VIRY.CZ

Zdravím komunitú Viry.cz

Uź to je nejaký piatok čo som nemal problém tak závažný tak sa obraciam na základe kladných skúsenosti znova na vás. Za odpovede vopred ďakujem (wink)

Takže, známa doniesla domov staršiu bedňu Lenovo, Myslím že to su z tých centier nejaká rada. PC sa nehorázne prehrieval tak ako prvé sme ho odkrytovali vyčistili, všade kde sa dalo. Teploty spadli cca o 10 stupňou avšak tu prichádza problém. Nad 65 stupňou procesora sa zapína chladenie tak hlasne že je to nepíjemné. Ďalší problém ktorý toto spôsobuje je že má dlhodobé vyťaženie procesora a to aj pri precházaní stránok ako facebook alebo youtube. Ona je viiac menej základný užívateĺ a má PC iba na internet nič viac. Občas nejaký Word etc...

Takže: Spomalenie PC - v procesoch som nenašiel nič mne divné resp boli tam "neznáme procesy"
Vraj pri ukladaní obrázkov alebo dokumentov na disk po čase ako keby tam neboli.
Chybové hlásenia pri inštalácii programov.

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-02-2016
Ran by Stanley (administrator) on HOME-COMPIK (20-02-2016 16:42:13)
Running from C:\Documents and Settings\TEMP\Plocha
Loaded Profiles: Stanley (Available Profiles: Stanley) <==== ATTENTION (Temporary Profile?)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(WildTangent, Inc.) C:\WINDOWS\wt\updater\wcmdmgr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(CPUID) C:\Program Files\CPUID\HWMonitor\HWMonitor.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Documents and Settings\TEMP\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [wcmdmgr] => C:\WINDOWS\wt\updater\wcmdmgrl.exe [20480 2002-02-28] (WildTangent, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-24] (AVAST Software)
HKU\S-1-5-19\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-20\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
Lsa: [Authentication Packages] msv1_0 nwprovau
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-12-24] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A6FE202A-66B6-4935-A4D9-3F723652DB45}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-24] (AVAST Software)
BHO: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File

FireFox:
========
FF ProfilePath: C:\Documents and Settings\TEMP\Data aplikací\Mozilla\Firefox\Profiles\eznhaoip.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1218158.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-24]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-24]

