Pomalý PC

Zpráva

zdenekkoste · #1 Příspěvek od **zdenekkoste** » 05 říj 2015 09:56

Dobrý den,

mám pomalý PC, přikládám log FRST:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by uzivatel (2015-10-05 10:49:32)
Running from C:\Users\uzivatel\Desktop
Windows 8 (X64) (2013-11-19 13:17:30)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3305348813-2771938429-208643079-500 - Administrator - Disabled)
Guest (S-1-5-21-3305348813-2771938429-208643079-501 - Limited - Disabled)
uzivatel (S-1-5-21-3305348813-2771938429-208643079-1001 - Administrator - Enabled) => C:\Users\uzivatel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer Theft Shield (HKLM\...\{8ADB0CD2-4E5A-452F-BB3B-3A2984CAC749}) (Version: 1.01.3006 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe Reader XI (11.0.12) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Aplikace PriMa.3G v2.07 (HKLM-x32\...\{0AE216CA-4B2B-496C-AA78-C459DCF55236}_is1) (Version: - Allianz pojišťovna, a.s.)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aura Software Manager 1.0.3 (HKLM-x32\...\Aura Software Manager_is1) (Version: - aura4you.com)
AXA Studio (HKU\S-1-5-21-3305348813-2771938429-208643079-1001\...\be3a3e1a435c5997) (Version: 1.4.70.11759 - AXA životní pojišťovna a.s.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator 3.0 (HKLM-x32\...\MP Navigator 3.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Classic Shell (HKLM\...\{CB00799C-0E4F-4FD1-A046-BD24321BCDFF}) (Version: 3.6.5 - IvoSoft)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
ČSOBP Kalkulátory 1.15.3.x (OED B) (HKLM-x32\...\Kalkulátory_is1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
dm paradies foto (HKLM-x32\...\dm paradies foto) (Version: 5.0.6 - CEWE Stiftung u Co. KGaA)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
eDoklady Skenování 5.6.70 (HKLM-x32\...\{EDE81ED1-46A9-483E-8626-F44D9CC9ADE3}) (Version: 5.6.70.0 - LightComp v.o.s.)
Einstein - program pro poradce (HKLM-x32\...\{6D5FC9F5-42C3-4758-9A72-0E63FDC77DD9}_is1) (Version: v3.40 - Wüstenrot, životní pojišťovna, a.s.)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 12.160 (20120830_21) - CÍGLER SOFTWARE, a.s.)
eModel - MetLife (HKU\S-1-5-21-3305348813-2771938429-208643079-1001\...\d69422e246fffff6) (Version: 1.0.0.8 - MetLife)
ESET NOD32 Antivirus (HKLM\...\{1D4A236B-9CC3-4387-86F8-DB5EE3A5D33A}) (Version: 8.0.319.1 - ESET, spol s r. o.)
ETDWare PS/2-X64 11.6.20.203_WHQL (HKLM\...\Elantech) (Version: 11.6.20.203 - ELAN Microelectronic Corp.)
ExpressCache (HKLM\...\{C123584F-9C84-45E8-AE5F-522328BB79A0}) (Version: 1.0.100.0 - Condusiv Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
ING eKalkulačka ING CZ verze 2.1.14 (HKLM-x32\...\{C9CDDB32-9504-4F68-A983-7157FE242AB8}_is1) (Version: 2.1.14 - ING pojistovna)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
ISOS 7.4.0.0 (Externí síť, XP,Vista,Win7) (HKLM-x32\...\ISOS_is1) (Version: - Kooperativa)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
JOS - ČP Auto (HKLM-x32\...\{B4F5F42D-47FF-448E-8600-9F833D1EE27E}) (Version: 4.15.2 - Česká pojišťovna, a.s.)
JOS-WePOS - MLM, verze 1.33/1 (HKLM-x32\...\Hledik - WePOS) (Version: 1.33/1 - Česká pojišťovna a.s.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.12 - Acer Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MetLife - Garde 3.2 (HKLM-x32\...\{79CB0FD9-8D26-4920-9B57-85028FC23D7E}) (Version: 3.2.121 - MetLife pojištovna a. s.)
MetLife - Garde 3.2 (HKLM-x32\...\{F2A26684-1535-43B4-94A2-E3985D44BC52}) (Version: 3.2.123 - MetLife pojištovna a. s.)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{2180B33F-3225-423E-BBC1-7798CFD3CD1F}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{6D10FB2C-82A9-40F2-91D0-7BE64CF0DAF2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (English) (HKLM-x32\...\{9D6D76A6-4328-49E8-97A7-531A74841DA5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2008 Shell (integrated mode) - ENU (HKLM-x32\...\{BA0C9AAF-1327-3F06-B49C-349B4BE8F740}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 cs)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
OpenOffice.org 3.3 (HKLM-x32\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
PCSSignoSoft (HKLM-x32\...\{66B9EE26-AF38-406B-9ADA-6A8A0ABAD502}) (Version: 1.0.8 - PragueSoft)
PCSSignoSoftUpdate (HKLM-x32\...\{12257785-AE47-40A8-BF7A-2A745E955927}) (Version: 1.0.9 - PragueSoft)
PČS SmartClient (HKU\S-1-5-21-3305348813-2771938429-208643079-1001\...\ee485056d1c5a354) (Version: 2.1.9.8 - Pojišťovna České spořitelny)
Poradce - MAKFAC,SLS,MBI, verze 1.51/1 (HKLM-x32\...\Hledik - Poradce - MAKFAC,SLS,MBI) (Version: 1.51/1 - )
Pošta a kancelář 3.9 (HKLM-x32\...\Pošta a kancelář 3_is1) (Version: - PS Media s.r.o.)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6833 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Seznam Instalátor (HKLM-x32\...\ssinstall) (Version: - Seznam.cz)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sleep Memory Optimizer (HKLM\...\{BF63C2C3-9A5B-4366-AA5F-015292B919F0}) (Version: 1.01.3000 - Acer Incorporated)
Smart Timer (HKLM-x32\...\{89DB52FC-EA72-468F-A0C7-150AF8B7AB74}) (Version: 1.00.3007 - Acer Incorporated)
SOFTPRO Driver (HKLM-x32\...\InstallShield_{A3746EA1-FA4C-4A76-B070-0EC27841E558}) (Version: 3.1.6 - SOFTPRO GmbH)
SOFTPRO Driver (Version: 3.1.6 - SOFTPRO GmbH) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Management Studio (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA Start CZ (HKLM-x32\...\{5632505C-FABA-4BB1-B90B-CC517596BEAE}) (Version: 11001.8 - STORMWARE)
UNIQA Podpurný software verze 1.0 (HKLM-x32\...\UNIQA Podpurný software_is1) (Version: 1.0 - UNIQA pojišťovna, a.s.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Wacom Color STU Driver (HKLM-x32\...\{eea7e53f-5125-4e37-b74e-20172ab29068}) (Version: 4.0.2 - Wacom Co., Ltd.)
Wacom Color STU Driver (x64) (Version: 4.0.2 - Wacom Co., Ltd.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}) (Version: 17.5.10480 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3305348813-2771938429-208643079-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File

