VIRY.CZ

Dobrý den,

rád bych Vás požádal o radu a pomoc. Přes vzdálený přístup dávám dohromady našim počítač, mají ho pěkně zavirovaný a napadený další havětí. Něco už jsem odstranil, ale potřeboval bych to pořádně dočistit.

Při přihlášení do emailu na seznamu vyskočí výzva k stažení aplikace Seznam_OTP.apk.

Dále Avast objevil malware, který přemístil do truhly přesto každé cca. 3 vteřiny avast hlásí, že zablokoval útok.
Jedná se o WIN32: malware-gen
objekt: C:\...\Rotjibsub.dll
proces: c:\windows\explorer.exe
bohužel přesnější cestu jsem nedokázal ani onu knihovnu dohledat.

AVG mi pak našel trojského koňě Crypt5.amvt v adresáři C:\widndows\system32\config\systemprofile\local.settings\temp\{F507BF87-0496-4601-9F02-8066C8C360E1}-39.0.2171.71_chrome_installer.exe

Projel jsem to ještě CCleanerem.

A tady je RSIT log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by JH at 2016-03-05 12:51:54
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 51 GB (67%) free of 76 GB
Total RAM: 1791 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:52:34, on 5.3.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Documents and Settings\JH\Local Settings\Data aplikací\Microsoft\BingSvc\BingSvc.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\TeamViewer\TeamViewer_Service.exe
C:\Program Files\TeamViewer\TeamViewer.exe
C:\Program Files\TeamViewer\tv_w32.exe
C:\Program Files\AVG\Framework\Common\avgsvcx.exe
C:\Program Files\AVG\Framework\Common\avguix.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\AVG\Av\avgidsagent.exe
C:\Program Files\AVG\Av\avgcsrvx.exe
C:\Program Files\AVG\Av\avgwdsvcx.exe
C:\Program Files\AVG\Av\avgnsx.exe
C:\Program Files\AVG\Av\avgemcx.exe
C:\Program Files\AVG\Av\avgrsx.exe
C:\Program Files\AVG\Av\avgui.exe
C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe
C:\Program Files\AVG Web TuneUp\vprot.exe
C:\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
c:\program files\teamviewer\TeamViewer_Desktop.exe
C:\Documents and Settings\JH\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\JH.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={C237DF1D ... 2016-03-05 10:57:52&v=4.2.6.552&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\Av\avuirunnerx.exe" C:\Program Files\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Web TuneUp\vprot.exe"
O4 - HKCU\..\Run: [BingSvc] C:\Documents and Settings\JH\Local Settings\Data aplikací\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1123561945-920026266-1177238915-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Administrator')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Framework\Common\avgsvcx.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgwdsvcx.exe
O23 - Service: HowToSimplifiedService (HowToSimplified_8eService) - Unknown owner - C:\PROGRA~1\HOWTOS~1\bar\1.bin\8ebarsvc.exe (file missing)
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: MBAMService - Unknown owner - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: vToolbarUpdater40.2.6 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 7420 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\JH\Data aplikací\Mozilla\Firefox\Profiles\ctnb8pbb.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/|about:preferences"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.6\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Documents and Settings\JH\Dokumenty\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Documents and Settings\JH\Dokumenty\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Documents and Settings\JH\Data aplikací\Mozilla\Firefox\Profiles\ctnb8pbb.default\searchplugins\
avg-secure-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll [2016-03-05 2426440]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-08-14 18702336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-20 5515496]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"AvgUi"=C:\Program Files\AVG\Framework\Common\avguirnx.exe [2016-02-18 179624]
"AVG_UI"=C:\Program Files\AVG\Av\avuirunnerx.exe [2016-02-24 25512]
"vProt"=C:\Program Files\AVG Web TuneUp\vprot.exe [2016-03-05 2874440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=C:\Documents and Settings\JH\Local Settings\Data aplikací\Microsoft\BingSvc\BingSvc.exe [2015-11-13 144008]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2016-02-10 50599552]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-02-12 6638296]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe"="C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe:*:Enabled:HTCSyncManager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes' Anti-Malware"
"C:\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
"C:\Program Files\TeamViewer\TeamViewer.exe"="C:\Program Files\TeamViewer\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\AVG\Av\avgnsx.exe"="C:\Program Files\AVG\Av\avgnsx.exe:*:Enabled:Online Shield"
"C:\Program Files\AVG\Av\avgdiagex.exe"="C:\Program Files\AVG\Av\avgdiagex.exe:*:Enabled:AVG Diagnostics"
"C:\Program Files\AVG\Av\avgmfapx.exe"="C:\Program Files\AVG\Av\avgmfapx.exe:*:Enabled:AVG Installer"
"C:\Program Files\AVG\Av\avgemcx.exe"="C:\Program Files\AVG\Av\avgemcx.exe:*:Enabled:Personal Email Scanner"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe"="C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe:*:Enabled:HTCSyncManager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2016-03-05 12:51:57 ----D---- C:\Program Files\trend micro
2016-03-05 12:51:54 ----D---- C:\rsit
2016-03-05 10:59:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
2016-03-05 10:57:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
2016-03-05 10:57:10 ----D---- C:\Program Files\Common Files\AVG Secure Search
2016-03-05 10:56:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp
2016-03-05 10:56:18 ----D---- C:\Program Files\AVG Web TuneUp
2016-03-05 10:36:54 ----D---- C:\Documents and Settings\JH\Data aplikací\AVG
2016-03-05 10:32:26 ----D---- C:\Documents and Settings\JH\Data aplikací\TuneUp Software
2016-03-05 10:29:19 ----HD---- C:\$AVG
2016-03-05 10:27:25 ----D---- C:\Program Files\CCleaner
2016-03-05 10:26:14 ----D---- C:\Program Files\Google
2016-03-05 10:20:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2016-03-05 10:15:20 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2016-03-05 10:15:20 ----D---- C:\Program Files\AVG
2016-03-05 10:15:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avg
2016-03-05 10:13:22 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2016-03-05 10:12:12 ----D---- C:\WINDOWS\LastGood
2016-03-05 10:11:35 ----A---- C:\WINDOWS\system32\drivers\aswStmXP.sys
2016-03-05 10:11:35 ----A---- C:\WINDOWS\system32\drivers\asw496.tmp
2016-03-05 10:11:34 ----A---- C:\WINDOWS\system32\drivers\asw495.tmp
2016-03-05 10:11:34 ----A---- C:\WINDOWS\system32\drivers\asw494.tmp
2016-03-05 10:11:34 ----A---- C:\WINDOWS\system32\drivers\asw493.tmp
2016-03-05 10:11:33 ----A---- C:\WINDOWS\system32\drivers\asw492.tmp
2016-03-05 10:11:33 ----A---- C:\WINDOWS\system32\drivers\asw491.tmp
2016-03-05 10:11:33 ----A---- C:\WINDOWS\system32\drivers\asw490.tmp
2016-03-05 10:11:32 ----A---- C:\WINDOWS\system32\drivers\asw48F.tmp
2016-03-05 10:11:31 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2016-03-05 10:11:04 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-03-05 10:10:51 ----A---- C:\WINDOWS\avastSS.scr
2016-03-05 10:05:21 ----D---- C:\Program Files\TeamViewer
2016-02-25 10:16:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\JuvkOxtap
2016-02-22 00:03:24 ----D---- C:\Documents and Settings\JH\Data aplikací\Seznam.cz
2016-02-22 00:03:04 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-02-21 23:37:03 ----A---- C:\WINDOWS\system32\drivers\EsgScanner.sys
2016-02-21 22:25:52 ----D---- C:\WINDOWS\system32\Adobe
2016-02-21 22:25:48 ----A---- C:\WINDOWS\IsUninst.exe
2016-02-21 22:04:45 ----N---- C:\WINDOWS\system32\3dviewer.dll
2016-02-21 22:04:32 ----N---- C:\WINDOWS\system32\cmgr32.dll
2016-02-21 22:04:15 ----N---- C:\WINDOWS\system32\rave.dll
2016-02-21 22:03:31 ----N---- C:\WINDOWS\system32\sh33w32.dll
2016-02-21 22:02:58 ----N---- C:\WINDOWS\system32\qtim32.dll
2016-02-21 22:02:18 ----N---- C:\WINDOWS\system32\qd3d.dll
2016-02-21 22:00:11 ----D---- C:\Program Files\Corel
2016-02-21 21:58:09 ----D---- C:\WINDOWS\Corel
2016-02-21 21:51:36 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-02-21 21:51:31 ----D---- C:\Program Files\Mozilla Firefox
2016-02-21 21:41:11 ----D---- C:\Program Files\OpenOffice 4
2016-02-21 21:17:43 ----D---- C:\Documents and Settings\JH\Data aplikací\Malwarebytes
2016-02-21 21:07:43 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2016-02-21 19:03:28 ----D---- C:\Instal
2016-02-21 18:28:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2016-02-21 18:28:47 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-02-15 16:37:30 ----A---- C:\WINDOWS\system32\drivers\avgmfx86.sys
2016-02-10 18:55:06 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe

