nejde antivir

Zpráva

Igor127 · #1 Příspěvek od **Igor127** » 22 pro 2015 19:46

Dobrý den, od večera mi nejde Avast - jako by celej zamrzl a jeho odinstalace byla možná pouze přes nouzový režim, poté mi kamarád (student informatiky) projel PC combem, následně jsme dali Aviru, a ta téže nepracuje správně. Projel jsem PC i online Scannerem od Esetu a nic... Docela mě to děsí, čím to může být, že antivir v mém PC najednou přestal fungovat... A samozřejmě to má pdole mě důsledek ten, že mi chvíli jde a pak nejde prohlížeč atd.
Mohu požádat o radu?

#2 Příspěvek od **Rudy** » 22 pro 2015 19:50

Zdravím!
Pokud jste již tak neučinil, spusťte odinstalátor Avastu: https://www.avast.com/cs-cz/uninstall-utility. Avast pak zkuste znovu nainstalovat. Před novou instalací avastu, musíte samozřejmě Aviru odinstalovat.

Igor127 · #3 Příspěvek od **Igor127** » 22 pro 2015 19:53

To jsem samozřejmě udělal, tenhle odkaz na unistal mi nefungoval, proto ten nouzový režim, po zpětném nainstalování avastu a odstraněni Aviry, se Avast stejně opět sekl a přestal fungovat a píše že nejsem chráněn... nevím co s tím už

#4 Příspěvek od **Rudy** » 22 pro 2015 20:05

OK. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

Igor127 · #5 Příspěvek od **Igor127** » 22 pro 2015 20:28

Tady posílám, snad je to dobře poslané...

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-12-2015
Ran by Igor (administrator) on HP28602582302 (22-12-2015 20:17:57)
Running from K:\
Loaded Profiles: Igor (Available Profiles: Igor & Jarka & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Skillbrains) C:\Program Files\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(Logitech Inc.) C:\Program Files\Logitech\Logitech Vid\Vid.exe
(© 2015 Microsoft Corporation) C:\Documents and Settings\Igor\Local Settings\Data aplikací\Microsoft\BingSvc\BingSvc.exe
() C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avcenter.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SetRefresh] => C:\Program Files\Compaq\SetRefresh\SetRefresh.exe [525824 2003-11-20] (Hewlett-Packard Company)
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2780432 2009-05-08] ()
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [803200 2015-11-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\...\Run: [Logitech Vid] => C:\Program Files\Logitech\Logitech Vid\Vid.exe [5472016 2009-04-30] (Logitech Inc.)
HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\...\Run: [BingSvc] => C:\Documents and Settings\Igor\Local Settings\Data aplikací\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-15] (© 2015 Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\Documents and Settings\Igor\Nabídka Start\Programy\Po spuštění\Update GreenWebPlayer.lnk [2013-11-27]
ShortcutTarget: Update GreenWebPlayer.lnk -> C:\Games\GreenWebPlayer\Updater.exe ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-11-20] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-11-20] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 18 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-11-20] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 177.67.82.22 8.8.8.8
Tcpip\..\Interfaces\{89EA4431-44A3-46DF-93CE-35FEC5C70F54}: [DhcpNameServer] 177.67.82.22 8.8.8.8

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hp.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hp.com
HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {1FB3189C-5F97-4F1F-9207-552FC28CD8CA} URL = hxxp://www.webhledani.cz/results.aspx?i=39&tp= ... earchTerms}
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {43358372-B183-4FB9-833F-01EDD0C25574} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16805
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {49CB3EE6-8C73-483A-9A48-0979768B7F9B} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16805
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {5757FA00-C9C3-4065-A7BF-DC0448D68375} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16805
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {621B72BB-364F-48D2-B44B-EF550061C47C} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16805
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {75AACAFC-51C6-4565-B1D2-D65B62F49373} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16805
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {8E246C44-4558-4432-8DDF-122AD2B3ED15} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16805
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {AC4A9B54-CD9A-4AAF-8748-6C9E55D1A7C0} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16805
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {CDBFB47B-58A8-4111-BF95-06178DCE326D} URL =
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {CF8B4593-68B7-4B06-A03C-425343B3245E} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16805
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {D9C15637-E4F4-4058-9852-41A2227E622A} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16805
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1245436526354
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Igor\Data aplikací\Mozilla\Firefox\Profiles\sl0daekf.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll [2014-06-02] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [No File]
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin HKU\S-1-5-21-3236895599-3957515515-2657171131-1010: @facebook.com/FBPlugin,version=1.0.1 -> C:\Documents and Settings\Igor\Data aplikací\Facebook\npfbplugin_1_0_1.dll [2010-02-01] ( )
FF Plugin HKU\S-1-5-21-3236895599-3957515515-2657171131-1010: @facebook.com/FBPlugin,version=1.0.3 -> C:\Documents and Settings\Igor\Data aplikací\Facebook\npfbplugin_1_0_3.dll [2010-02-26] ( )
FF Plugin HKU\S-1-5-21-3236895599-3957515515-2657171131-1010: @greentube.com/GreenWebPlayer -> C:\Games\GreenWebPlayer\npgreenwebplayer.dll [2013-12-13] (Greentube Internet Entertainment Solutions GmbH)
FF Plugin HKU\S-1-5-21-3236895599-3957515515-2657171131-1010: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Igor\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010-06-21] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2010-07-23] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-05-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-05-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-05-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-05-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-05-29] (Apple Inc.)
FF SearchPlugin: C:\Documents and Settings\Igor\Data aplikací\Mozilla\Firefox\Profiles\sl0daekf.default\searchplugins\bing-.xml [2015-11-27]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml [2010-07-23]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml [2010-07-23]
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-06-21] [not signed]
FF Extension: Bing Search - C:\Documents and Settings\Igor\Data aplikací\Mozilla\Firefox\Profiles\sl0daekf.default\Extensions\bingsearch.full@microsoft.com [2015-07-10] [not signed]
FF Extension: Bing Search - C:\Documents and Settings\Igor\Data aplikací\Mozilla\Firefox\Profiles\sl0daekf.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-27]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Igor\Data aplikací\Mozilla\Firefox\Profiles\sl0daekf.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2015-09-19] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-18] [not signed]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\...\Firefox\Extensions: [{1650a312-02bc-40ee-977e-83f158701739}] - C:\Program Files\SiteAdvisor\6173\FF => not found
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-branding.js [2010-07-23]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-l10n.js [2010-07-23]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox.js [2010-07-23]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\reporter.js [2010-07-23]

Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-17]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-17]
CHR Extension: (Disk Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-17]
CHR Extension: (YouTube) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-17]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-17]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-17]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Skype) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-17]
CHR Extension: (Gmail) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-17]
CHR Profile: C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-11]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-11]
CHR Extension: (Disk Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-11]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-11]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: chrome.exe - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.Jarka - C:\Documents and Settings\Jarka\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc.exe [930944 2015-11-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [466408 2015-11-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [466408 2015-11-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE [1222952 2015-11-20] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2011-06-09] (Flexera Software, Inc.)
S2 gupdate1c9fa7fcf69c1d8; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-06-21] (Sun Microsystems, Inc.)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S4 adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [105472 2002-05-08] (Adaptec, Inc.) [File not signed]
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [106968 2015-11-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136272 2015-11-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2015-11-20] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 e1yexpress; C:\WINDOWS\System32\DRIVERS\e1y5132.sys [243856 2008-06-13] (Intel Corporation)
R3 eapihdrv; C:\Documents and Settings\Igor\Local Settings\Temp\ehdrv.sys [135760 2015-12-22] (ESET)
S3 FilterService; C:\WINDOWS\System32\DRIVERS\lvuvcflt.sys [23832 2009-05-01] (Logitech Inc.)
R1 FSLX; C:\WINDOWS\system32\drivers\fslx.sys [195456 2009-02-20] (Symantec Corp.) [File not signed]
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2004-08-03] (Intel(R) Corporation)
S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12415 2004-08-03] (Intel(R) Corporation)
S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12127 2004-08-03] (Intel(R) Corporation)
S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11775 2004-08-03] (Intel(R) Corporation)
S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [12063 2004-08-03] (Intel(R) Corporation)
S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19455 2004-08-03] (Intel(R) Corporation)
S3 iAimFP5; C:\WINDOWS\System32\DRIVERS\wADV07nt.sys [11807 2004-08-03] (Intel(R) Corporation)
S3 iAimFP6; C:\WINDOWS\System32\DRIVERS\wADV08nt.sys [11295 2004-08-03] (Intel(R) Corporation)
S3 iAimFP7; C:\WINDOWS\System32\DRIVERS\wADV09nt.sys [11871 2004-08-03] (Intel(R) Corporation)
S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29311 2004-08-03] (Intel(R) Corporation)
S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19551 2004-08-03] (Intel(R) Corporation)
S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33599 2004-08-03] (Intel(R) Corporation)
S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23615 2004-08-03] (Intel(R) Corporation)
S3 iAimTV5; C:\WINDOWS\System32\DRIVERS\wATV10nt.sys [25471 2004-08-03] (Intel(R) Corporation)
S3 iAimTV6; C:\WINDOWS\System32\DRIVERS\wATV06nt.sys [22271 2004-08-03] (Intel(R) Corporation)
R3 Iviaspi; C:\WINDOWS\System32\drivers\Iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.) [File not signed]
R3 LVPr2Mon; C:\WINDOWS\System32\Drivers\LVPr2Mon.sys [25624 2009-04-30] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [46592 2008-04-14] (Microsoft Corporation)
S3 PROCEXP113; C:\WINDOWS\system32\Drivers\PROCEXP113.SYS [12568 2015-12-22] (Sysinternals - www.sysinternals.com) [File not signed]
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider) [File not signed]
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [31848 2015-11-20] (Avira Operations GmbH & Co. KG)
S4 Symmpi; C:\WINDOWS\system32\DRIVERS\symmpi.sys [28416 2002-04-04] (LSI Logic) [File not signed]
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [30848 2015-12-22] ()
S3 catchme; \??\C:\DOCUME~1\Igor\LOCALS~1\Temp\catchme.sys [X]
S3 esihdrv; \??\C:\DOCUME~1\Igor\LOCALS~1\Temp\esihdrv.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-22 20:17 - 2015-12-22 20:17 - 00000000 ____D C:\FRST
2015-12-22 18:31 - 2015-12-22 18:31 - 00000859 _____ C:\Documents and Settings\All Users\Plocha\Avira Launcher.lnk
2015-12-22 18:12 - 2015-12-22 18:12 - 00000000 ____D C:\Program Files\ESET
2015-12-22 18:06 - 2015-12-22 18:30 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Avira
2015-12-22 18:06 - 2015-12-22 18:06 - 00000000 ____D C:\Documents and Settings\Igor\Data aplikací\Avira
2015-12-22 18:05 - 2015-12-22 18:26 - 00000000 ____D C:\Program Files\Avira
2015-12-22 18:05 - 2015-11-20 15:36 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2015-12-22 18:05 - 2015-11-20 15:35 - 00136272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-12-22 18:05 - 2015-11-20 15:35 - 00106968 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-12-22 18:05 - 2015-11-20 15:35 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-12-22 13:41 - 2015-12-22 13:41 - 00021320 _____ C:\ComboFix.txt
2015-12-22 13:41 - 2015-12-22 13:41 - 00012568 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP113.SYS
2015-12-22 13:41 - 2015-12-22 13:41 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2015-12-22 13:41 - 2015-12-22 13:41 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2015-12-22 13:41 - 2015-12-22 13:41 - 00000000 ____D C:\Documents and Settings\Jarka\Local Settings\temp
2015-12-22 13:41 - 2015-12-22 13:41 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2015-12-22 13:27 - 2015-12-22 13:27 - 00000000 _RSHD C:\cmdcons
2015-12-22 13:27 - 2009-06-19 19:06 - 00000211 _____ C:\Boot.bak
2015-12-22 13:27 - 2004-08-03 23:00 - 00261312 __RSH C:\cmldr
2015-12-22 13:23 - 2015-12-22 13:41 - 00000000 ____D C:\ComboFix
