Prosím o kontrolu - PC se zasekává

Zpráva

Premek84 · #1 Příspěvek od **Premek84** » 04 zář 2015 19:10

Zdravím,

myslím si, že to asi nebude nic horkého, protože jsem PC pomerně nedávno čistil, ale přesto údajně celkem často dochází k zamrzání PC což dříve prý nedělalo..teď jsem to pustil tak jdu zkoumat..přesto Vás poprosím o kontrolu z RSIT...děkuji předem...

Logfile of random's system information tool 1.10 (written by random/random)
Run by Evka at 2015-09-04 20:07:14
Systém Microsoft Windows XP Professional Service Pack 3
System drive H: has 80 GB (53%) free of 153 GB
Total RAM: 1919 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:07:53, on 4.9.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\AVAST Software\Avast\AvastSvc.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\Program Files\AVAST Software\Avast\afwServ.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
H:\Program Files\Comodo\Dragon\dragon_updater.exe
H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
H:\Program Files\Spyware Terminator\st_rsser.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\wuauclt.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\Twain_32\Samsung\SCX4600\Scan2pc.exe
H:\WINDOWS\RTHDCPL.EXE
H:\Program Files\AVAST Software\Avast\AvastUI.exe
H:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
H:\WINDOWS\system32\wbem\unsecapp.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Program Files\Dropbox\Client\Dropbox.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Documents and Settings\Evka\Data aplikací\Seznam.cz\szninstall.exe
H:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
H:\Documents and Settings\Evka\Data aplikací\Seznam.cz\bin\szndesktop.exe
H:\WINDOWS\system32\wuauclt.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Remote Virtual USB\RMVUSB.exe
H:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
H:\Documents and Settings\Evka\Plocha\RSIT.exe
H:\Program Files\trend micro\Evka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: (no name) - {82A76710-4F98-4957-92BE-99648A4E2475} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [4600 Scan2PC] "H:\WINDOWS\Twain_32\Samsung\SCX4600\Scan2pc.exe"
O4 - HKLM\..\Run: [Remote Virtual USB] H:\Program Files\Remote Virtual USB\RMVUSB.exe /b
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AvastUI.exe] "H:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SpywareTerminatorShield] H:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] H:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "H:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Dropbox] "H:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "H:\Documents and Settings\Evka\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "H:\Documents and Settings\Evka\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = H:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download video on this page - res://H:\Program Files\Tomabo\MP4 Player\MP4D_IE.dll/300
O8 - Extra context menu item: Download video this links to - res://H:\Program Files\Tomabo\MP4 Player\MP4D_IE.dll/301
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Download Video - {7EB7296C-BEA5-444A-AAAA-1DF97CA6CB6E} - res://H:\Program Files\Tomabo\MP4 Player\MP4D_IE.dll/300 (file missing)
O9 - Extra 'Tools' menuitem: Download video on this page - {7EB7296C-BEA5-444A-AAAA-1DF97CA6CB6E} - res://H:\Program Files\Tomabo\MP4 Player\MP4D_IE.dll/300 (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Download Video - {B4FECE59-6D0A-4EE6-A07F-E6A94F846E55} - res://H:\Program Files\Tomabo\MP4 Player\YTVD_IE.dll/300 (file missing)
O9 - Extra 'Tools' menuitem: Download video on this page - {B4FECE59-6D0A-4EE6-A07F-E6A94F846E55} - res://H:\Program Files\Tomabo\MP4 Player\YTVD_IE.dll/300 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7718639612
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - H:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - H:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - H:\Program Files\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - H:\Program Files\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - H:\Program Files\Ashampoo\Ashampoo WinOptimizer Free\Dfsdks.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo - H:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - H:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Pml Driver HPZ12 - HP - H:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler Group - H:\Program Files\Spyware Terminator\st_rsser.exe

--
End of file - 9858 bytes

======Scheduled tasks folder======

H:\WINDOWS\tasks\Adobe Flash Player Updater.job - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
H:\WINDOWS\tasks\avast! Emergency Update.job - H:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
H:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - H:\Program Files\Dropbox\Update\DropboxUpdate.exe /c
H:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - H:\Program Files\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - H:\Program Files\Google\Update\GoogleUpdate.exe /c
H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - H:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
H:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - H:\WINDOWS\system32\xp_eos.exe
H:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - H:\WINDOWS\system32\xp_eos.exe -c

=========Mozilla firefox=========

ProfilePath - H:\Documents and Settings\Evka\Data aplikací\Mozilla\Firefox\Profiles\yarbtr2l.default

prefs.js - "browser.startup.homepage" - "http://www.idnes.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"

"{20a82645-c095-46ed-80e3-08825760534b}"=H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=H:\Program Files\AVAST Software\Avast\WebRep\FF
"{55A8EC97-6AF6-442c-877F-11C51DBD162D}"=H:\Program Files\Tomabo\MP4 Player\YTVD_FF.xpi
"{8B1E27AE-119E-456b-B22E-08C61FACB097}"=H:\Program Files\Tomabo\MP4 Player\MP4D_FF.xpi

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=H:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=H:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=H:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=h:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=H:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=H:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=H:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=H:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

H:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
np_gp.dll

H:\Documents and Settings\Evka\Data aplikací\Mozilla\Firefox\Profiles\yarbtr2l.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

H:\Documents and Settings\Evka\Data aplikací\Mozilla\Firefox\Profiles\yarbtr2l.default\searchplugins\
google-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - H:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-16 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - H:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"4600 Scan2PC"=H:\WINDOWS\Twain_32\Samsung\SCX4600\Scan2pc.exe [2009-09-11 1968640]
"Remote Virtual USB"=H:\Program Files\Remote Virtual USB\RMVUSB.exe [2007-09-07 786432]
"RTHDCPL"=H:\WINDOWS\RTHDCPL.EXE [2008-01-09 16859648]
"Alcmtr"=H:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AvastUI.exe"=H:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-16 5515496]
"Adobe ARM"=H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-05-08 959904]
"SpywareTerminatorShield"=H:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2015-07-28 3884368]
"SpywareTerminatorUpdater"=H:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2015-09-02 5473104]
"seznam-listicka-distribuce"=H:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"Dropbox"=H:\Program Files\Dropbox\Client\Dropbox.exe [2015-08-14 39175960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=H:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=H:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"cz.seznam.software.autoupdate"=H:\Documents and Settings\Evka\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=H:\Documents and Settings\Evka\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
H:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\H:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
H:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2003-07-07 233472]

H:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
McAfee Security Scan Plus.lnk - H:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
H:\WINDOWS\system32\Ati2evxx.dll [2008-01-10 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
H:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-08 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveTrack"=1
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoFind"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\WINDOWS\system32\ZoneLabs\vsmon.exe"="H:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:TrueVector Service"
"H:\WINDOWS\twain_32\Samsung\ScanMgr.exe"="H:\WINDOWS\twain_32\Samsung\ScanMgr.exe:*:Enabled:Scan Manger"
"H:\WINDOWS\twain_32\Samsung\SCX4600\Scan2Pc.exe"="H:\WINDOWS\twain_32\Samsung\SCX4600\Scan2Pc.exe:*:Enabled:ScanToPC"
"H:\WINDOWS\twain_32\Samsung\SCX4600\Sscan2io.exe"="H:\WINDOWS\twain_32\Samsung\SCX4600\Sscan2io.exe:*:Enabled:SScanToIO"
"H:\Program Files\Common Files\soft602\langserv.exe"="H:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"H:\Program Files\Remote Virtual USB\RMVUSB.exe"="H:\Program Files\Remote Virtual USB\RMVUSB.exe:*:Enabled:Remote Virtual USB Client"
"H:\Program Files\Tomabo\MP4 Player\YouTubeVideoDownloader.exe"="H:\Program Files\Tomabo\MP4 Player\YouTubeVideoDownloader.exe:*:Enabled:YouTube Video Downloader"
"H:\Program Files\Tomabo\MP4 Player\MP4Downloader.exe"="H:\Program Files\Tomabo\MP4 Player\MP4Downloader.exe:*:Enabled:MP4 Downloader"
"H:\Program Files\Spyware Terminator\SpywareTerminator.exe"="H:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"H:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="H:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"
"H:\Program Files\Mozilla Firefox\firefox.exe"="H:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (H:\Program Files\Mozilla Firefox)"
"H:\Program Files\Dropbox\Client\Dropbox.exe"="H:\Program Files\Dropbox\Client\Dropbox.exe:*:Enabled:Dropbox"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\Program Files\Dropbox\Client\Dropbox.exe"="H:\Program Files\Dropbox\Client\Dropbox.exe:*:Enabled:Dropbox"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=H:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=H:\WINDOWS\system32\l3codeca.acm
"vidc.LEAD"=LCODCCMP.DLL
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-09-01 16:38:08 ----D---- H:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2015-09-04 20:07:34 ----D---- H:\WINDOWS\Temp
2015-09-04 20:07:28 ----D---- H:\Program Files\trend micro
2015-09-04 20:07:12 ----D---- H:\WINDOWS\Prefetch
2015-09-04 20:06:29 ----D---- H:\Program Files\Spyware Terminator
2015-09-04 20:05:53 ----D---- H:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2015-09-04 20:05:17 ----D---- H:\WINDOWS\system32
2015-09-04 20:05:17 ----A---- H:\WINDOWS\system32\PerfStringBackup.INI
2015-09-04 20:01:35 ----D---- H:\WINDOWS\system32\CatRoot2
2015-09-02 22:24:03 ----A---- H:\WINDOWS\SchedLgU.Txt
2015-09-02 21:19:04 ----D---- H:\Documents and Settings\Evka\Data aplikací\Seznam.cz
2015-09-01 18:09:36 ----D---- H:\Program Files\Dropbox
2015-09-01 16:40:41 ----D---- H:\Program Files\Mozilla Maintenance Service
2015-09-01 16:40:41 ----D---- H:\Program Files
2015-08-27 19:01:04 ----SHD---- H:\WINDOWS\Installer
2015-08-27 18:56:06 ----SD---- H:\WINDOWS\Tasks
2015-08-17 19:14:08 ----D---- H:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan
2015-08-16 10:35:12 ----D---- H:\Config.Msi
2015-08-12 14:41:28 ----A---- H:\WINDOWS\system32\FlashPlayerApp.exe
2015-08-12 14:41:18 ----A---- H:\WINDOWS\system32\FlashPlayerInstaller.exe
2015-08-09 20:29:02 ----D---- H:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; H:\WINDOWS\system32\DRIVERS\aswNdis.sys [2015-01-20 12112]
R0 aswNdis2;avast! Firewall NDIS Driver; H:\WINDOWS\system32\drivers\aswNdis2.sys [2015-05-16 253600]
R0 aswRvrt;avast! Revert; H:\WINDOWS\system32\drivers\aswRvrt.sys [2015-05-16 49904]
R0 aswVmm;avast! VM Monitor; H:\WINDOWS\system32\drivers\aswVmm.sys [2015-05-16 209048]
R1 AFS2K;AFS2k; H:\WINDOWS\system32\drivers\AFS2K.sys [2009-03-22 43488]
R1 AmdK8;Ovladač procesoru AMD; H:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswKbd;aswKbd; H:\WINDOWS\system32\drivers\aswKbd.sys [2015-05-16 26096]
R1 aswRdr;aswRdr; H:\WINDOWS\system32\drivers\aswRdr.sys [2015-05-16 55200]
R1 aswSnx;aswSnx; H:\WINDOWS\system32\drivers\aswSnx.sys [2015-05-16 787760]
R1 aswSP;aswSP; H:\WINDOWS\system32\drivers\aswSP.sys [2015-06-27 428120]
R1 aswTdi;aswTdi; H:\WINDOWS\system32\drivers\aswTdi.sys [2015-05-16 57888]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\H:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 StarOpen;StarOpen; H:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 aswHwid;avast! HardwareID; H:\WINDOWS\system32\drivers\aswHwid.sys [2015-05-16 24144]
R2 aswMonFlt;aswMonFlt; H:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-05-16 74976]
R2 DgiVecp;DgiVecp; \??\H:\WINDOWS\system32\Drivers\DgiVecp.sys []
R3 ati2mtag;ati2mtag; H:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-01-10 2846720]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; H:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; H:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); H:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-01-15 4652544]
R3 mouhid;Ovladač myši standardu HID; H:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-02-19 12160]
R3 ROOTUSB;MFP Server USB Root Driver; H:\WINDOWS\System32\Drivers\ROOTUSB.sys [2007-03-09 33536]
R3 rt2870;TP-LINK Wireless USB Adapter; H:\WINDOWS\system32\DRIVERS\rt2870.sys [2012-11-29 1139040]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; H:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 vusbbus;ZOT BUS DRIVER; H:\WINDOWS\system32\DRIVERS\vusbbus.sys [2006-01-24 47488]
S1 AmdPPM;Ovladač procesoru HwPState AMD; H:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
S1 kbdhid;Ovladač klávesnice standardu HID; H:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 SSPORT;SSPORT; \??\H:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 GMSIPCI;GMSIPCI; \??\G:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; H:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-08-11 51056]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; H:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-08-11 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; H:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-08-11 21488]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; H:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-07-06 234392]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; H:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; H:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; H:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; H:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-08 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; H:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-08 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 Ati HotKey Poller;Ati HotKey Poller; H:\WINDOWS\system32\Ati2evxx.exe [2008-01-10 512000]
R2 avast! Antivirus;Avast Antivirus; H:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-05-16 343336]
R2 avast! Firewall;Avast Firewall; H:\Program Files\AVAST Software\Avast\afwServ.exe [2015-05-16 107448]
R2 DragonUpdater;COMODO Dragon Update Service; H:\Program Files\Comodo\Dragon\dragon_updater.exe [2015-06-26 1994936]
R2 MDM;Machine Debug Manager; H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; H:\Program Files\Spyware Terminator\st_rsser.exe [2015-07-01 1998672]
S2 dbupdate;Dropbox Update Service (dbupdate); H:\Program Files\Dropbox\Update\DropboxUpdate.exe [2015-06-27 134512]
S2 gupdate;Služba Google Update (gupdate); H:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-21 107848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 aspnet_state;Stavová služba ASP.NET; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 dbupdatem;Dropbox Update Service (dbupdatem); H:\Program Files\Dropbox\Update\DropboxUpdate.exe [2015-06-27 134512]
S3 DfSdkS;Defragmentation-Service; H:\Program Files\Ashampoo\Ashampoo WinOptimizer Free\Dfsdks.exe [2009-08-24 406016]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; h:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; H:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 gupdatem;Služba Google Update (gupdatem); H:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-21 107848]
S3 IDriverT;InstallDriver Table Manager; H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Služba Windows CardSpace; h:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; H:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [2015-06-26 235696]
S3 MozillaMaintenance;Mozilla Maintenance Service; H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-01 149160]
S3 ose;Office Source Engine; H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; H:\WINDOWS\system32\HPZipm12.exe [2003-08-11 65795]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; H:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; H:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; h:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Premek84 · #2 Příspěvek od **Premek84** » 04 zář 2015 20:09

Doplnuji...po cca pul hodine je to opravdu tragicke...zpomalene... spustim adobe reader...zasekne se pc.... taha taha taha a nakonec musim restart...pustim odinstalovani..zase po chvilce chroupani zasek.... behem pul hodiny tri restarty natvrdo... kde zacit?

#3 Příspěvek od **Márty84** » 05 zář 2015 08:40

Zdravim

Odinstalujte Spyware Terminatora.

Odinstalujte McAfee Security Scan.

Pokud to tam nemate zamerne, odinstalujte Seznam Software.

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte ho. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Premek84 · #4 Příspěvek od **Premek84** » 05 zář 2015 14:25

Zdravim...dekuji..prikladam log c. 1

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2015/09/05 15:24:26

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- ST3160815AS
+ Sekundární kanál IDE (1)
- TSSTcorp CDDVDW SH-S223F
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- Primární kanál IDE (0)
- Sekundární kanál IDE (1)

-- Disk List ---------------------------------------------------------------
(1) ST3160815AS : 160,0 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST3160815AS
----------------------------------------------------------------------------
Model : ST3160815AS
Firmware : 4.AAB
Serial Number : 6RAEYL2L
Disk Size : 160,0 GB (8,4/137,4/160,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 8476 hod.
Power On Count : 2015 krát
Temparature : 41 C (105 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 253 __6 000000000000 Počet chyb čtení
03 _98 _97 __0 000000000000 Čas na roztočení ploten
04 _98 _98 _20 000000000813 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _84 _60 _30 00000E03888C Počet chybných hledání
09 _91 _91 __0 00000000211C Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 _20 0000000007DF Počet cyklů zapnutí zařízení
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _59 _52 _45 00002C260029 Teplota toku vzduchu
C2 _41 _48 __0 001400000029 Teplota
C3 _80 _75 __0 00000000C651 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000001 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3652 3652 4145 594C 324C
020: 0000 4000 0004 342E 4141 2020 2020 5354 3331 3630
030: 3831 3541 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0040
080: 00FE 0000 346B 7D01 4023 3C01 3C01 4023 407F 0000
090: 0000 FEFE FFFE 0000 D000 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 4000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 9EB0
130: 12A1 9EB0 12A1 2020 0002 0002 0002 008A 3C06 3C0A
140: 0000 07C6 0100 0800 1314 0002 0002 0080 0000 0000
150: 0080 0202 0000 0404 0000 0000 0000 0000 1B00 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 73A5

Premek84 · #5 Příspěvek od **Premek84** » 05 zář 2015 14:39

# AdwCleaner v5.005 - Logfile created 05/09/2015 at 15:35:27
# Updated 31/08/2015 by Xplode
# Database : 2015-09-04.4 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Evka - EVA
# Running from : H:\Documents and Settings\Evka\Plocha\adwcleaner_5.005.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : H:\Documents and Settings\All Users\Nabídka Start\Programy\MP4 Player
[-] Folder Deleted : H:\Documents and Settings\Evka\Data aplikací\Mozilla\Firefox\Profiles\yarbtr2l.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

***** [ Files ] *****

[-] File Deleted : H:\WINDOWS\system32\drivers\sp_rsdrv2.sys

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

*************************

:: Winsock settings cleared

########## EOF - H:\AdwCleaner\AdwCleaner[C2].txt - [947 bytes] ##########

#6 Příspěvek od **Márty84** » 05 zář 2015 14:43

Disk hlasi chyby, i to muze delat potize. Uvidime po docisteni.

Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade na novejsi verzi a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222

Premek84 · #7 Příspěvek od **Premek84** » 05 zář 2015 14:45

Zdravim...ty dva programy jsem odinstaloval jiz vcera...pustil MBAM + defragmentaci pres noc a navic taky AVAST jeste pred startem windows ( vymazal jsem docela dost infikovanych souboru ) a nyni se mi zda, ze PC se nezasekava..uvidime po delsi dobe... jak se jevi log? dekuji...

Premek84 · #8 Příspěvek od **Premek84** » 05 zář 2015 14:46

Ted tedy zkusim znovu MBAM.... omlouvam se, ze jsem to provedl jiz vcera...

#9 Příspěvek od **Márty84** » 05 zář 2015 15:46

Pokud jste delal kompletni kontrolu, nemusite znovu. Jen bych rad videl vysledky toho testu, abych vedel co a kde nasel. Ale ty uz asi nemate

Takze jestli uz MBAM nic nenachazi, dejte mi sem novy log z RSIT.

Premek84 · #10 Příspěvek od **Premek84** » 05 zář 2015 16:24

Tady je MBAM... je to ciste...

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2015.09.05.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Evka :: EVA [administrátor]

5.9.2015 15:46:37
mbam-log-2015-09-05 (15-46-37).txt

Typ: Kompletní kontrola (H:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 586002
Uplynulý čas: 1 hodin, 34 minut, 45 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Premek84 · #11 Příspěvek od **Premek84** » 05 zář 2015 16:26

A tady RSIT...

