C). doporučuji odinstalovat Advanced system care. Důvod: http://forum.viry.cz/viewtopic.php?f=14 ... ilit=iobit .

[Constantine]

Děkuji. Advanced system care jsem odinstaloval. Ten SpeedFan se mi stejně jako většina programu bohužel při spouštění. hryzne. Ale notebook mi nepřijde nijak zvlášť horký.


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014 01
Ran by Tomas at 2014-04-06 17:17:14 Run:1
Running from E:\Users\Tomas\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKU\S-1-5-21-1422697769-3035029568-3433451993-1000\...\Run: [] - [X]
HKU\S-1-5-21-1422697769-3035029568-3433451993-1000\...\MountPoints2: {b1bbf2d5-ce5c-11e0-98bb-001d6010d207} - H:\ZTE_Handset_USB_Driver.exe
HKU\S-1-5-21-1422697769-3035029568-3433451993-1000\...\MountPoints2: {d75368f1-d43f-11df-8d2c-001d60475a98} - G:\autorun.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
SearchScopes: HKLM - DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL =
SearchScopes: HKCU - DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?utf8in=1&fr=ie ... earchTerms}
SearchScopes: HKCU - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/search?query={searchTerms}&from=IE
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?utf8in=1&fr=ie ... earchTerms}
BHO: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - E:\Users\Tomas\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
FF user.js: detected! => E:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\q1sw6xmf.Pokus\user.js
FF DefaultSearchEngine: QIP Search
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 - E:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 - E:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Extension: (Mail.ru «Визуальные закладки») - E:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaocgokledfmfebefgbeokdodbbdjhdd [2013-08-21]
CHR Extension: (LemurLeap) - E:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof [2013-09-14]
U3 aktixz95; E:\Windows\system32\Drivers\aktixz95.sys [0 ] (Microsoft Corporation)
E:\Windows\AutoKMS.log
E:\Windows\Tasks\AutoKMS.job
E:\ProgramData\PKP_DLeo.DAT
E:\ProgramData\PKP_DLes.DAT
E:\ProgramData\PKP_DLet.DAT
E:\ProgramData\PKP_DLev.DAT
E:\Users\Tomas\AppData\Local\Temp
End
*****************

HKU\S-1-5-21-1422697769-3035029568-3433451993-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKU\S-1-5-21-1422697769-3035029568-3433451993-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1bbf2d5-ce5c-11e0-98bb-001d6010d207} => Key deleted successfully.
HKCR\CLSID\{b1bbf2d5-ce5c-11e0-98bb-001d6010d207} => Key not found.
HKU\S-1-5-21-1422697769-3035029568-3433451993-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d75368f1-d43f-11df-8d2c-001d60475a98} => Key deleted successfully.
HKCR\CLSID\{d75368f1-d43f-11df-8d2c-001d60475a98} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955} => Key deleted successfully.
HKCR\CLSID\{95289393-33EA-4F8D-B952-483415B9C955} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => Value deleted successfully.
HKCR\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} => Value deleted successfully.
HKCR\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} => Key not found.
E:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\q1sw6xmf.Pokus\user.js => Moved successfully.
Firefox DefaultSearchEngine deleted successfully.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin: @microsoft.com/GENUINE - disabled No File not found.
HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19 => Key deleted successfully.
E:\Program Files\Veetle\plugins\npVeetle.dll => Moved successfully.
HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18 => Key deleted successfully.
E:\Program Files\Veetle\Player\npvlc.dll => Moved successfully.
E:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaocgokledfmfebefgbeokdodbbdjhdd => Moved successfully.
E:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof => Moved successfully.
aktixz95 => Service not found.
Could not move "E:\Windows\AutoKMS.log" => Scheduled to move on reboot.
E:\Windows\Tasks\AutoKMS.job => Moved successfully.
E:\ProgramData\PKP_DLeo.DAT => Moved successfully.
E:\ProgramData\PKP_DLes.DAT => Moved successfully.
E:\ProgramData\PKP_DLet.DAT => Moved successfully.
E:\ProgramData\PKP_DLev.DAT => Moved successfully.

