prosím o kontrolu

[truddy]

ahoj prosím o kontrolu.Stává se mi ,že se mi občas "kousne" můj veterán a zpomaluje se,díky


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.51.2
Run by PC-Standa at 20:35:59 on 2014-04-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2038.930 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe
C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\system32\IoctlSvc.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\ASUS\ASUS Sync\adb.exe
C:\Program Files\ASUS\ASUS Sync\adb.exe
C:\Program Files\ASUS\ASUS Sync\adb.exe
C:\Program Files\ASUS\ASUS Sync\adb.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\PC-Standa\Desktop\FRST.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.seznam.cz/
uSearch Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_12_0_0_77_Plugin.exe -update plugin
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [ASUS Sync Loader] "c:\program files\asus\asus sync\asusUPCTLoader.exe" -startup
mRun: [AvastUI.exe] "c:\program files\alwil software\avast5\AvastUI.exe" /nogui
uPolicies-Explorer: NoDriveTypeAutoRun = dword:153
mPolicies-Explorer: NoDriveTypeAutoRun = dword:153
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\icq7.5\ICQ.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{6B9BDB96-1517-416E-864A-42FADC091769} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{6B9BDB96-1517-416E-864A-42FADC091769}\74F6C6468696C6C6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{6B9BDB96-1517-416E-864A-42FADC091769}\84453402E6564777F627B6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{6D5C2257-A403-4E5E-951E-BEEC77C48134} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F643A4B4-57AC-4506-A66F-FBE46BC10B4B} : DHCPNameServer = 192.168.42.129
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\pc-standa\appdata\roaming\mozilla\firefox\profiles\4j3c54w0.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\nokia\nokia suite\npNokiaSuiteEnabler.dll
FF - plugin: c:\program files\win7codecs\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\win7codecs\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\users\pc-standa\appdata\roaming\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-3-20 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-3-20 180760]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-2-26 24408]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-6-29 776976]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-3-6 411552]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-3-6 67824]
R2 Autodesk Content Service;Autodesk Content Service;c:\program files\autodesk\content service\Connect.Service.ContentService.exe [2011-2-2 18656]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2014-4-10 50344]
R2 AVerUpdateServer;AVerUpdateServer;c:\program files\avermedia\averupdate\AVerUpdateServer.exe [2011-1-6 168448]
R2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\skype\toolbars\autoupdate\SkypeC2CAutoUpdateSvc.exe [2014-3-3 1363584]
R2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\skype\toolbars\pnrsvc\SkypeC2CPNRSvc.exe [2014-3-3 1748608]
R2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\garmin\core update service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-11-8 250712]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-14 20992]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2014-3-30 118264]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswstm.sys [2014-1-14 67264]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2007-7-22 180736]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\drivers\AVerAF35.sys [2011-7-11 477312]
S3 AVerIR;AVerMedia Infrared Receiver;c:\windows\system32\drivers\AVerIR.sys [2011-7-11 88576]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-3-25 28464]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-3-11 108032]
S3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-11-7 9216]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2013-1-23 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2013-1-23 8576]
S3 pmx3gmdm;Olivetti USB Device for Legacy Serial Communication;c:\windows\system32\drivers\pmx3gmdm.sys [2010-9-22 103552]
S3 pmx3gnet;Olivetti USB-NDIS miniport;c:\windows\system32\drivers\pmx3gnet.sys [2010-9-22 116736]
S3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\drivers\ser2pl.sys [2013-2-22 134144]
S3 Sony PC Companion;Sony PC Companion;c:\program files\sony\sony pc companion\PCCService.exe [2014-4-6 155824]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2011-5-25 12984]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-2 52224]
S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-21 1343400]
S3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\drivers\WSDScan.sys [2009-7-14 20480]
.
=============== Created Last 30 ================
.
2014-04-21 18:20:52 -------- d-----w- c:\program files\trend micro
2014-04-19 10:00:58 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{be6fe404-92e4-4deb-95de-33689151fa52}\offreg.dll
2014-04-18 13:45:57 8050496 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{be6fe404-92e4-4deb-95de-33689151fa52}\mpengine.dll
2014-04-11 15:37:38 311296 ----a-w- c:\windows\system32\CNMXLMA9.DLL
2014-04-11 15:36:02 -------- d-----w- c:\programdata\Canon IJ Network Tool
2014-04-10 16:26:01 43152 ----a-w- c:\windows\avastSS.scr
2014-04-09 14:39:25 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-04-05 18:51:33 -------- d-----w- c:\program files\Sony
.
==================== Find3M ====================
.
2014-04-10 16:26:02 67264 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-04-10 16:26:01 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-10 16:26:01 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-10 16:26:01 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-10 16:26:01 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-10 16:26:01 180760 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-03-31 07:35:10 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-03-12 17:08:16 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 17:08:16 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-01 04:10:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-01 03:52:43 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-01 03:38:23 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-01 03:37:35 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-01 03:31:30 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 03:14:15 4244480 ----a-w- c:\windows\system32\jscript9.dll
2014-03-01 03:00:08 1964032 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- c:\windows\system32\wininet.dll
2014-02-08 09:22:14 20992 ----a-w- c:\windows\jestertb.dll
2014-02-07 01:07:56 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:04:11 509440 ----a-w- c:\windows\system32\qedit.dll
2014-01-29 02:06:47 381440 ----a-w- c:\windows\system32\wer.dll
.
============= FINISH: 20:38:26,60 ===============