==================== Restore Points =========================

14-09-2015 13:51:18 Windows Update
22-09-2015 17:23:56 Windows Update
01-10-2015 09:43:03 Naplánovaný kontrolní bod

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2014-08-29 21:53 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B2F6EAF-B864-43FB-A8B6-7A9DED617883} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-16] (Acer Incorporated)
Task: {2B8BA908-42CE-4F27-9D89-CD95E863C9D8} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-09-01] (Dolby Laboratories Inc.)
Task: {40CB5229-6831-4972-9B6C-FDA2DD8B4454} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-24] (Acer Incorporated)
Task: {604858B2-50C8-4AE7-9C8E-E7EC9EDE7F86} - System32\Tasks\{FF52B341-9A09-4AB4-ADCE-2C7B3EFBAB2C} => Chrome.exe http://ui.skype.com/ui/0/6.18.0.105/cs/ ... Error=1618
Task: {62E332B1-AA35-4059-A786-EC4056EC82F2} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {6AF139C3-2328-4F90-825A-9EF831338F8A} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {74E79D05-6862-4BB4-9EA3-52B715683B21} - System32\Tasks\Theft Shield\AcerTheftShieldTask => C:\Program Files\Acer\Acer Theft Shield\USecuAppLauncher.exe [2012-11-12] (Acer Incorporated)
Task: {7815D757-558B-49D3-952F-128BEE919A16} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A5794592-B18C-430D-B765-2EEF90E9BA13} - System32\Tasks\Smart Timer Task Scheduler => C:\Program Files\Smart Timer\Smart_Timer.exe [2012-06-22] (Acer Incorporated)
Task: {ADB3F0F2-5B3B-405D-939A-705F9799E34E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {C033F6D2-F843-485A-896F-D496E99D24CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C18FD19F-3E77-4B86-87C3-DB1E3807C7EE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D76809C3-47DC-49D8-BEFD-7E9491FD603B} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {DAC7C24B-2C02-4B6D-87F0-B91676AA4E6E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-11-02 07:56 - 2013-02-21 07:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-01-25 09:09 - 2013-01-25 09:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-25 09:05 - 2013-01-25 09:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-25 09:12 - 2013-01-25 09:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2012-11-23 11:28 - 2012-10-23 05:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-18 19:12 - 2015-02-18 19:12 - 00818176 _____ () C:\Users\uzivatel\Desktop\OK\Pojišťovny\ČPP\platforms\qwindows.dll
2015-02-12 15:20 - 2015-02-12 15:20 - 00818176 _____ () C:\Users\uzivatel\Desktop\OK\Pojišťovny\Kooperativa\KoopP7BNExtern\platforms\qwindows.dll
2011-01-17 17:19 - 2013-11-19 15:46 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2013-03-12 07:46 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-11-02 07:56 - 2013-02-21 07:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-09-26 18:30 - 2015-09-24 04:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-26 18:30 - 2015-09-24 04:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 12:46 - 2011-06-22 12:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2011-05-26 21:18 - 2011-05-26 21:18 - 00136536 _____ () C:\Program Files (x86)\Microsoft Office\Office12\OUTLCTL.DLL
2015-07-14 18:20 - 2015-07-14 18:20 - 00756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3305348813-2771938429-208643079-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\uzivatel\Desktop\zasilka-FRKU5AGCTTCR2I8Y\053.JPG
DNS Servers: 80.251.240.33 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3114B1B2-32AB-47CC-B2F5-B2981F9BF009}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{FDBFC43D-0BCA-40FB-9FB5-69D9FAB873FC}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{FE30E957-8AF0-4A69-B4FA-DC57FE7A6437}] => (Allow) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
