Celkoove zpomaleni PC ?

[Peky]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Blanka at 2016-05-15 11:00:33
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 13 GB (12%) free of 111 GB
Total RAM: 1023 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:00:39, on 15.5.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Blanka\Data aplikací\Seznam.cz\szninstall.exe
C:\Documents and Settings\Blanka\Data aplikací\BitTorrent\BitTorrent.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Blanka\Data aplikací\Seznam.cz\bin\szndesktop.exe
C:\Documents and Settings\Blanka\Data aplikací\BitTorrent\updates\7.9.6_42095\utorrentie.exe
C:\Documents and Settings\Blanka\Data aplikací\BitTorrent\updates\7.9.6_42095\utorrentie.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Blanka\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Blanka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [MSStp] C:\WINDOWS\inf\msstp.vbe
O4 - HKLM\..\Run: [mnckfuakSrv] C:\WINDOWS\system32\mnckfuak.vbe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\Blanka\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\Blanka\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [BitTorrent] "C:\Documents and Settings\Blanka\Data aplikací\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Elite UnzipService (EliteUnzip_aaService) - Unknown owner - C:\PROGRA~1\ELITEU~1\bar\1.bin\aabarsvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 8035 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\User_Feed_Synchronization-{D90B0509-1BFA-410E-A17C-880EC9BE4C6B}.job - C:\WINDOWS\system32\msfeedssync.exe sync

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-02-10 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-02-10 118784]
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\Smtray.exe [2002-06-26 90112]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2006-10-19 1183656]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2006-10-19 1958800]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2006-10-17 87584]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-27 1983816]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]
"MSStp"=C:\WINDOWS\inf\msstp.vbe [2014-03-06 1584]
"mnckfuakSrv"=C:\WINDOWS\system32\mnckfuak.vbe [2014-03-06 7670]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"cz.seznam.software.szndesktop"=C:\Documents and Settings\Blanka\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"cz.seznam.software.autoupdate"=C:\Documents and Settings\Blanka\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"BitTorrent"=C:\Documents and Settings\Blanka\Data aplikací\BitTorrent\BitTorrent.exe [2016-04-07 1963016]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-02-10 339968]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.7\ICQ.exe"="C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Disabled:TmForever"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Documents and Settings\Blanka\Data aplikací\BitTorrent\BitTorrent.exe"="C:\Documents and Settings\Blanka\Data aplikací\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.7\ICQ.exe"="C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MIDI1"=SYNCOR11.DLL

======List of files/folders created in the last 1 month======

2016-05-15 11:00:33 ----D---- C:\rsit
2016-05-15 11:00:33 ----D---- C:\Program Files\trend micro

======List of files/folders modified in the last 1 month======

2016-05-15 11:00:33 ----RD---- C:\Program Files
2016-05-15 11:00:01 ----D---- C:\WINDOWS\Temp
2016-05-15 10:57:13 ----D---- C:\Documents and Settings\Blanka\Data aplikací\BitTorrent
2016-05-15 02:43:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2016-05-14 19:14:01 ----D---- C:\Documents and Settings\Blanka\Data aplikací\Seznam.cz
2016-05-12 16:26:09 ----D---- C:\WINDOWS\Prefetch
2016-05-11 22:32:11 ----D---- C:\WINDOWS\Debug
2016-05-11 22:32:11 ----A---- C:\WINDOWS\system32\MRT.exe
2016-05-11 15:12:04 ----SHD---- C:\WINDOWS\Installer
2016-05-11 15:07:57 ----SD---- C:\WINDOWS\Tasks
2016-05-11 15:06:29 ----D---- C:\WINDOWS\system32\CatRoot2
2016-05-07 15:13:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2016-05-04 15:30:57 ----D---- C:\WINDOWS
2016-05-03 14:51:53 ----D---- C:\WINDOWS\Minidump
2016-05-03 14:39:24 ----A---- C:\WINDOWS\NeroDigital.ini
2016-04-16 22:19:44 ----D---- C:\Documents and Settings\Blanka\Data aplikací\abgx360

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2002-01-01 114048]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2002-01-01 395744]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2002-01-01 39264]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-08-22 98752]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2002-09-25 140800]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-13 1897408]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-08-23 549672]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-02-10 681469]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2006-10-17 230944]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-07-15 45056]
S2 EliteUnzip_aaService;Elite UnzipService; C:\PROGRA~1\ELITEU~1\bar\1.bin\aabarsvc.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 NetSvc;Intel NCS NetService; c:\Program Files\Intel\NCS\Sync\NetSvc.exe [2002-09-27 139264]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

[Márty84]

Zdravim

Je to pekne zavirovane.