Chrome:
=======
CHR Profile: C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-20]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-20]
CHR Extension: (Disk Google) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-20]
CHR Extension: (YouTube) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-20]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-20]
CHR Extension: (Avast SafePrice) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-02-20]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-20]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-20]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-20]
CHR Extension: (Gmail) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-20]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-12-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-24]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-24] (AVAST Software)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NWCWorkstation; C:\WINDOWS\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6940944 2016-02-16] (TeamViewer GmbH)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ADIHdAudAddService; C:\WINDOWS\System32\drivers\ADIHdAud.sys [178688 2006-05-18] (Analog Devices, Inc.) [File not signed]
S3 androidusb; C:\WINDOWS\System32\Drivers\fxxandroidusb.sys [25728 2010-04-01] (Google Inc)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-12-24] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [81168 2015-12-24] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-12-24] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-12-24] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [812208 2016-01-20] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [449384 2016-01-20] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [165104 2015-12-24] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [58016 2015-12-24] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [209432 2015-12-24] (AVAST Software)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 cpuz138; C:\Documents and Settings\TEMP\Local Settings\Temp\cpuz138\cpuz138_x32.sys [27832 2016-02-20] (CPUID)
S3 FlrnUSB; C:\WINDOWS\System32\DRIVERS\LtkUSB.sys [41907 2015-07-28] (Qualcomm Flarion Technologies) [File not signed]
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)
R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2001-10-25] (Microsoft Corporation)
R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2001-10-25] (Microsoft Corporation)
R3 NWRDR; C:\WINDOWS\System32\DRIVERS\nwrdr.sys [163584 2008-04-13] (Microsoft Corporation)
S3 qcusbser; C:\WINDOWS\System32\DRIVERS\FXX\qcusbser.sys [103424 2010-04-01] (QUALCOMM Incorporated)
S4 IntelIde; no ImagePath
S3 massfilter; system32\drivers\massfilter.sys [X]
U1 WS2IFSL; no ImagePath
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-20 16:42 - 2016-02-20 16:42 - 00010414 _____ C:\Documents and Settings\TEMP\Plocha\FRST.txt
2016-02-20 16:42 - 2016-02-20 16:42 - 00000000 ____D C:\FRST
2016-02-20 16:40 - 2016-02-20 16:40 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\TEMP\Plocha\FRSTLauncher.exe
2016-02-20 16:35 - 2016-02-20 16:36 - 01722368 _____ (Farbar) C:\Documents and Settings\TEMP\Plocha\FRST.exe
2016-02-20 16:34 - 2016-02-20 16:34 - 00000000 ____D C:\Documents and Settings\TEMP\Data aplikací\Macromedia
2016-02-20 16:34 - 2016-02-20 16:34 - 00000000 ____D C:\Documents and Settings\TEMP\Data aplikací\Adobe
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Temp
2016-02-20 16:02 - 2016-02-20 16:03 - 00000000 ____D C:\AdwCleaner
2016-02-20 16:01 - 2016-02-20 16:41 - 00000000 ____D C:\Documents and Settings\TEMP\Dokumenty\Stažené soubory
2016-02-20 16:00 - 2016-02-20 16:00 - 00000000 ____D C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Mozilla
2016-02-20 16:00 - 2016-02-20 16:00 - 00000000 ____D C:\Documents and Settings\TEMP\Data aplikací\Mozilla
2016-02-20 15:55 - 2016-02-20 15:55 - 00012328 _____ C:\Documents and Settings\TEMP\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2016-02-20 15:54 - 2016-02-20 15:54 - 00000000 __SHD C:\Documents and Settings\TEMP\PrivacIE
2016-02-20 15:52 - 2016-02-20 15:52 - 00000777 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2016-02-20 15:52 - 2016-02-20 15:52 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-02-20 15:52 - 2016-02-20 15:52 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes Anti-Malware
2016-02-20 15:52 - 2016-02-20 15:52 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2016-02-20 15:52 - 2015-10-05 09:50 - 00121560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-20 15:52 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-20 15:40 - 2016-02-20 15:40 - 00000000 ____D C:\Documents and Settings\TEMP\Data aplikací\TeamViewer
2016-02-20 15:36 - 2016-02-20 15:38 - 00001813 _____ C:\Documents and Settings\TEMP\Plocha\Google Chrome.lnk
2016-02-20 15:36 - 2016-02-20 15:36 - 00000803 _____ C:\Documents and Settings\TEMP\Nabídka Start\Programy\Internet Explorer.lnk
2016-02-20 15:36 - 2016-02-20 15:36 - 00000738 _____ C:\Documents and Settings\TEMP\Nabídka Start\Programy\Outlook Express.lnk
2016-02-20 15:36 - 2016-02-20 15:36 - 00000000 __SHD C:\Documents and Settings\TEMP\IETldCache
2016-02-20 15:36 - 2016-02-20 15:36 - 00000000 ___RD C:\Documents and Settings\TEMP\Dokumenty\Obrázky
2016-02-20 15:36 - 2016-02-20 15:36 - 00000000 ___RD C:\Documents and Settings\TEMP\Dokumenty\Hudba
2016-02-20 15:36 - 2016-02-20 15:36 - 00000000 ____D C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google
2016-02-20 15:36 - 2016-02-20 15:36 - 00000000 ____D C:\Documents and Settings\TEMP\Data aplikací\AVAST Software
2016-02-20 15:35 - 2016-02-20 16:42 - 00000000 ____D C:\Documents and Settings\TEMP\Plocha
2016-02-20 15:35 - 2016-02-20 16:42 - 00000000 ____D C:\Documents and Settings\TEMP\Local Settings\Temp
2016-02-20 15:35 - 2016-02-20 16:41 - 00000000 ___HD C:\Documents and Settings\TEMP\Local Settings\Data aplikací
2016-02-20 15:35 - 2016-02-20 16:40 - 00000000 ____D C:\Documents and Settings\TEMP
2016-02-20 15:35 - 2016-02-20 16:34 - 00000000 __RHD C:\Documents and Settings\TEMP\Data aplikací
2016-02-20 15:35 - 2016-02-20 16:01 - 00000000 ___RD C:\Documents and Settings\TEMP\Dokumenty
2016-02-20 15:35 - 2016-02-20 15:36 - 00000788 _____ C:\Documents and Settings\TEMP\Nabídka Start\Programy\Windows Media Player.lnk
2016-02-20 15:35 - 2016-02-20 15:36 - 00000000 ___RD C:\Documents and Settings\TEMP\Oblíbené položky
2016-02-20 15:35 - 2016-02-20 15:36 - 00000000 ___RD C:\Documents and Settings\TEMP\Nabídka Start\Programy\Příslušenství
2016-02-20 15:35 - 2016-02-20 15:36 - 00000000 ___RD C:\Documents and Settings\TEMP\Nabídka Start\Programy
2016-02-20 15:35 - 2016-02-20 15:35 - 00000020 ___SH C:\Documents and Settings\TEMP\ntuser.ini
2016-02-20 15:35 - 2015-04-05 19:56 - 00000000 ___RD C:\Documents and Settings\TEMP\Nabídka Start\Programy\Po spuštění
2016-02-20 15:35 - 2015-04-05 19:56 - 00000000 ___RD C:\Documents and Settings\TEMP\Nabídka Start
2016-02-20 15:35 - 2015-04-05 19:56 - 00000000 ___HD C:\Documents and Settings\TEMP\Okolní tiskárny
2016-02-20 15:35 - 2015-04-05 19:56 - 00000000 ___HD C:\Documents and Settings\TEMP\Okolní síť
2016-02-20 15:35 - 2015-04-05 18:10 - 00001599 _____ C:\Documents and Settings\TEMP\Nabídka Start\Programy\Vzdálená pomoc.lnk
2016-02-20 15:35 - 2015-04-05 18:05 - 00000000 ___HD C:\Documents and Settings\TEMP\Šablony
2016-02-20 15:09 - 2016-02-20 15:09 - 00000778 _____ C:\Documents and Settings\All Users\Plocha\CPUID HWMonitor.lnk
2016-02-20 15:09 - 2016-02-20 15:09 - 00000000 ____D C:\Program Files\CPUID
2016-02-20 15:09 - 2016-02-20 15:09 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\CPUID
2016-02-20 15:07 - 2016-02-20 15:07 - 00000654 _____ C:\Documents and Settings\All Users\Plocha\Speccy.lnk
2016-02-20 15:03 - 2016-02-20 15:03 - 00000000 ____D C:\Program Files\HD Tune
2016-02-20 15:03 - 2016-02-20 15:03 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HD Tune
2016-01-31 14:45 - 2016-01-31 14:45 - 00000754 _____ C:\WINDOWS\WORDPAD.INI