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.51.2
Run by PC-Standa at 20:35:59 on 2014-04-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2038.930 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe
C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\system32\IoctlSvc.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\ASUS\ASUS Sync\adb.exe
C:\Program Files\ASUS\ASUS Sync\adb.exe
C:\Program Files\ASUS\ASUS Sync\adb.exe
C:\Program Files\ASUS\ASUS Sync\adb.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\PC-Standa\Desktop\FRST.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.seznam.cz/
uSearch Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_12_0_0_77_Plugin.exe -update plugin
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [ASUS Sync Loader] "c:\program files\asus\asus sync\asusUPCTLoader.exe" -startup
mRun: [AvastUI.exe] "c:\program files\alwil software\avast5\AvastUI.exe" /nogui
uPolicies-Explorer: NoDriveTypeAutoRun = dword:153
mPolicies-Explorer: NoDriveTypeAutoRun = dword:153
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\icq7.5\ICQ.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{6B9BDB96-1517-416E-864A-42FADC091769} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{6B9BDB96-1517-416E-864A-42FADC091769}\74F6C6468696C6C6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{6B9BDB96-1517-416E-864A-42FADC091769}\84453402E6564777F627B6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{6D5C2257-A403-4E5E-951E-BEEC77C48134} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F643A4B4-57AC-4506-A66F-FBE46BC10B4B} : DHCPNameServer = 192.168.42.129
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\pc-standa\appdata\roaming\mozilla\firefox\profiles\4j3c54w0.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\nokia\nokia suite\npNokiaSuiteEnabler.dll
FF - plugin: c:\program files\win7codecs\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\win7codecs\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\users\pc-standa\appdata\roaming\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-3-20 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-3-20 180760]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-2-26 24408]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-6-29 776976]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-3-6 411552]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-3-6 67824]
R2 Autodesk Content Service;Autodesk Content Service;c:\program files\autodesk\content service\Connect.Service.ContentService.exe [2011-2-2 18656]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2014-4-10 50344]
R2 AVerUpdateServer;AVerUpdateServer;c:\program files\avermedia\averupdate\AVerUpdateServer.exe [2011-1-6 168448]
R2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\skype\toolbars\autoupdate\SkypeC2CAutoUpdateSvc.exe [2014-3-3 1363584]
R2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\skype\toolbars\pnrsvc\SkypeC2CPNRSvc.exe [2014-3-3 1748608]
R2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\garmin\core update service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-11-8 250712]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-14 20992]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2014-3-30 118264]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswstm.sys [2014-1-14 67264]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2007-7-22 180736]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\drivers\AVerAF35.sys [2011-7-11 477312]
S3 AVerIR;AVerMedia Infrared Receiver;c:\windows\system32\drivers\AVerIR.sys [2011-7-11 88576]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-3-25 28464]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-3-11 108032]
S3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-11-7 9216]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2013-1-23 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2013-1-23 8576]
S3 pmx3gmdm;Olivetti USB Device for Legacy Serial Communication;c:\windows\system32\drivers\pmx3gmdm.sys [2010-9-22 103552]
S3 pmx3gnet;Olivetti USB-NDIS miniport;c:\windows\system32\drivers\pmx3gnet.sys [2010-9-22 116736]
S3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\drivers\ser2pl.sys [2013-2-22 134144]
S3 Sony PC Companion;Sony PC Companion;c:\program files\sony\sony pc companion\PCCService.exe [2014-4-6 155824]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2011-5-25 12984]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-2 52224]
S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-21 1343400]
S3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\drivers\WSDScan.sys [2009-7-14 20480]
.
=============== Created Last 30 ================
.
2014-04-21 18:20:52 -------- d-----w- c:\program files\trend micro
2014-04-19 10:00:58 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{be6fe404-92e4-4deb-95de-33689151fa52}\offreg.dll
2014-04-18 13:45:57 8050496 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{be6fe404-92e4-4deb-95de-33689151fa52}\mpengine.dll
2014-04-11 15:37:38 311296 ----a-w- c:\windows\system32\CNMXLMA9.DLL
2014-04-11 15:36:02 -------- d-----w- c:\programdata\Canon IJ Network Tool
2014-04-10 16:26:01 43152 ----a-w- c:\windows\avastSS.scr
2014-04-09 14:39:25 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-04-05 18:51:33 -------- d-----w- c:\program files\Sony
.
==================== Find3M ====================
.
2014-04-10 16:26:02 67264 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-04-10 16:26:01 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-10 16:26:01 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-10 16:26:01 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-10 16:26:01 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-10 16:26:01 180760 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-03-31 07:35:10 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-03-12 17:08:16 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 17:08:16 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-01 04:10:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-01 03:52:43 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-01 03:38:23 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-01 03:37:35 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-01 03:31:30 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 03:14:15 4244480 ----a-w- c:\windows\system32\jscript9.dll
2014-03-01 03:00:08 1964032 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- c:\windows\system32\wininet.dll
2014-02-08 09:22:14 20992 ----a-w- c:\windows\jestertb.dll
2014-02-07 01:07:56 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:04:11 509440 ----a-w- c:\windows\system32\qedit.dll
2014-01-29 02:06:47 381440 ----a-w- c:\windows\system32\wer.dll
.
============= FINISH: 20:38:26,60 ===============