Logfile of random's system information tool 1.10 (written by random/random)
Run by Evka at 2015-09-05 17:24:47
Systém Microsoft Windows XP Professional Service Pack 3
System drive H: has 81 GB (53%) free of 153 GB
Total RAM: 1919 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:25:10, on 5.9.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\AVAST Software\Avast\AvastSvc.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\Program Files\AVAST Software\Avast\afwServ.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
H:\Program Files\Comodo\Dragon\dragon_updater.exe
H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\Twain_32\Samsung\SCX4600\Scan2pc.exe
H:\Program Files\Remote Virtual USB\RMVUSB.exe
H:\WINDOWS\RTHDCPL.EXE
H:\Program Files\AVAST Software\Avast\AvastUI.exe
H:\WINDOWS\system32\wbem\unsecapp.exe
H:\Program Files\Dropbox\Client\Dropbox.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Program Files\AVAST Software\Avast\setup\New\instup.exe
H:\Documents and Settings\Evka\Plocha\RSIT.exe
H:\Program Files\trend micro\Evka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.mojebanka.cz/InternetBanking/?L=CS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [4600 Scan2PC] "H:\WINDOWS\Twain_32\Samsung\SCX4600\Scan2pc.exe"
O4 - HKLM\..\Run: [Remote Virtual USB] H:\Program Files\Remote Virtual USB\RMVUSB.exe /b
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AvastUI.exe] "H:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "H:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Dropbox] "H:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [Adobe ARM] "H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download video on this page - res://H:\Program Files\Tomabo\MP4 Player\MP4D_IE.dll/300
O8 - Extra context menu item: Download video this links to - res://H:\Program Files\Tomabo\MP4 Player\MP4D_IE.dll/301
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Download Video - {7EB7296C-BEA5-444A-AAAA-1DF97CA6CB6E} - res://H:\Program Files\Tomabo\MP4 Player\MP4D_IE.dll/300 (file missing)
O9 - Extra 'Tools' menuitem: Download video on this page - {7EB7296C-BEA5-444A-AAAA-1DF97CA6CB6E} - res://H:\Program Files\Tomabo\MP4 Player\MP4D_IE.dll/300 (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Download Video - {B4FECE59-6D0A-4EE6-A07F-E6A94F846E55} - res://H:\Program Files\Tomabo\MP4 Player\YTVD_IE.dll/300 (file missing)
O9 - Extra 'Tools' menuitem: Download video on this page - {B4FECE59-6D0A-4EE6-A07F-E6A94F846E55} - res://H:\Program Files\Tomabo\MP4 Player\YTVD_IE.dll/300 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7718639612
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - H:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - H:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - H:\Program Files\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - H:\Program Files\Dropbox\Update\DropboxUpdate.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo - H:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Pml Driver HPZ12 - HP - H:\WINDOWS\system32\HPZipm12.exe

--
End of file - 8470 bytes

======Scheduled tasks folder======

H:\WINDOWS\tasks\Adobe Flash Player Updater.job - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
H:\WINDOWS\tasks\avast! Emergency Update.job - H:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
H:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - H:\Program Files\Dropbox\Update\DropboxUpdate.exe /c
H:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - H:\Program Files\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - H:\Program Files\Google\Update\GoogleUpdate.exe /c
H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - H:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
H:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - H:\WINDOWS\system32\xp_eos.exe
H:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - H:\WINDOWS\system32\xp_eos.exe -c

=========Mozilla firefox=========

ProfilePath - H:\Documents and Settings\Evka\Data aplikací\Mozilla\Firefox\Profiles\yarbtr2l.default

prefs.js - "browser.startup.homepage" - "http://www.idnes.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"

"{20a82645-c095-46ed-80e3-08825760534b}"=H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=H:\Program Files\AVAST Software\Avast\WebRep\FF
"{55A8EC97-6AF6-442c-877F-11C51DBD162D}"=H:\Program Files\Tomabo\MP4 Player\YTVD_FF.xpi
"{8B1E27AE-119E-456b-B22E-08C61FACB097}"=H:\Program Files\Tomabo\MP4 Player\MP4D_FF.xpi

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=H:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=H:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=H:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=h:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=H:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=H:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=H:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=H:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

H:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
np_gp.dll

H:\Documents and Settings\Evka\Data aplikací\Mozilla\Firefox\Profiles\yarbtr2l.default\searchplugins\
google-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - H:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-16 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - H:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"4600 Scan2PC"=H:\WINDOWS\Twain_32\Samsung\SCX4600\Scan2pc.exe [2009-09-11 1968640]
"Remote Virtual USB"=H:\Program Files\Remote Virtual USB\RMVUSB.exe [2007-09-07 786432]
"RTHDCPL"=H:\WINDOWS\RTHDCPL.EXE [2008-01-09 16859648]
"Alcmtr"=H:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AvastUI.exe"=H:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-16 5515496]
"seznam-listicka-distribuce"=H:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"Dropbox"=H:\Program Files\Dropbox\Client\Dropbox.exe [2015-08-14 39175960]
"Adobe ARM"=H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=H:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=H:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
H:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\H:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
H:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2003-07-07 233472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
H:\WINDOWS\system32\Ati2evxx.dll [2008-01-10 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
H:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-08 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveTrack"=1
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoFind"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\WINDOWS\system32\ZoneLabs\vsmon.exe"="H:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:TrueVector Service"
"H:\WINDOWS\twain_32\Samsung\ScanMgr.exe"="H:\WINDOWS\twain_32\Samsung\ScanMgr.exe:*:Enabled:Scan Manger"
"H:\WINDOWS\twain_32\Samsung\SCX4600\Scan2Pc.exe"="H:\WINDOWS\twain_32\Samsung\SCX4600\Scan2Pc.exe:*:Enabled:ScanToPC"
"H:\WINDOWS\twain_32\Samsung\SCX4600\Sscan2io.exe"="H:\WINDOWS\twain_32\Samsung\SCX4600\Sscan2io.exe:*:Enabled:SScanToIO"
"H:\Program Files\Common Files\soft602\langserv.exe"="H:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"H:\Program Files\Remote Virtual USB\RMVUSB.exe"="H:\Program Files\Remote Virtual USB\RMVUSB.exe:*:Enabled:Remote Virtual USB Client"
"H:\Program Files\Tomabo\MP4 Player\YouTubeVideoDownloader.exe"="H:\Program Files\Tomabo\MP4 Player\YouTubeVideoDownloader.exe:*:Enabled:YouTube Video Downloader"
"H:\Program Files\Tomabo\MP4 Player\MP4Downloader.exe"="H:\Program Files\Tomabo\MP4 Player\MP4Downloader.exe:*:Enabled:MP4 Downloader"
"H:\Program Files\Mozilla Firefox\firefox.exe"="H:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (H:\Program Files\Mozilla Firefox)"
"H:\Program Files\Dropbox\Client\Dropbox.exe"="H:\Program Files\Dropbox\Client\Dropbox.exe:*:Enabled:Dropbox"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\Program Files\Dropbox\Client\Dropbox.exe"="H:\Program Files\Dropbox\Client\Dropbox.exe:*:Enabled:Dropbox"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=H:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=H:\WINDOWS\system32\l3codeca.acm
"vidc.LEAD"=LCODCCMP.DLL
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-09-05 15:47:22 ----D---- H:\ffca8b9277891cdec682f8224f3c498d
2015-09-05 15:44:47 ----A---- H:\WINDOWS\system32\drivers\mbamswissarmy.sys
2015-09-04 20:23:15 ----AD---- H:\UCTO2015
2015-09-01 16:38:08 ----D---- H:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2015-09-05 17:24:52 ----D---- H:\Program Files\trend micro
2015-09-05 17:24:45 ----D---- H:\WINDOWS\Prefetch
2015-09-05 15:45:59 ----D---- H:\WINDOWS\system32\drivers
2015-09-05 15:40:05 ----D---- H:\WINDOWS\Temp
2015-09-05 15:36:20 ----A---- H:\WINDOWS\SchedLgU.Txt
2015-09-05 15:35:27 ----D---- H:\AdwCleaner
2015-09-05 05:29:04 ----D---- H:\WINDOWS\Downloaded Installations
2015-09-04 21:16:29 ----D---- H:\Documents and Settings\Evka\Data aplikací\Seznam.cz
2015-09-04 21:15:03 ----D---- H:\Config.Msi
2015-09-04 21:14:05 ----SHD---- H:\WINDOWS\Installer
2015-09-04 21:14:02 ----D---- H:\Program Files\Google
2015-09-04 21:13:09 ----D---- H:\WINDOWS\system32
2015-09-04 21:12:53 ----D---- H:\Program Files
2015-09-04 21:10:55 ----D---- H:\WINDOWS\system32\drivers\etc
2015-09-04 20:57:00 ----D---- H:\Program Files\Common Files\Adobe
2015-09-04 20:56:45 ----D---- H:\Documents and Settings\All Users\Data aplikací\Adobe
2015-09-04 20:05:17 ----A---- H:\WINDOWS\system32\PerfStringBackup.INI
2015-09-04 20:01:35 ----D---- H:\WINDOWS\system32\CatRoot2
2015-09-01 18:09:36 ----D---- H:\Program Files\Dropbox
2015-09-01 16:40:41 ----D---- H:\Program Files\Mozilla Maintenance Service
2015-08-27 18:56:06 ----SD---- H:\WINDOWS\Tasks
2015-08-12 14:41:28 ----A---- H:\WINDOWS\system32\FlashPlayerApp.exe
2015-08-12 14:41:18 ----A---- H:\WINDOWS\system32\FlashPlayerInstaller.exe
2015-08-09 20:29:02 ----D---- H:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; H:\WINDOWS\system32\DRIVERS\aswNdis.sys [2015-01-20 12112]
R0 aswNdis2;avast! Firewall NDIS Driver; H:\WINDOWS\system32\drivers\aswNdis2.sys [2015-05-16 253600]
R0 aswRvrt;avast! Revert; H:\WINDOWS\system32\drivers\aswRvrt.sys [2015-05-16 49904]
R0 aswVmm;avast! VM Monitor; H:\WINDOWS\system32\drivers\aswVmm.sys [2015-05-16 209048]
R1 AFS2K;AFS2k; H:\WINDOWS\system32\drivers\AFS2K.sys [2009-03-22 43488]
R1 AmdK8;Ovladač procesoru AMD; H:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswKbd;aswKbd; H:\WINDOWS\system32\drivers\aswKbd.sys [2015-05-16 26096]
R1 aswRdr;aswRdr; H:\WINDOWS\system32\drivers\aswRdr.sys [2015-05-16 55200]
R1 aswSnx;aswSnx; H:\WINDOWS\system32\drivers\aswSnx.sys [2015-05-16 787760]
R1 aswSP;aswSP; H:\WINDOWS\system32\drivers\aswSP.sys [2015-06-27 428120]
R1 aswTdi;aswTdi; H:\WINDOWS\system32\drivers\aswTdi.sys [2015-05-16 57888]
R1 StarOpen;StarOpen; H:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 aswHwid;avast! HardwareID; H:\WINDOWS\system32\drivers\aswHwid.sys [2015-05-16 24144]
R2 aswMonFlt;aswMonFlt; H:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-05-16 74976]
R2 DgiVecp;DgiVecp; \??\H:\WINDOWS\system32\Drivers\DgiVecp.sys []
R3 ati2mtag;ati2mtag; H:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-01-10 2846720]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; H:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; H:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); H:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-01-15 4652544]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\H:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Ovladač myši standardu HID; H:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-02-19 12160]
R3 ROOTUSB;MFP Server USB Root Driver; H:\WINDOWS\System32\Drivers\ROOTUSB.sys [2007-03-09 33536]
R3 rt2870;TP-LINK Wireless USB Adapter; H:\WINDOWS\system32\DRIVERS\rt2870.sys [2012-11-29 1139040]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; H:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 vusbbus;ZOT BUS DRIVER; H:\WINDOWS\system32\DRIVERS\vusbbus.sys [2006-01-24 47488]
S1 AmdPPM;Ovladač procesoru HwPState AMD; H:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
S1 kbdhid;Ovladač klávesnice standardu HID; H:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 SSPORT;SSPORT; \??\H:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 GMSIPCI;GMSIPCI; \??\G:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; H:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-08-11 51056]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; H:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-08-11 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; H:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-08-11 21488]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; H:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-07-06 234392]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; H:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; H:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; H:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; H:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-08 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; H:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-08 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 Ati HotKey Poller;Ati HotKey Poller; H:\WINDOWS\system32\Ati2evxx.exe [2008-01-10 512000]
R2 avast! Antivirus;Avast Antivirus; H:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-05-16 343336]
R2 avast! Firewall;Avast Firewall; H:\Program Files\AVAST Software\Avast\afwServ.exe [2015-05-16 107448]
R2 DragonUpdater;COMODO Dragon Update Service; H:\Program Files\Comodo\Dragon\dragon_updater.exe [2015-06-26 1994936]
R2 MDM;Machine Debug Manager; H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 dbupdate;Dropbox Update Service (dbupdate); H:\Program Files\Dropbox\Update\DropboxUpdate.exe [2015-06-27 134512]
S2 gupdate;Služba Google Update (gupdate); H:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-21 107848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 aspnet_state;Stavová služba ASP.NET; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 dbupdatem;Dropbox Update Service (dbupdatem); H:\Program Files\Dropbox\Update\DropboxUpdate.exe [2015-06-27 134512]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; h:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; H:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 gupdatem;Služba Google Update (gupdatem); H:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-21 107848]
S3 IDriverT;InstallDriver Table Manager; H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Služba Windows CardSpace; h:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-01 149160]
S3 ose;Office Source Engine; H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; H:\WINDOWS\system32\HPZipm12.exe [2003-08-11 65795]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; H:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; H:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; h:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#12 Příspěvek od **Márty84** » 05 zář 2015 17:10

