VIRY.CZ

Zdravím

jsem po čase u táty a poprosil mě, abychom mu dali PC dokupy. Tak Vás prosím o jednu preventivku, třeba tam něco chytíte

stroj je postarší, takže trochu pomalejší, ale jinak jsem žádnou zásadní poruchu nezaznamenal... děkují ^__^

Logfile of random's system information tool 1.10 (written by random/random)
Run by Uzivatel at 2016-05-26 15:39:31
Microsoft Windows XP Home Edition Service Pack 3
System drive H: has 231 GB (92%) free of 250 GB
Total RAM: 1022 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:40:20, on 26.5.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\RUNDLL32.EXE
H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
H:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
H:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
H:\WINDOWS\tsnpstd3.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\CCleaner\CCleaner.exe
H:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
H:\WINDOWS\system32\HPZipm12.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Program Files\AVAST Software\Avast\AvastSvc.exe
H:\Program Files\AVAST Software\Avast\avastUi.exe
H:\WINDOWS\system32\wbem\unsecapp.exe
H:\WINDOWS\system32\msiexec.exe
H:\Documents and Settings\Uzivatel\Dokumenty\Stažené soubory\RSIT.exe
H:\Program Files\trend micro\Uzivatel.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvBackend] "H:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [GrooveMonitor] "H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] H:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [Ulead Quick-Drop] "H:\Program Files\Ulead Systems\Ulead DVD MovieFactory 4.0 Suite\Ulead Quick-Drop 1.0\Quick-Drop.exe" WINDOWCALL
O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] H:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
O4 - HKLM\..\Run: [tsnpstd3] H:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [AvastUI.exe] "H:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "H:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = H:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - H:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - H:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - H:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 6284 bytes

======Scheduled tasks folder======

H:\WINDOWS\tasks\Adobe Flash Player Updater.job - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
H:\WINDOWS\tasks\avast! Emergency Update.job - H:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - H:\Program Files\Google\Update\GoogleUpdate.exe /c
H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - H:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
H:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - H:\WINDOWS\system32\xp_eos.exe
H:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - H:\WINDOWS\system32\xp_eos.exe -c

=========Mozilla firefox=========

ProfilePath - H:\Documents and Settings\Uzivatel\Data aplikací\Mozilla\Firefox\Profiles\rs30hgdd.default

"wrc@avast.com"=H:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=H:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=H:\Program Files\Google\Update\1.3.21.169\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=H:\Program Files\Google\Update\1.3.21.169\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=H:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - H:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-26 679680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"NvBackend"=H:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-08-01 2403104]
"NvMediaCenter"=H:\WINDOWS\system32\NvMcTray.dll [2010-03-16 110696]
"NvCplDaemon"=H:\WINDOWS\system32\NvCpl.dll [2010-03-16 13670504]
"GrooveMonitor"=H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Ulead AutoDetector v2"=H:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe [2005-03-16 90112]
"Ulead Quick-Drop"=H:\Program Files\Ulead Systems\Ulead DVD MovieFactory 4.0 Suite\Ulead Quick-Drop 1.0\Quick-Drop.exe [2005-04-28 102400]
"USIUDF_Eject_Monitor"=H:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe [2004-12-23 81920]
"tsnpstd3"=H:\WINDOWS\tsnpstd3.exe [2007-03-30 262144]
"UserFaultCheck"=H:\WINDOWS\system32\dumprep 0 -u []
"AvastUI.exe"=H:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-05-26 7391632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=H:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"CCleaner Monitoring"=H:\Program Files\CCleaner\CCleaner.exe [2016-04-15 6675672]

H:\Documents and Settings\Uzivatel\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - H:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=H:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="H:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"H:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="H:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"H:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="H:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"H:\Program Files\AVG\Av\avgmfapx.exe"="H:\Program Files\AVG\Av\avgmfapx.exe:*:Enabled:AVG Installer"
"H:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="H:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"H:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="H:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"H:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="H:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="H:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="H:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"H:\Program Files\Mozilla Firefox\firefox.exe"="H:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (H:\Program Files\Mozilla Firefox)"
"H:\Program Files\Google\Chrome\Application\chrome.exe"="H:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=H:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=H:\WINDOWS\system32\l3codeca.acm
"msacm.dvacm"=H:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"msacm.mpegacm"=mpegacm.acm
"msacm.ulmp3acm"=ulmp3acm.acm

