vyskakující bannery - prosím,kontrolu Logu

Zpráva

pepinokouba1 · #1 Příspěvek od **pepinokouba1** » 13 pro 2013 10:06

Logfile of random's system information tool 1.09 (written by random/random)
Run by jozef at 2013-12-13 10:05:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 9 GB (13%) free of 70 GB
Total RAM: 4009 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:05:17, on 13.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\vsnp2uvc.exe
C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
D:\Program Files (x86)\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\ICQ7M\ICQ.exe
D:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
D:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Program Files\trend micro\jozef.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0032850 - {11111111-1111-1111-1111-110311281150} - C:\Program Files (x86)\Object Browser\Object Browser-bho.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [IndicatorUtility] "C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PFNService - FUJITSU LIMITED - C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
O23 - Service: PowerSavingUtilityService - FUJITSU LIMITED - C:\Program Files\Fujitsu\PSUtility\PSUService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8453 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 38833680
\??\C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe"
"C:\Program Files\Fujitsu\PSUtility\PSUService.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Windows\vsnp2uvc.exe"
"C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe"
"C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe"
"C:\Program Files\Fujitsu\PSUtility\TrayManager.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe"
"C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe"
"C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE"
"C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000076c
"C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-452a3ad8-31f9-42a3-b71b-62c73025edac -SystemEventPortName:HostProcess-64de8278-0a8f-4bd2-8dd4-989429d68709 -IoCancelEventPortName:HostProcess-005a93e9-ba26-4326-84cd-b5484a34b8f4 -NonStateChangingEventPortName:HostProcess-dbc21a46-3abb-42e6-8c0a-bbcfbf8e0dc4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b8aca498-cb13-4a67-b727-bc16da8d15a1
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"D:\Program Files (x86)\BitTorrent\BitTorrent.exe" "D:\staženo z netu\[CzT]Percy_Jackson_More_nestvur_Percy_Jackson_Sea_of_Monsters_2013_CZ_.torrent"
"C:\Program Files (x86)\ICQ7M\ICQ.exe"
"D:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"D:\Program Files (x86)\Winamp\winamp.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5760.fcdf700.252745780 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 5760 "\\.\pipe\gecko-crash-server-pipe.5760" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe" --proxy-stub-channel=Flash3872.667C53D8.299 --host-broker-channel=Flash3872.667C53D8.5967 --host-pid=3872 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe" --channel=6108.0032F248.48447909 --proxy-stub-channel=Flash3872.667C53D8.299 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll" --host-npapi-version=27 --type=renderer
taskeng.exe {E6266D88-CD78-46A1-84EA-EAABD7BC3248}
"C:\totalcmd\TOTALCMD64.EXE"
"D:\staženo z netu\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Object Browser-codedownloader.job
C:\Windows\tasks\Object Browser-enabler.job
C:\Windows\tasks\Object Browser-firefoxinstaller.job
C:\Windows\tasks\Object Browser-updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\jozef\AppData\Roaming\Mozilla\Firefox\Profiles\rni6hqbn.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\jozef\AppData\Roaming\Mozilla\Firefox\Profiles\rni6hqbn.default\extensions\
9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150}]
Object Browser - C:\Program Files (x86)\Object Browser\Object Browser-bho64.dll [2013-10-26 958320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150}]
Object Browser - C:\Program Files (x86)\Object Browser\Object Browser-bho.dll [2013-10-26 593776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-20 168216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-20 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-20 416024]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-04-20 11663464]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-19 1886504]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-01-05 1933584]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-13 662016]
"LoadFUJ02E3"=C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [2010-06-08 45680]
"FDM7"=C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [2009-11-26 164712]
"PSUTility"=C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [2010-11-13 199528]
"PfNet"=C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [2010-10-07 6311424]
"LoadFujitsuQuickTouch"=C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [2010-07-16 162416]
"LoadBtnHnd"=C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2010-07-09 21616]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-24 138096]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-13 662016]
"IndicatorUtility"=C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [2010-09-29 48752]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
""= []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-11-26 683576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-15 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Call Graph-nahraj skype\CallGraph.exe"="C:\Program Files (x86)\Call Graph-nahraj skype\CallGraph.exe:*:Enabled:Call Graph"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-12-12 21:24:32 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-12 21:04:40 ----D---- C:\Program Files\trend micro
2013-12-12 21:04:38 ----D---- C:\rsit
2013-12-12 20:50:03 ----A---- C:\Windows\system32\MRT.exe
2013-11-22 14:56:17 ----D---- C:\Users\jozef\AppData\Roaming\Call Graph
2013-11-22 14:56:16 ----D---- C:\Program Files (x86)\Call Graph-nahraj skype

======List of files/folders modified in the last 1 month======

2013-12-13 10:05:15 ----D---- C:\Windows\Temp
2013-12-13 10:02:54 ----D---- C:\Users\jozef\AppData\Roaming\BitTorrent
2013-12-12 23:19:55 ----D---- C:\Users\jozef\AppData\Roaming\Skype
2013-12-12 23:11:43 ----D---- C:\Users\jozef\AppData\Roaming\Winamp
2013-12-12 22:06:52 ----D---- C:\Windows\Prefetch
2013-12-12 22:06:50 ----SHD---- C:\Windows\Installer
2013-12-12 21:24:50 ----D---- C:\Users\jozef\AppData\Roaming\Mozilla
2013-12-12 21:24:32 ----RD---- C:\Program Files (x86)
2013-12-12 21:24:31 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-12-12 21:23:43 ----D---- C:\Windows\debug
2013-12-12 21:23:43 ----D---- C:\Windows
2013-12-12 21:04:40 ----RD---- C:\Program Files
2013-12-12 20:50:03 ----D---- C:\Windows\System32
2013-12-12 19:15:54 ----D---- C:\Program Files\SUPERAntiSpyware
2013-12-12 17:08:16 ----D---- C:\Users\jozef\AppData\Roaming\ICQ
2013-12-10 14:27:59 ----D---- C:\Windows\system32\config
2013-12-10 14:21:20 ----D---- C:\Windows\inf
2013-12-10 14:21:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-10 13:19:32 ----A---- C:\Windows\NeroDigital.ini
2013-12-10 11:31:41 ----D---- C:\Users\jozef\AppData\Roaming\vlc
2013-12-09 11:58:18 ----D---- C:\FFOutput
2013-12-09 11:30:59 ----D---- C:\Windows\system32\wdi
2013-12-08 21:57:45 ----D---- C:\Users\jozef\AppData\Roaming\esmska
2013-12-08 19:01:07 ----SHD---- C:\System Volume Information
2013-12-03 09:14:08 ----D---- C:\Windows\system32\catroot
2013-12-03 09:14:07 ----D---- C:\Windows\system32\drivers
2013-12-01 11:46:31 ----D---- C:\ProgramData\Skype
2013-12-01 11:46:24 ----RD---- C:\Program Files (x86)\Skype
2013-11-26 11:43:52 ----D---- C:\Users\jozef\AppData\Roaming\Audacity
2013-11-26 09:35:05 ----D---- C:\Windows\SysWOW64
2013-11-24 19:27:35 ----D---- C:\Windows\Tasks
2013-11-24 19:27:35 ----D---- C:\Windows\system32\Tasks
2013-11-22 14:56:34 ----D---- C:\Windows\winsxs
2013-11-22 13:36:34 ----D---- C:\++++++++++Uschovna z d
2013-11-19 14:23:56 ----D---- C:\Users\jozef\AppData\Roaming\DC++