======List of files/folders modified in the last 1 month======

2016-03-05 12:51:57 ----RD---- C:\Program Files
2016-03-05 12:51:13 ----D---- C:\Documents and Settings\JH\Data aplikací\Skype
2016-03-05 12:48:57 ----D---- C:\WINDOWS\Temp
2016-03-05 12:08:38 ----D---- C:\WINDOWS\system32
2016-03-05 11:01:22 ----SD---- C:\WINDOWS\Tasks
2016-03-05 10:59:17 ----D---- C:\WINDOWS
2016-03-05 10:57:10 ----D---- C:\Program Files\Common Files
2016-03-05 10:55:41 ----D---- C:\WINDOWS\system32\config
2016-03-05 10:55:26 ----D---- C:\WINDOWS\Debug
2016-03-05 10:36:13 ----SHD---- C:\WINDOWS\Installer
2016-03-05 10:32:12 ----D---- C:\WINDOWS\Prefetch
2016-03-05 10:31:56 ----HD---- C:\WINDOWS\inf
2016-03-05 10:31:56 ----D---- C:\WINDOWS\system32\drivers
2016-03-05 10:12:10 ----D---- C:\WINDOWS\system32\CatRoot2
2016-03-05 10:11:15 ----D---- C:\WINDOWS\WinSxS
2016-03-05 10:10:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2016-03-05 10:10:38 ----D---- C:\Program Files\AVAST Software
2016-03-05 10:05:33 ----RSD---- C:\WINDOWS\Fonts
2016-03-04 17:20:42 ----N---- C:\WINDOWS\SchedLgU.Txt
2016-03-01 14:42:13 ----D---- C:\Documents and Settings\JH\Data aplikací\vlc
2016-02-24 21:52:03 ----SD---- C:\Documents and Settings\JH\Data aplikací\Microsoft
2016-02-21 22:38:44 ----RSHDC---- C:\WINDOWS\system32\dllcache
2016-02-21 22:28:56 ----D---- C:\Program Files\Common Files\Adobe
2016-02-21 22:28:28 ----D---- C:\Documents and Settings\JH\Data aplikací\Adobe
2016-02-21 22:24:14 ----D---- C:\Program Files\Adobe
2016-02-21 22:22:14 ----A---- C:\WINDOWS\IsUn0405.exe
2016-02-21 22:06:03 ----D---- C:\Temp
2016-02-21 21:51:48 ----D---- C:\Documents and Settings\JH\Data aplikací\Mozilla
2016-02-21 21:09:26 ----SHD---- C:\RECYCLER
2016-02-21 21:06:57 ----D---- C:\Documents and Settings
2016-02-21 18:24:41 ----D---- C:\Program Files\7-Zip
2016-02-21 18:23:29 ----D---- C:\Program Files\Online Services
2016-02-21 18:23:29 ----D---- C:\Program Files\NVIDIA Corporation
2016-02-21 18:23:29 ----D---- C:\Program Files\NetMeeting
2016-02-21 18:23:29 ----D---- C:\Program Files\MSXML 4.0
2016-02-21 18:23:29 ----D---- C:\Program Files\MSN Gaming Zone
2016-02-21 18:23:29 ----D---- C:\Program Files\Movie Maker
2016-02-21 18:23:29 ----D---- C:\Program Files\microsoft frontpage
2016-02-21 18:23:29 ----D---- C:\Program Files\Messenger
2016-02-21 18:23:29 ----D---- C:\Program Files\IrfanView
2016-02-21 18:23:29 ----D---- C:\Program Files\Internet Explorer
2016-02-21 18:23:29 ----D---- C:\Program Files\HTC
2016-02-21 18:23:29 ----D---- C:\Program Files\DriverToolkit
2016-02-21 18:23:29 ----D---- C:\Program Files\ComPlus Applications
2016-02-21 18:23:29 ----D---- C:\Program Files\Centrum Holdings s.r.o
2016-02-21 18:23:29 ----D---- C:\Program Files\Bonjour
2016-02-21 18:23:29 ----D---- C:\Program Files\Ashampoo
2016-02-21 18:03:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2016-02-21 17:13:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2016-02-19 14:19:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2016-02-10 23:59:21 ----D---- C:\WINDOWS\system32\MRT
2016-02-10 23:54:11 ----A---- C:\WINDOWS\system32\MRT.exe
2016-02-10 18:55:39 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-03-05 58776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-03-05 221240]
R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2016-01-26 207792]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2016-02-03 297904]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2016-02-15 205744]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2015-12-04 37296]
R0 Avgunivx;AVG Universal Driver; C:\WINDOWS\system32\DRIVERS\avgunivx.sys [2016-01-08 23472]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2009-06-30 164896]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2016-03-05 64272]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-03-05 812720]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-03-05 447848]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2015-11-06 149936]
R1 AVGIDSDriverl;AVGIDSDriverl; C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2016-01-26 244656]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2015-11-20 31664]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2015-10-21 229296]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2015-10-08 231856]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-03-05 32792]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-03-05 91168]
R3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2016-03-05 67088]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-08-18 5884416]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-02-08 12648960]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2009-07-01 66688]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2009-07-01 13824]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-03-05 35096]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2016-03-05 171608]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2016-02-21 19984]
S3 HTCAND32;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 qcserxp;HTC Diagnostic Port; C:\WINDOWS\system32\DRIVERS\qcserxp.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-05-20 343336]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [2016-02-24 3934184]
R2 avgsvc;AVG Service; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [2016-02-18 865704]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\Av\avgwdsvcx.exe [2016-02-24 561104]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-06-27 87368]
R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R2 vToolbarUpdater40.2.6;vToolbarUpdater40.2.6; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe [2016-03-05 1949768]
R2 WtuSystemSupport;WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [2016-03-05 1215560]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 HowToSimplified_8eService;HowToSimplifiedService; C:\PROGRA~1\HOWTOS~1\bar\1.bin\8ebarsvc.exe []
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe []
S2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-07-08 168004]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10 269504]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-11 146888]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]