FirewallRules: [{8A859AE1-3EEF-4AB5-BA9E-98CF888951CF}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{05DE9A97-F322-4A7D-9E81-F79463EA7DAD}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{4F0C90EF-39A2-4F11-B959-AC5CFC449059}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{472484C7-CD25-4454-9D2A-F43180421948}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{5B9E236E-7F5C-4F75-9E67-C3BF3EC1870D}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{129A10BD-8C64-4684-9410-82FE8FD3C765}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{730E3166-7BF5-443B-A734-0C06B490E657}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{2AA184C3-D3E2-4F82-A3B9-478A17319C62}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{4B058EC9-9C40-4C03-8843-D18A21F81C92}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{1C68D7A2-5617-4F3C-ABA0-F4AEDB8F6A2A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{8403623B-0B3A-4AC0-96CD-E347DA359C09}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{BED75F38-8C1B-4B2F-94FC-C8BC5FE24CC3}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{ACFC2EF3-7F06-471F-9729-90C8F5DE23DF}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{4DB8D90C-C5B7-4635-A2B1-2EB0CEAE68D5}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{38FE27CD-B2B4-4C2B-AACE-CD9E5C49EB3E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{0CD41AEB-7FDB-48F4-A393-3115A06E5B05}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{AE6FDF47-168F-4384-8917-CFBDDC40207C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{3C64F622-A1E4-4520-87E3-4D487F0C123E}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{754BD7E4-6B47-4BF0-96F9-8F515DBD8BEB}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{D437E897-B88B-423F-83D6-07726306EE73}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{293C170B-5DC9-49B1-8C63-7E5A3C37DB64}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{91547CF5-C0BA-40EA-A86E-FA9ADDB165D4}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{516ADC2D-4771-41D5-B9AB-EB2AD4BE5EA5}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{162BD2CA-9223-4224-B6E4-6210FE308AF2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4FF84E0F-57AB-4ABB-AC0C-C6E6ACF7D528}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BBFEE85D-6B1D-4F6E-B5C1-88F5E0A25732}] => (Allow) LPort=2869
FirewallRules: [{4F70EDEC-E9D7-4105-A084-2BF940707C89}] => (Allow) LPort=1900
FirewallRules: [{87B0C58D-609D-4632-9F12-722BA261B57A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5B6EB86D-5978-46BA-B1C5-EA8A310FF767}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{B6CC34F4-3B23-43E7-9CED-4FF83DC57F52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AFD5B12E-83B4-4962-9660-511DB438AFE4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F233BACD-639C-4BB1-A327-7217DEDB5B63}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0D6ACAC6-437E-47D3-9A1A-1809DBFEF459}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{26D9BD6F-A47C-4BBA-BC80-1B0E44DC1BF0}C:\users\uzivatel\appdata\local\viber\viber.exe] => (Block) C:\users\uzivatel\appdata\local\viber\viber.exe
FirewallRules: [UDP Query User{747A6F45-4720-4479-A4FC-2B36951FD4D9}C:\users\uzivatel\appdata\local\viber\viber.exe] => (Block) C:\users\uzivatel\appdata\local\viber\viber.exe
FirewallRules: [{F7D2A6AA-7D03-40EF-8014-7E07BD769A9B}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{DC8C62A2-134F-4BB8-B411-FD387B50008E}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{A6548AE4-C36D-4235-9C8C-9E508667D0C9}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [{5A2204DD-0DE0-4AF2-A46F-9D05FF60118D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C1FC77B6-C786-4A28-92CF-8732897541BB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{621056D3-CE82-400F-ACA3-7F15AB6E79AA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Adapter
Description: Bluetooth USB Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/05/2015 09:59:35 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: SQLAgent$MSSQLSERVERNOVY8