Proc tam neni antivir???

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade na novejsi verzi a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222

[Peky]

Dobry den, omlouvam se za male zpozdeni / prvni cast viz. nize

# AdwCleaner v5.200 - Log vytvořen 26/06/2016 v 17:30:37
# Aktualizováno 14/06/2016 by ToolsLib
# Databáze : 2016-06-25.3 [Server]
# Operační system : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : Blanka - KEPKA-8947E124A
# Spuštěno z : C:\Documents and Settings\Blanka\Dokumenty\Downloads\adwcleaner_5.200.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

[-] Služba Smazáno : EliteUnzip_aaService
[!] Služba Ne Smazáno : EliteUnzip_aaService

***** [ Složky ] *****

[-] Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\apn
[-] Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
[-] Složka Smazáno : C:\Program Files\ICQ6Toolbar

***** [ Soubory ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****


***** [ Registry ] *****

[-] Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Klíč Smazáno : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D8278076-BC68-4484-9233-6E7F1628B56C}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1AF33C13-6C63-488C-9DEA-17B0E7829DE5}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5350-4500-76A7-7A786E7484D7}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA5D70B2-0A92-4B43-B068-A0DD02898C56}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1AF33C13-6C63-488C-9DEA-17B0E7829DE5}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5350-4500-76A7-7A786E7484D7}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DA5D70B2-0A92-4B43-B068-A0DD02898C56}
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4F524A2D-5350-4500-76A7-7A786E7484D7}]
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
[-] Klíč Smazáno : HKCU\Software\ICQ\ICQToolbar
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
[-] Klíč Smazáno : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Klíč Smazáno : HKLM\SOFTWARE\Mail.Ru
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4F524A2D-5350-4500-76A7-A758B70C1902}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
[-] Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data Obnoveno : HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{50659115-F12A-4F15-A164-62490A3E34A4}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EE209F2D-EEE1-473B-993D-082E9D3A0124}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{63894242-d1a7-4235-a425-c124cb8f4633}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\icq.com

***** [ Prohlížeče ] *****


*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4757 bytů] - [26/06/2016 17:30:37]
C:\AdwCleaner\AdwCleaner[S1].txt - [5400 bytů] - [26/06/2016 17:28:30]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4903 bytů] ##########

[Peky]

snad je to tak dobre Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2016.06.26.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Blanka :: KEPKA-8947E124A [administrátor]

Ochrana: Zakázána

26.6.2016 17:58:38
MBAM-log-2016-06-26 (20-42-41).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 448495
Uplynulý čas: 1 hodin, 49 minut, 56 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF55CB9F-2729-4BFF-AFE5-EE59593B16E8} (PUP.Optional.MindSpark) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF55CB9F-2729-4BFF-AFE5-EE59593B16E8} (PUP.Optional.MindSpark) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\EliteUnzip_aa (PUP.Optional.MindSpark) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MSStp (Trojan.Agent.SCR) -> Data: C:\WINDOWS\inf\msstp.vbe -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 7
C:\Documents and Settings\Blanka\Dokumenty\EliteUnzipSetup2.5.15.9.^BDG^man000^YYA^.exe (PUP.Optional.MindSpark) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Dominik\Local Settings\Temp\APNSetup.exe (PUP.Optional.APNToolBar) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Eda\Dokumenty\Downloads\FlvPlayerSetup.exe (PUP.Optional.CoolApp) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\system32\dcgmnckfuak.exe (Trojan.BitCoinMiner) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\system32\acumnckfuak.exe (PUP.Optional.BitCoinMiner) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\system32\lcpmnckfuak.exe (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\msstp.vbe (Trojan.Agent.SCR) -> Nebyla provedena žádná instrukce.