======List of files/folders created in the last 1 month======

2016-05-26 15:39:31 ----D---- H:\rsit
2016-05-26 15:39:31 ----D---- H:\Program Files\trend micro
2016-05-26 15:26:27 ----A---- H:\WINDOWS\system32\drivers\aswKbd.sys
2016-05-26 15:03:04 ----D---- H:\Documents and Settings\Uzivatel\Data aplikací\AVAST Software
2016-05-26 15:02:47 ----N---- H:\WINDOWS\system32\spmsgXP_2k3.dll
2016-05-26 15:02:43 ----HDC---- H:\WINDOWS\$NtUninstallWdf01009$
2016-05-26 15:02:33 ----D---- H:\WINDOWS\LastGood
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswVmm.sys
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswTdi.sys
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswStmXP.sys
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswSP.sys
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswSnx.sys
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswRvrt.sys
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswRdr.sys
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswMonFlt.sys
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswHwid.sys
2016-05-26 15:01:24 ----A---- H:\WINDOWS\system32\aswBoot.exe
2016-05-26 15:01:16 ----A---- H:\WINDOWS\avastSS.scr
2016-05-26 14:47:31 ----D---- H:\Program Files\AVAST Software
2016-05-26 14:44:57 ----D---- H:\Documents and Settings\All Users\Data aplikací\AVAST Software
2016-05-05 00:11:29 ----D---- H:\Program Files\Mozilla Firefox
2016-05-04 09:48:30 ----D---- H:\Program Files\CCleaner
2016-05-04 09:47:13 ----D---- H:\Program Files\Google