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-04-2014 01
Ran by PC-Standa (administrator) on PC-STANDA-PC on 21-04-2014 20:38:20
Running from C:\Users\PC-Standa\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
() C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Futuredial Inc.) C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Futuredial Inc.) C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
() C:\Program Files\ASUS\ASUS Sync\adb.exe
() C:\Program Files\ASUS\ASUS Sync\adb.exe
() C:\Program Files\ASUS\ASUS Sync\adb.exe
() C:\Program Files\ASUS\ASUS Sync\adb.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Swearware) C:\Users\PC-Standa\Desktop\dds.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Malwarebytes Anti-Malware (reboot)] => C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [981680 2012-04-04] (Malwarebytes Corporation)
HKLM\...\Run: [ASUS Sync Loader] => C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe [638976 2013-03-01] (Futuredial Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3854640 2014-04-10] (AVAST Software)
HKU\S-1-5-21-4064253568-945658341-771417536-1001\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe [841096 2014-03-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-4064253568-945658341-771417536-1001\...\MountPoints2: {00b8ce6f-ba94-11e3-8bf7-0016d3e92365} - E:\Startme.exe
HKU\S-1-5-21-4064253568-945658341-771417536-1001\...\MountPoints2: {6aa65e06-e777-11df-97c3-0016d3e92365} - E:\Autorun.exe
HKU\S-1-5-21-4064253568-945658341-771417536-1003\...\Run: [NVIDIA driver monitor] => C:\Users\Public\nvsvc32.exe
HKU\S-1-5-21-4064253568-945658341-771417536-1003\...\Run: [ICQ] => "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
HKU\S-1-5-21-4064253568-945658341-771417536-1003\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe [841096 2014-03-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-4064253568-945658341-771417536-1003\...\MountPoints2: {00b8ce6f-ba94-11e3-8bf7-0016d3e92365} - E:\Startme.exe
HKU\S-1-5-21-4064253568-945658341-771417536-1003\...\MountPoints2: {6aa65e06-e777-11df-97c3-0016d3e92365} - E:\Autorun.exe
Startup: C:\Users\Hanička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x742D2D2348BDCA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKCU - DefaultScope {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... 06EB491165
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\PC-Standa\AppData\Roaming\Mozilla\Firefox\Profiles\4j3c54w0.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @real.com/nppl3260;version=6.0.12.448 - C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Users\PC-Standa\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Users\PC-Standa\AppData\Roaming\Mozilla\Firefox\Profiles\4j3c54w0.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-01-19]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-19]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-19]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-03-19]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-19]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-19]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2011-09-01]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-29]