-----------------EOF-----------------


Mnohokrát děkuji za případnou pomoc a ochotu. Děkuji

Velice se omlouvam, ale téma jsem vytvořil dvakrát, protože mi spadl web a vypadalo,že se nevytvořilo. Prosím admina o smazání či zamknutí. Děkuji a ještě jednou se omlouvám.

Duplicitní téma je zde: http://forum.viry.cz/viewtopic.php?f=13&t=148208

EDIT: Vyřešeno, děkuji adminovi za shovívavost za moji neobezřetnost při zakládání témat.

Krasny den Vam preju


V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Cleaning
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Dobrý den,

velice děkuji za pomoc.

Zde je log z uvedeného programu:

# AdwCleaner v5.037 - Logfile created 05/03/2016 at 15:21:29
# Updated 28/02/2016 by Xplode
# Database : 2016-02-28.2 [Local]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : JH - PC
# Running from : C:\Documents and Settings\JH\Dokumenty\Downloads\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater40.2.6

***** [ Folders ] *****

[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[-] Folder Deleted : C:\Documents and Settings\JH\Local Settings\Data aplikací\DriverToolkit
[-] Folder Deleted : C:\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Folder Deleted : C:\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Folder Deleted : C:\Program Files\DriverToolkit
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search

***** [ Files ] *****

[-] File Deleted : C:\Documents and Settings\JH\Data aplikací\Mozilla\Firefox\Profiles\ctnb8pbb.default\extensions\Avg@toolbar.xpi
[-] File Deleted : C:\Documents and Settings\JH\Data aplikací\Mozilla\Firefox\Profiles\ctnb8pbb.default\searchplugins\avg-secure-search.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\DriverToolkit
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{bbbf3d02-0068-423f-8c68-0fd1c6e50b38}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{bbbf3d02-0068-423f-8c68-0fd1c6e50b38}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Web browsers ] *****

[-] [C:\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : chfdnecihphmhljaaejmgoiahnihplgn
[-] [C:\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcfenmboojpjinhpgggodefccipikbpd

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4133 bytes] - [05/03/2016 15:21:29]
C:\AdwCleaner\AdwCleaner[S1].txt - [4242 bytes] - [05/03/2016 15:18:34]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4279 bytes] ##########

Zdravím, kolega má na večer program tak se vnutím

jsou tam dva AV a mohou být v kolizi
zde http://www.avg.com/cz-cs/utilities stáhni a spusť (nejlépe v Nouzovém reřimu) AVG Remover

Seznam OTP nereaguj http://napoveda.seznam.cz/forum/viewtop ... 2&start=10 vyčistíme

Avast je funkční?
MBAM je funkční?

K odpovědi přidej nový log RSIT

Zdravím,

děkuji za záslužnou práci Vám i vašim kolegům.

Jen doplňující dotaz...

AVG i Avast běží současně a žádnou kolizi nemají, přesto mám raději AVG odebrat?
Oba AV jsou free verze a žádný konflikt se neobjevil ani při instalaci, ani při spuštění, ani při testování. Tedy alespoň u našich, u kterých právě počítač s vaší pomocí čistím. Doma mi AVG vůbec nešel nainstalovat, ale doma mám Avast Pr.

MBAM pokud tam nějaký je, nebo je součástí Avastu či AVG, tak dle mého laického pohledu běží normálně. Avast před začátkem čištění hlásil, že zabránil malware útoku.

RSIT log pošlu během pár minut, jen co se připojím k našim na počítač.