"E:\Users\Tomas\AppData\Local\Temp" directory move:

E:\Users\Tomas\AppData\Local\Temp\COMODO Internet Security dbgout.log => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\CVRAC73.tmp.cvr => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\CVRDF6A.tmp.cvr => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\CVRF287.tmp.cvr => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw4skhl.dll => Moved successfully.
Could not move "E:\Users\Tomas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw4skhl.lck" => Scheduled to move on reboot.
E:\Users\Tomas\AppData\Local\Temp\etilqs_4cRU2mkoIZFgmcu => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\etilqs_fTws19FDh3jN4MM => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\etilqs_tdLdJpaQy3R7O0i => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\etilqs_TmXmWa8XuMaQtkP => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\etilqs_vQjkfOngzv5cWKu => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\etilqs_YnhXg5m0ItZsrG5 => Moved successfully.
Could not move "E:\Users\Tomas\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
E:\Users\Tomas\AppData\Local\Temp\GimmeSetup(201404061444006F8).log => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\GimmeSetup(20140406144414740).log => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\log3 => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\MSI14f34.LOG => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\MSI26111.LOG => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\PCW87C4.tmp => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\PCW87C4.xml => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\SetupExe(201404061443596F8).log => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\SetupExe(20140406144413740).log => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\sfextra.dll => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\~41D9.bat => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\~41D9.tmp => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\~DF2C24BA6E44789D0C.TMP => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\~DF37545B07B2E9C05D.TMP => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\~DF5E920B23770B9D65.TMP => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\~DF6420FAA5A6FB722A.TMP => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\~DFBF26AC1C8895D895.TMP => Moved successfully.
E:\Users\Tomas\AppData\Local\Temp\~DFFB1B1D3D05DCE389.TMP => Moved successfully.
Could not move "E:\Users\Tomas\AppData\Local\Temp\Skype\DbTemp\temp-fsoXayyPXRCstj7ELszMnQ7e" => Scheduled to move on reboot.
Could not move "E:\Users\Tomas\AppData\Local\Temp\Skype\DbTemp\temp-SkpeTutDHfVP2p3Esig8z8cY" => Scheduled to move on reboot.
Could not move "E:\Users\Tomas\AppData\Local\Temp" directory. => Scheduled to move on reboot.


=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-06 17:19:49)<=

E:\Windows\AutoKMS.log => Is moved successfully.
E:\Users\Tomas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw4skhl.lck => Is moved successfully.
E:\Users\Tomas\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
E:\Users\Tomas\AppData\Local\Temp\Skype\DbTemp\temp-fsoXayyPXRCstj7ELszMnQ7e => Is moved successfully.
E:\Users\Tomas\AppData\Local\Temp\Skype\DbTemp\temp-SkpeTutDHfVP2p3Esig8z8cY => Is moved successfully.
E:\Users\Tomas\AppData\Local\Temp => Moved successfully.

==== End of Fixlog ====

[Constantine]

A teď jsem přišel na to, že přes Total Commander vše funguje. Takže jak kdyby něco s explorerem nebo tak něco.

[Rudy]

Zkuste obnovu systému k datu, kdy korektně fungoval.

[Constantine]

To jsem bohužel neměl nastaveno

[Rudy]

Teď by se hodila. Zkuste opravu přes FixIt: http://support.microsoft.com/fixit/cs-cz .

[Constantine]

Tak asi nic, děkuji za rady. Budu to muset celý přeinstalovat.

Ještě jsem si stáhl Avast a když dám hloubkovou kontrolu, tak se mi to zasekne na 0% při kontrole souboru lsm.exe. Ten je ale správně v adresáři System32.

[Rudy]

Toto virový problém nebude. Ještě byste se mohl pokusit o opravu buď pomocí win7manager: http://www.yamicsoft.com/windows7manager/ , nebo z instal. média.