2015-12-22 13:23 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2015-12-22 13:23 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2015-12-22 13:23 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-12-22 13:23 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-12-22 13:23 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-12-22 13:23 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-12-22 13:23 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe
2015-12-22 13:23 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe
2015-12-22 13:23 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe
2015-12-22 13:20 - 2015-12-22 13:41 - 00000000 ____D C:\Qoobox
2015-12-22 13:20 - 2015-12-22 13:39 - 00000000 ____D C:\WINDOWS\erdnt
2015-12-22 12:40 - 2015-12-22 18:06 - 00195550 _____ C:\WINDOWS\ntbtlog.txt
2015-12-22 12:31 - 2015-12-22 18:29 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Package Cache
2015-12-22 12:31 - 2015-12-22 12:31 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Documents and Settings\Igor\Plocha\avira_en_av_56793458ee11b__ws.exe
2015-12-22 11:42 - 2015-12-22 11:42 - 00000000 ____D C:\Documents and Settings\Igor\Data aplikací\TeamViewer
2015-12-22 10:48 - 2015-12-22 10:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikacĂ
2015-12-22 10:46 - 2015-12-22 18:26 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Avira
2015-12-22 10:00 - 2015-12-22 10:01 - 00000000 ____D C:\Documents and Settings\Igor\Local Settings\Data aplikací\AviraResume
2015-12-21 23:36 - 2015-12-21 23:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2015-12-21 23:36 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2015-12-21 20:46 - 2015-12-22 13:03 - 00030848 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-12-21 20:46 - 2015-12-21 22:04 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\RogueKiller
2015-12-21 19:47 - 2015-12-21 20:07 - 00000000 ____D C:\AdwCleaner
2015-12-06 17:10 - 2015-12-06 17:36 - 00211517 _____ C:\Documents and Settings\Igor\Plocha\RVP.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-22 20:18 - 2009-06-20 12:30 - 00000000 ____D C:\Documents and Settings\Igor\Local Settings\Temp
2015-12-22 20:17 - 2009-07-16 16:31 - 00000000 ____D C:\Documents and Settings\Igor\Data aplikací\Skype
2015-12-22 20:17 - 2009-06-20 04:03 - 00000000 ____D C:\WINDOWS
2015-12-22 20:05 - 2014-06-02 18:56 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-22 19:39 - 2013-01-29 19:03 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2015-12-22 19:26 - 2009-07-01 20:18 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-22 18:31 - 2009-06-20 04:03 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-12-22 18:13 - 2009-06-20 04:04 - 00000000 ____D C:\WINDOWS\Registration
2015-12-22 18:10 - 2006-05-04 16:45 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2015-12-22 18:08 - 2014-03-22 08:49 - 00000220 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-12-22 18:08 - 2009-07-01 20:18 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-22 18:08 - 2006-05-04 16:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-22 18:07 - 2009-12-26 11:25 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2015-12-22 18:07 - 2009-12-26 11:25 - 00000000 _____ C:\WINDOWS\system32\Drivers\logiflt.iad
2015-12-22 18:07 - 2009-06-20 12:30 - 00000178 ___SH C:\Documents and Settings\Igor\ntuser.ini
2015-12-22 18:07 - 2009-06-20 12:30 - 00000000 __RHD C:\Documents and Settings\Igor\Data aplikací
2015-12-22 18:07 - 2009-06-20 04:03 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2015-12-22 18:06 - 2009-06-20 04:03 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-12-22 18:01 - 2006-05-04 16:50 - 00032432 _____ C:\WINDOWS\SchedLgU.Txt
2015-12-22 17:58 - 2009-06-20 04:04 - 00000000 ___HD C:\WINDOWS\inf
2015-12-22 17:58 - 2009-06-20 04:03 - 00000000 __SHD C:\Documents and Settings\NetworkService
2015-12-22 17:30 - 2009-06-20 12:30 - 00000000 ____D C:\Documents and Settings\Igor\Plocha
2015-12-22 15:20 - 2009-06-20 04:04 - 00000000 ____D C:\WINDOWS\repair
2015-12-22 14:48 - 2009-06-20 12:30 - 00000000 ____D C:\Documents and Settings\Igor
2015-12-22 14:00 - 2011-12-28 13:36 - 00000460 _____ C:\WINDOWS\Tasks\At4.job
2015-12-22 13:41 - 2009-06-20 04:03 - 00000000 ___HD C:\Documents and Settings\Default User
2015-12-22 13:38 - 2006-05-04 18:04 - 00000227 _____ C:\WINDOWS\system.ini
2015-12-22 13:33 - 2009-11-02 17:23 - 00000000 ____D C:\Documents and Settings\Igor\Local Settings\Data aplikací\Temp
2015-12-22 13:27 - 2006-05-04 16:09 - 00000327 __RSH C:\boot.ini
2015-12-22 13:18 - 2009-07-17 11:42 - 00000000 ____D C:\Documents and Settings\Igor\Dokumenty\Stažené soubory
2015-12-22 11:36 - 2009-06-20 12:30 - 00000000 ___RD C:\Documents and Settings\Igor\Dokumenty
2015-12-22 10:48 - 2009-06-20 04:03 - 00000000 ____D C:\Documents and Settings\All Users
2015-12-22 10:00 - 2009-06-20 12:30 - 00000000 ___HD C:\Documents and Settings\Igor\Local Settings\Data aplikací
2015-12-21 23:29 - 2011-08-11 20:30 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-21 20:40 - 2013-10-18 18:31 - 00524288 _____ C:\WINDOWS\system32\config\SpybotSD.evt
2015-12-21 20:40 - 2011-12-28 13:36 - 00000460 _____ C:\WINDOWS\Tasks\At2.job
2015-12-21 20:39 - 2010-09-23 13:28 - 00000252 _____ C:\WINDOWS\wininit.ini
2015-12-21 20:32 - 2009-12-02 20:08 - 00000000 __RHD C:\Documents and Settings\Jarka\Data aplikací
2015-12-21 20:00 - 2011-04-25 18:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\ICQ
2015-12-21 08:15 - 2006-05-04 16:24 - 03576304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-20 20:12 - 2009-12-02 20:08 - 00000178 ___SH C:\Documents and Settings\Jarka\ntuser.ini
2015-12-20 20:12 - 2009-12-02 20:08 - 00000000 ____D C:\Documents and Settings\Jarka
2015-12-20 20:09 - 2013-07-29 20:02 - 00000000 ____D C:\Documents and Settings\Jarka\Data aplikací\Seznam.cz
2015-12-20 20:04 - 2009-06-11 13:58 - 00071344 _____ C:\Documents and Settings\Administrator\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2015-12-20 17:56 - 2009-06-20 04:03 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-12-13 13:36 - 2011-12-28 13:36 - 00000460 _____ C:\WINDOWS\Tasks\At3.job
2015-12-13 11:30 - 2010-03-15 17:44 - 00002563 _____ C:\Documents and Settings\Igor\Plocha\Microsoft Office Word 2007.lnk
2015-12-11 15:13 - 2013-07-29 20:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-11 15:13 - 2009-06-19 20:10 - 137798368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-27 20:15 - 2011-12-28 13:40 - 00007772 _____ C:\WINDOWS\Tasks\hpwebreg_CN17D12H1J05QV.job
2015-11-27 16:46 - 2009-07-16 16:31 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Skype