Velice děkuji

Houmr_9 píše:Zdravím,

děkuji za záslužnou práci Vám i vašim kolegům.

Jen doplňující dotaz...

AVG i Avast běží současně a žádnou kolizi nemají, přesto mám raději AVG odebrat?
Oba AV jsou free verze a žádný konflikt se neobjevil ani při instalaci, ani při spuštění, ani při testování. Tedy alespoň u našich, u kterých právě počítač s vaší pomocí čistím. Doma mi AVG vůbec nešel nainstalovat, ale doma mám Avast Pr.

MBAM pokud tam nějaký je, nebo je součástí Avastu či AVG, tak dle mého laického pohledu běží normálně. Avast před začátkem čištění hlásil, že zabránil malware útoku.

Na seznam OTP tam naši zadali jen první krok, tedy tel. číslo, než jsem to zjistil a zatrhl jsem cokoliv dalšího provádět. Přišla jim SMSka na starou Nokii, odkaz neotevřeli, tak snad by to mohlo být OK.

RSIT log pošlu během pár minut, jen co se připojím k našim na počítač.

Velice děkuji

EDIT: Ach jo... dneska nějak nejsem ve formě a vkládám skoro vše dvakrát, velice se za to omlouvám, jen jsem doplňoval, popis ohledně Seznam OTP.

AVG odstraněno, zrestartováno, zde log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by JH at 2016-03-05 17:35:15
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 49 GB (65%) free of 76 GB
Total RAM: 1791 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:35:17, on 5.3.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\TeamViewer_Service.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Documents and Settings\JH\Local Settings\Data aplikací\Microsoft\BingSvc\BingSvc.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\TeamViewer\TeamViewer.exe
C:\Program Files\TeamViewer\tv_w32.exe
c:\program files\teamviewer\TeamViewer_Desktop.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\JH\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\JH.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKCU\..\Run: [BingSvc] C:\Documents and Settings\JH\Local Settings\Data aplikací\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe (file missing)

--
End of file - 4872 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\SafeZone scheduled Autoupdate 1457188112.job - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\JH\Data aplikací\Mozilla\Firefox\Profiles\ctnb8pbb.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/|about:preferences"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Documents and Settings\JH\Dokumenty\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Documents and Settings\JH\Dokumenty\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-05 678656]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-08-14 18702336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-05 7139768]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"AvgUi"=C:\Program Files\AVG\Framework\Common\avguirnx.exe /lps=fmw []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=C:\Documents and Settings\JH\Local Settings\Data aplikací\Microsoft\BingSvc\BingSvc.exe [2015-11-13 144008]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2016-02-10 50599552]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-02-12 6638296]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe"="C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe:*:Enabled:HTCSyncManager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes' Anti-Malware"
"C:\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
"C:\Program Files\TeamViewer\TeamViewer.exe"="C:\Program Files\TeamViewer\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe"="C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe:*:Enabled:HTCSyncManager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2016-03-05 17:20:54 ----D---- C:\AVG_Remover
2016-03-05 15:23:44 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-05 15:18:14 ----D---- C:\AdwCleaner
2016-03-05 13:02:56 ----D---- C:\Documents and Settings\JH\Data aplikací\TeamViewer
2016-03-05 12:51:57 ----D---- C:\Program Files\trend micro
2016-03-05 12:51:54 ----D---- C:\rsit
2016-03-05 10:56:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp
2016-03-05 10:56:18 ----D---- C:\Program Files\AVG Web TuneUp
2016-03-05 10:36:54 ----D---- C:\Documents and Settings\JH\Data aplikací\AVG
2016-03-05 10:32:26 ----D---- C:\Documents and Settings\JH\Data aplikací\TuneUp Software
2016-03-05 10:27:25 ----D---- C:\Program Files\CCleaner
2016-03-05 10:26:14 ----D---- C:\Program Files\Google
2016-03-05 10:15:20 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2016-03-05 10:15:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avg
2016-03-05 10:13:22 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2016-03-05 10:11:35 ----A---- C:\WINDOWS\system32\drivers\aswStmXP.sys
2016-03-05 10:11:31 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2016-03-05 10:11:04 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-03-05 10:10:51 ----A---- C:\WINDOWS\avastSS.scr
2016-03-05 10:05:21 ----D---- C:\Program Files\TeamViewer
2016-02-25 10:16:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\JuvkOxtap
2016-02-22 00:03:24 ----D---- C:\Documents and Settings\JH\Data aplikací\Seznam.cz
2016-02-22 00:03:04 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-02-21 23:37:03 ----A---- C:\WINDOWS\system32\drivers\EsgScanner.sys
2016-02-21 22:25:52 ----D---- C:\WINDOWS\system32\Adobe
2016-02-21 22:25:48 ----A---- C:\WINDOWS\IsUninst.exe
2016-02-21 22:04:45 ----N---- C:\WINDOWS\system32\3dviewer.dll
2016-02-21 22:04:32 ----N---- C:\WINDOWS\system32\cmgr32.dll
2016-02-21 22:04:15 ----N---- C:\WINDOWS\system32\rave.dll
2016-02-21 22:03:31 ----N---- C:\WINDOWS\system32\sh33w32.dll
2016-02-21 22:02:58 ----N---- C:\WINDOWS\system32\qtim32.dll
2016-02-21 22:02:18 ----N---- C:\WINDOWS\system32\qd3d.dll
2016-02-21 22:00:11 ----D---- C:\Program Files\Corel
2016-02-21 21:58:09 ----D---- C:\WINDOWS\Corel
2016-02-21 21:51:36 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-02-21 21:51:31 ----D---- C:\Program Files\Mozilla Firefox
2016-02-21 21:41:11 ----D---- C:\Program Files\OpenOffice 4
2016-02-21 21:17:43 ----D---- C:\Documents and Settings\JH\Data aplikací\Malwarebytes
2016-02-21 21:07:43 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2016-02-21 19:03:28 ----D---- C:\Instal
2016-02-21 18:28:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2016-02-21 18:28:47 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-02-10 18:55:06 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe

======List of files/folders modified in the last 1 month======

2016-03-05 17:34:35 ----D---- C:\WINDOWS\Prefetch
2016-03-05 17:33:41 ----D---- C:\Documents and Settings\JH\Data aplikací\Skype
2016-03-05 17:31:00 ----D---- C:\WINDOWS\Temp
2016-03-05 17:29:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2016-03-05 17:28:52 ----RD---- C:\Program Files
2016-03-05 17:24:16 ----D---- C:\WINDOWS\system32\CatRoot2
2016-03-05 17:23:08 ----SHD---- C:\WINDOWS\Installer
2016-03-05 17:22:38 ----D---- C:\WINDOWS\system32\drivers
2016-03-05 15:35:14 ----HD---- C:\WINDOWS\inf
2016-03-05 15:35:14 ----D---- C:\WINDOWS
2016-03-05 15:30:04 ----SD---- C:\WINDOWS\Tasks
2016-03-05 15:23:44 ----D---- C:\WINDOWS\system32
2016-03-05 14:38:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\HTC
2016-03-05 14:37:14 ----D---- C:\WINDOWS\WinSxS
2016-03-05 14:37:12 ----D---- C:\Program Files\Common Files
2016-03-05 14:37:09 ----RSD---- C:\WINDOWS\Fonts
2016-03-05 14:36:09 ----AC---- C:\WINDOWS\system32\lMMLDeleteUserData42107612FX.tmp
2016-03-05 14:29:59 ----D---- C:\WINDOWS\system32\config
2016-03-05 10:55:26 ----D---- C:\WINDOWS\Debug
2016-03-05 10:10:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2016-03-05 10:10:38 ----D---- C:\Program Files\AVAST Software
2016-03-01 14:42:13 ----D---- C:\Documents and Settings\JH\Data aplikací\vlc
2016-02-24 21:52:03 ----SD---- C:\Documents and Settings\JH\Data aplikací\Microsoft
2016-02-21 22:38:44 ----RSHDC---- C:\WINDOWS\system32\dllcache
2016-02-21 22:28:56 ----D---- C:\Program Files\Common Files\Adobe
2016-02-21 22:28:28 ----D---- C:\Documents and Settings\JH\Data aplikací\Adobe
2016-02-21 22:24:14 ----D---- C:\Program Files\Adobe
2016-02-21 22:22:14 ----A---- C:\WINDOWS\IsUn0405.exe
2016-02-21 22:06:03 ----D---- C:\Temp
2016-02-21 21:51:48 ----D---- C:\Documents and Settings\JH\Data aplikací\Mozilla
2016-02-21 21:09:26 ----SHD---- C:\RECYCLER
2016-02-21 21:06:57 ----D---- C:\Documents and Settings
2016-02-21 18:24:41 ----D---- C:\Program Files\7-Zip
2016-02-21 18:23:29 ----D---- C:\Program Files\Online Services
2016-02-21 18:23:29 ----D---- C:\Program Files\NVIDIA Corporation
2016-02-21 18:23:29 ----D---- C:\Program Files\NetMeeting
2016-02-21 18:23:29 ----D---- C:\Program Files\MSXML 4.0
2016-02-21 18:23:29 ----D---- C:\Program Files\MSN Gaming Zone
2016-02-21 18:23:29 ----D---- C:\Program Files\Movie Maker
2016-02-21 18:23:29 ----D---- C:\Program Files\microsoft frontpage
2016-02-21 18:23:29 ----D---- C:\Program Files\Messenger
2016-02-21 18:23:29 ----D---- C:\Program Files\IrfanView
2016-02-21 18:23:29 ----D---- C:\Program Files\Internet Explorer
2016-02-21 18:23:29 ----D---- C:\Program Files\HTC
2016-02-21 18:23:29 ----D---- C:\Program Files\ComPlus Applications
2016-02-21 18:23:29 ----D---- C:\Program Files\Centrum Holdings s.r.o
2016-02-21 18:23:29 ----D---- C:\Program Files\Bonjour
2016-02-21 18:23:29 ----D---- C:\Program Files\Ashampoo
2016-02-21 18:03:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2016-02-21 17:13:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2016-02-19 14:19:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2016-02-10 23:59:21 ----D---- C:\WINDOWS\system32\MRT
2016-02-10 23:54:11 ----A---- C:\WINDOWS\system32\MRT.exe
2016-02-10 18:55:39 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-03-05 58776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-03-05 221240]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2009-06-30 164896]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-03-05 35096]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2016-03-05 64272]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-03-05 812720]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-03-05 447848]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-03-05 32792]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-03-05 91168]
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2016-03-05 171608]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-08-18 5884416]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-02-08 12648960]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2009-07-01 66688]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2009-07-01 13824]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2016-03-05 67088]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2016-02-21 19984]
S3 HTCAND32;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys []
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 qcserxp;HTC Diagnostic Port; C:\WINDOWS\system32\DRIVERS\qcserxp.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-03-05 237096]
R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-07-08 168004]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S2 WtuSystemSupport;WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10 269504]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-11 146888]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]

-----------------EOF-----------------

Stáhni OTM z jednoho odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe
http://www.itxassociates.com/OT-Tools/OTM.exe

Spusť program „OTM.exe“
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“

Klikni na červené „MoveIt!“

Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\ - dej mi ho sem na kontrolu

Script OTM

Děkuji. Log z OTM:

All processes killed
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 205508 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: JH
->Temp folder emptied: 842712979 bytes
->Temporary Internet Files folder emptied: 75075384 bytes
->FireFox cache emptied: 7347857 bytes
->Google Chrome cache emptied: 33824615 bytes
->Flash cache emptied: 1075 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2509 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 130373343 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 1396651 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 3546160456 bytes

Total Files Cleaned = 4 422,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: JH
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Default User