======List of files/folders modified in the last 1 month======

2016-05-26 15:39:31 ----RD---- H:\Program Files
2016-05-26 15:39:30 ----D---- H:\WINDOWS\Prefetch
2016-05-26 15:33:16 ----D---- H:\WINDOWS\Temp
2016-05-26 15:33:16 ----D---- H:\WINDOWS\system32
2016-05-26 15:31:02 ----SHD---- H:\WINDOWS\Installer
2016-05-26 15:26:56 ----SD---- H:\WINDOWS\Tasks
2016-05-26 15:26:27 ----D---- H:\WINDOWS\system32\drivers
2016-05-26 15:08:08 ----HD---- H:\WINDOWS\inf
2016-05-26 15:02:48 ----D---- H:\WINDOWS
2016-05-26 15:02:33 ----D---- H:\WINDOWS\system32\CatRoot2
2016-05-26 15:01:25 ----D---- H:\WINDOWS\WinSxS
2016-05-26 14:38:25 ----D---- H:\Program Files\AVG
2016-05-26 14:27:15 ----D---- H:\Documents and Settings\All Users\Data aplikací\MFAData
2016-05-26 14:26:34 ----A---- H:\WINDOWS\SchedLgU.Txt
2016-05-26 14:12:47 ----D---- H:\Program Files\Common Files
2016-05-26 14:09:01 ----D---- H:\Documents and Settings\Uzivatel\Data aplikací\MPC-HC
2016-05-26 14:08:29 ----D---- H:\WINDOWS\Debug
2016-05-13 00:18:25 ----A---- H:\WINDOWS\system32\FlashPlayerApp.exe
2016-05-12 03:30:00 ----D---- H:\WINDOWS\system32\MRT
2016-05-12 03:01:32 ----A---- H:\WINDOWS\system32\MRT.exe
2016-05-08 19:57:22 ----D---- H:\Program Files\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswVmm;avast! VM Monitor; H:\WINDOWS\system32\drivers\aswVmm.sys [2016-05-26 221368]
R0 nvata;nvata; H:\WINDOWS\system32\DRIVERS\nvata.sys [2005-08-18 93568]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; H:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R1 aswRdr;aswRdr; H:\WINDOWS\system32\drivers\aswRdr.sys [2016-05-26 64272]
R1 aswSnx;aswSnx; H:\WINDOWS\system32\drivers\aswSnx.sys [2016-05-26 815792]
R1 aswSP;aswSP; H:\WINDOWS\system32\drivers\aswSP.sys [2016-05-26 449640]
R1 USIUDF;USIUDF; H:\WINDOWS\System32\Drivers\USIUDF.sys [2004-07-07 292896]
R2 aswHwid;avast! HardwareID; H:\WINDOWS\system32\drivers\aswHwid.sys [2016-05-26 32792]
R2 aswMonFlt;aswMonFlt; H:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-05-26 91168]
R2 StarOpen;StarOpen; H:\WINDOWS\system32\drivers\StarOpen.sys [2013-08-25 13120]
R3 Arp1394;Protokol 1394 ARP Client; H:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswStmXP;Avast StreamFilter Driver; H:\WINDOWS\system32\drivers\aswStmXP.sys [2016-05-26 187208]
R3 aswTdi;aswTdi; H:\WINDOWS\system32\drivers\aswTdi.sys [2016-05-26 67216]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; H:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; H:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; H:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
R3 NIC1394;1394 Net Driver; H:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; H:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2000-01-01 10232352]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; H:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-09-30 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; H:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-09-30 13056]
R3 pfc;Padus ASPI Shell; H:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 ULCDRHlp;ULCDRHlp; H:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 usbaudio;Ovladač zvukové karty USB (WDM); H:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; H:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbprint;Třída USB Printer; H:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Ovladač skeneru USB; H:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 Wdf01000;Kernel Mode Driver Frameworks service; H:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S0 aswRvrt;avast! Revert; H:\WINDOWS\system32\drivers\aswRvrt.sys [2016-05-26 58776]
S1 aswKbd;aswKbd; H:\WINDOWS\system32\drivers\aswKbd.sys [2016-05-26 35096]
S1 kbdhid;Ovladač klávesnice standardu HID; H:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 hidusb;Ovladač třídy standardu HID; H:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Ovladač myši standardu HID; H:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
S3 SWDUMon;SWDUMon; H:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2016-01-05 13368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; H:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-26 243296]
R2 NVSvc;NVIDIA Driver Helper Service; H:\WINDOWS\system32\nvsvc32.exe [2010-03-16 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; H:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 UleadBurningHelper;Ulead Burning Helper; H:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-03-13 49152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); H:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-26 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13 269504]
S3 aspnet_state;Stavová služba ASP.NET; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); H:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-26 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; H:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-05-05 146888]
S3 odserv;Microsoft Office Diagnostics Service; H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravím, podle prvotního nástřelu to vypadá jen na zbytečnosti a zdržovadla

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Skenovat po dokončení na Čištění
bude provedena oprava, restartuje se - (případně restartuj) a vypadne log C:\AdwCleaner\AdwCleaner[C?].txt , jeho obsah vložíš sem

pravděpodobně budeš nucen vypnout na tu chvíli antivir - je to čisté, prověřeno

vyosek píše: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Spustit a do okna vlozte skript nize
Kód: Vybrat vše
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script

PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
Log bude zde C:\zoek-results.log

Díky

log níže:

# AdwCleaner v5.118 - Log vytvořen 26/05/2016 v 18:12:46
# Aktualizováno 23/05/2016 by Xplode
# Databáze : 2016-05-26.2 [Server]
# Operační system : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : Uzivatel - UZIVATEL-1F20DB
# Spuštěno z : H:\Documents and Settings\Uzivatel\Plocha\adwcleaner_5.118.exe
# Nastavení : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****

[-] Služba Smazáno : swdumon

***** [ Složky ] *****

[-] Složka Smazáno : H:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[-] Složka Smazáno : H:\Documents and Settings\All Users\Data aplikací\SlimWare Utilities, Inc
[-] Složka Smazáno : H:\Documents and Settings\All Users\Dokumenty\Downloaded Installers