==================== Files in the root of some directories =======

2013-01-08 17:33 - 2013-01-15 19:26 - 0001456 _____ () C:\Documents and Settings\Igor\Local Settings\Data aplikací\Adobe Save for Web 12.0 Prefs
2009-06-25 13:38 - 2015-03-01 17:01 - 0044544 _____ () C:\Documents and Settings\Igor\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-06-20 12:30 - 2009-06-11 13:42 - 0000133 _____ () C:\Documents and Settings\Igor\Local Settings\Data aplikací\fusioncache.dat
2009-06-20 12:30 - 2008-02-05 12:28 - 0000051 _____ () C:\Documents and Settings\Igor\Local Settings\Data aplikací\setup.txt
2015-08-21 09:35 - 2015-08-21 09:35 - 0000003 _____ () C:\Documents and Settings\Igor\Local Settings\Data aplikací\updater.log
2015-08-21 09:35 - 2015-10-02 17:45 - 0000412 _____ () C:\Documents and Settings\Igor\Local Settings\Data aplikací\UserProducts.xml
2011-06-09 16:29 - 2011-06-09 16:29 - 0000147 _____ () C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc

Files to move or delete:
====================
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job

Some files in TEMP:
====================
C:\Documents and Settings\Igor\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\Igor\Local Settings\Temp\catchme.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

#6 Příspěvek od **Rudy** » 22 pro 2015 22:04

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Igor127 · #7 Příspěvek od **Igor127** » 22 pro 2015 22:23

Prosím ......

# AdwCleaner v5.026 - Logfile created 22/12/2015 at 22:12:17
# Updated 21/12/2015 by Xplode
# Database : 2015-12-21.3 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Igor - HP28602582302
# Running from : C:\Documents and Settings\Igor\Plocha\adwcleaner_5.026.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

[-] [C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcfenmboojpjinhpgggodefccipikbpd

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [871 bytes] ##########

#8 Příspěvek od **Rudy** » 22 pro 2015 22:51

Dejte nový log FRST.

Igor127 · #9 Příspěvek od **Igor127** » 22 pro 2015 23:09

TADY.... ještě u toho vyzkočil soubort addition, ten nepotřebujete?

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-12-2015
Ran by Igor (administrator) on HP28602582302 (22-12-2015 23:03:24)
Running from C:\Documents and Settings\Igor\Dokumenty\Downloads
Loaded Profiles: Igor (Available Profiles: Igor & Jarka & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Skillbrains) C:\Program Files\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Logitech Inc.) C:\Program Files\Logitech\Logitech Vid\Vid.exe
(© 2015 Microsoft Corporation) C:\Documents and Settings\Igor\Local Settings\Data aplikací\Microsoft\BingSvc\BingSvc.exe
() C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SetRefresh] => C:\Program Files\Compaq\SetRefresh\SetRefresh.exe [525824 2003-11-20] (Hewlett-Packard Company)
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2780432 2009-05-08] ()
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [803200 2015-11-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\...\Run: [Logitech Vid] => C:\Program Files\Logitech\Logitech Vid\Vid.exe [5472016 2009-04-30] (Logitech Inc.)
HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\...\Run: [BingSvc] => C:\Documents and Settings\Igor\Local Settings\Data aplikací\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-15] (© 2015 Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\Documents and Settings\Igor\Nabídka Start\Programy\Po spuštění\Update GreenWebPlayer.lnk [2013-11-27]
ShortcutTarget: Update GreenWebPlayer.lnk -> C:\Games\GreenWebPlayer\Updater.exe ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 177.67.82.22 8.8.8.8
Tcpip\..\Interfaces\{89EA4431-44A3-46DF-93CE-35FEC5C70F54}: [DhcpNameServer] 177.67.82.22 8.8.8.8