User: JH

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0,00 mb


Restore point Set: OTM Restore Point
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\Installer\MSI1.tmp moved successfully.
C:\WINDOWS\Installer\MSI19.tmp moved successfully.
C:\WINDOWS\Installer\MSI50D.tmp moved successfully.
C:\WINDOWS\Installer\MSI6.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Avg\log\av16\avg-a40d782e-f68d-4c5f-b1c9-9c66ea20e74c.tmp moved successfully.
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job moved successfully.
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job moved successfully.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\AVG_Remover\bin folder moved successfully.
C:\AVG_Remover folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\vToolbarUpdater folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\40.2.6 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\NativeBrowserApi\40.2.6 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\NativeBrowserApi folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\DNTInstaller\40.2.6 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\DNTInstaller folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Common Files folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_metadata folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\zh_TW folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\zh_CN folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\tr folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\th folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\sv folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\ru folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\pt_PT folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\pt_BR folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\pl folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\no folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\nl folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\lv folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\lt folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\ko folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\ja folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\it folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\id folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\hu folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\hr folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\he folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\fr folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\fi folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\et folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\es_419 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\es folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\en_US folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\en_GB folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\en folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\el folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\de folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\da folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\bg folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales\ar folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0\_locales folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.8_0 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\_metadata folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\popup\translations folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\popup\styles\fonts folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\popup\styles folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\popup\scripts folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\popup\images folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\popup folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\pages folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\offline folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\js folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\images folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\icons folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\data folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data\Default folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\User Data folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací\Google folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings\Data aplikací folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Local Settings folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Data aplikací\Mozilla\Firefox\Profiles\ctnb8pbb.default\searchplugins folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Data aplikací\Mozilla\Firefox\Profiles\ctnb8pbb.default\extensions folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Data aplikací\Mozilla\Firefox\Profiles\ctnb8pbb.default folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Data aplikací\Mozilla\Firefox\Profiles folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Data aplikací\Mozilla\Firefox folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Data aplikací\Mozilla folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH\Data aplikací folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\JH folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\AVG Secure Search\Logger folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\AVG Secure Search folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings folder moved successfully.
C:\AdwCleaner\Quarantine\C folder moved successfully.
C:\AdwCleaner\Quarantine folder moved successfully.
C:\AdwCleaner folder moved successfully.
C:\Program Files\trend micro folder moved successfully.
C:\rsit folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp\IeExt\4.2.6.552 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp\IeExt folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp\FirefoxSaps\4.2.6.552 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp\FirefoxSaps folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp\FireFoxExt\4.2.6.552 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp\FireFoxExt folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp\CrashReport folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp\ChromeExt\4.2.6.552 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp\ChromeExt folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp folder moved successfully.
C:\Program Files\AVG Web TuneUp\UninstallRes\ClientPackage\styles\fonts folder moved successfully.
C:\Program Files\AVG Web TuneUp\UninstallRes\ClientPackage\styles folder moved successfully.
C:\Program Files\AVG Web TuneUp\UninstallRes\ClientPackage\libs folder moved successfully.
C:\Program Files\AVG Web TuneUp\UninstallRes\ClientPackage\images\uninstaller folder moved successfully.
C:\Program Files\AVG Web TuneUp\UninstallRes\ClientPackage\images folder moved successfully.
C:\Program Files\AVG Web TuneUp\UninstallRes\ClientPackage folder moved successfully.
C:\Program Files\AVG Web TuneUp\UninstallRes folder moved successfully.
C:\Program Files\AVG Web TuneUp\TBRDialog\styles folder moved successfully.
C:\Program Files\AVG Web TuneUp\TBRDialog\images folder moved successfully.
C:\Program Files\AVG Web TuneUp\TBRDialog folder moved successfully.
C:\Program Files\AVG Web TuneUp\locales folder moved successfully.
C:\Program Files\AVG Web TuneUp\Licenses folder moved successfully.
C:\Program Files\AVG Web TuneUp\IERes folder moved successfully.
C:\Program Files\AVG Web TuneUp\IeDspHelperRes\Images folder moved successfully.
C:\Program Files\AVG Web TuneUp\IeDspHelperRes folder moved successfully.
C:\Program Files\AVG Web TuneUp\EnableHelperRes\Images folder moved successfully.
C:\Program Files\AVG Web TuneUp\EnableHelperRes folder moved successfully.
C:\Program Files\AVG Web TuneUp\DSPDlg_IE folder moved successfully.
C:\Program Files\AVG Web TuneUp\ChromeRes\AVG Web TuneUp folder moved successfully.
C:\Program Files\AVG Web TuneUp\ChromeRes\AVG Secure Search folder moved successfully.
C:\Program Files\AVG Web TuneUp\ChromeRes\AVG SafeGuard toolbar folder moved successfully.
C:\Program Files\AVG Web TuneUp\ChromeRes\AVG Nation toolbar folder moved successfully.
C:\Program Files\AVG Web TuneUp\ChromeRes folder moved successfully.
C:\Program Files\AVG Web TuneUp\ChromeGuardRes folder moved successfully.
C:\Program Files\AVG Web TuneUp\ChConfirmHelperRes\Images folder moved successfully.
C:\Program Files\AVG Web TuneUp\ChConfirmHelperRes folder moved successfully.
C:\Program Files\AVG Web TuneUp\BundleInstall folder moved successfully.
C:\Program Files\AVG Web TuneUp\4.2.6.552 folder moved successfully.
C:\Program Files\AVG Web TuneUp folder moved successfully.
C:\Documents and Settings\JH\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\JH\Data aplikací\TuneUp Software\TU2012\Backups folder moved successfully.
C:\Documents and Settings\JH\Data aplikací\TuneUp Software\TU2012 folder moved successfully.
C:\Documents and Settings\JH\Data aplikací\TuneUp Software folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Avg\Diag folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Avg folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\JuvkOxtap folder moved successfully.
File/Folder C:\WINDOWS\system32\lMMLDeleteUserData42107612FX.tmp not found.
C:\WINDOWS\system32\DRIVERS\EsgScanner.sys moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AvgUi deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring deleted successfully.
========== SERVICES/DRIVERS ==========
Service WtuSystemSupport stopped successfully!
Service WtuSystemSupport deleted successfully!
Service EsgScanner stopped successfully!
Service EsgScanner deleted successfully!

OTM by OldTimer - Version 3.1.21.0 log created on 03052016_193029

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\opera_installer_20160305152522.log scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\opera_installer_20160305152525.log scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\opera_installer_20160305152527.log scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\opera_installer_20160305152831.log scheduled to be moved on reboot.