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-20 16:21 - 2015-12-24 11:00 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-20 16:06 - 2015-04-05 18:36 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-20 15:53 - 2015-12-24 10:54 - 00000000 ____D C:\Program Files\TeamViewer
2016-02-20 15:52 - 2015-04-05 19:56 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2016-02-20 15:52 - 2015-04-05 19:56 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2016-02-20 15:52 - 2015-04-05 19:56 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2016-02-20 15:36 - 2015-12-24 11:10 - 00041227 _____ C:\WINDOWS\OEWABLog.txt
2016-02-20 15:36 - 2015-12-24 11:02 - 00000366 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2016-02-20 15:36 - 2015-07-28 22:18 - 00000000 ____D C:\WINDOWS\wt
2016-02-20 15:36 - 2015-04-07 03:02 - 00000226 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2016-02-20 15:36 - 2015-04-05 18:36 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-20 15:35 - 2015-04-05 19:39 - 00000000 ____D C:\Documents and Settings
2016-02-20 15:35 - 2015-04-05 18:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-20 15:11 - 2015-04-05 18:14 - 00032414 _____ C:\WINDOWS\SchedLgU.Txt
2016-02-19 16:08 - 2015-04-05 18:38 - 00001819 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome.lnk
2016-02-18 16:01 - 2001-10-25 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-02-09 19:21 - 2015-12-24 11:00 - 00796864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-02-09 19:21 - 2015-12-24 11:00 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-02-08 15:00 - 2015-04-07 03:02 - 00000220 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2016-01-28 15:14 - 2001-10-25 13:00 - 00000558 _____ C:\WINDOWS\win.ini