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hp.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hp.com
HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {1FB3189C-5F97-4F1F-9207-552FC28CD8CA} URL = hxxp://www.webhledani.cz/results.aspx?i=39&tp= ... earchTerms}
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {43358372-B183-4FB9-833F-01EDD0C25574} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16805
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {49CB3EE6-8C73-483A-9A48-0979768B7F9B} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16805
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {5757FA00-C9C3-4065-A7BF-DC0448D68375} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16805
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {621B72BB-364F-48D2-B44B-EF550061C47C} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16805
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {75AACAFC-51C6-4565-B1D2-D65B62F49373} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16805
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {8E246C44-4558-4432-8DDF-122AD2B3ED15} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16805
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {AC4A9B54-CD9A-4AAF-8748-6C9E55D1A7C0} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16805
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {CDBFB47B-58A8-4111-BF95-06178DCE326D} URL =
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {CF8B4593-68B7-4B06-A03C-425343B3245E} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16805
SearchScopes: HKU\S-1-5-21-3236895599-3957515515-2657171131-1010 -> {D9C15637-E4F4-4058-9852-41A2227E622A} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16805
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1245436526354
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Igor\Data aplikací\Mozilla\Firefox\Profiles\sl0daekf.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll [2014-06-02] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [No File]
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin HKU\S-1-5-21-3236895599-3957515515-2657171131-1010: @facebook.com/FBPlugin,version=1.0.1 -> C:\Documents and Settings\Igor\Data aplikací\Facebook\npfbplugin_1_0_1.dll [2010-02-01] ( )
FF Plugin HKU\S-1-5-21-3236895599-3957515515-2657171131-1010: @facebook.com/FBPlugin,version=1.0.3 -> C:\Documents and Settings\Igor\Data aplikací\Facebook\npfbplugin_1_0_3.dll [2010-02-26] ( )
FF Plugin HKU\S-1-5-21-3236895599-3957515515-2657171131-1010: @greentube.com/GreenWebPlayer -> C:\Games\GreenWebPlayer\npgreenwebplayer.dll [2013-12-13] (Greentube Internet Entertainment Solutions GmbH)
FF Plugin HKU\S-1-5-21-3236895599-3957515515-2657171131-1010: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Igor\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010-06-21] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2010-07-23] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-05-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-05-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-05-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-05-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-05-29] (Apple Inc.)
FF SearchPlugin: C:\Documents and Settings\Igor\Data aplikací\Mozilla\Firefox\Profiles\sl0daekf.default\searchplugins\bing-.xml [2015-11-27]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml [2010-07-23]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml [2010-07-23]
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-06-21] [not signed]
FF Extension: Bing Search - C:\Documents and Settings\Igor\Data aplikací\Mozilla\Firefox\Profiles\sl0daekf.default\Extensions\bingsearch.full@microsoft.com [2015-07-10] [not signed]
FF Extension: Bing Search - C:\Documents and Settings\Igor\Data aplikací\Mozilla\Firefox\Profiles\sl0daekf.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-27]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Igor\Data aplikací\Mozilla\Firefox\Profiles\sl0daekf.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2015-09-19] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-18] [not signed]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\...\Firefox\Extensions: [{1650a312-02bc-40ee-977e-83f158701739}] - C:\Program Files\SiteAdvisor\6173\FF => not found
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-branding.js [2010-07-23]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-l10n.js [2010-07-23]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox.js [2010-07-23]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\reporter.js [2010-07-23]

Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-17]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-17]
CHR Extension: (Disk Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-17]
CHR Extension: (YouTube) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-17]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-17]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-17]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Skype) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-17]
CHR Extension: (Gmail) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-17]
CHR Profile: C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-11]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-11]
CHR Extension: (Disk Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-11]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-11]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: chrome.exe - C:\Documents and Settings\Igor\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.Jarka - C:\Documents and Settings\Jarka\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc.exe [930944 2015-11-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [466408 2015-11-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [466408 2015-11-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE [1222952 2015-11-20] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2011-06-09] (Flexera Software, Inc.)
S2 gupdate1c9fa7fcf69c1d8; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-06-21] (Sun Microsystems, Inc.)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S4 adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [105472 2002-05-08] (Adaptec, Inc.) [File not signed]
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [106968 2015-11-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136272 2015-11-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2015-11-20] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 e1yexpress; C:\WINDOWS\System32\DRIVERS\e1y5132.sys [243856 2008-06-13] (Intel Corporation)
S3 eapihdrv; C:\Documents and Settings\Igor\Local Settings\Temp\ehdrv.sys [135760 2015-12-22] (ESET)
S3 FilterService; C:\WINDOWS\System32\DRIVERS\lvuvcflt.sys [23832 2009-05-01] (Logitech Inc.)
R1 FSLX; C:\WINDOWS\system32\drivers\fslx.sys [195456 2009-02-20] (Symantec Corp.) [File not signed]
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2004-08-03] (Intel(R) Corporation)
S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12415 2004-08-03] (Intel(R) Corporation)
S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12127 2004-08-03] (Intel(R) Corporation)
S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11775 2004-08-03] (Intel(R) Corporation)
S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [12063 2004-08-03] (Intel(R) Corporation)
S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19455 2004-08-03] (Intel(R) Corporation)
S3 iAimFP5; C:\WINDOWS\System32\DRIVERS\wADV07nt.sys [11807 2004-08-03] (Intel(R) Corporation)
S3 iAimFP6; C:\WINDOWS\System32\DRIVERS\wADV08nt.sys [11295 2004-08-03] (Intel(R) Corporation)
S3 iAimFP7; C:\WINDOWS\System32\DRIVERS\wADV09nt.sys [11871 2004-08-03] (Intel(R) Corporation)
S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29311 2004-08-03] (Intel(R) Corporation)
S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19551 2004-08-03] (Intel(R) Corporation)
S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33599 2004-08-03] (Intel(R) Corporation)
S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23615 2004-08-03] (Intel(R) Corporation)
S3 iAimTV5; C:\WINDOWS\System32\DRIVERS\wATV10nt.sys [25471 2004-08-03] (Intel(R) Corporation)
S3 iAimTV6; C:\WINDOWS\System32\DRIVERS\wATV06nt.sys [22271 2004-08-03] (Intel(R) Corporation)
R3 Iviaspi; C:\WINDOWS\System32\drivers\Iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.) [File not signed]
R3 LVPr2Mon; C:\WINDOWS\System32\Drivers\LVPr2Mon.sys [25624 2009-04-30] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [46592 2008-04-14] (Microsoft Corporation)
S3 PROCEXP113; C:\WINDOWS\system32\Drivers\PROCEXP113.SYS [12568 2015-12-22] (Sysinternals - www.sysinternals.com) [File not signed]
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider) [File not signed]
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [31848 2015-11-20] (Avira Operations GmbH & Co. KG)
S4 Symmpi; C:\WINDOWS\system32\DRIVERS\symmpi.sys [28416 2002-04-04] (LSI Logic) [File not signed]
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [30848 2015-12-22] ()
S3 catchme; \??\C:\DOCUME~1\Igor\LOCALS~1\Temp\catchme.sys [X]
S3 esihdrv; \??\C:\DOCUME~1\Igor\LOCALS~1\Temp\esihdrv.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-22 22:17 - 2015-12-22 22:17 - 00000952 _____ C:\Documents and Settings\Igor\Plocha\AdwCleaner[C2].txt
2015-12-22 20:26 - 2015-12-22 20:26 - 00038283 _____ C:\Documents and Settings\Igor\Plocha\FRST.txt
2015-12-22 20:17 - 2015-12-22 23:03 - 00000000 ____D C:\FRST
2015-12-22 18:31 - 2015-12-22 18:31 - 00000859 _____ C:\Documents and Settings\All Users\Plocha\Avira Launcher.lnk
2015-12-22 18:06 - 2015-12-22 20:37 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Avira
2015-12-22 18:06 - 2015-12-22 18:06 - 00000000 ____D C:\Documents and Settings\Igor\Data aplikací\Avira
2015-12-22 18:05 - 2015-12-22 18:26 - 00000000 ____D C:\Program Files\Avira
2015-12-22 18:05 - 2015-11-20 15:36 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2015-12-22 18:05 - 2015-11-20 15:35 - 00136272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-12-22 18:05 - 2015-11-20 15:35 - 00106968 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-12-22 18:05 - 2015-11-20 15:35 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-12-22 13:41 - 2015-12-22 13:41 - 00021320 _____ C:\ComboFix.txt
2015-12-22 13:41 - 2015-12-22 13:41 - 00012568 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP113.SYS
2015-12-22 13:41 - 2015-12-22 13:41 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2015-12-22 13:41 - 2015-12-22 13:41 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2015-12-22 13:41 - 2015-12-22 13:41 - 00000000 ____D C:\Documents and Settings\Jarka\Local Settings\temp
2015-12-22 13:41 - 2015-12-22 13:41 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2015-12-22 13:27 - 2015-12-22 13:27 - 00000000 _RSHD C:\cmdcons
2015-12-22 13:27 - 2009-06-19 19:06 - 00000211 _____ C:\Boot.bak
2015-12-22 13:27 - 2004-08-03 23:00 - 00261312 __RSH C:\cmldr
2015-12-22 13:23 - 2015-12-22 13:41 - 00000000 ____D C:\ComboFix
2015-12-22 13:23 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2015-12-22 13:23 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2015-12-22 13:23 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-12-22 13:23 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-12-22 13:23 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-12-22 13:23 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-12-22 13:23 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe
2015-12-22 13:23 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe
2015-12-22 13:23 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe
2015-12-22 13:20 - 2015-12-22 13:41 - 00000000 ____D C:\Qoobox
2015-12-22 13:20 - 2015-12-22 13:39 - 00000000 ____D C:\WINDOWS\erdnt
2015-12-22 12:40 - 2015-12-22 18:06 - 00195550 _____ C:\WINDOWS\ntbtlog.txt
2015-12-22 12:31 - 2015-12-22 20:40 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Package Cache
2015-12-22 12:31 - 2015-12-22 12:31 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Documents and Settings\Igor\Plocha\avira_en_av_56793458ee11b__ws.exe
2015-12-22 11:42 - 2015-12-22 11:42 - 00000000 ____D C:\Documents and Settings\Igor\Data aplikací\TeamViewer
2015-12-22 10:48 - 2015-12-22 10:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikacĂ
2015-12-22 10:46 - 2015-12-22 20:37 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Avira
2015-12-22 10:00 - 2015-12-22 10:01 - 00000000 ____D C:\Documents and Settings\Igor\Local Settings\Data aplikací\AviraResume
2015-12-21 23:36 - 2015-12-21 23:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2015-12-21 23:36 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2015-12-21 20:46 - 2015-12-22 13:03 - 00030848 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-12-21 20:46 - 2015-12-21 22:04 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\RogueKiller
2015-12-21 19:47 - 2015-12-22 22:16 - 00000000 ____D C:\AdwCleaner
2015-12-21 19:46 - 2015-12-21 19:46 - 01743360 _____ C:\Documents and Settings\Igor\Plocha\adwcleaner_5.026.exe
2015-12-06 17:10 - 2015-12-06 17:36 - 00211517 _____ C:\Documents and Settings\Igor\Plocha\RVP.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-22 23:03 - 2009-06-20 12:30 - 00000000 ____D C:\Documents and Settings\Igor\Local Settings\Temp
2015-12-22 22:26 - 2009-07-01 20:18 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-22 22:17 - 2009-06-20 12:30 - 00000000 ____D C:\Documents and Settings\Igor\Plocha
2015-12-22 22:13 - 2014-03-22 08:49 - 00000220 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-12-22 22:13 - 2009-12-26 11:25 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2015-12-22 22:13 - 2009-12-26 11:25 - 00000000 _____ C:\WINDOWS\system32\Drivers\logiflt.iad
2015-12-22 22:13 - 2009-07-01 20:18 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-22 22:13 - 2006-05-04 16:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-22 22:13 - 2006-05-04 16:45 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2015-12-22 22:12 - 2009-06-20 12:30 - 00000178 ___SH C:\Documents and Settings\Igor\ntuser.ini
2015-12-22 22:12 - 2009-06-20 12:30 - 00000000 ____D C:\Documents and Settings\Igor
2015-12-22 22:12 - 2006-05-04 16:50 - 00032432 _____ C:\WINDOWS\SchedLgU.Txt
2015-12-22 22:05 - 2014-06-02 18:56 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-22 20:40 - 2011-12-28 13:36 - 00000460 _____ C:\WINDOWS\Tasks\At2.job
2015-12-22 20:40 - 2011-06-09 16:36 - 01058658 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-3236895599-3957515515-2657171131-1010-0.dat
2015-12-22 20:40 - 2011-06-09 16:36 - 00365426 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2015-12-22 20:39 - 2009-07-16 16:31 - 00000000 ____D C:\Documents and Settings\Igor\Data aplikací\Skype
2015-12-22 20:18 - 2009-06-20 04:03 - 00000000 ____D C:\WINDOWS
2015-12-22 19:39 - 2013-01-29 19:03 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2015-12-22 18:31 - 2009-06-20 04:03 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-12-22 18:13 - 2009-06-20 04:04 - 00000000 ____D C:\WINDOWS\Registration
2015-12-22 18:07 - 2009-06-20 12:30 - 00000000 __RHD C:\Documents and Settings\Igor\Data aplikací
2015-12-22 18:07 - 2009-06-20 04:03 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2015-12-22 18:06 - 2009-06-20 04:03 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-12-22 17:58 - 2009-06-20 04:04 - 00000000 ___HD C:\WINDOWS\inf
2015-12-22 17:58 - 2009-06-20 04:03 - 00000000 __SHD C:\Documents and Settings\NetworkService
2015-12-22 15:20 - 2009-06-20 04:04 - 00000000 ____D C:\WINDOWS\repair
2015-12-22 14:00 - 2011-12-28 13:36 - 00000460 _____ C:\WINDOWS\Tasks\At4.job
2015-12-22 13:41 - 2009-06-20 04:03 - 00000000 ___HD C:\Documents and Settings\Default User
2015-12-22 13:38 - 2006-05-04 18:04 - 00000227 _____ C:\WINDOWS\system.ini
2015-12-22 13:33 - 2009-11-02 17:23 - 00000000 ____D C:\Documents and Settings\Igor\Local Settings\Data aplikací\Temp
2015-12-22 13:27 - 2006-05-04 16:09 - 00000327 __RSH C:\boot.ini
2015-12-22 13:18 - 2009-07-17 11:42 - 00000000 ____D C:\Documents and Settings\Igor\Dokumenty\Stažené soubory
2015-12-22 11:36 - 2009-06-20 12:30 - 00000000 ___RD C:\Documents and Settings\Igor\Dokumenty
2015-12-22 10:48 - 2009-06-20 04:03 - 00000000 ____D C:\Documents and Settings\All Users
2015-12-22 10:00 - 2009-06-20 12:30 - 00000000 ___HD C:\Documents and Settings\Igor\Local Settings\Data aplikací
2015-12-21 23:29 - 2011-08-11 20:30 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-21 20:40 - 2013-10-18 18:31 - 00524288 _____ C:\WINDOWS\system32\config\SpybotSD.evt
2015-12-21 20:39 - 2010-09-23 13:28 - 00000252 _____ C:\WINDOWS\wininit.ini
2015-12-21 20:32 - 2009-12-02 20:08 - 00000000 __RHD C:\Documents and Settings\Jarka\Data aplikací
2015-12-21 20:00 - 2011-04-25 18:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\ICQ
2015-12-21 08:15 - 2006-05-04 16:24 - 03576304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-20 20:12 - 2009-12-02 20:08 - 00000178 ___SH C:\Documents and Settings\Jarka\ntuser.ini
2015-12-20 20:12 - 2009-12-02 20:08 - 00000000 ____D C:\Documents and Settings\Jarka
2015-12-20 20:09 - 2013-07-29 20:02 - 00000000 ____D C:\Documents and Settings\Jarka\Data aplikací\Seznam.cz
2015-12-20 20:04 - 2009-06-11 13:58 - 00071344 _____ C:\Documents and Settings\Administrator\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2015-12-20 17:56 - 2009-06-20 04:03 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-12-13 13:36 - 2011-12-28 13:36 - 00000460 _____ C:\WINDOWS\Tasks\At3.job
2015-12-13 11:30 - 2010-03-15 17:44 - 00002563 _____ C:\Documents and Settings\Igor\Plocha\Microsoft Office Word 2007.lnk
2015-12-11 15:13 - 2013-07-29 20:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-11 15:13 - 2009-06-19 20:10 - 137798368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-27 20:15 - 2011-12-28 13:40 - 00007772 _____ C:\WINDOWS\Tasks\hpwebreg_CN17D12H1J05QV.job
2015-11-27 16:46 - 2009-07-16 16:31 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Skype