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-11-29 568600]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2012-03-09 24496]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2012-01-05 16152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-11-26 132600]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-11-26 28600]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-03 107416]
R3 FUJ02B1;Fujitsu FUJ02B1 Device Driver; C:\Windows\system32\DRIVERS\FUJ02B1.sys [2006-11-01 7808]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver; C:\Windows\system32\DRIVERS\FUJ02E3.sys [2006-11-01 7296]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-04-15 12228128]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-04-20 2657768]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-01-04 8507392]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-12-28 412776]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2010-10-09 1801216]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-11-19 299568]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2010-11-21 552448]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-21 80384]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
S3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
S3 iaStorS;iaStorS; C:\Windows\system32\drivers\iaStorS.sys [2012-03-09 638896]
S3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-22 59904]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\drivers\iusb3hub.sys [2012-01-05 355096]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\drivers\iusb3xhc.sys [2012-01-05 786200]
S3 megasas2;megasas2; C:\Windows\system32\drivers\megasas2.sys [2010-11-02 51280]
S3 megasr1;megasr1; C:\Windows\system32\drivers\megasr1.sys [2012-02-08 806696]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-12-10 181248]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2011-07-28 313448]
S3 tihub3;TI USB3 Hub Service; C:\Windows\system32\drivers\tihub3.sys [2011-11-22 136000]
S3 tixhci;TI XHCI Service; C:\Windows\system32\drivers\tixhci.sys [2011-11-22 410944]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-07 143088]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-11-26 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-11-26 440376]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-11-26 1164360]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-01-05 1515792]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PFNService;PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2010-10-07 331776]
R2 PowerSavingUtilityService;PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [2010-06-17 63336]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-01-05 836880]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-07 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-07 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-27 115608]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 340240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-09-20 89136]

-----------------EOF-----------------

pepinokouba1 · #2 Příspěvek od **pepinokouba1** » 13 pro 2013 12:45

Vkládám nový log, ten původní je neplatný, - tento Log, co sem ted vkládám je po odinstalaci FlashPlayeru - a poté byla Mozila znovu nainstalovana.

Prosím o kontrolu tohoto: - zde bannery již nevyskakují, ale jestli je to čisté

Logfile of random's system information tool 1.09 (written by random/random)
Run by jozef at 2013-12-13 12:41:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 8 GB (11%) free of 70 GB
Total RAM: 4009 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:41:41, on 13.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\vsnp2uvc.exe
C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
D:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\trend micro\jozef.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [IndicatorUtility] "C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PFNService - FUJITSU LIMITED - C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
O23 - Service: PowerSavingUtilityService - FUJITSU LIMITED - C:\Program Files\Fujitsu\PSUtility\PSUService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8012 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\WLANExt.exe 31307936
\??\C:\Windows\system32\conhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Windows\vsnp2uvc.exe"
"C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe"
"C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe"
"C:\Program Files\Fujitsu\PSUtility\TrayManager.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe"
"C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe"
"C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE"
"C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe"
"C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE"
"C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe"
"C:\Program Files\Fujitsu\PSUtility\PSUService.exe"
"C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000708
"C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-69b71b31-a492-4b99-b30a-8269019b6867 -SystemEventPortName:HostProcess-46207b83-7d2d-4949-92bc-0dda03f907a5 -IoCancelEventPortName:HostProcess-0a5e9466-2b10-4500-a92b-9c9f7154464b -NonStateChangingEventPortName:HostProcess-47741916-d688-49ec-a7f9-2023ad9df33a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:05e291d0-ec56-453e-a376-9d5028c0b18a
"C:\totalcmd\TOTALCMD64.EXE"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"D:\Program Files (x86)\Winamp\winamp.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
taskeng.exe {6FFA252A-D4FF-435E-B892-05D710945699}
"D:\staženo z netu\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\jozef\AppData\Roaming\Mozilla\Firefox\Profiles\pbji3wye.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-20 168216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-20 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-20 416024]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-04-20 11663464]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-19 1886504]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-01-05 1933584]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-13 662016]
"LoadFUJ02E3"=C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [2010-06-08 45680]
"FDM7"=C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [2009-11-26 164712]
"PSUTility"=C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [2010-11-13 199528]
"PfNet"=C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [2010-10-07 6311424]
"LoadFujitsuQuickTouch"=C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [2010-07-16 162416]
"LoadBtnHnd"=C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2010-07-09 21616]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-24 138096]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-13 662016]
"IndicatorUtility"=C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [2010-09-29 48752]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
""= []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-11-26 683576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-15 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Call Graph-nahraj skype\CallGraph.exe"="C:\Program Files (x86)\Call Graph-nahraj skype\CallGraph.exe:*:Enabled:Call Graph"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-12-13 11:33:59 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-12 21:04:40 ----D---- C:\Program Files\trend micro
2013-12-12 21:04:38 ----D---- C:\rsit
2013-12-12 20:50:03 ----A---- C:\Windows\system32\MRT.exe
2013-11-22 14:56:17 ----D---- C:\Users\jozef\AppData\Roaming\Call Graph
2013-11-22 14:56:16 ----D---- C:\Program Files (x86)\Call Graph-nahraj skype

======List of files/folders modified in the last 1 month======

2013-12-13 12:41:38 ----D---- C:\Windows\Temp
2013-12-13 12:27:17 ----D---- C:\++++++++++Uschovna z d
2013-12-13 12:17:02 ----D---- C:\Users\jozef\AppData\Roaming\Skype
2013-12-13 11:42:36 ----D---- C:\Windows\system32\config
2013-12-13 11:36:16 ----D---- C:\Windows\System32
2013-12-13 11:36:16 ----D---- C:\Windows\inf
2013-12-13 11:36:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-13 11:34:22 ----D---- C:\Users\jozef\AppData\Roaming\Mozilla
2013-12-13 11:33:59 ----RD---- C:\Program Files (x86)
2013-12-13 11:33:59 ----D---- C:\Windows\Prefetch
2013-12-13 11:33:56 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-12-13 11:31:33 ----D---- C:\Windows
2013-12-13 11:30:50 ----D---- C:\Users\jozef\AppData\Roaming\ICQ
2013-12-13 11:22:55 ----D---- C:\Users\jozef\AppData\Roaming\Winamp
2013-12-13 11:22:36 ----D---- C:\Users\jozef\AppData\Roaming\BitTorrent
2013-12-13 10:59:22 ----SHD---- C:\System Volume Information
2013-12-13 10:28:12 ----D---- C:\Windows\system32\Tasks
2013-12-13 10:28:10 ----D---- C:\Windows\Tasks
2013-12-13 10:27:24 ----D---- C:\Windows\SysWOW64
2013-12-12 22:06:50 ----SHD---- C:\Windows\Installer
2013-12-12 21:23:43 ----D---- C:\Windows\debug
2013-12-12 21:04:40 ----RD---- C:\Program Files
2013-12-12 19:15:54 ----D---- C:\Program Files\SUPERAntiSpyware
2013-12-10 13:19:32 ----A---- C:\Windows\NeroDigital.ini
2013-12-10 11:31:41 ----D---- C:\Users\jozef\AppData\Roaming\vlc
2013-12-09 11:58:18 ----D---- C:\FFOutput
2013-12-09 11:30:59 ----D---- C:\Windows\system32\wdi
2013-12-08 21:57:45 ----D---- C:\Users\jozef\AppData\Roaming\esmska
2013-12-03 09:14:08 ----D---- C:\Windows\system32\catroot
2013-12-03 09:14:07 ----D---- C:\Windows\system32\drivers
2013-12-01 11:46:31 ----D---- C:\ProgramData\Skype
2013-12-01 11:46:24 ----RD---- C:\Program Files (x86)\Skype
2013-11-26 11:43:52 ----D---- C:\Users\jozef\AppData\Roaming\Audacity
2013-11-22 14:56:34 ----D---- C:\Windows\winsxs
2013-11-19 14:23:56 ----D---- C:\Users\jozef\AppData\Roaming\DC++