==================== Files in the root of some directories =======


Some files in TEMP:
====================
C:\Documents and Settings\Stanley\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\Stanley\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\Stanley\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\Stanley\Local Settings\Temp\ICReinstall_santa-claus-in-trouble-again.exe
C:\Documents and Settings\Stanley\Local Settings\Temp\lite_installer.exe
C:\Documents and Settings\Stanley\Local Settings\Temp\Play.exe
C:\Documents and Settings\Stanley\Local Settings\Temp\sender.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================


Available physical RAM: 947.41 MB
Total physical RAM: 2038.04 MB
Percentage of memory in use: 53%

==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\TEMP\Plocha" je 1 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"
"C:\\Program Files\\TeamViewer\\TeamViewer.exe"="C:\\Program Files\\TeamViewer\\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\\Program Files\\TeamViewer\\TeamViewer_Service.exe"="C:\\Program Files\\TeamViewer\\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000001


==================== End Of Log ==============================

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v5.035 - Logfile created 20/02/2016 at 16:03:22
# Updated 18/02/2016 by Xplode
# Database : 2016-02-18.5 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Stanley - HOME-COMPIK
# Running from : C:\Documents and Settings\TEMP\Dokumenty\Stažené soubory\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}

***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [781 bytes] ##########

Neklikl jste na >cleaning<. Zkuste ještě jednou.

Ale klikol, po reštarte neostáva ani jedna ikona na ploche. Plus aktuálne nemám prístup k PC priamo tj nevidím čo sa stane keďže všetko robím cez vzdialenú plochu.

Kdyby to tak bylo, v logu by byly hláška:

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

místo

Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Posledný log...

# AdwCleaner v5.035 - Logfile created 20/02/2016 at 18:46:18
# Updated 18/02/2016 by Xplode
# Database : 2016-02-20.3 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Stanley - HOME-COMPIK
# Running from : C:\Documents and Settings\TEMP\Dokumenty\Downloads\adwcleaner_5.035.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [619 bytes] ##########

OK. Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-02-2016
Ran by Stanley (administrator) on HOME-COMPIK (20-02-2016 20:00:56)
Running from C:\Documents and Settings\TEMP\Plocha
Loaded Profiles: Stanley (Available Profiles: Stanley) <==== ATTENTION (Temporary Profile?)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(WildTangent, Inc.) C:\WINDOWS\wt\updater\wcmdmgr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(forum.viry.cz) C:\Documents and Settings\TEMP\Plocha\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Microsoft Corporation) C:\WINDOWS\system32\ping.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [wcmdmgr] => C:\WINDOWS\wt\updater\wcmdmgrl.exe [20480 2002-02-28] (WildTangent, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-24] (AVAST Software)
HKU\S-1-5-19\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-20\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
Lsa: [Authentication Packages] msv1_0 nwprovau
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-12-24] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A6FE202A-66B6-4935-A4D9-3F723652DB45}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-24] (AVAST Software)
BHO: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1218158.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-24]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-24]