==================== Files in the root of some directories =======

2013-01-08 17:33 - 2013-01-15 19:26 - 0001456 _____ () C:\Documents and Settings\Igor\Local Settings\Data aplikací\Adobe Save for Web 12.0 Prefs
2009-06-25 13:38 - 2015-03-01 17:01 - 0044544 _____ () C:\Documents and Settings\Igor\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-06-20 12:30 - 2009-06-11 13:42 - 0000133 _____ () C:\Documents and Settings\Igor\Local Settings\Data aplikací\fusioncache.dat
2009-06-20 12:30 - 2008-02-05 12:28 - 0000051 _____ () C:\Documents and Settings\Igor\Local Settings\Data aplikací\setup.txt
2015-08-21 09:35 - 2015-08-21 09:35 - 0000003 _____ () C:\Documents and Settings\Igor\Local Settings\Data aplikací\updater.log
2015-08-21 09:35 - 2015-10-02 17:45 - 0000412 _____ () C:\Documents and Settings\Igor\Local Settings\Data aplikací\UserProducts.xml
2011-06-09 16:29 - 2011-06-09 16:29 - 0000147 _____ () C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc

Files to move or delete:
====================
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job

Some files in TEMP:
====================
C:\Documents and Settings\Igor\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\Igor\Local Settings\Temp\catchme.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

#10 Příspěvek od **Rudy** » 23 pro 2015 14:00

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\...\Run: [BingSvc] => C:\Documents and Settings\Igor\Local Settings\Data aplikací\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-15] (© 2015 Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
C:\Documents and Settings\Igor\Local Settings\Data aplikací\Microsoft\BingSvc
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Extension: Bing Search - C:\Documents and Settings\Igor\Data aplikací\Mozilla\Firefox\Profiles\sl0daekf.default\Extensions\bingsearch.full@microsoft.com [2015-07-10] [not signed]
FF Extension: Bing Search - C:\Documents and Settings\Igor\Data aplikací\Mozilla\Firefox\Profiles\sl0daekf.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-27]
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
C:\Program Files\Skype\Toolbars
R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At3.job
End

Uložte do C:\Documents and Settings\Igor\Dokumenty\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Igor127 · #11 Příspěvek od **Igor127** » 23 pro 2015 16:20

Snad je to ono...

Fix result of Farbar Recovery Scan Tool (x86) Version:23-12-2015
Ran by Igor (2015-12-23 16:19:21) Run:1
Running from C:\Documents and Settings\Igor\Dokumenty\Downloads
Loaded Profiles: Igor (Available Profiles: Igor & Jarka & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\...\Run: [BingSvc] => C:\Documents and Settings\Igor\Local Settings\Data aplikací\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-15] (© 2015 Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
C:\Documents and Settings\Igor\Local Settings\Data aplikací\Microsoft\BingSvc
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Extension: Bing Search - C:\Documents and Settings\Igor\Data aplikací\Mozilla\Firefox\Profiles\sl0daekf.default\Extensions\bingsearch.full@microsoft.com [2015-07-10] [not signed]
FF Extension: Bing Search - C:\Documents and Settings\Igor\Data aplikací\Mozilla\Firefox\Profiles\sl0daekf.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-27]
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
C:\Program Files\Skype\Toolbars
R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At3.job
End
*****************

HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value removed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
C:\Documents and Settings\Igor\Local Settings\Data aplikací\Microsoft\BingSvc => moved successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-3236895599-3957515515-2657171131-1010\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{0BF43445-2F28-4351-9252-17FE6E806AA0} => value removed successfully.
HKCR\CLSID\{0BF43445-2F28-4351-9252-17FE6E806AA0} => key not found.
"HKCR\PROTOCOLS\Handler\skype-ie-addon-data" => key removed successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key not found.
Firefox SearchEngineOrder.3 removed successfully.
Firefox SelectedSearchEngine removed successfully.
Firefox "Keyword.URL" removed successfully.
C:\Documents and Settings\Igor\Data aplikací\Mozilla\Firefox\Profiles\sl0daekf.default\Extensions\bingsearch.full@microsoft.com => moved successfully
C:\Documents and Settings\Igor\Data aplikací\Mozilla\Firefox\Profiles\sl0daekf.default\Extensions\bingsearch.full@microsoft.com.xpi => moved successfully
Chrome DefaultSearchURL => removed successfully.
Chrome DefaultSearchKeyword => removed successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully.
C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => moved successfully
C:\Program Files\Skype\Toolbars => moved successfully
Skype C2C Service => Service stopped successfully.
Skype C2C Service => service removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\At2.job => moved successfully
C:\WINDOWS\Tasks\At4.job => moved successfully
C:\WINDOWS\Tasks\At3.job => moved successfully

==== End of Fixlog 16:19:22 ====

#12 Příspěvek od **Rudy** » 23 pro 2015 17:46

Smazáno. Nastala nějaká změna?

Igor127 · #13 Příspěvek od **Igor127** » 23 pro 2015 18:07

No když jsem tam hodil AVAST, opět se po chvíli sekl, přestal chránit a není s ním řeč, tak jsem ho oddinstaloval a dal zpět Aviru, která taky pořád ukazuje nějakou chybu, která se stejně po kliknutí, neopraví....

samozřejmě avast nešel odinstalovat ani přes váš odkaz uvedený výše, musel jsem opět přes nouzový režim...

Zkusil jsem tam dám i bezplatnou 30 denní zkušební verzi esetu, a ta se jeví jako funkční - nehlásí chybu ani nic

#14 Příspěvek od **Rudy** » 23 pro 2015 19:24

OK. Chvíli to nechte a pak se uvidí. Případě zkuste ručně z registry vyházet klíče, patřící Avastu. Návod: http://forum.viry.cz/viewtopic.php?f=46&t=2791 .

Igor127 · #15 Příspěvek od **Igor127** » 23 pro 2015 19:47

A co to pomůže, nechat to chvíli tak? když ten avast zřejmě pořád nefunguje, ani ta avira pořádně... Do registru zasahovat nebudu, nevím pořádně co tam smazat, najít, když je avast odinstalovaný a nechci moc "drbat" do systému, pač tomu nerozumím....

VIRY.CZ

nejde antivir

nejde antivir

Re: nejde antivir

Re: nejde antivir

Re: nejde antivir

Re: nejde antivir

Re: nejde antivir

Re: nejde antivir

Re: nejde antivir

Re: nejde antivir

Re: nejde antivir

Re: nejde antivir

Re: nejde antivir

Re: nejde antivir

Re: nejde antivir

Re: nejde antivir