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-11-29 568600]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2012-03-09 24496]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2012-01-05 16152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-11-26 132600]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-11-26 28600]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-03 107416]
R3 FUJ02B1;Fujitsu FUJ02B1 Device Driver; C:\Windows\system32\DRIVERS\FUJ02B1.sys [2006-11-01 7808]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver; C:\Windows\system32\DRIVERS\FUJ02E3.sys [2006-11-01 7296]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-04-15 12228128]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-04-20 2657768]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-01-04 8507392]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-12-28 412776]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2010-10-09 1801216]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-11-19 299568]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2010-11-21 552448]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-21 80384]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
S3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
S3 iaStorS;iaStorS; C:\Windows\system32\drivers\iaStorS.sys [2012-03-09 638896]
S3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-22 59904]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\drivers\iusb3hub.sys [2012-01-05 355096]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\drivers\iusb3xhc.sys [2012-01-05 786200]
S3 megasas2;megasas2; C:\Windows\system32\drivers\megasas2.sys [2010-11-02 51280]
S3 megasr1;megasr1; C:\Windows\system32\drivers\megasr1.sys [2012-02-08 806696]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-12-10 181248]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2011-07-28 313448]
S3 tihub3;TI USB3 Hub Service; C:\Windows\system32\drivers\tihub3.sys [2011-11-22 136000]
S3 tixhci;TI XHCI Service; C:\Windows\system32\drivers\tixhci.sys [2011-11-22 410944]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-07 143088]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-11-26 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-11-26 440376]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-11-26 1164360]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-01-05 1515792]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PFNService;PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2010-10-07 331776]
R2 PowerSavingUtilityService;PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [2010-06-17 63336]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-01-05 836880]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-07 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-07 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-27 115608]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 340240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-09-20 89136]

-----------------EOF-----------------

#3 Příspěvek od **vyosek** » 13 pro 2013 19:45

Zdravim

Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Spustte tradicne dvouklikem
Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

pepinokouba1 · #4 Příspěvek od **pepinokouba1** » 14 pro 2013 15:03

Zdravím Vás, provedl jsem skenování pomocí 3 nástrojů, které jste mi poslal. Vkládám sem ty logy. Prosím o odpověd, jeslti je to už čisté.

Shortcut Cleaner 1.2.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Windows Version: Windows 7 Home Premium Service Pack 1
Program started at: 12/14/2013 02:41:42 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\jozef\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\jozef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\jozef\Desktop

0 bad shortcuts found.

Program finished at: 12/14/2013 02:41:46 PM
Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by jozef on so 14.12.2013 at 14:42:54,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{94D7DBC7-56BD-4413-BBA5-FAFA13236642}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C3342386-7FC9-42B8-9F40-D21C8780211A}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 14.12.2013 at 14:49:40,99
End of JRT log

# AdwCleaner v3.015 - Report created 14/12/2013 at 14:58:59
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : jozef - JOZEF-PC
# Running from : D:\staženo z netu\viry-programy\3-adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FreeRIP3_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FreeRIP3_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7601.17514

-\\ Mozilla Firefox v19.0.1 (cs)

[ File : C:\Users\jozef\AppData\Roaming\Mozilla\Firefox\Profiles\pbji3wye.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [13831 octets] - [01/09/2013 13:56:20]
AdwCleaner[R1].txt - [1246 octets] - [14/12/2013 14:51:42]
AdwCleaner[S0].txt - [13260 octets] - [01/09/2013 13:56:54]
AdwCleaner[S1].txt - [1181 octets] - [14/12/2013 14:58:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1241 octets] ##########

#5 Příspěvek od **vyosek** » 15 pro 2013 06:49

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

pepinokouba1 · #6 Příspěvek od **pepinokouba1** » 15 pro 2013 14:11

Vkládám LOG z přiloženého programu - jsou to 2 hlášení, oddělím je +++

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2013 01
Ran by jozef (administrator) on JOZEF-PC on 15-12-2013 14:08:29
Running from D:\staženo z netu\viry-programy
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ICQ, LLC.) C:\Program Files (x86)\ICQ7M\ICQ.exe
(Nullsoft, Inc.) D:\Program Files (x86)\Winamp\winamp.exe
(Farbar) D:\staženo z netu\viry-programy\4--FRST64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11663464 2011-04-20] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1886504 2009-11-19] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-13] (Sonix)
HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [45680 2010-06-08] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [199528 2010-11-13] (FUJITSU LIMITED)
HKLM\...\Run: [PfNet] - C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6311424 2010-10-07] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [162416 2010-07-16] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [21616 2010-07-09] (FUJITSU LIMITED)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-24] (Facebook Inc.)
HKLM-x32\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-13] (Sonix)
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-29] (FUJITSU LIMITED)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-26] (Avira Operations GmbH & Co. KG)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {03EA2B1B-3430-4320-897B-0530A543F6AA} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\jozef\AppData\Roaming\Mozilla\Firefox\Profiles\pbji3wye.default
FF Homepage: www.seznam.cz
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\jozef\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143088 2013-05-07] (SUPERAntiSpyware.com)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [331776 2010-10-07] (FUJITSU LIMITED)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2010-06-17] (FUJITSU LIMITED)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [24496 2012-03-09] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [638896 2012-03-09] (Intel Corporation)
S3 megasas2; C:\Windows\system32\drivers\megasas2.sys [51280 2010-11-02] (LSI Corporation)
S3 megasr1; C:\Windows\system32\drivers\megasr1.sys [806696 2012-02-08] (LSI Corporation, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1801216 2010-10-09] ()