MBAM odinstalujte.

Dame si jeste jeden sken a budem mazat.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

Premek84 · #13 Příspěvek od **Premek84** » 05 zář 2015 18:20

Davam dva logy..jen mam trosku zmatek...spustil jsem FARBAR recovery .. a pak je tam zminka i o FRST Launcheru... zatim tedy prvne jmenovany... FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:04-09-2015
Ran by Evka (administrator) on EVA (05-09-2015 19:15:49)
Running from H:\Documents and Settings\Evka\Plocha
Loaded Profiles: Evka (Available Profiles: Evka & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) H:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) H:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) H:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Software602 a.s.) H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Comodo) H:\Program Files\Comodo\Dragon\dragon_updater.exe
(Microsoft Corporation) H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) H:\WINDOWS\system32\wuauclt.exe
(AVAST Software) H:\Program Files\AVAST Software\Avast\afwServ.exe
() H:\WINDOWS\twain_32\Samsung\SCX4600\Scan2Pc.exe
() H:\Program Files\Remote Virtual USB\RMVUSB.exe
(Realtek Semiconductor Corp.) H:\WINDOWS\RTHDCPL.exe
(AVAST Software) H:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) H:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) H:\Program Files\Mozilla Firefox\firefox.exe
(Dropbox, Inc.) H:\Program Files\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) H:\Program Files\Messenger\msmsgs.exe
(Microsoft Corporation) H:\WINDOWS\system32\wuauclt.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [4600 Scan2PC] => H:\WINDOWS\Twain_32\Samsung\SCX4600\Scan2pc.exe [1968640 2009-09-11] ()
HKLM\...\Run: [Remote Virtual USB] => H:\Program Files\Remote Virtual USB\RMVUSB.exe [786432 2007-09-07] ()
HKLM\...\Run: [RTHDCPL] => H:\WINDOWS\RTHDCPL.EXE [16859648 2008-01-09] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => H:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AvastUI.exe] => H:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-09-05] (AVAST Software)
HKLM\...\Run: [seznam-listicka-distribuce] => H:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [Dropbox] => H:\Program Files\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.)
HKLM\...\Run: [Adobe ARM] => H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
Winlogon\Notify\AtiExtEvent: H:\WINDOWS\system32\Ati2evxx.dll [2008-01-10] (ATI Technologies Inc.)
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-20\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-21-1844237615-1770027372-1417001333-1003\...\Run: [MSMSGS] => H:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-18\...\RunOnce: [tscuninstall] => H:\WINDOWS\system32\tscupgrd.exe [44544 2004-08-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => H:\Program Files\AVAST Software\Avast\ashShell.dll [2015-09-05] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{68AD0A8F-132E-4C6E-87B4-20F6C3B8D682}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1844237615-1770027372-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.mojebanka.cz/InternetBanking/?L=CS
SearchScopes: HKU\S-1-5-21-1844237615-1770027372-1417001333-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKU\S-1-5-21-1844237615-1770027372-1417001333-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKU\S-1-5-21-1844237615-1770027372-1417001333-1003 -> {B3338D79-245A-4DF2-859E-DC2519479EA0} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> H:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-05] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> H:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1844237615-1770027372-1417001333-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - H:\WINDOWS\system32\browseui.dll [2013-10-25] (Společnost Microsoft)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237718639612
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - H:\Program Files\HP\hpcoretech\comp\hpuiprot.dll [2004-05-12] (Hewlett-Packard Company)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - H:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: H:\Documents and Settings\Evka\Data aplikací\Mozilla\Firefox\Profiles\yarbtr2l.default
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxp://www.idnes.cz/
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> H:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> H:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> H:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> h:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> H:\Program Files\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> H:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> H:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin: Adobe Reader -> H:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: H:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: H:\Program Files\mozilla firefox\plugins\np_gp.dll [2010-03-29] (NOS Microsystems Ltd.)
FF SearchPlugin: H:\Documents and Settings\Evka\Data aplikací\Mozilla\Firefox\Profiles\yarbtr2l.default\searchplugins\google-avast.xml [2015-02-03]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-02-04]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - H:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - H:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-19]
FF HKLM\...\Firefox\Extensions: [{55A8EC97-6AF6-442c-877F-11C51DBD162D}] - H:\Program Files\Tomabo\MP4 Player\YTVD_FF.xpi
FF Extension: YouTube Video Downloader Extension - H:\Program Files\Tomabo\MP4 Player\YTVD_FF.xpi [2015-01-14]
FF HKLM\...\Firefox\Extensions: [{8B1E27AE-119E-456b-B22E-08C61FACB097}] - H:\Program Files\Tomabo\MP4 Player\MP4D_FF.xpi