***** [ Soubory ] *****

[-] Soubor Smazáno : H:\WINDOWS\system32\drivers\swdumon.sys

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

***** [ Registry ] *****

[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klíč Smazáno : HKCU\Software\SlimWare Utilities Inc
[-] Klíč Smazáno : HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Klíč Smazáno : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

***** [ Prohlížeče ] *****

*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

H:\AdwCleaner\AdwCleaner[C1].txt - [1612 bytů] - [26/05/2016 18:12:46]
H:\AdwCleaner\AdwCleaner[S1].txt - [1875 bytů] - [26/05/2016 18:12:04]

########## EOF - H:\AdwCleaner\AdwCleaner[C1].txt - [1758 bytů] ##########

a C:\zoek-results.log by se nenašel?

sytémový disk mám pod H:// ale ani tam sem zoek-results.log nenašel.

Pokud máš stažený zkus ZOEK spustit v Nouzovém režimu, on dost dlouho pracuje

Pardon, moje chyba - neumím číst do konce

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Uzivatel on p 27.05.2016 at 12:29:15,85.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: H:\Documents and Settings\Uzivatel\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27.5.2016 12:29:59 Zoek.exe System Restore Point Created Successfully.

log musí být podstatně delší - nech ZOEK dojet do konce jeho práce i když se ti zdá, že nic nedělá
mělo by dojít k automatickému restartu

Pardon, moje chyba

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Uzivatel on p 27.05.2016 at 12:29:15,85.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: H:\Documents and Settings\Uzivatel\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27.5.2016 12:29:59 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

H:\Program Files\MSXML 4.0 deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

H:\Program Files\GUM5AE.tmp deleted
H:\WINDOWS\System32\SET33A.tmp deleted
H:\WINDOWS\System32\SET33B.tmp deleted
H:\WINDOWS\System32\SET33C.tmp deleted
H:\WINDOWS\System32\SET341.tmp deleted
H:\WINDOWS\System32\SET342.tmp deleted
H:\WINDOWS\System32\SET346.tmp deleted
H:\WINDOWS\System32\SET348.tmp deleted

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dl ... ar=msnhome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dl ... ar=msnhome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://search.live.com/results.aspx?q={ ... rer:source?}
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://search.live.com/results.aspx?q={ ... orm=IE8SRC

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

H:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
H:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
H:\Documents and Settings\Uzivatel\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
H:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
H:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
H:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
H:\Documents and Settings\Uzivatel\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== H:\zoek_backup content ======================

H:\zoek_backup (files=9 folders=1 16088667 bytes)

==== Empty Temp Folders ======================

H:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

H:\WINDOWS\Temp successfully emptied
H:\DOCUME~1\Uzivatel\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

H:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"H:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"H:\Documents and Settings\Uzivatel\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on p 27.05.2016 at 13:58:16,14 ======================

Skvěle a jdeme na MBAM

Stáhni a nainstaluj MBAM zde http://www.bleepingcomputer.com/downloa ... re/dl/241/ verzi 1.75
Při instalaci ti jako první nabídne instalaci nové verze (případně i při spuštění) - dáš Storno - bude aktualizována jen databáze
Po instalaci Spustit -> na 1.záložce "Kontrolor" -> Úplná kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení a program nezavírej, jen minimalizuj

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.04.04.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Uzivatel :: UZIVATEL-1F20DB [administrátor]