Chrome:
=======
CHR Profile: C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-20]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-20]
CHR Extension: (Disk Google) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-20]
CHR Extension: (YouTube) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-20]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-20]
CHR Extension: (Avast SafePrice) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-02-20]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-20]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-20]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-20]
CHR Extension: (Gmail) - C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-20]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-12-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-24]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-24] (AVAST Software)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NWCWorkstation; C:\WINDOWS\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6940944 2016-02-16] (TeamViewer GmbH)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ADIHdAudAddService; C:\WINDOWS\System32\drivers\ADIHdAud.sys [178688 2006-05-18] (Analog Devices, Inc.) [File not signed]
S3 androidusb; C:\WINDOWS\System32\Drivers\fxxandroidusb.sys [25728 2010-04-01] (Google Inc)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-12-24] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [81168 2015-12-24] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-12-24] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-12-24] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [812208 2016-01-20] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [449384 2016-01-20] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [165104 2015-12-24] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [58016 2015-12-24] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [209432 2015-12-24] (AVAST Software)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 FlrnUSB; C:\WINDOWS\System32\DRIVERS\LtkUSB.sys [41907 2015-07-28] (Qualcomm Flarion Technologies) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)
R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2001-10-25] (Microsoft Corporation)
R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2001-10-25] (Microsoft Corporation)
R3 NWRDR; C:\WINDOWS\System32\DRIVERS\nwrdr.sys [163584 2008-04-13] (Microsoft Corporation)
S3 qcusbser; C:\WINDOWS\System32\DRIVERS\FXX\qcusbser.sys [103424 2010-04-01] (QUALCOMM Incorporated)
S4 IntelIde; no ImagePath
S3 massfilter; system32\drivers\massfilter.sys [X]
U1 WS2IFSL; no ImagePath
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-20 20:00 - 2016-02-20 20:01 - 00010070 _____ C:\Documents and Settings\TEMP\Plocha\FRST.txt
2016-02-20 20:00 - 2016-02-20 20:00 - 00029696 _____ C:\Documents and Settings\TEMP\Local Settings\Data aplikací\MSGBOX.EXE
2016-02-20 20:00 - 2016-02-20 20:00 - 00015327 _____ C:\Documents and Settings\TEMP\Plocha\LM.bat
2016-02-20 20:00 - 2016-02-20 19:59 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\TEMP\Plocha\FRSTLauncher.exe
2016-02-20 20:00 - 2016-02-20 19:57 - 01722368 _____ (Farbar) C:\Documents and Settings\TEMP\Plocha\FRST.exe
2016-02-20 19:55 - 2016-02-20 19:55 - 00000000 ____D C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Temp
2016-02-20 18:53 - 2016-02-20 19:32 - 00000000 ____D C:\Documents and Settings\TEMP\Local Settings\Data aplikací\Google
2016-02-20 18:53 - 2016-02-20 18:54 - 00001813 _____ C:\Documents and Settings\TEMP\Plocha\Google Chrome.lnk
2016-02-20 18:53 - 2016-02-20 18:53 - 00000803 _____ C:\Documents and Settings\TEMP\Nabídka Start\Programy\Internet Explorer.lnk
2016-02-20 18:53 - 2016-02-20 18:53 - 00000738 _____ C:\Documents and Settings\TEMP\Nabídka Start\Programy\Outlook Express.lnk
2016-02-20 18:53 - 2016-02-20 18:53 - 00000000 __SHD C:\Documents and Settings\TEMP\IETldCache
2016-02-20 18:53 - 2016-02-20 18:53 - 00000000 ____D C:\Documents and Settings\TEMP\Data aplikací\AVAST Software
2016-02-20 18:52 - 2016-02-20 18:53 - 00000000 ___RD C:\Documents and Settings\TEMP\Dokumenty\Obrázky
2016-02-20 18:52 - 2016-02-20 18:53 - 00000000 ___RD C:\Documents and Settings\TEMP\Dokumenty\Hudba
2016-02-20 18:51 - 2016-02-20 20:01 - 00000000 ____D C:\Documents and Settings\TEMP\Local Settings\Temp
2016-02-20 18:51 - 2016-02-20 20:00 - 00000000 ___HD C:\Documents and Settings\TEMP\Local Settings\Data aplikací
2016-02-20 18:51 - 2016-02-20 20:00 - 00000000 ____D C:\Documents and Settings\TEMP\Plocha
2016-02-20 18:51 - 2016-02-20 19:58 - 00000000 ____D C:\Documents and Settings\TEMP
2016-02-20 18:51 - 2016-02-20 19:57 - 00000000 ___RD C:\Documents and Settings\TEMP\Dokumenty
2016-02-20 18:51 - 2016-02-20 18:53 - 00000788 _____ C:\Documents and Settings\TEMP\Nabídka Start\Programy\Windows Media Player.lnk
2016-02-20 18:51 - 2016-02-20 18:53 - 00000000 __RHD C:\Documents and Settings\TEMP\Data aplikací
2016-02-20 18:51 - 2016-02-20 18:53 - 00000000 ___RD C:\Documents and Settings\TEMP\Oblíbené položky
2016-02-20 18:51 - 2016-02-20 18:53 - 00000000 ___RD C:\Documents and Settings\TEMP\Nabídka Start\Programy\Příslušenství
2016-02-20 18:51 - 2016-02-20 18:53 - 00000000 ___RD C:\Documents and Settings\TEMP\Nabídka Start\Programy
2016-02-20 18:51 - 2016-02-20 18:51 - 00000020 ___SH C:\Documents and Settings\TEMP\ntuser.ini
2016-02-20 18:51 - 2015-04-05 19:56 - 00000000 ___RD C:\Documents and Settings\TEMP\Nabídka Start\Programy\Po spuštění
2016-02-20 18:51 - 2015-04-05 19:56 - 00000000 ___RD C:\Documents and Settings\TEMP\Nabídka Start
2016-02-20 18:51 - 2015-04-05 19:56 - 00000000 ___HD C:\Documents and Settings\TEMP\Okolní tiskárny
2016-02-20 18:51 - 2015-04-05 19:56 - 00000000 ___HD C:\Documents and Settings\TEMP\Okolní síť
2016-02-20 18:51 - 2015-04-05 18:10 - 00001599 _____ C:\Documents and Settings\TEMP\Nabídka Start\Programy\Vzdálená pomoc.lnk
2016-02-20 18:51 - 2015-04-05 18:05 - 00000000 ___HD C:\Documents and Settings\TEMP\Šablony
2016-02-20 16:42 - 2016-02-20 20:00 - 00000000 ____D C:\FRST
2016-02-20 16:02 - 2016-02-20 18:48 - 00000000 ____D C:\AdwCleaner
2016-02-20 15:52 - 2016-02-20 15:52 - 00000777 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2016-02-20 15:52 - 2016-02-20 15:52 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-02-20 15:52 - 2016-02-20 15:52 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes Anti-Malware
2016-02-20 15:52 - 2016-02-20 15:52 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2016-02-20 15:52 - 2015-10-05 09:50 - 00121560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-20 15:52 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-20 15:09 - 2016-02-20 15:09 - 00000778 _____ C:\Documents and Settings\All Users\Plocha\CPUID HWMonitor.lnk
2016-02-20 15:09 - 2016-02-20 15:09 - 00000000 ____D C:\Program Files\CPUID
2016-02-20 15:09 - 2016-02-20 15:09 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\CPUID
2016-02-20 15:07 - 2016-02-20 15:07 - 00000654 _____ C:\Documents and Settings\All Users\Plocha\Speccy.lnk
2016-02-20 15:03 - 2016-02-20 15:03 - 00000000 ____D C:\Program Files\HD Tune
2016-02-20 15:03 - 2016-02-20 15:03 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HD Tune
2016-01-31 14:45 - 2016-01-31 14:45 - 00000754 _____ C:\WINDOWS\WORDPAD.INI