(konec)

[Márty84]

Dobry den, omlouvam se za male zpozdeni

Male???

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

[Peky]

ok tady to je

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2016.06.27.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Blanka :: KEPKA-8947E124A [administrátor]

Ochrana: Zakázána

27.6.2016 19:33:45
mbam-log-2016-06-27 (19-33-45).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 447870
Uplynulý čas: 1 hodin, 43 minut, 14 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Márty84]

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach
(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

[Peky]

bohuzel nejde stahnout tak jen log viz. nize

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-06-2016 02
Ran by Blanka (administrator) on KEPKA-8947E124A (28-06-2016 15:25:20)
Running from C:\Documents and Settings\Blanka\Dokumenty\Downloads
Loaded Profiles: Blanka (Available Profiles: Blanka & Eda & Dominik & Karinka & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(BitTorrent Inc.) C:\Documents and Settings\Blanka\Data aplikací\BitTorrent\BitTorrent.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
(BitTorrent Inc.) C:\Documents and Settings\Blanka\Data aplikací\BitTorrent\updates\7.9.7_42331\utorrentie.exe
(BitTorrent Inc.) C:\Documents and Settings\Blanka\Data aplikací\BitTorrent\updates\7.9.7_42331\utorrentie.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Smapp] => C:\Program Files\Analog Devices\SoundMAX\Smtray.exe [90112 2002-06-26] (Analog Devices, Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [1183656 2006-10-19] (Acronis)
HKLM\...\Run: [AcronisTimounterMonitor] => C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [1958800 2006-10-19] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [87584 2006-10-17] (Acronis)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1983816 2009-07-27] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)
HKLM\...\Run: [mnckfuakSrv] => C:\WINDOWS\system32\mnckfuak.vbe [7670 2014-03-06] ()
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxsrvc.dll [2004-02-10] (Intel Corporation)
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\...\Run: [cz.seznam.software.szndesktop] => "C:\Documents and Settings\Blanka\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\...\Run: [cz.seznam.software.autoupdate] => "C:\Documents and Settings\Blanka\Data aplikací\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\...\Run: [BitTorrent] => C:\Documents and Settings\Blanka\Data aplikací\BitTorrent\BitTorrent.exe [1972232 2016-05-20] (BitTorrent Inc.)
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe [961200 2015-03-19] (Adobe Systems Incorporated)
Lsa: [Authentication Packages] msv1_0 relog_ap
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk [2015-06-02]
ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Synchronizer.lnk [2015-06-02]
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.33.5 192.168.33.1
Tcpip\..\Interfaces\{E106DF72-6CC3-458D-A5C7-35791BF15542}: [DhcpNameServer] 192.168.1.254 192.168.33.5 192.168.33.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
URLSearchHook: [S-1-5-21-1229272821-1958367476-1547161642-1003] ATTENTION => Default URLSearchHook is missing
URLSearchHook: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> {395BABE7-AA39-442B-AEE9-4EDABC0F8C02} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> {4097E266-DCF5-43BF-BE75-1FE0C9BF080D} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> {5F188AFE-B49E-41AD-A042-F36D61A813CC} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> {63894242-d1a7-4235-a425-c124cb8f4633} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97 ... -SearchBox
SearchScopes: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> {9B4D94F9-439F-496B-AD2F-835B7E4755CE} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> {AA106D7E-F574-47B4-8C75-71140C31753B} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> {AD568FA8-4BA1-4CC9-9F5D-AF604CDAA195} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> {E4595010-0B0A-41BC-8493-A56A667C1DEA} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> {F623DD05-C85C-4C62-BFD1-DB7B2B1E0C7E} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
BHO: Podpora odkazu pro Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems Incorporated)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-26] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-26] (Google Inc.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Blanka\Data aplikací\Mozilla\Firefox\Profiles\d2ih9pbl.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&osmkt=en-ww
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF SearchPlugin: C:\Documents and Settings\Blanka\Data aplikací\Mozilla\Firefox\Profiles\d2ih9pbl.default\searchplugins\bingp.xml [2015-02-21]
FF Extension: Seznam lištička - C:\Documents and Settings\Blanka\Data aplikací\Mozilla\Firefox\Profiles\d2ih9pbl.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2015-02-12] [not signed]
FF HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found