Error: (10/05/2015 09:59:35 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: ReportServer$MSSQLSERVERNOVY8

Error: (10/05/2015 09:59:34 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$MSSQLSERVERNOVY8

Error: (10/04/2015 06:03:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9953

Error: (10/04/2015 06:03:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9953

Error: (10/04/2015 06:03:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/04/2015 06:03:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8625

Error: (10/04/2015 06:03:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8625

Error: (10/04/2015 06:03:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/04/2015 06:03:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7235

System errors:
=============
Error: (09/25/2015 05:23:44 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 20

Error: (09/24/2015 09:05:49 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 20

Error: (09/22/2015 12:45:18 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo časového limitu (30000 ms).

Error: (09/22/2015 12:44:54 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Inicializace se nezdařila, protože přenos odmítl otevřít počáteční adresy.

Error: (09/21/2015 10:57:24 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 20

Error: (09/10/2015 06:07:40 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 20

Error: (09/10/2015 03:04:55 PM) (Source: DCOM) (EventID: 10029) (User: NT AUTHORITY)
Description: {B8FC52F5-CB03-4E10-8BCB-E3EC794C54A5}wuauserv

Error: (09/10/2015 03:00:55 PM) (Source: DCOM) (EventID: 10029) (User: NT AUTHORITY)
Description: {B8FC52F5-CB03-4E10-8BCB-E3EC794C54A5}wuauserv

Error: (09/03/2015 10:50:26 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 20

Error: (08/31/2015 12:09:48 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 20

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
Percentage of memory in use: 61%
Total physical RAM: 3911.27 MB
Available physical RAM: 1510.43 MB
Total Virtual: 6777.46 MB
Available Virtual: 3095.45 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:446.85 GB) (Free:294.94 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 53E78B0A)

Partition: GPT.

========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: E9DE3E7E)

Partition: GPT.

==================== End of Addition.txt ============================

Předem děkuji. S pozdravem

Zdeněk Vávra

#2 Příspěvek od **Rudy** » 05 říj 2015 18:31

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

zdenekkoste · #3 Příspěvek od **zdenekkoste** » 06 říj 2015 13:14

# AdwCleaner v5.002 - Logfile created 06/10/2015 at 14:11:01
# Updated 18/08/2015 by Xplode
# Database : 2015-10-05.3 [Server]
# Operating system : Windows 8 (x64)
# Username : uzivatel - ACERNTB
# Running from : C:\Users\uzivatel\Desktop\Downloads\adwcleaner_5.002.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

[-] File Deleted : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxps_www.superfish.com_0.localstorage-journal
[-] File Deleted : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{525F116F-04AD-40A2-AE2F-A0C4E1AFEF98}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9852A670-F845-491B-9BE6-EBD841B8A613}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ACE4747B-35BD-4E97-9DD7-1D4245B0695C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CE77C59C-CFD2-429F-868C-8B04D23F94CA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F544E0F5-CA3C-47EA-A64D-35FCF1602396}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}