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [glhecpdglaanfgdgcefipbokcmenleaf] - H:\Program Files\Tomabo\MP4 Player\MP4D_GC.crx [2015-01-14]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - H:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-16]
CHR HKLM\...\Chrome\Extension: [igljnkmljjbhcellpnjppojkfdfmkjmp] - H:\Program Files\Tomabo\MP4 Player\YTVD_GC.crx [2015-01-14]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 avast! Antivirus; H:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-05] (AVAST Software)
R2 avast! Firewall; H:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-09-05] (AVAST Software)
S2 dbupdate; H:\Program Files\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-27] (Dropbox, Inc.)
S3 dbupdatem; H:\Program Files\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-27] (Dropbox, Inc.)
R2 DragonUpdater; H:\Program Files\Comodo\Dragon\dragon_updater.exe [1994936 2015-06-26] (Comodo)
S3 getPlusHelper; H:\Program Files\NOS\bin\getPlus_Helper.dll [68000 2010-03-29] (NOS Microsystems Ltd.)
S3 IDriverT; H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 RSVP; H:\WINDOWS\system32\rsvp.exe [132608 2002-02-19] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; H:\Program Files\Windows Media Player\WMPNetwk.exe [913920 2007-01-05] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AFS2K; H:\WINDOWS\system32\Drivers\AFS2K.sys [43488 2009-03-22] (Oak Technology Inc.)
R1 AmdK8; H:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
S1 AmdPPM; H:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R2 aswHwid; H:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-09-05] (AVAST Software)
R1 aswKbd; H:\WINDOWS\system32\drivers\aswKbd.sys [26096 2015-09-05] (AVAST Software)
R2 aswMonFlt; H:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-09-05] (AVAST Software)
R0 aswNdis; H:\WINDOWS\System32\DRIVERS\aswNdis.sys [12112 2015-01-20] (ALWIL Software)
R0 aswNdis2; H:\WINDOWS\system32\Drivers\aswNdis2.sys [256160 2015-09-05] (AVAST Software)
R1 aswRdr; H:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-09-05] (AVAST Software)
R0 aswRvrt; H:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-09-05] (AVAST Software)
R1 aswSnx; H:\WINDOWS\system32\drivers\aswSnx.sys [788784 2015-09-05] (AVAST Software)
R1 aswSP; H:\WINDOWS\system32\drivers\aswSP.sys [433264 2015-09-05] (AVAST Software)
R3 aswStmXP; H:\WINDOWS\system32\drivers\aswStmXP.sys [161472 2015-09-05] (AVAST Software)
S3 aswTdi; H:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-09-05] (AVAST Software)
R0 aswVmm; H:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-09-05] (AVAST Software)
R2 DgiVecp; H:\WINDOWS\system32\Drivers\DgiVecp.sys [38400 2009-02-16] (Samsung Electronics Co., Ltd.) [File not signed]
S3 HPZid412; H:\WINDOWS\System32\DRIVERS\HPZid412.sys [51056 2003-08-11] (HP)
S3 HPZipr12; H:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2003-08-11] (HP)
S3 HPZius12; H:\WINDOWS\System32\DRIVERS\HPZius12.sys [21488 2003-08-11] (HP)
R3 ROOTUSB; H:\WINDOWS\System32\Drivers\ROOTUSB.sys [33536 2007-03-09] () [File not signed]
R3 rt2870; H:\WINDOWS\System32\DRIVERS\rt2870.sys [1139040 2012-11-29] (Ralink Technology, Corp.)
R1 StarOpen; H:\WINDOWS\system32\Drivers\StarOpen.sys [5632 2006-07-24] ()
R3 vusbbus; H:\WINDOWS\System32\DRIVERS\vusbbus.sys [47488 2006-01-24] () [File not signed]
S3 GMSIPCI; \??\G:\INSTALL\GMSIPCI.SYS [X]
S4 IntelIde; no ImagePath
U5 ScsiPort; H:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S2 SSPORT; \??\H:\WINDOWS\system32\Drivers\SSPORT.sys [X]
U5 Tcpip6; H:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-05 19:15 - 2015-09-05 19:16 - 00015190 _____ H:\Documents and Settings\Evka\Plocha\FRST.txt
2015-09-05 19:15 - 2015-09-05 19:15 - 01690624 _____ (Farbar) H:\Documents and Settings\Evka\Plocha\FRST.exe
2015-09-05 19:13 - 2015-09-05 19:13 - 00000000 ____D H:\67d8a108d29f15b4c5a9f924baf4bc45
2015-09-05 17:26 - 2015-09-05 17:27 - 00119292 _____ H:\WINDOWS\Wdf01009Inst.log
2015-09-05 17:26 - 2015-09-05 17:26 - 00000000 __HDC H:\WINDOWS\$NtUninstallWdf01009$
2015-09-05 17:26 - 2015-09-05 17:25 - 00161472 _____ (AVAST Software) H:\WINDOWS\system32\Drivers\aswStmXP.sys
2015-09-05 17:26 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) H:\WINDOWS\system32\spmsgXP_2k3.dll
2015-09-05 17:25 - 2015-09-05 17:25 - 00313472 _____ (AVAST Software) H:\WINDOWS\system32\aswBoot.exe
2015-09-05 17:25 - 2015-09-05 17:25 - 00043112 _____ (AVAST Software) H:\WINDOWS\avastSS.scr
2015-09-05 15:45 - 2015-09-05 15:45 - 10284816 _____ (Malwarebytes Corporation ) H:\Documents and Settings\Evka\Plocha\mbam-setup-1.75.0.1300.exe
2015-09-05 15:23 - 2015-09-05 15:23 - 01654272 _____ H:\Documents and Settings\Evka\Plocha\adwcleaner_5.005.exe
2015-09-05 15:23 - 2015-09-05 15:23 - 00000000 ____D H:\Documents and Settings\Evka\Plocha\CrystalDiskInfo5_0_0
2015-09-05 15:22 - 2015-09-05 15:22 - 01496172 _____ H:\Documents and Settings\Evka\Plocha\CrystalDiskInfo5_0_0.zip
2015-09-04 21:05 - 2015-09-04 21:05 - 00255144 _____ H:\Documents and Settings\Evka\Dokumenty\cc_20150904_210535.reg
2015-09-04 21:05 - 2015-09-04 21:05 - 00000700 _____ H:\Documents and Settings\Evka\Dokumenty\cc_20150904_210551.reg
2015-09-04 20:57 - 2015-09-04 20:57 - 00001804 _____ H:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader XI.lnk
2015-09-04 20:57 - 2015-09-04 20:57 - 00001765 _____ H:\Documents and Settings\All Users\Plocha\Adobe Reader XI.lnk
2015-09-04 20:32 - 2015-09-04 20:32 - 00001348 _____ H:\Documents and Settings\Evka\Plocha\ÚČTO 2015.lnk
2015-09-04 20:23 - 2015-09-05 15:45 - 00000000 ____D H:\UCTO2015
2015-09-04 20:06 - 2015-09-04 20:06 - 01107968 _____ H:\Documents and Settings\Evka\Plocha\RSIT.exe
2015-09-01 18:09 - 2015-09-01 18:09 - 00000000 ____D H:\Documents and Settings\All Users\Nabídka Start\Programy\Dropbox
2015-09-01 16:38 - 2015-09-01 16:40 - 00000000 ____D H:\Program Files\Mozilla Firefox
2015-08-25 21:21 - 2015-08-25 21:21 - 00000000 _____ H:\Documents and Settings\Evka\Local Settings\Data aplikací\{168F5B46-9716-432E-8280-A36739386D7E}
2015-08-16 19:23 - 2015-08-16 19:23 - 00000000 _____ H:\Documents and Settings\Evka\Local Settings\Data aplikací\{B20C2C45-59C2-412C-8D96-DECFD83D79F2}