Chrome:
=======
CHR Profile: C:\Documents and Settings\Blanka\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Blanka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-12]
CHR Extension: (Disk Google) - C:\Documents and Settings\Blanka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Documents and Settings\Blanka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Blanka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Blanka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Blanka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Documents and Settings\Blanka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [230944 2006-10-17] (Acronis)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
S3 NetSvc; c:\Program Files\Intel\NCS\Sync\NetSvc.exe [139264 2002-09-27] (Intel(R) Corporation) [File not signed]
R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-07-15] (Analog Devices, Inc.) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [39264 2002-01-01] (Acronis)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-28 15:25 - 2016-06-28 15:25 - 00000000 ____D C:\FRST
2016-06-27 16:47 - 2016-06-27 16:47 - 00090112 _____ C:\WINDOWS\Minidump\Mini062716-01.dmp
2016-06-26 17:43 - 2016-06-26 17:43 - 00000000 ____D C:\Documents and Settings\Blanka\Data aplikací\Malwarebytes
2016-06-26 17:43 - 2016-06-26 17:43 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2016-06-26 17:27 - 2016-06-26 17:30 - 00000000 ____D C:\AdwCleaner

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-28 15:26 - 2015-10-26 11:20 - 00000000 ____D C:\Documents and Settings\Blanka\Data aplikací\BitTorrent
2016-06-28 15:25 - 2014-11-04 08:34 - 00000468 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{D90B0509-1BFA-410E-A17C-880EC9BE4C6B}.job
2016-06-28 15:25 - 2002-01-01 01:17 - 00000000 ____D C:\Documents and Settings\Blanka\Local Settings\Temp
2016-06-28 15:24 - 2002-01-01 01:17 - 00000000 ____D C:\Documents and Settings\Blanka\Plocha
2016-06-28 15:22 - 2015-01-26 07:54 - 00000003 _____ C:\Documents and Settings\Blanka\stut
2016-06-28 15:20 - 2015-04-07 23:20 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-28 15:20 - 2014-10-30 16:33 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2016-06-28 15:20 - 2014-10-30 16:33 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2016-06-28 15:20 - 2002-01-01 01:06 - 00000238 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2016-06-28 15:19 - 2014-10-30 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-27 22:11 - 2014-10-30 16:45 - 00032338 _____ C:\WINDOWS\SchedLgU.Txt
2016-06-27 22:11 - 2002-01-01 01:17 - 00000272 ___SH C:\Documents and Settings\Blanka\ntuser.ini
2016-06-27 21:13 - 2015-04-07 23:20 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-27 19:28 - 2015-09-12 09:48 - 00000000 ____D C:\Documents and Settings\Blanka\Data aplikací\Seznam.cz
2016-06-27 19:24 - 2014-10-31 18:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2686509$
2016-06-27 16:47 - 2015-03-11 10:23 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-27 16:40 - 2014-11-01 10:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2483185$
2016-06-27 16:39 - 2014-10-30 16:22 - 00000000 ___HD C:\WINDOWS\inf
2016-06-27 16:07 - 2015-01-26 07:52 - 00001259 _____ C:\Documents and Settings\Blanka\rgut
2016-06-26 17:43 - 2014-10-30 16:33 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2016-06-26 17:43 - 2002-01-01 01:17 - 00000000 __RHD C:\Documents and Settings\Blanka\Data aplikací
2016-06-26 17:30 - 2002-01-01 02:09 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\ICQ
2016-06-26 17:28 - 2014-11-05 08:25 - 00000000 ____D C:\Documents and Settings\Blanka\Local Settings\Data aplikací\Google
2016-06-26 17:28 - 2014-11-05 08:23 - 00000000 ____D C:\Documents and Settings\Blanka\Local Settings\Data aplikací\Adobe
2016-06-26 17:27 - 2015-04-08 08:50 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Google
2016-06-26 17:27 - 2014-11-05 08:25 - 00000000 ____D C:\Program Files\Google
2016-06-26 17:26 - 2014-11-05 08:25 - 00796352 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-06-26 17:26 - 2014-11-05 08:25 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-06-25 11:37 - 2015-03-19 13:21 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-06-24 21:21 - 2008-04-14 14:00 - 00012984 _____ C:\WINDOWS\system32\wpa.dbl
2016-06-21 20:55 - 2002-01-01 02:14 - 00000272 ___SH C:\Documents and Settings\Eda\ntuser.ini
2016-06-21 14:41 - 2002-01-01 02:13 - 00000000 ____D C:\Documents and Settings\Eda\Local Settings\Temp
2016-06-21 14:20 - 2015-01-25 19:29 - 00001259 _____ C:\Documents and Settings\Eda\rgut
2016-06-15 22:40 - 2014-11-12 14:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 22:25 - 2014-10-31 18:36 - 139785240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-15 12:47 - 2002-01-01 02:13 - 00000000 ____D C:\Documents and Settings\Eda
2016-06-10 16:28 - 2002-01-01 02:43 - 00000178 ___SH C:\Documents and Settings\Karinka\ntuser.ini
2016-06-10 16:27 - 2014-11-12 15:05 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2016-06-10 15:12 - 2002-01-01 01:17 - 00000000 ___HD C:\Documents and Settings\Blanka\Local Settings\Data aplikací
2016-06-10 15:10 - 2015-11-04 16:25 - 00000000 ____D C:\Documents and Settings\Karinka\Data aplikací\Seznam.cz
2016-06-10 15:10 - 2002-01-01 02:43 - 00000000 ____D C:\Documents and Settings\Karinka\Local Settings\Temp
2016-06-10 15:07 - 2015-01-25 19:20 - 00001259 _____ C:\Documents and Settings\Karinka\rgut
2016-06-08 15:00 - 2002-01-01 01:04 - 00000232 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2016-05-29 19:35 - 2015-11-13 19:17 - 00000000 ____D C:\Documents and Settings\Blanka\Data aplikací\abgx360