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-20 19:21 - 2015-12-24 11:00 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-20 19:06 - 2015-04-05 18:36 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-20 18:57 - 2015-12-24 11:02 - 00000366 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2016-02-20 18:53 - 2015-12-24 11:10 - 00041917 _____ C:\WINDOWS\OEWABLog.txt
2016-02-20 18:53 - 2015-07-28 22:18 - 00000000 ____D C:\WINDOWS\wt
2016-02-20 18:52 - 2015-04-07 03:02 - 00000226 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2016-02-20 18:52 - 2015-04-05 18:36 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-20 18:51 - 2015-04-05 19:39 - 00000000 ____D C:\Documents and Settings
2016-02-20 18:50 - 2015-04-05 18:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-20 18:48 - 2015-04-05 18:14 - 00032414 _____ C:\WINDOWS\SchedLgU.Txt
2016-02-20 17:43 - 2015-04-05 19:28 - 00000000 ____D C:\WINDOWS\pchealth
2016-02-20 15:53 - 2015-12-24 10:54 - 00000000 ____D C:\Program Files\TeamViewer
2016-02-20 15:52 - 2015-04-05 19:56 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2016-02-20 15:52 - 2015-04-05 19:56 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2016-02-20 15:52 - 2015-04-05 19:56 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2016-02-19 16:08 - 2015-04-05 18:38 - 00001819 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome.lnk
2016-02-18 16:01 - 2001-10-25 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-02-09 19:21 - 2015-12-24 11:00 - 00796864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-02-09 19:21 - 2015-12-24 11:00 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-02-08 15:00 - 2015-04-07 03:02 - 00000220 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2016-01-28 15:14 - 2001-10-25 13:00 - 00000558 _____ C:\WINDOWS\win.ini