========================== Services (Whitelisted) =================

R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-04-10] (AVAST Software)
R2 AVerUpdateServer; C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [168448 2011-01-06] (AVerMedia TECHNOLOGIES, Inc.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-08-09] (Flexera Software, Inc.)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-11-08] (Garmin Ltd or its subsidiaries)
R2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [118264 2014-03-24] (McAfee, Inc.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [24408 2012-02-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-04-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-04-10] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-04-10] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-04-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-04-10] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [67264 2014-04-10] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-04-10] ()
S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [477312 2010-01-29] (AVerMedia TECHNOLOGIES, Inc.)
S3 AVerIR; C:\Windows\System32\DRIVERS\AVerIR.sys [88576 2010-01-12] (AVerMedia TECHNOLOGIES, Inc.)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [9216 2010-02-22] (MBB Incorporated)
S3 pmx3gmdm; C:\Windows\System32\DRIVERS\pmx3gmdm.sys [103552 2009-12-29] (Olivetti)
S3 pmx3gnet; C:\Windows\System32\DRIVERS\pmx3gnet.sys [116736 2009-12-29] (Olivetti)
S3 Ser2plx86; C:\Windows\System32\DRIVERS\ser2pl.sys [134144 2013-02-22] (Prolific Technology Inc.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [12984 2011-06-02] ()
U3 mbr; \??\C:\Users\PC-STA~1\AppData\Local\Temp\mbr.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-21 20:38 - 2014-04-21 20:39 - 00015702 _____ () C:\Users\PC-Standa\Desktop\FRST.txt
2014-04-21 20:38 - 2014-04-21 20:38 - 00016053 _____ () C:\Users\PC-Standa\Desktop\dds.txt
2014-04-21 20:38 - 2014-04-21 20:38 - 00010782 _____ () C:\Users\PC-Standa\Desktop\attach.txt
2014-04-21 20:37 - 2014-04-21 20:38 - 00000000 ____D () C:\FRST
2014-04-21 20:20 - 2014-04-21 20:32 - 00000000 ____D () C:\Program Files\trend micro
2014-04-21 20:20 - 2014-04-21 20:23 - 00000000 ____D () C:\rsit
2014-04-21 20:20 - 2014-04-21 20:20 - 00688992 ____R (Swearware) C:\Users\PC-Standa\Desktop\dds.exe
2014-04-21 20:19 - 2014-04-21 20:19 - 00781383 _____ () C:\Users\PC-Standa\Desktop\RSIT.exe
2014-04-21 20:15 - 2014-04-21 20:15 - 01151488 _____ (Farbar) C:\Users\PC-Standa\Desktop\FRST.exe
2014-04-11 17:42 - 2014-04-11 17:42 - 00002041 _____ () C:\Users\Public\Desktop\Canon MP Navigator EX 4.0.lnk
2014-04-11 17:41 - 2014-04-11 17:41 - 00002021 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2014-04-11 17:37 - 2012-03-14 05:00 - 00311296 _____ (CANON INC.) C:\Windows\system32\CNMXLMA9.DLL
2014-04-11 17:36 - 2014-04-11 17:36 - 00001967 _____ () C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
2014-04-11 17:36 - 2014-04-11 17:36 - 00000000 ____D () C:\ProgramData\Canon IJ Network Tool
2014-04-11 17:33 - 2014-04-11 17:33 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-04-11 17:33 - 2014-04-11 17:33 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-04-11 17:31 - 2014-04-11 17:32 - 49814648 _____ () C:\Users\PC-Standa\Desktop\mpnx_4_0-win-4_02-ea23_2.exe
2014-04-11 17:31 - 2014-04-11 17:32 - 28069008 _____ () C:\Users\PC-Standa\Desktop\mp68-win-mp495-1_03-ea24.exe
2014-04-11 17:31 - 2014-04-11 17:32 - 22834328 _____ () C:\Users\PC-Standa\Desktop\xp68-win-mp495-5_56-ea24.exe
2014-04-11 17:30 - 2014-04-11 17:30 - 10096216 _____ () C:\Users\PC-Standa\Desktop\slmx-win-1_4_1-ea23_2.exe
2014-04-11 17:15 - 2014-04-11 17:15 - 01070840 _____ (Solid State Networks) C:\Users\PC-Standa\Desktop\install_flashplayer13x32au_mssd_aaa_aih.exe
2014-04-10 18:26 - 2014-04-10 18:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-09 16:39 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 16:39 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 16:39 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-06 21:43 - 2014-04-06 21:43 - 00000000 ____D () C:\Users\PC-Standa\Music\Documents\Sony
2014-04-06 20:58 - 2014-04-06 20:58 - 00000000 ____D () C:\Users\PC-Standa\Desktop\Nová složka
2014-04-05 23:27 - 2014-04-06 17:11 - 00002044 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-04-05 20:51 - 2014-04-05 20:51 - 00000000 ____D () C:\ProgramData\Sony
2014-04-05 20:51 - 2014-04-05 20:51 - 00000000 ____D () C:\Program Files\Sony
2014-04-02 22:13 - 2014-04-02 22:13 - 07879669 _____ () C:\Users\PC-Standa\Desktop\Photos (1)(1).zip
2014-04-01 18:54 - 2014-04-01 18:54 - 00000000 ____D () C:\Users\PC-Standa\Music\Documents\Nokia Suite