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-15 14:08 - 2013-12-15 14:08 - 00000000 ____D C:\FRST
2013-12-14 14:42 - 2013-12-14 14:42 - 00000000 ____D C:\Windows\ERUNT
2013-12-13 11:40 - 2013-12-13 11:40 - 00001163 _____ C:\Users\jozef\Desktop\Mozilla Firefox.lnk
2013-12-13 11:34 - 2013-12-13 11:34 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-13 11:33 - 2013-12-13 11:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-13 11:31 - 2013-12-14 14:59 - 00000112 _____ C:\Windows\setupact.log
2013-12-13 11:31 - 2013-12-13 11:31 - 00001996 _____ C:\Windows\PFRO.log
2013-12-13 11:31 - 2013-12-13 11:31 - 00000000 _____ C:\Windows\setuperr.log
2013-12-12 22:06 - 2013-12-12 22:06 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-12 21:04 - 2013-12-13 12:41 - 00000000 ____D C:\Program Files\trend micro
2013-12-12 21:04 - 2013-12-12 21:04 - 00000000 ____D C:\rsit
2013-12-12 20:50 - 2013-12-01 14:42 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-24 19:27 - 2013-12-15 13:50 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000UA.job
2013-11-24 19:27 - 2013-12-14 20:43 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000Core.job
2013-11-24 19:27 - 2013-11-24 19:28 - 00000000 ____D C:\Users\jozef\AppData\Local\Facebook
2013-11-24 19:27 - 2013-11-24 19:27 - 00003904 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000UA
2013-11-24 19:27 - 2013-11-24 19:27 - 00003536 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000Core
2013-11-22 14:56 - 2013-12-06 10:56 - 00000000 ____D C:\Users\jozef\AppData\Roaming\Call Graph
2013-11-22 14:56 - 2013-11-22 14:56 - 00001095 _____ C:\Users\jozef\Desktop\Call Graph.lnk
2013-11-22 14:56 - 2013-11-22 14:56 - 00000000 ____D C:\Program Files (x86)\Call Graph-nahraj skype
2013-11-21 19:56 - 2013-11-21 19:56 - 00000907 _____ C:\Users\jozef\Desktop\+souhrn AJ i NJ-šSL 20 – zástupce.lnk

==================== One Month Modified Files and Folders =======

2013-12-15 14:08 - 2013-12-15 14:08 - 00000000 ____D C:\FRST
2013-12-15 14:07 - 2013-07-29 19:15 - 00647380 _____ C:\Windows\WindowsUpdate.log
2013-12-15 14:03 - 2013-10-15 15:13 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-15 14:02 - 2013-10-15 15:13 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-15 13:54 - 2013-02-24 11:48 - 00000000 ____D C:\Users\jozef\AppData\Roaming\ICQ
2013-12-15 13:54 - 2012-09-17 22:58 - 00000000 ____D C:\Users\jozef\AppData\Roaming\Skype
2013-12-15 13:50 - 2013-11-24 19:27 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000UA.job
2013-12-14 20:43 - 2013-11-24 19:27 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000Core.job
2013-12-14 16:35 - 2012-10-15 20:10 - 00000000 ____D C:\Users\jozef\AppData\Roaming\esmska
2013-12-14 15:07 - 2009-07-14 05:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-14 15:07 - 2009-07-14 05:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-14 15:04 - 2012-09-18 07:58 - 00622660 _____ C:\Windows\system32\perfh005.dat
2013-12-14 15:04 - 2012-09-18 07:58 - 00118810 _____ C:\Windows\system32\perfc005.dat
2013-12-14 15:04 - 2009-07-14 06:13 - 01445734 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-14 14:59 - 2013-12-13 11:31 - 00000112 _____ C:\Windows\setupact.log
2013-12-14 14:59 - 2013-09-01 13:56 - 00000000 ____D C:\AdwCleaner
2013-12-14 14:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-14 14:42 - 2013-12-14 14:42 - 00000000 ____D C:\Windows\ERUNT
2013-12-13 12:41 - 2013-12-12 21:04 - 00000000 ____D C:\Program Files\trend micro
2013-12-13 12:27 - 2013-08-26 11:09 - 00000000 ____D C:\++++++++++Uschovna z d
2013-12-13 11:40 - 2013-12-13 11:40 - 00001163 _____ C:\Users\jozef\Desktop\Mozilla Firefox.lnk
2013-12-13 11:34 - 2013-12-13 11:34 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-13 11:34 - 2013-12-13 11:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-13 11:34 - 2012-09-17 22:40 - 00000000 ____D C:\Users\jozef\AppData\Roaming\Mozilla
2013-12-13 11:33 - 2013-03-07 13:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-13 11:31 - 2013-12-13 11:31 - 00001996 _____ C:\Windows\PFRO.log
2013-12-13 11:31 - 2013-12-13 11:31 - 00000000 _____ C:\Windows\setuperr.log
2013-12-13 11:22 - 2012-09-19 19:29 - 00000000 ____D C:\Users\jozef\AppData\Roaming\BitTorrent
2013-12-13 11:22 - 2012-09-17 23:23 - 00000000 ____D C:\Users\jozef\AppData\Roaming\Winamp
2013-12-12 22:06 - 2013-12-12 22:06 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-12 21:04 - 2013-12-12 21:04 - 00000000 ____D C:\rsit
2013-12-12 19:15 - 2013-05-31 20:02 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-12-12 11:54 - 2013-09-07 15:17 - 00000000 ____D C:\Users\jozef\Desktop\velkolepe stoleti
2013-12-10 13:19 - 2013-04-16 20:34 - 00000116 _____ C:\Windows\NeroDigital.ini
2013-12-10 11:31 - 2013-06-16 10:04 - 00000000 ____D C:\Users\jozef\AppData\Roaming\vlc
2013-12-09 11:58 - 2013-04-09 16:49 - 00000000 ____D C:\FFOutput
2013-12-06 10:56 - 2013-11-22 14:56 - 00000000 ____D C:\Users\jozef\AppData\Roaming\Call Graph
2013-12-03 09:13 - 2013-04-05 11:18 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-03 08:57 - 2013-10-15 15:13 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-03 08:57 - 2013-10-15 15:13 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-01 14:42 - 2013-12-12 20:50 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-01 11:46 - 2013-02-28 12:47 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-01 11:46 - 2012-09-17 22:58 - 00000000 ____D C:\ProgramData\Skype
2013-11-26 11:43 - 2013-04-04 18:21 - 00000000 ____D C:\Users\jozef\AppData\Roaming\Audacity
2013-11-26 09:34 - 2013-05-08 14:49 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-26 09:34 - 2013-04-05 11:18 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-26 09:34 - 2013-04-05 11:18 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-24 19:28 - 2013-11-24 19:27 - 00000000 ____D C:\Users\jozef\AppData\Local\Facebook
2013-11-24 19:27 - 2013-11-24 19:27 - 00003904 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000UA
2013-11-24 19:27 - 2013-11-24 19:27 - 00003536 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000Core
2013-11-22 14:56 - 2013-11-22 14:56 - 00001095 _____ C:\Users\jozef\Desktop\Call Graph.lnk
2013-11-22 14:56 - 2013-11-22 14:56 - 00000000 ____D C:\Program Files (x86)\Call Graph-nahraj skype
2013-11-21 19:56 - 2013-11-21 19:56 - 00000907 _____ C:\Users\jozef\Desktop\+souhrn AJ i NJ-šSL 20 – zástupce.lnk
2013-11-19 14:23 - 2012-10-15 18:32 - 00000000 ____D C:\Users\jozef\AppData\Roaming\DC++
2013-11-19 14:23 - 2012-10-15 18:32 - 00000000 ____D C:\Users\jozef\AppData\Local\DC++

Files to move or delete:
====================
C:\Users\jozef\AppData\Roaming\Camdata.ini
C:\Users\jozef\AppData\Roaming\CamLayout.ini
C:\Users\jozef\AppData\Roaming\CamShapes.ini

Some content of TEMP:
====================
C:\Users\jozef\AppData\Local\Temp\avgnt.exe
C:\Users\jozef\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-10 10:47