==================== Files in the root of some directories =======

2014-11-10 20:02 - 2016-05-19 15:38 - 0034304 _____ () C:\Documents and Settings\Blanka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\269601USA8.EXE
C:\Documents and Settings\Administrator\Local Settings\Temp\adminchk.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\AEEnable.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\Instngin.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\PCIUtil.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\RemADI.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\Setup.exe
C:\Documents and Settings\Blanka\Local Settings\Temp\libeay32.dll
C:\Documents and Settings\Blanka\Local Settings\Temp\msvcr120.dll
C:\Documents and Settings\Blanka\Local Settings\Temp\sqlite3.dll
C:\Documents and Settings\Blanka\Local Settings\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
C:\Documents and Settings\Dominik\Local Settings\Temp\GuardICQ.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

[Márty84]

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix.
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[Peky]

Combo Fix se "sekne"pri vytvareni bodu obnovy / stahovani nebylo uspesne pritom sit / internet jede ? Co s tim mohu vice delat.

[Márty84]

Zkuste to v nouzovem rezimu s praci v siti

[Peky]

je to stale stejne, problem bude zrejme v tom, ze neni naistalovana konzola pro zotaveni

[Márty84]

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [mnckfuakSrv] => C:\WINDOWS\system32\mnckfuak.vbe [7670 2014-03-06] ()
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\...\Run: [cz.seznam.software.szndesktop] => "C:\Documents and Settings\Blanka\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\...\Run: [cz.seznam.software.autoupdate] => "C:\Documents and Settings\Blanka\Data aplikací\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\...\Run: [BitTorrent] => C:\Documents and Settings\Blanka\Data aplikací\BitTorrent\BitTorrent.exe [1972232 2016-05-20] (BitTorrent Inc.)
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe [961200 2015-03-19] (Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

URLSearchHook: [S-1-5-21-1229272821-1958367476-1547161642-1003] ATTENTION => Default URLSearchHook is missing
URLSearchHook: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> {63894242-d1a7-4235-a425-c124cb8f4633} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-26] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-26] (Google Inc.)

FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&osmkt=en-ww
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF SearchPlugin: C:\Documents and Settings\Blanka\Data aplikací\Mozilla\Firefox\Profiles\d2ih9pbl.default\searchplugins\bingp.xml [2015-02-21]
FF Extension: Seznam lištička - C:\Documents and Settings\Blanka\Data aplikací\Mozilla\Firefox\Profiles\d2ih9pbl.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2015-02-12] [not signed]
FF HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found

S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\WINDOWS\system32\mnckfuak.vbe

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.




Pak zkuste znovu ComboFix

[Peky]

problem s instalaci konzoly se mne podarilo odstranit, spustim "combo", ale ten se po chvili "sekne"

[Peky]

Fix result of Farbar Recovery Scan Tool (x86) Version: 29-06-2016
Ran by Blanka (2016-06-30 16:51:25) Run:2
Running from C:\Documents and Settings\Blanka\Plocha
Loaded Profiles: Blanka (Available Profiles: Blanka & Eda & Dominik & Karinka & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [mnckfuakSrv] => C:\WINDOWS\system32\mnckfuak.vbe [7670 2014-03-06] ()
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\...\Run: [cz.seznam.software.szndesktop] => "C:\Documents and Settings\Blanka\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\...\Run: [cz.seznam.software.autoupdate] => "C:\Documents and Settings\Blanka\Data aplikací\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\...\Run: [BitTorrent] => C:\Documents and Settings\Blanka\Data aplikací\BitTorrent\BitTorrent.exe [1972232 2016-05-20] (BitTorrent Inc.)
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe [961200 2015-03-19] (Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

URLSearchHook: [S-1-5-21-1229272821-1958367476-1547161642-1003] ATTENTION => Default URLSearchHook is missing
URLSearchHook: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> {63894242-d1a7-4235-a425-c124cb8f4633} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97 ... -SearchBox
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-26] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-1229272821-1958367476-1547161642-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-26] (Google Inc.)

FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&osmkt=en-ww
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF SearchPlugin: C:\Documents and Settings\Blanka\Data aplikací\Mozilla\Firefox\Profiles\d2ih9pbl.default\searchplugins\bingp.xml [2015-02-21]
FF Extension: Seznam lištička - C:\Documents and Settings\Blanka\Data aplikací\Mozilla\Firefox\Profiles\d2ih9pbl.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2015-02-12] [not signed]
FF HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found

S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\WINDOWS\system32\mnckfuak.vbe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mnckfuakSrv => value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value not found.
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS => value not found.
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value not found.
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value not found.
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent => value not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate => value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key not found.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
Could not restore Default URLSearchHook.
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{63894242-d1a7-4235-a425-c124cb8f4633} => key not found.
HKCR\CLSID\{63894242-d1a7-4235-a425-c124cb8f4633} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully.
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
Firefox SearchEngineOrder.3 removed successfully.
Firefox SelectedSearchEngine removed successfully.
Firefox "homepage" removed successfully.
Firefox "Keyword.URL" removed successfully.
C:\Documents and Settings\Blanka\Data aplikací\Mozilla\Firefox\Profiles\d2ih9pbl.default\searchplugins\bingp.xml => moved successfully
C:\Documents and Settings\Blanka\Data aplikací\Mozilla\Firefox\Profiles\d2ih9pbl.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => moved successfully
C:\Documents and Settings\Blanka\Data aplikací\Mozilla\Firefox\Profiles\d2ih9pbl.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => path removed successfully.
HKU\S-1-5-21-1229272821-1958367476-1547161642-1003\Software\Mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8} => value removed successfully.
gupdate => service removed successfully.
gupdatem => service removed successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => moved successfully
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => moved successfully
C:\WINDOWS\system32\mnckfuak.vbe => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 2727710 B
Java, Flash, Steam htmlcache => 14160 B
Windows/system/dllcache/drivers => 104385 B
Edge => 0 B
Chrome => 536103192 B
Firefox => 323069585 B
Opera => 393210926 B

Temp, IE cache, history, cookies, recent:
Default User => 66164 B
All Users => 0 B
systemprofile => 169144 B
LocalService => 10178388 B
NetworkService => 66231 B
Blanka => 101610040 B
Eda => 45538366 B
Dominik => 220224676 B
Karinka => 15549360 B
Administrator => 45942700 B

RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:55:29 ====