==================== One Month Modified Files and Folders =======

2014-04-21 20:39 - 2014-04-21 20:38 - 00015702 _____ () C:\Users\PC-Standa\Desktop\FRST.txt
2014-04-21 20:38 - 2014-04-21 20:38 - 00016053 _____ () C:\Users\PC-Standa\Desktop\dds.txt
2014-04-21 20:38 - 2014-04-21 20:38 - 00010782 _____ () C:\Users\PC-Standa\Desktop\attach.txt
2014-04-21 20:38 - 2014-04-21 20:37 - 00000000 ____D () C:\FRST
2014-04-21 20:32 - 2014-04-21 20:20 - 00000000 ____D () C:\Program Files\trend micro
2014-04-21 20:23 - 2014-04-21 20:20 - 00000000 ____D () C:\rsit
2014-04-21 20:20 - 2014-04-21 20:20 - 00688992 ____R (Swearware) C:\Users\PC-Standa\Desktop\dds.exe
2014-04-21 20:19 - 2014-04-21 20:19 - 00781383 _____ () C:\Users\PC-Standa\Desktop\RSIT.exe
2014-04-21 20:15 - 2014-04-21 20:15 - 01151488 _____ (Farbar) C:\Users\PC-Standa\Desktop\FRST.exe
2014-04-21 20:15 - 2011-01-15 01:53 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-21 20:15 - 2010-03-06 17:43 - 01765900 _____ () C:\Windows\WindowsUpdate.log
2014-04-21 20:14 - 2009-07-14 06:34 - 00013440 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-21 20:14 - 2009-07-14 06:34 - 00013440 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-21 19:59 - 2012-04-05 21:29 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-21 17:32 - 2010-03-06 18:06 - 01585934 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-21 12:15 - 2011-01-15 01:53 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-15 22:43 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-14 17:03 - 2011-07-12 17:27 - 00000000 ____D () C:\Windows\Minidump
2014-04-11 17:50 - 2011-10-08 13:29 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-04-11 17:50 - 2011-10-08 13:28 - 00000000 ____D () C:\Users\PC-Standa\AppData\Roaming\Canon
2014-04-11 17:42 - 2014-04-11 17:42 - 00002041 _____ () C:\Users\Public\Desktop\Canon MP Navigator EX 4.0.lnk
2014-04-11 17:42 - 2011-06-05 19:59 - 00000000 ____D () C:\Program Files\Canon
2014-04-11 17:41 - 2014-04-11 17:41 - 00002021 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2014-04-11 17:41 - 2011-06-05 20:10 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-04-11 17:36 - 2014-04-11 17:36 - 00001967 _____ () C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
2014-04-11 17:36 - 2014-04-11 17:36 - 00000000 ____D () C:\ProgramData\Canon IJ Network Tool
2014-04-11 17:36 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2014-04-11 17:35 - 2009-07-14 04:37 - 00000000 __RSD () C:\Windows\Media
2014-04-11 17:33 - 2014-04-11 17:33 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-04-11 17:33 - 2014-04-11 17:33 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-04-11 17:32 - 2014-04-11 17:31 - 49814648 _____ () C:\Users\PC-Standa\Desktop\mpnx_4_0-win-4_02-ea23_2.exe
2014-04-11 17:32 - 2014-04-11 17:31 - 28069008 _____ () C:\Users\PC-Standa\Desktop\mp68-win-mp495-1_03-ea24.exe
2014-04-11 17:32 - 2014-04-11 17:31 - 22834328 _____ () C:\Users\PC-Standa\Desktop\xp68-win-mp495-5_56-ea24.exe
2014-04-11 17:30 - 2014-04-11 17:30 - 10096216 _____ () C:\Users\PC-Standa\Desktop\slmx-win-1_4_1-ea23_2.exe
2014-04-11 17:15 - 2014-04-11 17:15 - 01070840 _____ (Solid State Networks) C:\Users\PC-Standa\Desktop\install_flashplayer13x32au_mssd_aaa_aih.exe
2014-04-11 17:13 - 2010-03-07 01:25 - 00000000 ____D () C:\Users\PC-Standa\AppData\Local\Adobe
2014-04-10 18:26 - 2014-04-10 18:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-10 18:26 - 2014-01-14 19:18 - 00067264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-04-10 18:26 - 2013-03-20 18:30 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-10 18:26 - 2013-03-20 18:30 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-10 18:26 - 2012-03-02 17:27 - 00002058 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-10 18:26 - 2012-02-26 22:03 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-10 18:26 - 2011-06-29 21:31 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-10 18:26 - 2010-03-06 18:21 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-10 18:26 - 2010-03-06 18:21 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-10 18:26 - 2010-03-06 18:20 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-10 03:18 - 2010-03-07 16:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 03:16 - 2013-08-02 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 03:07 - 2010-03-07 02:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-06 21:43 - 2014-04-06 21:43 - 00000000 ____D () C:\Users\PC-Standa\Music\Documents\Sony
2014-04-06 20:58 - 2014-04-06 20:58 - 00000000 ____D () C:\Users\PC-Standa\Desktop\Nová složka
2014-04-06 17:11 - 2014-04-05 23:27 - 00002044 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-04-05 23:26 - 2010-03-06 23:44 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-04-05 20:51 - 2014-04-05 20:51 - 00000000 ____D () C:\ProgramData\Sony
2014-04-05 20:51 - 2014-04-05 20:51 - 00000000 ____D () C:\Program Files\Sony
2014-04-05 20:35 - 2012-02-12 21:50 - 00000000 ____D () C:\Users\PC-Standa\Desktop\vypalování
2014-04-02 22:13 - 2014-04-02 22:13 - 07879669 _____ () C:\Users\PC-Standa\Desktop\Photos (1)(1).zip
2014-04-02 20:25 - 2011-09-01 20:26 - 00000000 ____D () C:\Program Files\McAfee
2014-04-01 19:28 - 2010-03-07 14:09 - 00000000 ____D () C:\Users\PC-Standa\AppData\Roaming\Nokia
2014-04-01 18:54 - 2014-04-01 18:54 - 00000000 ____D () C:\Users\PC-Standa\Music\Documents\Nokia Suite
2014-04-01 18:51 - 2010-03-07 14:07 - 00000000 ____D () C:\Users\PC-Standa\AppData\Roaming\PC Suite
2014-03-31 09:35 - 2010-03-06 18:29 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-31 02:13 - 2014-04-09 16:39 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 01:57 - 2014-04-09 16:39 - 17073152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-22 21:51 - 2014-01-19 20:33 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

Some content of TEMP:
====================
C:\Users\Hanička\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Hanička\AppData\Local\Temp\p2pJNI.dll
C:\Users\Hanička\AppData\Local\Temp\WinUpdateFile.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 12:04

==================== End Of Log ============================

[Roli]

Zdravím, přes Odebrat programy nebo CCleaner níže odinstaluj vše od McAfee


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po té proběhne sken a po jeho skončení klikni na Report a to co na Tebe vypadne mi sem zkopíruj.