==================== End Of Log ============================
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2013 01
Ran by jozef at 2013-12-15 14:09:17
Running from D:\staženo z netu\viry-programy
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (x32)
Adobe Reader X (10.1.4) (x32 Version: 10.1.4)
Anytime USB Charge Utility (x32 Version: 1.00.00.001)
Ashampoo Burning Studio 6 FREE v.6.81 (x32 Version: 6.8.1)
Audacity 2.0.3 (x32 Version: 2.0.3)
Avira Free Antivirus (x32 Version: 14.0.1.759)
BitTorrent (x32 Version: 7.6.1)
Call Graph (x32)
CamStudio 2.7.2 (Version: 2.7.2)
CCleaner (Version: 4.05)
CDex extraction audio (x32)
DC++ 0.801 (x32 Version: 0.801)
DeepBurner v1.9.0.228 (x32)
Esmska (x32 Version: 1.3)
EVEREST Home Edition v2.20 (x32 Version: 2.20)
Exact Audio Copy 1.0beta1 (x32 Version: 1.0beta1)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
FJ Camera (x32 Version: 5.8.52016.0)
FormatFactory 3.00 (x32 Version: 3.00)
Free PDF to Word Converter 1.5 (x32)
Free Screen Recorder v2.9 (x32 Version: 2.9)
Fujitsu Display Manager (Version: 7.01.20.212)
Fujitsu Display Manager (x32 Version: )
Fujitsu Hotkey Utility (x32 Version: 3.70.0.0)
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.001)
Fujitsu MobilityCenter Extension Utility (x32 Version: 3.01.00.001)
Fujitsu System Extension Utility (Version: 3.3.0.0)
Fujitsu System Extension Utility (x32 Version: 3.3.0.0)
GOM Player (x32 Version: 2.1.43.5119)
Google Earth (x32 Version: 7.1.2.2041)
Google Update Helper (x32 Version: 1.3.22.3)
ICQ7M (x32 Version: 7.8)
InfoMapa 9.0 (x32 Version: 9.0.0)
Intel PROSet Wireless
Intel(R) Processor Graphics (x32 Version: 8.15.10.2372)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 1.1.0.0537)
IrfanView (remove only) (x32 Version: 4.27)
ISO Creator (x32 Version: 1.0)
Jpeg Resampler Vs 6+ (x32)
LifeBook Application Panel (Version: 8.2.1.0)
LifeBook Application Panel (x32 Version: 8.2.1.0)
Microsoft Office FrontPage 2003 (x32 Version: 11.0.5614.0)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.5614.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 19.0.1 (x86 cs) (x32 Version: 19.0.1)
Mozilla Maintenance Service (x32 Version: 19.0.1)
Mozilla Thunderbird 16.0.1 (x86 cs) (x32 Version: 16.0.1)
nabocorp. picsaver (remove only) (x32)
NeonClock screensaver 1.2 (x32)
NewFreeScreensaver nfsClock16 (x32)
Office Clock-7 4.02 (x32)
PDFCreator (x32 Version: 0.9.8)
Playlist Creator 3 (x32 Version: 3.0.3)
Plugfree NETWORK (Version: 5.4.0.1)
Plugfree NETWORK (Version: 5.4.001)
Power Saving Utility (x32 Version: 32.01.10.009)
Realtek Ethernet Controller Driver (x32 Version: 7.37.1229.2010)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6263)
Scan2PDF 1.6 (x32)
Skype™ 6.11 (x32 Version: 6.11.102)
Software Intel(R) PROSet/Wireless WiFi (Version: 14.0.2000)
SUPERAntiSpyware (Version: 5.6.1020)
Synaptics Pointing Device Driver (Version: 14.0.16.0)
TeamViewer 7 (x32 Version: 7.0.14563)
Total Commander 64-bit (Remove or Repair) (Version: 8.01)
Turistické trasy 2.30 (x32)
VLC media player 2.0.7 (x32 Version: 2.0.7)
Winamp (remove only) (x32 Version: 5.623 )
X-Lite 3.0 (x32)
YTD Video Downloader 4.0 (x32 Version: 4.0)