==================== Files in the root of some directories =======

2016-02-20 20:00 - 2016-02-20 20:00 - 0029696 _____ () C:\Documents and Settings\TEMP\Local Settings\Data aplikací\MSGBOX.EXE

Some files in TEMP:
====================
C:\Documents and Settings\Stanley\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\Stanley\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\Stanley\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\Stanley\Local Settings\Temp\ICReinstall_santa-claus-in-trouble-again.exe
C:\Documents and Settings\Stanley\Local Settings\Temp\lite_installer.exe
C:\Documents and Settings\Stanley\Local Settings\Temp\Play.exe
C:\Documents and Settings\Stanley\Local Settings\Temp\sender.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-19\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-20\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
BHO: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx <not found>
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Documents and Settings\Stanley\Local Settings\Temp
End

Uložte do C:\Documents and Settings\TEMP\Plocha plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x86) Version:20-02-2016
Ran by Stanley (2016-02-20 20:17:46) Run:1
Running from C:\Documents and Settings\TEMP\Plocha
Loaded Profiles: Stanley (Available Profiles: Stanley)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKU\S-1-5-19\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-20\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
BHO: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx <not found>
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Documents and Settings\Stanley\Local Settings\Temp
End
*****************

HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 => value removed successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 => value removed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 => value removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}" => key removed successfully.
HKCR\CLSID\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => key not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek" => key removed successfully.
IntelIde => service removed successfully.
WS2IFSL => service removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Documents and Settings\Stanley\Local Settings\Temp => moved successfully

==== End of Fixlog 20:17:46 ====

Smazáno. Nastala nějaká změna?

Nechal som zatial pocítač tak, vypol som zdielanie obrazovky a zajtra sa ozvem ako a čo.