[truddy]

# AdwCleaner v3.103 - Report created 21/04/2014 at 23:21:30
# Updated 21/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : PC-Standa - PC-STANDA-PC
# Running from : C:\Users\PC-Standa\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found C:\Program Files\ICQ6Toolbar
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\ICQ\ICQToolbar
Folder Found C:\ProgramData\Uniblue
Folder Found C:\ProgramData\Uniblue\DriverScanner
Folder Found C:\Users\Hanička\.android
Folder Found C:\Users\PC-Standa\.android
Folder Found C:\Users\PC-Standa\AppData\Roaming\Uniblue
Folder Found C:\Users\PC-Standa\AppData\Roaming\Uniblue\SpeedUpMyPC

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\ctTOOLBAR.ctToolBarCtrl.4
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askchecker_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askchecker_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\Software\Uniblue
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Hanička\AppData\Roaming\Mozilla\Firefox\Profiles\30ko17a8.default\prefs.js ]

Line Found : user_pref("browser.search.defaultengine", "Ask.com");
Line Found : user_pref("browser.search.defaultenginename", "Ask.com");
Line Found : user_pref("browser.search.order.1", "Ask.com");
Line Found : user_pref("browser.search.selectedEngine", "Ask.com");
Line Found : user_pref("extensions.asktb.ff-original-keyword-url", "");
Line Found : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=7530FFA7-1693-4BC2-87B2-EEF12DD1D451&apn_ptnrs=&apn_sauid=2DCE0214-F08C-4F58-A441-2B06EB491165&ap[...]

[ File : C:\Users\PC-Standa\AppData\Roaming\Mozilla\Firefox\Profiles\4j3c54w0.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [3827 octets] - [21/04/2014 23:21:30]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3887 octets] ##########

[Roli]

Znovu spusť AdwCleaner ale tentokrát klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zase zkopíruj Report.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[truddy]

ahoj tak Clean jsem udělal už včera tak dnes jsem udělal clean znova a tady je log

# AdwCleaner v3.200 - Report created 22/04/2014 at 18:00:29
# Updated 22/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : PC-Standa - PC-STANDA-PC
# Running from : C:\Users\PC-Standa\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\PC-Standa\.android

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Hanička\AppData\Roaming\Mozilla\Firefox\Profiles\30ko17a8.default\prefs.js ]


[ File : C:\Users\PC-Standa\AppData\Roaming\Mozilla\Firefox\Profiles\4j3c54w0.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [3967 octets] - [21/04/2014 23:21:30]
AdwCleaner[R1].txt - [1122 octets] - [22/04/2014 17:57:07]
AdwCleaner[S0].txt - [3934 octets] - [21/04/2014 23:45:45]
AdwCleaner[S1].txt - [1050 octets] - [22/04/2014 18:00:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1110 octets] ##########