27.5.2016 14:29:07
mbam-log-2016-05-27 (14-29-07).txt

Typ: Kompletní kontrola (D:\|H:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 281404
Uplynulý čas: 51 minut, 44 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Paráda, to je taky čisté - dej mi nový RSIT a popiš případné problémy

problemy jsem žádné neobjevil

díéky za pomoc

Logfile of random's system information tool 1.10 (written by random/random)
Run by Uzivatel at 2016-05-27 16:51:01
Microsoft Windows XP Home Edition Service Pack 3
System drive H: has 230 GB (92%) free of 250 GB
Total RAM: 1022 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:51:09, on 27.5.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\AVAST Software\Avast\AvastSvc.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
H:\WINDOWS\system32\RUNDLL32.EXE
H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
H:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
H:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
H:\WINDOWS\tsnpstd3.exe
H:\Program Files\AVAST Software\Avast\AvastUI.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\CCleaner\CCleaner.exe
H:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
H:\WINDOWS\system32\HPZipm12.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
H:\WINDOWS\system32\wbem\unsecapp.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Documents and Settings\Uzivatel\Dokumenty\Stažené soubory\RSIT.exe
H:\Program Files\trend micro\Uzivatel.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvBackend] "H:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [GrooveMonitor] "H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] H:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [Ulead Quick-Drop] "H:\Program Files\Ulead Systems\Ulead DVD MovieFactory 4.0 Suite\Ulead Quick-Drop 1.0\Quick-Drop.exe" WINDOWCALL
O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] H:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
O4 - HKLM\..\Run: [tsnpstd3] H:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [AvastUI.exe] "H:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] H:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "H:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = H:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - H:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - H:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - H:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 6367 bytes

======Scheduled tasks folder======

H:\WINDOWS\tasks\Adobe Flash Player Updater.job - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
H:\WINDOWS\tasks\avast! Emergency Update.job - H:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - H:\Program Files\Google\Update\GoogleUpdate.exe /c
H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - H:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
H:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - H:\WINDOWS\system32\xp_eos.exe
H:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - H:\WINDOWS\system32\xp_eos.exe -c

=========Mozilla firefox=========

ProfilePath - H:\Documents and Settings\Uzivatel\Data aplikací\Mozilla\Firefox\Profiles\rs30hgdd.default

"wrc@avast.com"=H:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=H:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=H:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=H:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=H:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - H:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-26 679680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"NvBackend"=H:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-08-01 2403104]
"NvMediaCenter"=H:\WINDOWS\system32\NvMcTray.dll [2010-03-16 110696]
"NvCplDaemon"=H:\WINDOWS\system32\NvCpl.dll [2010-03-16 13670504]
"GrooveMonitor"=H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Ulead AutoDetector v2"=H:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe [2005-03-16 90112]
"Ulead Quick-Drop"=H:\Program Files\Ulead Systems\Ulead DVD MovieFactory 4.0 Suite\Ulead Quick-Drop 1.0\Quick-Drop.exe [2005-04-28 102400]
"USIUDF_Eject_Monitor"=H:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe [2004-12-23 81920]
"tsnpstd3"=H:\WINDOWS\tsnpstd3.exe [2007-03-30 262144]
"AvastUI.exe"=H:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-05-26 7400576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=H:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2013-04-04 532040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=H:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"CCleaner Monitoring"=H:\Program Files\CCleaner\CCleaner.exe [2016-04-15 6675672]

H:\Documents and Settings\Uzivatel\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - H:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=H:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="H:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"H:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="H:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"H:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="H:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"H:\Program Files\AVG\Av\avgmfapx.exe"="H:\Program Files\AVG\Av\avgmfapx.exe:*:Enabled:AVG Installer"
"H:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="H:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"H:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="H:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"H:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="H:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="H:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="H:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"H:\Program Files\Mozilla Firefox\firefox.exe"="H:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (H:\Program Files\Mozilla Firefox)"
"H:\Program Files\Google\Chrome\Application\chrome.exe"="H:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=H:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=H:\WINDOWS\system32\l3codeca.acm
"msacm.dvacm"=H:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"msacm.mpegacm"=mpegacm.acm
"msacm.ulmp3acm"=ulmp3acm.acm