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-05 19:16 - 2009-03-22 11:32 - 00000000 ____D H:\Documents and Settings\Evka\Local Settings\Temp
2015-09-05 19:15 - 2014-01-18 21:24 - 00000000 ____D H:\FRST
2015-09-05 19:15 - 2009-03-22 11:32 - 00000000 ____D H:\Documents and Settings\Evka\Plocha
2015-09-05 19:14 - 2009-03-22 11:17 - 01703579 _____ H:\WINDOWS\WindowsUpdate.log
2015-09-05 19:12 - 2009-03-22 12:09 - 00000000 ___RD H:\Documents and Settings\All Users\Nabídka Start\Programy
2015-09-05 19:12 - 2009-03-22 12:09 - 00000000 ____D H:\Documents and Settings\All Users\Plocha
2015-09-05 19:11 - 2015-06-27 14:00 - 00000000 ___RD H:\Documents and Settings\Evka\Dokumenty\Dropbox
2015-09-05 19:11 - 2015-06-27 13:56 - 00000000 ____D H:\Documents and Settings\Evka\Local Settings\Data aplikací\Dropbox
2015-09-05 19:09 - 2015-06-27 13:56 - 00000888 _____ H:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-05 19:09 - 2015-04-21 11:39 - 00000936 _____ H:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-05 19:09 - 2014-03-17 17:17 - 00000220 _____ H:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-09-05 19:09 - 2014-02-18 18:51 - 00000316 ____H H:\WINDOWS\Tasks\avast! Emergency Update.job
2015-09-05 19:09 - 2009-03-22 11:32 - 00000000 ___HD H:\Documents and Settings\Evka\Local Settings\Data aplikací
2015-09-05 19:09 - 2001-10-25 14:00 - 00002228 _____ H:\WINDOWS\system32\wpa.dbl
2015-09-05 19:08 - 2014-01-19 01:39 - 00916266 _____ H:\WINDOWS\setupapi.log
2015-09-05 19:08 - 2009-03-22 12:12 - 00000159 _____ H:\WINDOWS\wiadebug.log
2015-09-05 19:08 - 2009-03-22 12:12 - 00000048 _____ H:\WINDOWS\wiaservc.log
2015-09-05 19:08 - 2009-03-22 11:31 - 00000006 ____H H:\WINDOWS\Tasks\SA.DAT
2015-09-05 17:29 - 2009-03-22 11:32 - 00000178 ___SH H:\Documents and Settings\Evka\ntuser.ini
2015-09-05 17:29 - 2009-03-22 11:31 - 00032500 _____ H:\WINDOWS\SchedLgU.Txt
2015-09-05 17:27 - 2014-01-19 01:41 - 01003229 _____ H:\WINDOWS\iis6.log
2015-09-05 17:27 - 2014-01-19 01:41 - 00895667 _____ H:\WINDOWS\FaxSetup.log
2015-09-05 17:27 - 2014-01-19 01:41 - 00437309 _____ H:\WINDOWS\ocgen.log
2015-09-05 17:27 - 2014-01-19 01:41 - 00413547 _____ H:\WINDOWS\tsoc.log
2015-09-05 17:27 - 2014-01-19 01:41 - 00314002 _____ H:\WINDOWS\comsetup.log
2015-09-05 17:27 - 2014-01-19 01:41 - 00283620 _____ H:\WINDOWS\msmqinst.log
2015-09-05 17:27 - 2014-01-19 01:41 - 00188495 _____ H:\WINDOWS\ntdtcsetup.log
2015-09-05 17:27 - 2014-01-19 01:41 - 00157333 _____ H:\WINDOWS\netfxocm.log
2015-09-05 17:27 - 2014-01-19 01:41 - 00064173 _____ H:\WINDOWS\MedCtrOC.log
2015-09-05 17:27 - 2014-01-19 01:41 - 00055902 _____ H:\WINDOWS\ocmsn.log
2015-09-05 17:27 - 2014-01-19 01:41 - 00045881 _____ H:\WINDOWS\tabletoc.log
2015-09-05 17:27 - 2014-01-19 01:41 - 00044958 _____ H:\WINDOWS\msgsocm.log
2015-09-05 17:27 - 2014-01-19 01:41 - 00001355 _____ H:\WINDOWS\imsins.log
2015-09-05 17:25 - 2015-01-20 22:06 - 00256160 _____ (AVAST Software) H:\WINDOWS\system32\Drivers\aswNdis2.sys
2015-09-05 17:25 - 2014-06-02 09:25 - 00024016 _____ (AVAST Software) H:\WINDOWS\system32\Drivers\aswHwid.sys
2015-09-05 17:25 - 2014-01-19 22:33 - 00026096 _____ (AVAST Software) H:\WINDOWS\system32\Drivers\aswKbd.sys
2015-09-05 17:25 - 2014-01-19 13:46 - 00788784 _____ (AVAST Software) H:\WINDOWS\system32\Drivers\aswSnx.sys
2015-09-05 17:25 - 2014-01-19 13:46 - 00433264 _____ (AVAST Software) H:\WINDOWS\system32\Drivers\aswSP.sys
2015-09-05 17:25 - 2014-01-19 13:46 - 00208664 _____ (AVAST Software) H:\WINDOWS\system32\Drivers\aswVmm.sys
2015-09-05 17:25 - 2014-01-19 13:46 - 00076000 _____ (AVAST Software) H:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-09-05 17:25 - 2014-01-19 13:46 - 00057888 _____ (AVAST Software) H:\WINDOWS\system32\Drivers\aswTdi.sys
2015-09-05 17:25 - 2014-01-19 13:46 - 00055200 _____ (AVAST Software) H:\WINDOWS\system32\Drivers\aswRdr.sys
2015-09-05 17:25 - 2014-01-19 13:46 - 00049776 _____ (AVAST Software) H:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-09-05 17:24 - 2002-01-01 01:07 - 00000000 ____D H:\Program Files\trend micro
2015-09-05 17:07 - 2015-06-27 13:56 - 00000892 _____ H:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-09-05 17:01 - 2015-04-21 11:39 - 00000940 _____ H:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-05 16:41 - 2015-01-19 17:37 - 00000914 _____ H:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-05 15:36 - 2009-03-22 11:32 - 00000000 ____D H:\Documents and Settings\Evka
2015-09-05 15:35 - 2014-01-20 07:07 - 00000000 ____D H:\AdwCleaner
2015-09-05 05:29 - 2009-05-05 20:30 - 00000000 ____D H:\WINDOWS\Downloaded Installations
2015-09-05 05:29 - 2009-03-22 11:32 - 00000000 ___RD H:\Documents and Settings\Evka\Dokumenty
2015-09-04 21:16 - 2015-06-27 13:19 - 00000000 ____D H:\Documents and Settings\Evka\Data aplikací\Seznam.cz
2015-09-04 21:14 - 2010-03-16 18:39 - 00000000 ____D H:\Program Files\Google
2015-09-04 21:14 - 2002-01-01 00:13 - 00000000 ____D H:\Documents and Settings\Evka\Local Settings\Data aplikací\Google
2015-09-04 21:12 - 2009-03-22 12:07 - 00000000 __RHD H:\Documents and Settings\All Users\Data aplikací
2015-09-04 21:12 - 2009-03-22 11:32 - 00000000 __RHD H:\Documents and Settings\Evka\Data aplikací
2015-09-04 21:10 - 2009-03-22 12:09 - 00000000 ___RD H:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2015-09-04 20:57 - 2009-03-22 16:53 - 00000000 ____D H:\Documents and Settings\Evka\Local Settings\Data aplikací\Adobe
2015-09-04 20:57 - 2009-03-22 12:50 - 00000000 ____D H:\Program Files\Common Files\Adobe
2015-09-04 20:56 - 2009-03-22 12:50 - 00000000 ____D H:\Documents and Settings\All Users\Data aplikací\Adobe
2015-09-04 20:05 - 2009-03-22 12:10 - 01048654 _____ H:\WINDOWS\system32\PerfStringBackup.INI
2015-09-04 20:02 - 2014-01-19 01:39 - 00477866 _____ H:\WINDOWS\setupact.log
2015-09-01 18:09 - 2015-06-27 13:56 - 00000000 ____D H:\Program Files\Dropbox
2015-09-01 17:35 - 2011-04-17 12:48 - 00000000 ____D H:\Documents and Settings\Evka\Dokumenty\Došlá pošta 1
2015-09-01 16:40 - 2012-06-22 20:48 - 00000000 ____D H:\Program Files\Mozilla Maintenance Service
2015-08-27 19:35 - 2009-07-28 16:12 - 00000000 ____D H:\Documents and Settings\Evka\Dokumenty\Zdeněk Halabica
2015-08-20 17:59 - 2010-05-24 07:59 - 00000000 ____D H:\Documents and Settings\Evka\Dokumenty\Stažené soubory
2015-08-14 08:31 - 2009-06-11 16:09 - 00000000 ____D H:\Documents and Settings\Evka\Plocha\Recepty
2015-08-12 14:41 - 2015-07-14 19:41 - 09284296 _____ (Adobe Systems Incorporated) H:\WINDOWS\system32\FlashPlayerInstaller.exe
2015-08-12 14:41 - 2013-02-24 12:12 - 00778440 _____ (Adobe Systems Incorporated) H:\WINDOWS\system32\FlashPlayerApp.exe
2015-08-12 14:41 - 2013-02-24 12:12 - 00142536 _____ (Adobe Systems Incorporated) H:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-08-09 20:29 - 2014-01-18 22:07 - 00000000 ____D H:\Documents and Settings\All Users\Nabídka Start\Programy\Comodo

==================== Files in the root of some directories =======

2009-04-05 19:22 - 2013-03-19 18:49 - 0019968 _____ () H:\Documents and Settings\Evka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-05-10 21:29 - 2010-05-10 21:29 - 0044227 _____ () H:\Documents and Settings\Evka\Local Settings\Data aplikací\ENVIS_Panely.xml
2010-05-10 21:29 - 2010-05-10 21:29 - 0031461 _____ () H:\Documents and Settings\Evka\Local Settings\Data aplikací\ENVIS_PanelyValues.xml
2009-03-22 19:33 - 2009-03-22 19:33 - 0000124 _____ () H:\Documents and Settings\Evka\Local Settings\Data aplikací\fusioncache.dat
2015-08-25 21:21 - 2015-08-25 21:21 - 0000000 _____ () H:\Documents and Settings\Evka\Local Settings\Data aplikací\{168F5B46-9716-432E-8280-A36739386D7E}
2015-08-16 19:23 - 2015-08-16 19:23 - 0000000 _____ () H:\Documents and Settings\Evka\Local Settings\Data aplikací\{B20C2C45-59C2-412C-8D96-DECFD83D79F2}

Some files in TEMP:
====================
H:\Documents and Settings\Evka\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpajefnf.dll
H:\Documents and Settings\Evka\Local Settings\Temp\jre-8u45-windows-au.exe
H:\Documents and Settings\Evka\Local Settings\Temp\sqlite3.dll
H:\Documents and Settings\Evka\Local Settings\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
H:\Documents and Settings\Evka\Local Settings\Temp\~A2.exe
H:\Documents and Settings\Evka\Local Settings\Temp\~A3.exe
H:\Documents and Settings\Evka\Local Settings\Temp\~A4.exe
H:\Documents and Settings\Evka\Local Settings\Temp\~A5.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

H:\WINDOWS\explorer.exe => File is digitally signed
H:\WINDOWS\system32\winlogon.exe => File is digitally signed
H:\WINDOWS\system32\svchost.exe => File is digitally signed
H:\WINDOWS\system32\services.exe => File is digitally signed
H:\WINDOWS\system32\User32.dll => File is digitally signed
H:\WINDOWS\system32\userinit.exe => File is digitally signed
H:\WINDOWS\system32\rpcss.dll => File is digitally signed
H:\WINDOWS\system32\dnsapi.dll => File is digitally signed
H:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Premek84 · #14 Příspěvek od **Premek84** » 05 zář 2015 18:20

a tady addition...