Registry entries deleted on Reboot...

nejprve odinstaluj původní MBAM http://www.malwarebytes.org/mbam-clean.exe

Stáhni a nainstaluj MBAM zde http://www.bleepingcomputer.com/downloa ... re/dl/241/ verzi 1.75
Při instalaci ti jako první nabídne instalaci nové verze (případně i při spuštění) - dáš Storno - bude aktualizována jen databáze
Po instalaci Spustit -> na 1.záložce "Kontrolor" -> Úplná kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení

Pro dnešek končím - budu tu brzy ráno

Velice děkuji za váš support,

bohužel včera jsem si špatně přečetl Vaši zprávu a nový MBAM jsem instaloval včetně nové verze, následně jsem ji odinstaloval pomocí MBAM cleanu a instaloval správně jen s aktualizovanou databází, tak snad vaše veškerá práce nepřijde vniveč. Velice se omlouvám za svoji chybu.

Zde je log z MBAM s aktualizovanou databází:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2016.03.05.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
JH :: PC [administrátor]

5.3.2016 22:19:38
MBAM-log-2016-03-06 (08-25-16).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 374068
Uplynulý čas: 49 minut, 14 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF859EC-4900-40D5-B5E5-74766B5F407D} (PUP.Optional.MindSpark) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF859EC-4900-40D5-B5E5-74766B5F407D} (PUP.Optional.MindSpark) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5FDEB94C-C7BF-4DA6-93EA-2F03A243FA10} (PUP.Optional.MindSpark) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{61673209-76A0-4A62-AB12-014CE1A1B00E} (PUP.Optional.MindSpark) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\System Volume Information\_restore{ADC9595E-7C66-4C78-ACA7-B60A8D3EC220}\RP395\A0083602.dll (Backdoor.Papras) -> Nebyla provedena žádná instrukce.

(konec)

Nemusíš se za nic omlouvat - jde ti to

Pokud byl MBAM zavřený, musíš spustit znovu stačí Rychlá kontrola
vše nalezené označit a Odstranit (bude to v karanténě)

MBAM můžeš nechat pro občasnou kontrolu - jen mu zakaž spouštění s OS (umí to i Ccleaner)

Dej aktuální log RSIT a přidej výpis současných problémů

Počítač se chová standardně, na mail už se jde přihlásit bez problémů.

MBAM, Avast už nic nehlásí.

Zde log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by JH at 2016-03-06 10:57:32
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 54 GB (70%) free of 76 GB
Total RAM: 1791 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:57:36, on 6.3.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\TeamViewer_Service.exe
C:\Program Files\TeamViewer\TeamViewer.exe
C:\Program Files\TeamViewer\tv_w32.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
c:\program files\teamviewer\TeamViewer_Desktop.exe
C:\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\JH\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\JH.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe

--
End of file - 4518 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\SafeZone scheduled Autoupdate 1457188112.job - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\JH\Data aplikací\Mozilla\Firefox\Profiles\ctnb8pbb.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/|about:preferences"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Documents and Settings\JH\Dokumenty\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Documents and Settings\JH\Dokumenty\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Documents and Settings\JH\Dokumenty\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-05 678656]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-08-14 18702336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-05 7139768]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 171008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2016-02-10 50599552]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.exe.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe"="C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe:*:Enabled:HTCSyncManager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes' Anti-Malware"
"C:\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\JH\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
"C:\Program Files\TeamViewer\TeamViewer.exe"="C:\Program Files\TeamViewer\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe"="C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe:*:Enabled:HTCSyncManager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2016-03-06 10:37:55 ----D---- C:\rsit
2016-03-06 10:37:55 ----D---- C:\Program Files\trend micro
2016-03-06 10:26:38 ----D---- C:\WINDOWS\pss
2016-03-05 22:17:43 ----D---- C:\Documents and Settings\JH\Data aplikací\Malwarebytes
2016-03-05 22:17:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2016-03-05 22:13:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2016-03-05 22:13:25 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-03-05 22:03:42 ----A---- C:\WINDOWS\system32\drivers\TVMonitor.sys
2016-03-05 19:30:29 ----D---- C:\_OTM
2016-03-05 15:23:44 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-05 13:02:56 ----D---- C:\Documents and Settings\JH\Data aplikací\TeamViewer
2016-03-05 10:27:25 ----D---- C:\Program Files\CCleaner
2016-03-05 10:26:14 ----D---- C:\Program Files\Google
2016-03-05 10:15:20 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2016-03-05 10:13:22 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2016-03-05 10:11:35 ----A---- C:\WINDOWS\system32\drivers\aswStmXP.sys
2016-03-05 10:11:31 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2016-03-05 10:11:04 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-03-05 10:10:51 ----A---- C:\WINDOWS\avastSS.scr
2016-03-05 10:05:21 ----D---- C:\Program Files\TeamViewer
2016-02-22 00:03:24 ----D---- C:\Documents and Settings\JH\Data aplikací\Seznam.cz
2016-02-21 22:25:52 ----D---- C:\WINDOWS\system32\Adobe
2016-02-21 22:25:48 ----A---- C:\WINDOWS\IsUninst.exe
2016-02-21 22:04:45 ----N---- C:\WINDOWS\system32\3dviewer.dll
2016-02-21 22:04:32 ----N---- C:\WINDOWS\system32\cmgr32.dll
2016-02-21 22:04:15 ----N---- C:\WINDOWS\system32\rave.dll
2016-02-21 22:03:31 ----N---- C:\WINDOWS\system32\sh33w32.dll
2016-02-21 22:02:58 ----N---- C:\WINDOWS\system32\qtim32.dll
2016-02-21 22:02:18 ----N---- C:\WINDOWS\system32\qd3d.dll
2016-02-21 22:00:11 ----D---- C:\Program Files\Corel
2016-02-21 21:58:09 ----D---- C:\WINDOWS\Corel
2016-02-21 21:51:36 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-02-21 21:51:31 ----D---- C:\Program Files\Mozilla Firefox
2016-02-21 21:41:11 ----D---- C:\Program Files\OpenOffice 4
2016-02-21 21:07:43 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2016-02-21 19:03:28 ----D---- C:\Instal
2016-02-10 18:55:06 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe

======List of files/folders modified in the last 1 month======

2016-03-06 10:57:16 ----D---- C:\WINDOWS\Temp
2016-03-06 10:53:49 ----D---- C:\Documents and Settings\JH\Data aplikací\Skype
2016-03-06 10:45:49 ----D---- C:\WINDOWS\Prefetch
2016-03-06 10:42:16 ----HD---- C:\WINDOWS\inf
2016-03-06 10:37:55 ----RD---- C:\Program Files
2016-03-06 10:31:10 ----D---- C:\WINDOWS\system32\drivers
2016-03-06 10:31:10 ----D---- C:\WINDOWS\AppPatch
2016-03-06 10:30:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2016-03-06 10:27:00 ----SH---- C:\boot.ini
2016-03-06 10:27:00 ----A---- C:\WINDOWS\win.ini
2016-03-06 10:27:00 ----A---- C:\WINDOWS\system.ini
2016-03-06 10:26:38 ----D---- C:\WINDOWS
2016-03-05 22:03:52 ----D---- C:\WINDOWS\system32\ReinstallBackups
2016-03-05 22:03:43 ----D---- C:\WINDOWS\system32\CatRoot2
2016-03-05 19:31:52 ----SD---- C:\WINDOWS\Tasks
2016-03-05 19:31:49 ----SHD---- C:\WINDOWS\Installer
2016-03-05 19:31:19 ----D---- C:\WINDOWS\system32
2016-03-05 19:30:40 ----D---- C:\WINDOWS\system32\drivers\etc
2016-03-05 14:38:12 ----D---- C:\Documents and Settings\JH\Data aplikací\HTC
2016-03-05 14:38:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\HTC
2016-03-05 14:37:14 ----D---- C:\WINDOWS\WinSxS
2016-03-05 14:37:12 ----D---- C:\Program Files\Common Files
2016-03-05 14:37:09 ----RSD---- C:\WINDOWS\Fonts
2016-03-05 14:29:59 ----D---- C:\WINDOWS\system32\config
2016-03-05 10:55:26 ----D---- C:\WINDOWS\Debug
2016-03-05 10:10:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2016-03-05 10:10:38 ----D---- C:\Program Files\AVAST Software
2016-03-01 14:42:13 ----D---- C:\Documents and Settings\JH\Data aplikací\vlc
2016-02-24 21:52:03 ----SD---- C:\Documents and Settings\JH\Data aplikací\Microsoft
2016-02-21 22:38:44 ----RSHDC---- C:\WINDOWS\system32\dllcache
2016-02-21 22:28:56 ----D---- C:\Program Files\Common Files\Adobe
2016-02-21 22:28:28 ----D---- C:\Documents and Settings\JH\Data aplikací\Adobe
2016-02-21 22:24:14 ----D---- C:\Program Files\Adobe
2016-02-21 22:22:14 ----A---- C:\WINDOWS\IsUn0405.exe
2016-02-21 22:06:03 ----D---- C:\Temp
2016-02-21 21:51:48 ----D---- C:\Documents and Settings\JH\Data aplikací\Mozilla
2016-02-21 21:09:26 ----SHD---- C:\RECYCLER
2016-02-21 21:06:57 ----D---- C:\Documents and Settings
2016-02-21 18:24:41 ----D---- C:\Program Files\7-Zip
2016-02-21 18:23:29 ----D---- C:\Program Files\Online Services
2016-02-21 18:23:29 ----D---- C:\Program Files\NVIDIA Corporation
2016-02-21 18:23:29 ----D---- C:\Program Files\NetMeeting
2016-02-21 18:23:29 ----D---- C:\Program Files\MSXML 4.0
2016-02-21 18:23:29 ----D---- C:\Program Files\MSN Gaming Zone
2016-02-21 18:23:29 ----D---- C:\Program Files\Movie Maker
2016-02-21 18:23:29 ----D---- C:\Program Files\microsoft frontpage
2016-02-21 18:23:29 ----D---- C:\Program Files\Messenger
2016-02-21 18:23:29 ----D---- C:\Program Files\IrfanView
2016-02-21 18:23:29 ----D---- C:\Program Files\Internet Explorer
2016-02-21 18:23:29 ----D---- C:\Program Files\HTC
2016-02-21 18:23:29 ----D---- C:\Program Files\ComPlus Applications
2016-02-21 18:23:29 ----D---- C:\Program Files\Centrum Holdings s.r.o
2016-02-21 18:23:29 ----D---- C:\Program Files\Bonjour
2016-02-21 18:23:29 ----D---- C:\Program Files\Ashampoo
2016-02-21 18:03:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2016-02-21 17:13:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2016-02-19 14:19:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2016-02-10 23:59:21 ----D---- C:\WINDOWS\system32\MRT
2016-02-10 23:54:11 ----A---- C:\WINDOWS\system32\MRT.exe
2016-02-10 18:55:39 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-03-05 58776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-03-05 221240]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2009-06-30 164896]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-03-05 35096]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2016-03-05 64272]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-03-05 812720]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-03-05 447848]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-03-05 32792]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-03-05 91168]
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2016-03-05 171608]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-08-18 5884416]
R3 MonitorFunction;Driver for Monitor; C:\WINDOWS\system32\DRIVERS\TVMonitor.sys [2015-08-18 13304]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-02-08 12648960]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2009-07-01 66688]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2009-07-01 13824]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2016-03-05 67088]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HTCAND32;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 qcserxp;HTC Diagnostic Port; C:\WINDOWS\system32\DRIVERS\qcserxp.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-03-05 237096]
R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-07-08 168004]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10 269504]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-11 146888]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]

-----------------EOF-----------------

Jen jsem našim zablokoval nastavení routeru

Avast totiž nahlásil, že má tovární nastavení tedy admin/admin, tak jsem ho změnil, ale musel jsem se u něj nějak překlepnout nebo nějaká pomalá odezva/šum přes vzdálené připojení, protože už se přihlásit nemůžu Ale až budu u našich na návštěvě, tak ho restartuji a nastavím, to už není problém. Popravdě ani nevím, proč tam měli defaultní heslo, ale zřejmě to tam nastavili technici od provozovatele internetu, kteří měnili před časem modem, těžko říct.