======List of files/folders created in the last 1 month======

2016-05-27 14:27:58 ----D---- H:\Program Files\Malwarebytes' Anti-Malware
2016-05-27 14:27:58 ----A---- H:\WINDOWS\system32\drivers\mbam.sys
2016-05-27 12:41:22 ----D---- H:\WINDOWS\Temp
2016-05-27 12:41:22 ----A---- H:\WINDOWS\zoek-delete.exe
2016-05-27 12:29:08 ----D---- H:\zoek_backup
2016-05-26 18:10:25 ----D---- H:\AdwCleaner
2016-05-26 15:39:31 ----D---- H:\rsit
2016-05-26 15:39:31 ----D---- H:\Program Files\trend micro
2016-05-26 15:26:27 ----A---- H:\WINDOWS\system32\drivers\aswKbd.sys
2016-05-26 15:03:04 ----D---- H:\Documents and Settings\Uzivatel\Data aplikací\AVAST Software
2016-05-26 15:02:47 ----N---- H:\WINDOWS\system32\spmsgXP_2k3.dll
2016-05-26 15:02:43 ----HDC---- H:\WINDOWS\$NtUninstallWdf01009$
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswVmm.sys
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswTdi.sys
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswStmXP.sys
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswSP.sys
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswSnx.sys
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswRvrt.sys
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswRdr.sys
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswMonFlt.sys
2016-05-26 15:01:31 ----A---- H:\WINDOWS\system32\drivers\aswHwid.sys
2016-05-26 15:01:24 ----A---- H:\WINDOWS\system32\aswBoot.exe
2016-05-26 15:01:16 ----A---- H:\WINDOWS\avastSS.scr
2016-05-26 14:47:31 ----D---- H:\Program Files\AVAST Software
2016-05-26 14:44:57 ----D---- H:\Documents and Settings\All Users\Data aplikací\AVAST Software
2016-05-05 00:11:29 ----D---- H:\Program Files\Mozilla Firefox
2016-05-04 09:48:30 ----D---- H:\Program Files\CCleaner
2016-05-04 09:47:13 ----D---- H:\Program Files\Google