Additional scan result of Farbar Recovery Scan Tool (x86) Version:04-09-2015
Ran by Evka (2015-09-05 19:16:25)
Running from H:\Documents and Settings\Evka\Plocha
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1844237615-1770027372-1417001333-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1844237615-1770027372-1417001333-1005 - Limited - Enabled)
Evka (S-1-5-21-1844237615-1770027372-1417001333-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Evka
Guest (S-1-5-21-1844237615-1770027372-1417001333-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-1844237615-1770027372-1417001333-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1844237615-1770027372-1417001333-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus (Disabled) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1300 (Version: 5.31.1.27 - Hewlett-Packard) Hidden
1300_Help (Version: 5.31.1.27 - Hewlett-Packard) Hidden
1300Tour (Version: 5.31.1.27 - Hewlett-Packard) Hidden
1300Trb (Version: 5.31.1.27 - Hewlett-Packard) Hidden
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.63 - NOS Microsystems Ltd.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
AiO_Scan (Version: 5.31.1.27 - Hewlett-Packard) Hidden
AIOMinimal (Version: 5.31.1.27 - Hewlett-Packard) Hidden
AiOSoftware (Version: 5.31.1.27 - Hewlett-Packard) Hidden
Aktualizace systému Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB2803821-v2) (HKLM\...\KB2803821-v2_WM9) (Version: - Microsoft Corporation)
Aktualizace zabezpečení pro Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version: - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2510581) (HKLM\...\KB2510581) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2705219-v2) (HKLM\...\KB2705219-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2723135-v2) (HKLM\...\KB2723135-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2898785) (HKLM\...\KB2898785) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
ATI AVIVO Codecs (HKLM\...\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}) (Version: 9.15.0.20713 - ATI Technologies Inc.)
ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.008.0109.2140 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.452-080109a-058373C-MSI - )
ATI Parental Control & Encoder (Version: 3.0 - Název společnosti:) Hidden
Avast Internet Security (HKLM\...\Avast) (Version: 10.3.2225 - AVAST Software)
Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) (HKLM\...\3FA1705966809259F916AF817C59B4F389F4572C) (Version: 05/27/2006 1.3.2.0 - Advanced Micro Devices)
Balíček ovladače systému Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) (HKLM\...\6194C28A8F62DD817EA1B918E6E46E806A21B452) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Balíček ovladače systému Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) (HKLM\...\65B6FE5418CE28F4D72543FB2D964C3CEC83F161) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Catalyst Control Center - Branding (HKLM\...\{65C49E8C-2F21-4A3E-9399-EE18B7833F65}) (Version: 1.00.0000 - ATI)
ccc-core-preinstall (Version: 2008.0109.2141.38743 - ATI) Hidden
ccc-core-static (Version: 2008.0109.2141.38743 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 43.3.3.185 - Comodo)
Copy (Version: 5.31.0.150 - Hewlett-Packard) Hidden
CreativeProjects (Version: 5.31.0.150 - Hewlett-Packard) Hidden
CryptoPlus KB v1.0 (HKLM\...\CryptoPlus KB v1.0) (Version: 2.0.50 - Monet+, a.s.)
Cyklotrasy 2.16 + mapy ČR (HKLM\...\Cyklotrasy 2.16 + mapy ČR) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
Director (Version: 5.31.0.154 - Hewlett-Packard) Hidden
DocProc (Version: 3.1.0.0 - Hewlett-Packard) Hidden
Doplněk pro vytváření PDF dokumentů z Účta (HKLM\...\Doplněk pro vytváření PDF dokumentů z Účta_is1) (Version: - )
Dropbox (HKLM\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Fax (Version: 5.31.1.27 - Hewlett-Packard) Hidden
FreeFileSync 7.1 (HKLM\...\FreeFileSync) (Version: 7.1 - www.FreeFileSync.org)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.13 - Google Inc.) Hidden
HP Photo & Imaging 3.1 (HKLM\...\HP Photo & Imaging) (Version: 3.1 - HP)
HP PSC & OfficeJet 3.0 (HKLM\...\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}) (Version: 3.0 - HP)
HP Software Update (HKLM\...\{CC0A24CB-87C9-4F1C-A1F2-F87D8D4DDCAF}) (Version: 1.0.18.20030625 - Hewlett-Packard)
hpmdtab (Version: 2.0.470.1598 - Hewlett-Packard) Hidden
HPSystemDiagnostics (Version: 1.5.0.0 - Your Company Name) Hidden
InstantShare (Version: 3.1.0.13 - Hewlett-Packard) Hidden
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JPEG Resampler Vs 5.0 (HKLM\...\JPEG Resampler_is1) (Version: - David Macek)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Memories Disc Creator 2.0 (HKLM\...\{2E132061-C78A-48D4-A899-1D13B9D189FA}) (Version: 2.0.470.1598 - Memories Disc Creator 2.0)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Czech Language Pack (HKLM\...\{5E65E94D-69F2-4850-9E93-6459C53A0F50}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY (HKLM\...\{A2C9CD1B-2551-3AED-B244-6698FB929FA6}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY (HKLM\...\{546C143E-68DC-314D-97BC-1E454E3BA429}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 cs) (HKLM\...\Mozilla Firefox 40.0.3 (x86 cs)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MP4 Player 3 (HKLM\...\MP4 Player_is1) (Version: - Tomabo)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{81CD6232-10F5-4832-B3DA-1B88B1571029}) (Version: 7.02.5851 - Nero AG)
Oprava Hotfix systému Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Oprava Hotfix systému Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
Overland (Version: 1.76.0 - Hewlett-Packard) Hidden
overland (Version: 2.1.5 - HP) Hidden
PhotoGallery (Version: 5.31.0.158 - Hewlett-Packard) Hidden
PrintScreen (Version: 5.31.0.147 - Hewlett-Packard) Hidden
QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
QuickProjects (Version: 5.31.0.147 - Hewlett-Packard) Hidden
Readiris Pro 10 (HKLM\...\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}) (Version: - )
Readme (Version: 5.31.1.27 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5548 - Realtek Semiconductor Corp.)
Remote Virtual USB (HKLM\...\{ECE9D6C8-2DE8-4505-920E-103FAF0AC9CF}) (Version: - )
Scan (Version: 3.1.0.0 - Hewlett-Packard) Hidden
Scan2PDF 1.6 (HKLM\...\Scan2PDF_is1) (Version: - Koma-Code)
SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital)
Schémata PLUS (HKLM\...\Schémata PLUS_is1) (Version: - El soft)
Skins (Version: 2008.0109.2141.38743 - ATI) Hidden
SkinsHP1 (Version: 5.31.0.147 - Hewlett-Packard) Hidden
SkinsHP2 (Version: 5.31.0.147 - Hewlett-Packard) Hidden
Softarová utilita ATI - Odinstalovat (HKLM\...\All ATI Software) (Version: 6.14.10.1019 - )
Software602 Form Filler (HKLM\...\{C680853D-3D54-40C9-BB13-FD1665556A18}) (Version: 4.56 - Software602 a.s.)
Spotřebiče (HKLM\...\ST5UNST #1) (Version: - )
Spotřebiče Plus (HKLM\...\Spotřebiče Plus_is1) (Version: - El soft)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: - )
TrayApp (Version: 5.31.0.147 - Hewlett-Packard) Hidden
Údržba Samsung SCX-4600 Series (HKLM\...\Samsung SCX-4600 Series) (Version: - Samsung Electronics CO.,LTD)
Unload (Version: 3.1.0 - Hewlett-Packard) Hidden
VC 9.0 Runtime (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 5.31.0.147 - Hewlett-Packard) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.8.0031.9 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031517 - Microsoft Corporation)
XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1844237615-1770027372-1417001333-1003_Classes\CLSID\{0FB8DE1A-E991-40E5-83CA-5172084B2073}\InprocServer32 -> H:\Program Files\HP\Digital Imaging\bin\hpISdownsampler.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-1844237615-1770027372-1417001333-1003_Classes\CLSID\{DA7A2849-2E3F-4F87-A1C4-43843592BAED}\InprocServer32 -> H:\Program Files\HP\Digital Imaging\bin\hpodcpxe.dll (Hewlett-Packard Company)

==================== Restore Points =========================

07-06-2015 17:39:51 Kontrolní bod systému
08-06-2015 19:23:00 Kontrolní bod systému
09-06-2015 19:59:00 Kontrolní bod systému
11-06-2015 21:44:49 Software Distribution Service 3.0
15-06-2015 19:19:10 Kontrolní bod systému
18-06-2015 17:03:33 Kontrolní bod systému
27-06-2015 13:45:47 Installed Google Drive
04-07-2015 09:20:57 Kontrolní bod systému
06-07-2015 18:43:29 Kontrolní bod systému
08-07-2015 17:22:05 Kontrolní bod systému
13-07-2015 20:19:40 Kontrolní bod systému
15-07-2015 17:42:47 Kontrolní bod systému
15-07-2015 21:28:16 Software Distribution Service 3.0
17-07-2015 19:11:28 Software Distribution Service 3.0
17-07-2015 21:20:54 Software Distribution Service 3.0
21-07-2015 19:01:15 Software Distribution Service 3.0
21-07-2015 20:39:56 Software Distribution Service 3.0
26-07-2015 18:53:59 Software Distribution Service 3.0
26-07-2015 21:26:40 Software Distribution Service 3.0
27-07-2015 17:33:40 Software Distribution Service 3.0
27-07-2015 20:12:22 Software Distribution Service 3.0
31-07-2015 19:20:41 Software Distribution Service 3.0
31-07-2015 22:05:50 Software Distribution Service 3.0
01-08-2015 07:45:28 Software Distribution Service 3.0
01-08-2015 11:36:34 Software Distribution Service 3.0
03-08-2015 20:17:34 Software Distribution Service 3.0
03-08-2015 21:57:25 Software Distribution Service 3.0
04-08-2015 22:03:50 Software Distribution Service 3.0
09-08-2015 12:45:54 Software Distribution Service 3.0
09-08-2015 20:28:14 Software Distribution Service 3.0
12-08-2015 14:44:15 Kontrolní bod systému
12-08-2015 19:08:40 Software Distribution Service 3.0
14-08-2015 08:53:10 Kontrolní bod systému
16-08-2015 10:39:02 Software Distribution Service 3.0
16-08-2015 21:04:25 Software Distribution Service 3.0
17-08-2015 19:11:49 Software Distribution Service 3.0
17-08-2015 21:06:39 Software Distribution Service 3.0
20-08-2015 18:26:09 Kontrolní bod systému
20-08-2015 20:38:44 Software Distribution Service 3.0
22-08-2015 17:38:00 Software Distribution Service 3.0
24-08-2015 16:45:16 Software Distribution Service 3.0
24-08-2015 21:40:14 Software Distribution Service 3.0
25-08-2015 19:41:54 Software Distribution Service 3.0
25-08-2015 21:41:39 Software Distribution Service 3.0
27-08-2015 18:25:35 Software Distribution Service 3.0
27-08-2015 21:20:33 Software Distribution Service 3.0
01-09-2015 15:38:42 Software Distribution Service 3.0
01-09-2015 22:02:33 Software Distribution Service 3.0
02-09-2015 16:46:42 Software Distribution Service 3.0
02-09-2015 21:10:39 Software Distribution Service 3.0
02-09-2015 22:23:41 Software Distribution Service 3.0
04-09-2015 20:38:57 Removed Adobe Reader XI (11.0.08) - Czech.
04-09-2015 20:51:37 Removed Adobe Reader XI (11.0.08) - Czech.
04-09-2015 21:13:48 Removed Google Drive
04-09-2015 21:17:36 Software Distribution Service 3.0
05-09-2015 03:00:14 Software Distribution Service 3.0
05-09-2015 15:47:01 Software Distribution Service 3.0
05-09-2015 17:24:38 avast! antivirus system restore point
05-09-2015 17:26:59 Installed Windows XP Wdf01009.
05-09-2015 19:12:32 Software Distribution Service 3.0

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2001-10-25 14:00 - 2015-09-04 21:10 - 00000056 ____A H:\WINDOWS\system32\Drivers\etc\hosts
㈱⸷⸰⸰‱†††潬慣桬獯൴㨊ㄺ†††氠捯污潨瑳਍਍਍਍