tady je další log

ComboFix 14-04-20.01 - PC-Standa 22.04.2014 18:14:49.1.1 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2038.922 [GMT 2:00]
Spuštěný z: c:\users\PC-Standa\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini
c:\windows\iun6002.exe
c:\windows\jestertb.dll
c:\windows\regedit.com
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\taskmgr.com
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-22 do 2014-04-22 )))))))))))))))))))))))))))))))
.
.
2014-04-22 14:17 . 2014-04-17 03:32 8050496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{82ADA548-ABBB-4DB8-B227-00653F3BD7AB}\mpengine.dll
2014-04-21 21:21 . 2014-04-22 16:00 -------- d-----w- C:\AdwCleaner
2014-04-21 18:37 . 2014-04-21 18:40 -------- d-----w- C:\FRST
2014-04-21 18:20 . 2014-04-21 18:32 -------- d-----w- c:\program files\trend micro
2014-04-21 18:20 . 2014-04-21 18:23 -------- d-----w- C:\rsit
2014-04-11 15:37 . 2012-03-14 03:00 311296 ----a-w- c:\windows\system32\CNMXLMA9.DLL
2014-04-11 15:36 . 2014-04-11 15:36 -------- d-----w- c:\programdata\Canon IJ Network Tool
2014-04-11 15:33 . 2014-04-11 15:33 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2014-04-11 15:33 . 2014-04-11 15:33 -------- d--h--w- c:\program files\CanonBJ
2014-04-10 16:26 . 2014-04-10 16:26 43152 ----a-w- c:\windows\avastSS.scr
2014-04-09 14:39 . 2014-03-31 00:13 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-04-05 18:51 . 2014-04-05 18:51 -------- d-----w- c:\programdata\Sony
2014-04-05 18:51 . 2014-04-05 18:51 -------- d-----w- c:\program files\Sony
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-10 16:26 . 2014-01-14 17:18 67264 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-04-10 16:26 . 2013-03-20 16:30 180760 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-10 16:26 . 2013-03-20 16:30 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-10 16:26 . 2012-02-26 20:03 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-10 16:26 . 2011-06-29 19:31 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-10 16:26 . 2010-03-06 16:21 411552 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-04-10 16:26 . 2010-03-06 16:21 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-10 16:26 . 2010-03-06 16:20 271264 ----a-w- c:\windows\system32\aswBoot.exe
2014-03-31 07:35 . 2010-03-06 16:29 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-03-12 17:08 . 2012-04-05 19:28 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-12 17:08 . 2011-05-14 22:53 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-01 04:10 . 2014-03-11 21:28 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-01 03:52 . 2014-03-11 21:27 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-03-01 03:51 . 2014-03-11 21:28 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-01 03:38 . 2014-03-11 21:28 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-01 03:38 . 2014-03-11 21:28 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-01 03:37 . 2014-03-11 21:28 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-01 03:31 . 2014-03-11 21:28 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 03:14 . 2014-03-11 21:28 4244480 ----a-w- c:\windows\system32\jscript9.dll
2014-03-01 03:00 . 2014-03-11 21:27 1964032 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-01 02:32 . 2014-03-11 21:28 1820160 ----a-w- c:\windows\system32\wininet.dll
2014-02-07 01:07 . 2014-03-11 21:26 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:04 . 2014-03-11 21:28 509440 ----a-w- c:\windows\system32\qedit.dll
2014-01-29 02:06 . 2014-03-11 21:26 381440 ----a-w- c:\windows\system32\wer.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-10 16:25 260976 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-04-04 981680]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"ASUS Sync Loader"="c:\program files\ASUS\ASUS Sync\asusUPCTLoader.exe" [2013-03-01 638976]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2014-04-10 3854640]
.
c:\users\Hanička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SnugTV Quick Start.lnk]
backup=c:\windows\pss\SnugTV Quick Start.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AndroidSync]
2012-09-30 22:00 5817776 ----a-w- c:\program files\Android-Sync\AndroidSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
2012-10-09 12:54 1637528 ----a-w- c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mobile Connectivity Suite]
2009-11-19 14:19 598016 ----a-r- c:\program files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2013-10-02 18:28 1090912 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
2013-10-31 09:35 449760 ----a-w- c:\program files\Sony\Sony PC Companion\PCCompanion.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2007-05-31 15:21 648072 ----a-w- c:\windows\WindowsMobile\wmdcBase.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-04-10 67264]
R3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys [2010-01-29 477312]
R3 AVerIR;AVerMedia Infrared Receiver;c:\windows\system32\DRIVERS\AVerIR.sys [2010-01-12 88576]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2007-05-17 28464]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-01 108032]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-02-22 9216]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
R3 pmx3gmdm;Olivetti USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\pmx3gmdm.sys [2009-12-29 103552]
R3 pmx3gnet;Olivetti USB-NDIS miniport;c:\windows\system32\DRIVERS\pmx3gnet.sys [2009-12-29 116736]
R3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\DRIVERS\ser2pl.sys [2013-02-22 134144]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2011-06-02 12984]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-21 1343400]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-04-10 776976]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-04-10 411552]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-04-10 67824]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S2 AVerUpdateServer;AVerUpdateServer;c:\program files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2011-01-06 168448]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992]
S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-11-08 250712]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
HsfXAudioService REG_MULTI_SZ HsfXAudioService
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 17:08]
.
2014-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-14 23:53]
.
2014-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-14 23:53]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\PC-Standa\AppData\Roaming\Mozilla\Firefox\Profiles\4j3c54w0.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-CanonMyPrinter - c:\program files\Canon\MyPrinter\BJMyPrt.exe
AddRemove-Actual Drawing - c:\program files\Actual Drawing\PY_UNINSTAL.EXE SOFTWARE\PySoft\HTML_Edit
AddRemove-WYSIWYG_Web_Builder_8 - c:\windows\iun6002.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:0000002e
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-04-22 18:34:07
ComboFix-quarantined-files.txt 2014-04-22 16:34
.
Před spuštěním: Volných bajtů: 26 819 022 848
Po spuštění: Volných bajtů: 26 796 916 736
.
- - End Of File - - 9B2D5B0379475B9A013F5AC34213985E
A36C5E4F47E84449FF07ED3517B43A31

[Roli]

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[truddy]