==================== Restore Points =========================

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {2E61F160-6D79-4CBD-B9D8-05A1F37707E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-07] (Google Inc.)
Task: {5C15FB65-2140-4F02-AEA2-3A3B2225646B} - \Scheduled Update for Ask Toolbar No Task File
Task: {63E34A9C-3DDB-4C17-B75D-A3D0CA0AAC97} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-07] (Google Inc.)
Task: {72C635CD-7119-441B-A8C1-A119C2466C3D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {DEF19CDF-F0B3-4F3B-BE9E-B556E96EDE67} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000Core => C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-24] (Facebook Inc.)
Task: {FB252006-8DEA-40B8-8E38-DAC53CA16848} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000UA => C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-24] (Facebook Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000Core.job => C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000UA.job => C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-07-22 23:38 - 2010-09-06 17:21 - 00538435 _____ () C:\Program Files (x86)\JpegResampler2010\JRcm64.dll
2011-04-15 02:16 - 2011-04-15 02:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-01-05 11:53 - 2011-01-05 11:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-04-05 11:15 - 2012-12-18 08:31 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-12-13 11:33 - 2013-02-27 06:08 - 03069336 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00417280 _____ () D:\Program Files (x86)\Winamp\nsutil.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00078848 _____ () D:\Program Files (x86)\Winamp\nde.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00023040 _____ () D:\Program Files (x86)\Winamp\System\albumart.w5s
2011-12-09 18:23 - 2012-09-17 23:23 - 00174080 _____ () D:\Program Files (x86)\Winamp\System\auth.w5s
2011-12-09 18:23 - 2012-09-17 23:23 - 00019456 _____ () D:\Program Files (x86)\Winamp\System\bmp.w5s
2011-12-09 18:23 - 2012-09-17 23:23 - 00047616 _____ () D:\Program Files (x86)\Winamp\zlib.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00044544 _____ () D:\Program Files (x86)\Winamp\System\devices.w5s
2011-12-09 18:23 - 2012-09-17 23:23 - 00016896 _____ () D:\Program Files (x86)\Winamp\System\dlmgr.w5s
2011-12-09 18:23 - 2012-09-17 23:23 - 00014336 _____ () D:\Program Files (x86)\Winamp\System\filereader.w5s
2011-12-09 18:23 - 2012-09-17 23:23 - 00019456 _____ () D:\Program Files (x86)\Winamp\System\gif.w5s
2011-12-09 18:23 - 2012-09-17 23:23 - 00016384 _____ () D:\Program Files (x86)\Winamp\System\gracenote.w5s
2011-12-09 18:23 - 2012-09-17 23:23 - 00623616 _____ () D:\Program Files (x86)\Winamp\System\jnetlib.w5s
2011-12-09 18:23 - 2012-09-17 23:23 - 00154624 _____ () D:\Program Files (x86)\Winamp\System\jpeg.w5s
2011-12-09 18:23 - 2012-09-17 23:23 - 00084480 _____ () D:\Program Files (x86)\Winamp\System\playlist.w5s
2011-12-09 18:23 - 2012-09-17 23:23 - 00103936 _____ () D:\Program Files (x86)\Winamp\System\png.w5s
2011-12-09 18:23 - 2012-09-17 23:23 - 00013824 _____ () D:\Program Files (x86)\Winamp\System\primo.w5s
2011-12-09 18:23 - 2012-09-17 23:23 - 00021504 _____ () D:\Program Files (x86)\Winamp\System\tagz.w5s
2011-12-09 18:23 - 2012-09-17 23:23 - 00035328 _____ () D:\Program Files (x86)\Winamp\System\timer.w5s
2011-12-09 18:23 - 2012-09-17 23:23 - 00090112 _____ () D:\Program Files (x86)\Winamp\System\xml.w5s
2011-12-09 18:23 - 2012-09-17 23:23 - 00102400 _____ () D:\Program Files (x86)\Winamp\Plugins\in_cdda.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00061440 _____ () D:\Program Files (x86)\Winamp\Plugins\in_flac.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00007168 _____ () D:\Program Files (x86)\Winamp\Plugins\in_linein.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00109568 _____ () D:\Program Files (x86)\Winamp\Plugins\in_midi.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00165376 _____ () D:\Program Files (x86)\Winamp\Plugins\in_mod.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00290304 _____ () D:\Program Files (x86)\Winamp\Plugins\in_mp3.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00052736 _____ () D:\Program Files (x86)\Winamp\Plugins\in_mp4.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00253440 _____ () D:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00016896 _____ () D:\Program Files (x86)\Winamp\Plugins\in_wave.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00253440 _____ () D:\Program Files (x86)\Winamp\libsndfile.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00313344 _____ () D:\Program Files (x86)\Winamp\Plugins\in_wm.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00022528 _____ () D:\Program Files (x86)\Winamp\Plugins\out_disk.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00052224 _____ () D:\Program Files (x86)\Winamp\Plugins\out_ds.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00018432 _____ () D:\Program Files (x86)\Winamp\Plugins\out_wave.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 01737728 _____ () D:\Program Files (x86)\Winamp\Plugins\gen_ff.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00083968 _____ () D:\Program Files (x86)\Winamp\tataki.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00027648 _____ () D:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll
2011-11-10 23:10 - 2012-09-17 23:23 - 00185344 _____ () D:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00318464 _____ () D:\Program Files (x86)\Winamp\Plugins\gen_ml.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00294400 _____ () D:\Program Files (x86)\Winamp\Plugins\ml_local.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00082944 _____ () D:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00124928 _____ () D:\Program Files (x86)\Winamp\Plugins\ml_online.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00249856 _____ () D:\Program Files (x86)\Winamp\Plugins\ml_devices.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00200192 _____ () D:\Program Files (x86)\Winamp\Plugins\ml_disc.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00241152 _____ () D:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00060928 _____ () D:\Program Files (x86)\Winamp\Plugins\pmp_android.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00170496 _____ () D:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00020480 _____ () D:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00118272 _____ () D:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00053760 _____ () D:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00113664 _____ () D:\Program Files (x86)\Winamp\Plugins\pmp_wifi.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00028160 _____ () D:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00052224 _____ () D:\Program Files (x86)\Winamp\Plugins\ml_history.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00028672 _____ () D:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00057344 _____ () D:\Program Files (x86)\Winamp\Plugins\ml_impex.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00083456 _____ () D:\Program Files (x86)\Winamp\Plugins\ml_plg.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00033792 _____ () D:\Program Files (x86)\Winamp\Plugins\ml_rg.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00032256 _____ () D:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00057344 _____ () D:\Program Files (x86)\Winamp\Plugins\gen_orgler.dll
2011-12-09 18:23 - 2012-09-17 23:23 - 00025600 _____ () D:\Program Files (x86)\Winamp\Plugins\gen_tray.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

==================== Event log errors: =========================

Application errors:
==================
Error: (12/14/2013 03:00:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (12/14/2013 03:00:09 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
Date: 2012-12-30 20:23:35.496
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\jozef\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-12-30 20:23:35.481
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\jozef\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-12-30 20:23:35.403
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-12-30 20:23:35.371
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 41%
Total physical RAM: 4008.67 MB
Available physical RAM: 2347.11 MB
Total Pagefile: 8015.54 MB
Available Pagefile: 5999.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:68.26 GB) (Free:7.14 GB) NTFS
Drive d: () (Fixed) (Total:397.4 GB) (Free:18.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E9EAF4FC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=397 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#7 Příspěvek od **vyosek** » 15 pro 2013 18:41

A proc se prosim nedrzite navodu, my si je nepiseme jen tak z nudy a pro nase poteseni

FRSTLauncher nestazen, FRST stazen nekam uplne jinam nez na plochu jak pise navod...

pepinokouba1 · #8 Příspěvek od **pepinokouba1** » 15 pro 2013 20:32

No, byla to moje chyba. Obdivuji tu propracovanost, a vůbec mi nanapadlo, jaký vliv to může mít i jen v případě, že se jej pokusím nějak přejmenovat (ten soubor). Posléze jej to nenašlo.
Nyní vkládám již požadovaný LOG a doufám, že již OK.
Děkuji Vám, Josef

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2013 01
Ran by jozef (administrator) on JOZEF-PC on 15-12-2013 20:23:13
Running from C:\Users\jozef\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ICQ, LLC.) C:\Program Files (x86)\ICQ7M\ICQ.exe
(Nullsoft, Inc.) D:\Program Files (x86)\Winamp\winamp.exe
(BitTorrent, Inc.) D:\Program Files (x86)\BitTorrent\BitTorrent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) D:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(forum.viry.cz) C:\Users\jozef\Desktop\2--FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11663464 2011-04-20] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1886504 2009-11-19] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-13] (Sonix)
HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [45680 2010-06-08] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [199528 2010-11-13] (FUJITSU LIMITED)
HKLM\...\Run: [PfNet] - C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6311424 2010-10-07] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [162416 2010-07-16] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [21616 2010-07-09] (FUJITSU LIMITED)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-24] (Facebook Inc.)
HKLM-x32\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-13] (Sonix)
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-29] (FUJITSU LIMITED)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-26] (Avira Operations GmbH & Co. KG)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {03EA2B1B-3430-4320-897B-0530A543F6AA} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\jozef\AppData\Roaming\Mozilla\Firefox\Profiles\pbji3wye.default
FF Homepage: http://www.seznam.cz
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\jozef\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143088 2013-05-07] (SUPERAntiSpyware.com)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [331776 2010-10-07] (FUJITSU LIMITED)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2010-06-17] (FUJITSU LIMITED)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [24496 2012-03-09] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [638896 2012-03-09] (Intel Corporation)
S3 megasas2; C:\Windows\system32\drivers\megasas2.sys [51280 2010-11-02] (LSI Corporation)
S3 megasr1; C:\Windows\system32\drivers\megasr1.sys [806696 2012-02-08] (LSI Corporation, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1801216 2010-10-09] ()