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: H:\WINDOWS\Tasks\Adobe Flash Player Updater.job => H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: H:\WINDOWS\Tasks\avast! Emergency Update.job => H:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: H:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => H:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: H:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => H:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: H:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => H:\Program Files\Google\Update\GoogleUpdate.exe
Task: H:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => H:\Program Files\Google\Update\GoogleUpdate.exe
Task: H:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => H:\WINDOWS\system32\xp_eos.exe
Task: H:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => H:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-16 20:46 - 2015-09-05 17:25 - 00102864 _____ () H:\Program Files\AVAST Software\Avast\log.dll
2015-05-16 20:46 - 2015-09-05 17:25 - 00123976 _____ () H:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-05 15:15 - 2015-09-05 15:15 - 02964480 _____ () H:\Program Files\AVAST Software\Avast\defs\15090500\algo.dll
2015-09-05 19:13 - 2015-09-05 19:13 - 02964480 _____ () H:\Program Files\AVAST Software\Avast\defs\15090502\algo.dll
2010-03-18 11:25 - 2009-02-19 07:44 - 00026624 _____ () H:\WINDOWS\system32\sso1ml3.dll
2010-03-18 11:34 - 2009-09-11 09:36 - 01968640 _____ () H:\WINDOWS\Twain_32\Samsung\SCX4600\Scan2pc.exe
2010-03-18 11:34 - 2009-02-19 21:14 - 00155648 _____ () H:\WINDOWS\Twain_32\Samsung\SCX4600\IMFilter.dll
2010-03-18 11:34 - 2009-02-19 21:17 - 01384520 _____ () H:\WINDOWS\Twain_32\Samsung\SCX4600\ssole.dll
2010-03-18 10:59 - 2007-09-07 19:11 - 00786432 _____ () H:\Program Files\Remote Virtual USB\RMVUSB.exe
2015-03-14 12:53 - 2015-05-16 20:46 - 40540672 _____ () H:\Program Files\AVAST Software\Avast\libcef.dll
2015-09-05 19:10 - 2015-09-05 19:10 - 00071168 _____ () h:\Documents and Settings\Evka\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpajefnf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: H:\UCTO2015:com.dropbox.attributes

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
IE restricted site: HKU\.DEFAULT\...\123topsearch.com -> www.123topsearch.com

There are 5430 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1844237615-1770027372-1417001333-1003\Control Panel\Desktop\\Wallpaper -> H:\Documents and Settings\Evka\Data aplikací\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 62.129.50.20 - 85.135.32.100
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: H:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk => H:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
MSCONFIG\startupreg: HP Component Manager => "H:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
MSCONFIG\startupreg: StartCCC => "H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [H:\Program Files\Dropbox\Client\Dropbox.exe] => Enabled:Dropbox
StandardProfile\AuthorizedApplications: [H:\WINDOWS\system32\ZoneLabs\vsmon.exe] => Enabled:TrueVector Service
StandardProfile\AuthorizedApplications: [H:\WINDOWS\twain_32\Samsung\ScanMgr.exe] => Enabled:Scan Manger
StandardProfile\AuthorizedApplications: [H:\WINDOWS\twain_32\Samsung\SCX4600\Scan2Pc.exe] => Enabled:ScanToPC
StandardProfile\AuthorizedApplications: [H:\WINDOWS\twain_32\Samsung\SCX4600\Sscan2io.exe] => Enabled:SScanToIO
StandardProfile\AuthorizedApplications: [H:\Program Files\Common Files\soft602\langserv.exe] => Enabled:Software602 Spell Checker
StandardProfile\AuthorizedApplications: [H:\Program Files\Remote Virtual USB\RMVUSB.exe] => Enabled:Remote Virtual USB Client
StandardProfile\AuthorizedApplications: [H:\Program Files\Tomabo\MP4 Player\YouTubeVideoDownloader.exe] => Enabled:YouTube Video Downloader
StandardProfile\AuthorizedApplications: [H:\Program Files\Tomabo\MP4 Player\MP4Downloader.exe] => Enabled:MP4 Downloader
StandardProfile\AuthorizedApplications: [H:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (H:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [H:\Program Files\Dropbox\Client\Dropbox.exe] => Enabled:Dropbox
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (09/04/2015 08:37:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace acrord32.exe, verze 11.0.8.4, chybující modul acrord32.exe, verze 11.0.8.4, adresa chyby 0x000d1f10.
Zpracování události, specifické pro médium ([acrord32.exe!ws!])

Error: (09/02/2015 08:12:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace acrord32.exe, verze 11.0.8.4, chybující modul acrord32.exe, verze 11.0.8.4, adresa chyby 0x000d1f10.
Zpracování události, specifické pro médium ([acrord32.exe!ws!])

Error: (09/01/2015 04:41:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace acrord32.exe, verze 11.0.8.4, chybující modul acrord32.exe, verze 11.0.8.4, adresa chyby 0x000d1f10.
Zpracování události, specifické pro médium ([acrord32.exe!ws!])

Error: (09/01/2015 04:22:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace acrord32.exe, verze 11.0.8.4, chybující modul acrord32.exe, verze 11.0.8.4, adresa chyby 0x000d1f10.
Zpracování události, specifické pro médium ([acrord32.exe!ws!])

Error: (08/24/2015 09:32:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace acrord32.exe, verze 11.0.8.4, chybující modul acrord32.exe, verze 11.0.8.4, adresa chyby 0x000d1f10.
Zpracování události, specifické pro médium ([acrord32.exe!ws!])

Error: (08/24/2015 08:46:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace acrord32.exe, verze 11.0.8.4, chybující modul acrord32.exe, verze 11.0.8.4, adresa chyby 0x000d1f10.
Zpracování události, specifické pro médium ([acrord32.exe!ws!])

Error: (08/22/2015 06:47:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace acrord32.exe, verze 11.0.8.4, chybující modul acrord32.exe, verze 11.0.8.4, adresa chyby 0x000d1f10.
Zpracování události, specifické pro médium ([acrord32.exe!ws!])

Error: (08/22/2015 06:27:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace acrord32.exe, verze 11.0.8.4, chybující modul acrord32.exe, verze 11.0.8.4, adresa chyby 0x000d1f10.
Zpracování události, specifické pro médium ([acrord32.exe!ws!])

Error: (08/22/2015 06:15:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace acrord32.exe, verze 11.0.8.4, chybující modul acrord32.exe, verze 11.0.8.4, adresa chyby 0x000d1f10.
Zpracování události, specifické pro médium ([acrord32.exe!ws!])

Error: (08/20/2015 07:46:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace acrord32.exe, verze 11.0.8.4, chybující modul acrord32.exe, verze 11.0.8.4, adresa chyby 0x000d1f10.
Zpracování události, specifické pro médium ([acrord32.exe!ws!])

System errors:
=============
Error: (09/05/2015 07:08:56 PM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000043HarddiskVolume1

Error: (09/05/2015 07:08:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SSPORT neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (09/05/2015 03:37:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SSPORT neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (09/05/2015 03:35:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/05/2015 03:35:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (09/05/2015 03:35:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Machine Debug Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/05/2015 03:35:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba COMODO Dragon Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/05/2015 03:35:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba 602Updater byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/05/2015 03:35:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Ati HotKey Poller byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/05/2015 03:14:56 PM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1

Microsoft Office:
=========================
Error: (09/04/2015 08:37:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: acrord32.exe11.0.8.4acrord32.exe11.0.8.4000d1f10

Error: (09/02/2015 08:12:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: acrord32.exe11.0.8.4acrord32.exe11.0.8.4000d1f10

Error: (09/01/2015 04:41:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: acrord32.exe11.0.8.4acrord32.exe11.0.8.4000d1f10

Error: (09/01/2015 04:22:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: acrord32.exe11.0.8.4acrord32.exe11.0.8.4000d1f10

Error: (08/24/2015 09:32:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: acrord32.exe11.0.8.4acrord32.exe11.0.8.4000d1f10

Error: (08/24/2015 08:46:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: acrord32.exe11.0.8.4acrord32.exe11.0.8.4000d1f10

Error: (08/22/2015 06:47:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: acrord32.exe11.0.8.4acrord32.exe11.0.8.4000d1f10

Error: (08/22/2015 06:27:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: acrord32.exe11.0.8.4acrord32.exe11.0.8.4000d1f10

Error: (08/22/2015 06:15:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: acrord32.exe11.0.8.4acrord32.exe11.0.8.4000d1f10

Error: (08/20/2015 07:46:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: acrord32.exe11.0.8.4acrord32.exe11.0.8.4000d1f10

==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
Percentage of memory in use: 47%
Total physical RAM: 1919.23 MB
Available physical RAM: 1010.71 MB
Total Virtual: 3812.68 MB
Available Virtual: 2973.93 MB

==================== Drives ================================

Drive h: () (Fixed) (Total:149.04 GB) (Free:78.75 GB) NTFS ==>[drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 820F820F)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#15 Příspěvek od **Márty84** » 05 zář 2015 20:27

Napiste mi velikost adresare plochy (H:\Documents and Settings\Evka\Plocha)

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [seznam-listicka-distribuce] => H:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [Adobe ARM] => H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-1844237615-1770027372-1417001333-1003\...\Run: [MSMSGS] => H:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1844237615-1770027372-1417001333-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKU\S-1-5-21-1844237615-1770027372-1417001333-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search

2015-09-05 15:45 - 2015-09-05 15:45 - 10284816 _____ (Malwarebytes Corporation ) H:\Documents and Settings\Evka\Plocha\mbam-setup-1.75.0.1300.exe

Task: H:\WINDOWS\Tasks\Adobe Flash Player Updater.job => H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: H:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => H:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: H:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => H:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: H:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => H:\Program Files\Google\Update\GoogleUpdate.exe
Task: H:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => H:\Program Files\Google\Update\GoogleUpdate.exe
Task: H:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => H:\WINDOWS\system32\xp_eos.exe
Task: H:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => H:\WINDOWS\system32\xp_eos.exe

S2 gupdate;Služba Google Update (gupdate); H:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-21 107848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 gupdatem;Služba Google Update (gupdatem); H:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-21 107848]

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

VIRY.CZ

Prosím o kontrolu - PC se zasekává

Prosím o kontrolu - PC se zasekává

Re: Prosím o kontrolu - PC se zasekává

Re: Prosím o kontrolu - PC se zasekává

Re: Prosím o kontrolu - PC se zasekává

Re: Prosím o kontrolu - PC se zasekává

Re: Prosím o kontrolu - PC se zasekává

Re: Prosím o kontrolu - PC se zasekává

Re: Prosím o kontrolu - PC se zasekává

Re: Prosím o kontrolu - PC se zasekává

Re: Prosím o kontrolu - PC se zasekává

Re: Prosím o kontrolu - PC se zasekává

Re: Prosím o kontrolu - PC se zasekává

Re: Prosím o kontrolu - PC se zasekává

Re: Prosím o kontrolu - PC se zasekává

Re: Prosím o kontrolu - PC se zasekává