ComboFix 14-04-20.01 - PC-Standa 23.04.2014 17:19:43.2.1 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2038.1234 [GMT 2:00]
Spuštěný z: c:\users\PC-Standa\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\PC-Standa\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-23 do 2014-04-23 )))))))))))))))))))))))))))))))
.
.
2014-04-23 15:35 . 2014-04-23 15:35 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2014-04-23 15:35 . 2014-04-23 15:35 -------- d-----w- c:\users\Hanička\AppData\Local\temp
2014-04-23 15:35 . 2014-04-23 15:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-23 01:02 . 2014-03-06 08:02 455168 ----a-w- c:\windows\system32\vbscript.dll
2014-04-23 01:02 . 2014-03-06 05:50 257536 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2014-04-23 01:02 . 2014-03-08 01:59 235216 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2014-04-22 16:34 . 2014-04-23 15:35 -------- d-----w- c:\users\PC-Standa\AppData\Local\temp
2014-04-22 16:18 . 2014-04-23 01:52 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{82ADA548-ABBB-4DB8-B227-00653F3BD7AB}\offreg.dll
2014-04-22 14:17 . 2014-04-17 03:32 8050496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{82ADA548-ABBB-4DB8-B227-00653F3BD7AB}\mpengine.dll
2014-04-21 21:21 . 2014-04-22 16:00 -------- d-----w- C:\AdwCleaner
2014-04-21 18:37 . 2014-04-21 18:40 -------- d-----w- C:\FRST
2014-04-21 18:20 . 2014-04-21 18:32 -------- d-----w- c:\program files\trend micro
2014-04-21 18:20 . 2014-04-21 18:23 -------- d-----w- C:\rsit
2014-04-11 15:37 . 2012-03-14 03:00 311296 ----a-w- c:\windows\system32\CNMXLMA9.DLL
2014-04-11 15:36 . 2014-04-11 15:36 -------- d-----w- c:\programdata\Canon IJ Network Tool
2014-04-11 15:33 . 2014-04-11 15:33 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2014-04-11 15:33 . 2014-04-11 15:33 -------- d--h--w- c:\program files\CanonBJ
2014-04-10 16:26 . 2014-04-10 16:26 43152 ----a-w- c:\windows\avastSS.scr
2014-04-05 18:51 . 2014-04-05 18:51 -------- d-----w- c:\programdata\Sony
2014-04-05 18:51 . 2014-04-05 18:51 -------- d-----w- c:\program files\Sony
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-10 16:26 . 2014-01-14 17:18 67264 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-04-10 16:26 . 2013-03-20 16:30 180760 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-10 16:26 . 2013-03-20 16:30 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-10 16:26 . 2012-02-26 20:03 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-10 16:26 . 2011-06-29 19:31 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-10 16:26 . 2010-03-06 16:21 411552 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-04-10 16:26 . 2010-03-06 16:21 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-10 16:26 . 2010-03-06 16:20 271264 ----a-w- c:\windows\system32\aswBoot.exe
2014-03-31 07:35 . 2010-03-06 16:29 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-03-12 17:08 . 2012-04-05 19:28 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-12 17:08 . 2011-05-14 22:53 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-07 01:07 . 2014-03-11 21:26 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:04 . 2014-03-11 21:28 509440 ----a-w- c:\windows\system32\qedit.dll
2014-01-29 02:06 . 2014-03-11 21:26 381440 ----a-w- c:\windows\system32\wer.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-10 16:25 260976 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-04-04 981680]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"ASUS Sync Loader"="c:\program files\ASUS\ASUS Sync\asusUPCTLoader.exe" [2013-03-01 638976]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2014-04-10 3854640]
.
c:\users\Hanička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SnugTV Quick Start.lnk]
backup=c:\windows\pss\SnugTV Quick Start.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AndroidSync]
2012-09-30 22:00 5817776 ----a-w- c:\program files\Android-Sync\AndroidSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
2012-10-09 12:54 1637528 ----a-w- c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mobile Connectivity Suite]
2009-11-19 14:19 598016 ----a-r- c:\program files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2013-10-02 18:28 1090912 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
2013-10-31 09:35 449760 ----a-w- c:\program files\Sony\Sony PC Companion\PCCompanion.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2007-05-31 15:21 648072 ----a-w- c:\windows\WindowsMobile\wmdcBase.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-04-10 67264]
R3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys [2010-01-29 477312]
R3 AVerIR;AVerMedia Infrared Receiver;c:\windows\system32\DRIVERS\AVerIR.sys [2010-01-12 88576]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2007-05-17 28464]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-06 108032]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-02-22 9216]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
R3 pmx3gmdm;Olivetti USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\pmx3gmdm.sys [2009-12-29 103552]
R3 pmx3gnet;Olivetti USB-NDIS miniport;c:\windows\system32\DRIVERS\pmx3gnet.sys [2009-12-29 116736]
R3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\DRIVERS\ser2pl.sys [2013-02-22 134144]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2011-06-02 12984]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-21 1343400]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-04-10 776976]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-04-10 411552]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-04-10 67824]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S2 AVerUpdateServer;AVerUpdateServer;c:\program files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2011-01-06 168448]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992]
S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-11-08 250712]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
HsfXAudioService REG_MULTI_SZ HsfXAudioService
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 17:08]
.
2014-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-14 23:53]
.
2014-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-14 23:53]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\PC-Standa\AppData\Roaming\Mozilla\Firefox\Profiles\4j3c54w0.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
Celkový čas: 2014-04-23 17:38:14
ComboFix-quarantined-files.txt 2014-04-23 15:38
ComboFix2.txt 2014-04-22 16:34
.
Před spuštěním: Volných bajtů: 26 137 210 880
Po spuštění: Volných bajtů: 26 078 060 544
.
- - End Of File - - 43F77CF143A6D4948678EF6EE2054433
A36C5E4F47E84449FF07ED3517B43A31

[Roli]

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jaký je stav Tvého stařečka

[truddy]

tak vše je ok .Stařeček je opět v kondici .Díky moc.Prosím tě mrkni se ještě na ten můj druhý PC poslal jsem taky log pon nickem truddy díky

[Roli]

Prosím tě mrkni se ještě na ten můj druhý PC poslal jsem taky log pon nickem truddy díky

Tos mohl pokračovat tady, ale nevadí už se stalo.

Díky moc.

Není zač a