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-15 20:23 - 2013-12-15 20:23 - 00011218 _____ C:\Users\jozef\Desktop\FRST.txt
2013-12-15 20:16 - 2013-12-15 20:16 - 00112640 _____ (forum.viry.cz) C:\Users\jozef\Desktop\2--FRSTLauncher.exe
2013-12-15 20:09 - 2013-12-15 20:11 - 01927796 _____ (Farbar) C:\Users\jozef\Desktop\FRST64.exe
2013-12-15 14:08 - 2013-12-15 14:08 - 00000000 ____D C:\FRST
2013-12-14 14:42 - 2013-12-14 14:42 - 00000000 ____D C:\Windows\ERUNT
2013-12-13 11:40 - 2013-12-13 11:40 - 00001163 _____ C:\Users\jozef\Desktop\Mozilla Firefox.lnk
2013-12-13 11:34 - 2013-12-13 11:34 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-13 11:33 - 2013-12-13 11:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-13 11:31 - 2013-12-14 14:59 - 00000112 _____ C:\Windows\setupact.log
2013-12-13 11:31 - 2013-12-13 11:31 - 00001996 _____ C:\Windows\PFRO.log
2013-12-13 11:31 - 2013-12-13 11:31 - 00000000 _____ C:\Windows\setuperr.log
2013-12-12 22:06 - 2013-12-12 22:06 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-12 21:04 - 2013-12-13 12:41 - 00000000 ____D C:\Program Files\trend micro
2013-12-12 21:04 - 2013-12-12 21:04 - 00000000 ____D C:\rsit
2013-12-12 20:50 - 2013-12-01 14:42 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-24 19:27 - 2013-12-15 19:32 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000UA.job
2013-11-24 19:27 - 2013-12-15 19:32 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000Core.job
2013-11-24 19:27 - 2013-11-24 19:28 - 00000000 ____D C:\Users\jozef\AppData\Local\Facebook
2013-11-24 19:27 - 2013-11-24 19:27 - 00003904 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000UA
2013-11-24 19:27 - 2013-11-24 19:27 - 00003536 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000Core
2013-11-22 14:56 - 2013-12-06 10:56 - 00000000 ____D C:\Users\jozef\AppData\Roaming\Call Graph
2013-11-22 14:56 - 2013-11-22 14:56 - 00001095 _____ C:\Users\jozef\Desktop\Call Graph.lnk
2013-11-22 14:56 - 2013-11-22 14:56 - 00000000 ____D C:\Program Files (x86)\Call Graph-nahraj skype
2013-11-21 19:56 - 2013-11-21 19:56 - 00000907 _____ C:\Users\jozef\Desktop\+souhrn AJ i NJ-šSL 20 – zástupce.lnk

==================== One Month Modified Files and Folders =======

2013-12-15 20:23 - 2013-12-15 20:23 - 00011218 _____ C:\Users\jozef\Desktop\FRST.txt
2013-12-15 20:23 - 2012-09-19 19:29 - 00000000 ____D C:\Users\jozef\AppData\Roaming\BitTorrent
2013-12-15 20:16 - 2013-12-15 20:16 - 00112640 _____ (forum.viry.cz) C:\Users\jozef\Desktop\2--FRSTLauncher.exe
2013-12-15 20:11 - 2013-12-15 20:09 - 01927796 _____ (Farbar) C:\Users\jozef\Desktop\FRST64.exe
2013-12-15 20:11 - 2012-09-17 22:58 - 00000000 ____D C:\Users\jozef\AppData\Roaming\Skype
2013-12-15 20:03 - 2013-07-29 19:15 - 00649403 _____ C:\Windows\WindowsUpdate.log
2013-12-15 20:02 - 2013-10-15 15:13 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-15 19:32 - 2013-11-24 19:27 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000UA.job
2013-12-15 19:32 - 2013-11-24 19:27 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000Core.job
2013-12-15 14:08 - 2013-12-15 14:08 - 00000000 ____D C:\FRST
2013-12-15 14:03 - 2013-10-15 15:13 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-15 13:54 - 2013-02-24 11:48 - 00000000 ____D C:\Users\jozef\AppData\Roaming\ICQ
2013-12-14 16:35 - 2012-10-15 20:10 - 00000000 ____D C:\Users\jozef\AppData\Roaming\esmska
2013-12-14 15:07 - 2009-07-14 05:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-14 15:07 - 2009-07-14 05:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-14 15:04 - 2012-09-18 07:58 - 00622660 _____ C:\Windows\system32\perfh005.dat
2013-12-14 15:04 - 2012-09-18 07:58 - 00118810 _____ C:\Windows\system32\perfc005.dat
2013-12-14 15:04 - 2009-07-14 06:13 - 01445734 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-14 14:59 - 2013-12-13 11:31 - 00000112 _____ C:\Windows\setupact.log
2013-12-14 14:59 - 2013-09-01 13:56 - 00000000 ____D C:\AdwCleaner
2013-12-14 14:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-14 14:42 - 2013-12-14 14:42 - 00000000 ____D C:\Windows\ERUNT
2013-12-13 12:41 - 2013-12-12 21:04 - 00000000 ____D C:\Program Files\trend micro
2013-12-13 12:27 - 2013-08-26 11:09 - 00000000 ____D C:\++++++++++Uschovna z d
2013-12-13 11:40 - 2013-12-13 11:40 - 00001163 _____ C:\Users\jozef\Desktop\Mozilla Firefox.lnk
2013-12-13 11:34 - 2013-12-13 11:34 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-13 11:34 - 2013-12-13 11:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-13 11:34 - 2012-09-17 22:40 - 00000000 ____D C:\Users\jozef\AppData\Roaming\Mozilla
2013-12-13 11:33 - 2013-03-07 13:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-13 11:31 - 2013-12-13 11:31 - 00001996 _____ C:\Windows\PFRO.log
2013-12-13 11:31 - 2013-12-13 11:31 - 00000000 _____ C:\Windows\setuperr.log
2013-12-13 11:22 - 2012-09-17 23:23 - 00000000 ____D C:\Users\jozef\AppData\Roaming\Winamp
2013-12-12 22:06 - 2013-12-12 22:06 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-12 21:04 - 2013-12-12 21:04 - 00000000 ____D C:\rsit
2013-12-12 19:15 - 2013-05-31 20:02 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-12-12 11:54 - 2013-09-07 15:17 - 00000000 ____D C:\Users\jozef\Desktop\velkolepe stoleti
2013-12-10 13:19 - 2013-04-16 20:34 - 00000116 _____ C:\Windows\NeroDigital.ini
2013-12-10 11:31 - 2013-06-16 10:04 - 00000000 ____D C:\Users\jozef\AppData\Roaming\vlc
2013-12-09 11:58 - 2013-04-09 16:49 - 00000000 ____D C:\FFOutput
2013-12-06 10:56 - 2013-11-22 14:56 - 00000000 ____D C:\Users\jozef\AppData\Roaming\Call Graph
2013-12-03 09:13 - 2013-04-05 11:18 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-03 08:57 - 2013-10-15 15:13 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-03 08:57 - 2013-10-15 15:13 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-01 14:42 - 2013-12-12 20:50 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-01 11:46 - 2013-02-28 12:47 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-01 11:46 - 2012-09-17 22:58 - 00000000 ____D C:\ProgramData\Skype
2013-11-26 11:43 - 2013-04-04 18:21 - 00000000 ____D C:\Users\jozef\AppData\Roaming\Audacity
2013-11-26 09:34 - 2013-05-08 14:49 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-26 09:34 - 2013-04-05 11:18 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-26 09:34 - 2013-04-05 11:18 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-24 19:28 - 2013-11-24 19:27 - 00000000 ____D C:\Users\jozef\AppData\Local\Facebook
2013-11-24 19:27 - 2013-11-24 19:27 - 00003904 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000UA
2013-11-24 19:27 - 2013-11-24 19:27 - 00003536 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000Core
2013-11-22 14:56 - 2013-11-22 14:56 - 00001095 _____ C:\Users\jozef\Desktop\Call Graph.lnk
2013-11-22 14:56 - 2013-11-22 14:56 - 00000000 ____D C:\Program Files (x86)\Call Graph-nahraj skype
2013-11-21 19:56 - 2013-11-21 19:56 - 00000907 _____ C:\Users\jozef\Desktop\+souhrn AJ i NJ-šSL 20 – zástupce.lnk
2013-11-19 14:23 - 2012-10-15 18:32 - 00000000 ____D C:\Users\jozef\AppData\Roaming\DC++
2013-11-19 14:23 - 2012-10-15 18:32 - 00000000 ____D C:\Users\jozef\AppData\Local\DC++