======List of files/folders modified in the last 1 month======

2016-05-27 16:50:46 ----D---- H:\WINDOWS\Prefetch
2016-05-27 16:50:27 ----D---- H:\WINDOWS\system32\drivers
2016-05-27 14:27:58 ----RD---- H:\Program Files
2016-05-27 13:58:03 ----D---- H:\WINDOWS
2016-05-27 13:57:16 ----A---- H:\WINDOWS\SchedLgU.Txt
2016-05-27 12:38:04 ----D---- H:\WINDOWS\system32
2016-05-27 12:30:33 ----D---- H:\WINDOWS\system32\drivers\etc
2016-05-26 16:36:01 ----SHD---- H:\WINDOWS\Installer
2016-05-26 16:31:48 ----SD---- H:\WINDOWS\Tasks
2016-05-26 15:08:08 ----HD---- H:\WINDOWS\inf
2016-05-26 15:02:33 ----D---- H:\WINDOWS\system32\CatRoot2
2016-05-26 15:01:25 ----D---- H:\WINDOWS\WinSxS
2016-05-26 14:38:25 ----D---- H:\Program Files\AVG
2016-05-26 14:38:25 ----D---- H:\Documents and Settings\All Users\Data aplikací\Avg
2016-05-26 14:27:15 ----D---- H:\Documents and Settings\All Users\Data aplikací\MFAData
2016-05-26 14:12:47 ----D---- H:\Program Files\Common Files
2016-05-26 14:09:01 ----D---- H:\Documents and Settings\Uzivatel\Data aplikací\MPC-HC
2016-05-26 14:08:29 ----D---- H:\WINDOWS\Debug
2016-05-13 00:18:25 ----A---- H:\WINDOWS\system32\FlashPlayerApp.exe
2016-05-12 03:30:00 ----D---- H:\WINDOWS\system32\MRT
2016-05-12 03:01:32 ----A---- H:\WINDOWS\system32\MRT.exe
2016-05-08 19:57:22 ----D---- H:\Program Files\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; H:\WINDOWS\system32\drivers\aswRvrt.sys [2016-05-26 58776]
R0 aswVmm;avast! VM Monitor; H:\WINDOWS\system32\drivers\aswVmm.sys [2016-05-26 221368]
R0 nvata;nvata; H:\WINDOWS\system32\DRIVERS\nvata.sys [2005-08-18 93568]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; H:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R1 aswKbd;aswKbd; H:\WINDOWS\system32\drivers\aswKbd.sys [2016-05-26 35096]
R1 aswRdr;aswRdr; H:\WINDOWS\system32\drivers\aswRdr.sys [2016-05-26 64272]
R1 aswSnx;aswSnx; H:\WINDOWS\system32\drivers\aswSnx.sys [2016-05-26 815792]
R1 aswSP;aswSP; H:\WINDOWS\system32\drivers\aswSP.sys [2016-05-26 449640]
R1 USIUDF;USIUDF; H:\WINDOWS\System32\Drivers\USIUDF.sys [2004-07-07 292896]
R2 aswHwid;avast! HardwareID; H:\WINDOWS\system32\drivers\aswHwid.sys [2016-05-26 32792]
R2 aswMonFlt;aswMonFlt; H:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-05-26 91168]
R2 StarOpen;StarOpen; H:\WINDOWS\system32\drivers\StarOpen.sys [2013-08-25 13120]
R3 Arp1394;Protokol 1394 ARP Client; H:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswStmXP;Avast StreamFilter Driver; H:\WINDOWS\system32\drivers\aswStmXP.sys [2016-05-26 187208]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; H:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; H:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; H:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
R3 NIC1394;1394 Net Driver; H:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; H:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2000-01-01 10232352]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; H:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-09-30 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; H:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-09-30 13056]
R3 pfc;Padus ASPI Shell; H:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 ULCDRHlp;ULCDRHlp; H:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 usbaudio;Ovladač zvukové karty USB (WDM); H:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; H:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbprint;Třída USB Printer; H:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Ovladač skeneru USB; H:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 Wdf01000;Kernel Mode Driver Frameworks service; H:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S1 kbdhid;Ovladač klávesnice standardu HID; H:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 aswTdi;aswTdi; H:\WINDOWS\system32\drivers\aswTdi.sys [2016-05-26 67216]
S3 hidusb;Ovladač třídy standardu HID; H:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Ovladač myši standardu HID; H:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; H:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-26 243296]
R2 NVSvc;NVIDIA Driver Helper Service; H:\WINDOWS\system32\nvsvc32.exe [2010-03-16 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; H:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 UleadBurningHelper;Ulead Burning Helper; H:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-03-13 49152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); H:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-26 152216]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13 269504]
S3 aspnet_state;Stavová služba ASP.NET; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); H:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-26 152216]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; H:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-05-05 146888]
S3 odserv;Microsoft Office Diagnostics Service; H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Stáhni OTM z jednoho odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe
http://www.itxassociates.com/OT-Tools/OTM.exe

Spusť program „OTM.exe“
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“

Klikni na červené „MoveIt!“

Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\ - dej mi ho sem na kontrolu

Script OTM

Kód: Vybrat vše

:Commands
[resethosts]
[emptytemp]
[emptyflash]
[emptyjava]
[clearallrestorepoints]

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
H:\WINDOWS\tasks\Adobe Flash Player Updater.job
H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
H:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
H:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
H:\WINDOWS\zoek-delete.exe
H:\zoek_backup
H:\AdwCleaner
H:\rsit
H:\Program Files\trend micro

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"NvBackend"=-
"NvCplDaemon"=-
"GrooveMonitor"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

:Services
gupdate
gupdatem

Vyčisti Ccleanerem i registry

Končím a budu tu až ráno

VIRY.CZ

preventivka tátovýho PC

preventivka tátovýho PC

Re: preventivka tátovýho PC

Re: preventivka tátovýho PC

Re: preventivka tátovýho PC

Re: preventivka tátovýho PC

Re: preventivka tátovýho PC

Re: preventivka tátovýho PC

Re: preventivka tátovýho PC

Re: preventivka tátovýho PC

Re: preventivka tátovýho PC

Re: preventivka tátovýho PC

Re: preventivka tátovýho PC

Re: preventivka tátovýho PC

Re: preventivka tátovýho PC