Files to move or delete:
====================
C:\Users\jozef\AppData\Roaming\Camdata.ini
C:\Users\jozef\AppData\Roaming\CamLayout.ini
C:\Users\jozef\AppData\Roaming\CamShapes.ini

Some content of TEMP:
====================
C:\Users\jozef\AppData\Local\Temp\avgnt.exe
C:\Users\jozef\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-10 10:47

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:68.26 GB) (Free:7.11 GB) NTFS
Drive d: () (Fixed) (Total:397.4 GB) (Free:15.13 GB) NTFS

Available physical RAM: 2076.48 MB
Total physical RAM: 4008.67 MB
Percentage of memory in use: 48%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E9EAF4FC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=397 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000Core.job => C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000UA.job => C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9

==================== Security Center ==================

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\jozef\Desktop" je 1623 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Call Graph-nahraj skype\\CallGraph.exe"="C:\\Program Files (x86)\\Call Graph-nahraj skype\\CallGraph.exe:*:Enabled:Call Graph"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#9 Příspěvek od **vyosek** » 16 pro 2013 23:44

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKCU\...\Run: [Facebook Update] - C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-24] (Facebook Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]

URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKCU - {03EA2B1B-3430-4320-897B-0530A543F6AA} URL = http://search.yahoo.com/search?fr=chr-g ... =971163&p={searchTerms}
Toolbar: HKCU - No Name - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - No File
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File

2013-12-15 20:16 - 2013-12-15 20:16 - 00112640 _____ (forum.viry.cz) C:\Users\jozef\Desktop\2--FRSTLauncher.exe
C:\Users\jozef\AppData\Roaming\Camdata.ini
C:\Users\jozef\AppData\Roaming\CamLayout.ini
C:\Users\jozef\AppData\Roaming\CamShapes.ini
C:\Users\jozef\AppData\Local\Temp\avgnt.exe
C:\Users\jozef\AppData\Local\Temp\Quarantine.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000Core.job => C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000UA.job => C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9

CMD: shutdown /r /f /t 2

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

pepinokouba1 · #10 Příspěvek od **pepinokouba1** » 17 pro 2013 08:24

Diky za spolupráci, vkládám požadovaný LOG

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-12-2013 01
Ran by jozef at 2013-12-17 08:18:32 Run:1
Running from C:\Users\jozef\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKCU\...\Run: [Facebook Update] - C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-24] (Facebook Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]

URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKCU - {03EA2B1B-3430-4320-897B-0530A543F6AA} URL = http://search.yahoo.com/search?fr=chr-g ... =971163&p={searchTerms}
Toolbar: HKCU - No Name - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - No File
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File

2013-12-15 20:16 - 2013-12-15 20:16 - 00112640 _____ (forum.viry.cz) C:\Users\jozef\Desktop\2--FRSTLauncher.exe
C:\Users\jozef\AppData\Roaming\Camdata.ini
C:\Users\jozef\AppData\Roaming\CamLayout.ini
C:\Users\jozef\AppData\Roaming\CamShapes.ini
C:\Users\jozef\AppData\Local\Temp\avgnt.exe
C:\Users\jozef\AppData\Local\Temp\Quarantine.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000Core.job => C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000UA.job => C:\Users\jozef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9

CMD: shutdown /r /f /t 2

End
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{03EA2B1B-3430-4320-897B-0530A543F6AA} => Key deleted successfully.
HKCR\CLSID\{03EA2B1B-3430-4320-897B-0530A543F6AA} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} => Value deleted successfully.
HKCR\CLSID\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} => Key not found.
HKCR\PROTOCOLS\Filter\text/xml => Key deleted successfully.
HKCR\CLSID\{807553E5-5146-11D5-A672-00B0D022E945} => Key not found.
"C:\Users\jozef\Desktop\2--FRSTLauncher.exe" => File/Directory not found.
C:\Users\jozef\AppData\Roaming\Camdata.ini => Moved successfully.
C:\Users\jozef\AppData\Roaming\CamLayout.ini => Moved successfully.
C:\Users\jozef\AppData\Roaming\CamShapes.ini => Moved successfully.
C:\Users\jozef\AppData\Local\Temp\avgnt.exe => Moved successfully.
C:\Users\jozef\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3411684680-1067792378-2198579580-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
C:\ProgramData\TEMP => ":CB0AACC9" ADS removed successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

==== End of Fixlog ====

#11 Příspěvek od **vyosek** » 17 pro 2013 09:59

Jak se chova PC

pepinokouba1 · #12 Příspěvek od **pepinokouba1** » 17 pro 2013 10:56

PC pracuje uplně normálně, žádné bannery nikde nevyskakují. Nevidím žádný problém ani menší chybu.

#13 Příspěvek od **vyosek** » 17 pro 2013 12:17

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

pepinokouba1 · #14 Příspěvek od **pepinokouba1** » 17 pro 2013 20:26

Zdravím,
děkuji za pomoc při řešení tohoto problému.

Do PC jsem si něco natahnul asi ze stránek torrentů apod., takže i na lide.cz mi začly vyskakovat panely na akční hry, což vím, že tam nepatří. Prvně jsem dal pryč ze systemu Adobe Flash player, potom MOzillu totalně, pak jsem to CC Cleanerem promazal, resetoval, a zase naintaloval Mozillu a už to tam nikdy nebylo.

Mezitím jsem se chtěl přesvědčit, jeslti je to čisté, - a s tím jste mi pomohli.

Díky,Josef

#15 Příspěvek od **vyosek** » 17 pro 2013 22:07

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

vyskakující bannery - prosím,kontrolu Logu

vyskakující bannery - prosím,kontrolu Logu

nový Log -: vyskakující bannery - snad vyčištěno

Re: vyskakující bannery - prosím,kontrolu Logu

Re: vyskakující bannery - prosím,kontrolu Logu

Re: vyskakující bannery - prosím,kontrolu Logu

Re: vyskakující bannery - prosím,kontrolu Logu

Re: vyskakující bannery - prosím,kontrolu Logu

Re: vyskakující bannery - prosím,kontrolu Logu

Re: vyskakující bannery - prosím,kontrolu Logu

Re: vyskakující bannery - prosím,kontrolu Logu

Re: vyskakující bannery - prosím,kontrolu Logu

Re: vyskakující bannery - prosím,kontrolu Logu

Re: vyskakující bannery - prosím,kontrolu Logu

Re: vyskakující bannery - prosím,kontrolu Logu

Re: vyskakující bannery - prosím,kontrolu Logu