***** [ Web browsers ] *****

*************************

:: Proxy settings cleared
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [3295 bytes] ##########

#4 Příspěvek od **Rudy** » 06 říj 2015 16:46

Dejte nový log FRST.

zdenekkoste · #5 Příspěvek od **zdenekkoste** » 11 říj 2015 08:36

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-10-2015
Ran by uzivatel (administrator) on ACERNTB (11-10-2015 09:33:31)
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel (Available Profiles: uzivatel)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSAS10.MSSQLSERVERNOVY\OLAP\bin\msmdsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\sqlservr.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSRS10.MSSQLSERVERNOVY\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Pražská softwarová s.r.o.) C:\Users\uzivatel\Desktop\OK\Pojišťovny\ČPP\CppCalcServer.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Pražská softwarová s.r.o.) C:\Users\uzivatel\Desktop\OK\Pojišťovny\Kooperativa\KoopP7BNExtern\KoopPDFServerSA.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17516_none_6276a5b950d43361\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876816 2013-03-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [SP_WSPCHK] => C:\Program Files\Common Files\SOFTPRO\Shared\SP_WspInit.exe [122208 2013-12-02] (SOFTPRO GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-3305348813-2771938429-208643079-1001\...\Run: [Viber] => "C:\Users\uzivatel\AppData\Local\Viber\Viber.exe" StartMinimized
HKU\S-1-5-21-3305348813-2771938429-208643079-1001\...\MountPoints2: {458b71eb-7867-11e3-be78-e89d0ba9f37c} - "D:\OpenFiles.exe"
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2012-12-29] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2012-12-29] (IvoSoft)
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CPP - CalcServer.lnk [2015-02-18]
ShortcutTarget: CPP - CalcServer.lnk -> C:\Users\uzivatel\Desktop\OK\Pojišťovny\ČPP\CppCalcServer.exe (Pražská softwarová s.r.o.)
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Kooperativa - PDF Server.lnk [2015-02-12]
ShortcutTarget: Kooperativa - PDF Server.lnk -> C:\Users\uzivatel\Desktop\OK\Pojišťovny\Kooperativa\KoopP7BNExtern\KoopPDFServerSA.exe (Pražská softwarová s.r.o.)
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2013-11-19]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.197.144.22 217.197.152.132
Tcpip\..\Interfaces\{23A3F205-C5A7-4E8D-94B1-749CF93B5463}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{B6A1F242-419E-4A65-8925-169C90386311}: [DhcpNameServer] 192.51.104.29
Tcpip\..\Interfaces\{C9868DCD-087E-41F5-86BE-22CA40150ACE}: [DhcpNameServer] 217.197.144.22 217.197.152.132

Internet Explorer:
==================
HKU\S-1-5-21-3305348813-2771938429-208643079-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3305348813-2771938429-208643079-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2012-12-29] (IvoSoft)
BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll [2012-12-29] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2012-12-29] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-03-11] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-03-11] (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll [2012-12-29] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2012-12-29] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2012-12-29] (IvoSoft)

FireFox:
========
FF ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4hrrw47b.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-03-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-03-11] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-11-11] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

Chrome:
=======
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-19]
CHR Extension: (Disk Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-19]
CHR Extension: (YouTube) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-19]
CHR Extension: (Vyhledávání Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-19]
CHR Extension: (Gmail) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-19]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2012-12-29] (IvoSoft) [File not signed]
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-05-01] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-16] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2013-03-05] (ELAN Microelectronics Corp.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies)
R2 FFSOpzSvc; C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe [161384 2012-03-12] (Acer Incorporated)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MSOLAP$MSSQLSERVERNOVY; C:\Program Files (x86)\Microsoft SQL Server\MSAS10.MSSQLSERVERNOVY\OLAP\bin\msmdsrv.exe [21945368 2008-07-10] (Microsoft Corporation)
R2 MSSQL$MSSQLSERVERNOVY; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57820696 2008-07-10] (Microsoft Corporation)
R2 MSSQLSERVER; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [61913952 2010-04-03] (Microsoft Corporation)
R2 ReportServer$MSSQLSERVERNOVY; C:\Program Files (x86)\Microsoft SQL Server\MSRS10.MSSQLSERVERNOVY\Reporting Services\ReportServer\bin\ReportingServicesService.exe [1106968 2008-07-10] (Microsoft Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-11-02] (Dritek System INC.)
S3 SQLAgent$MSSQLSERVERNOVY; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [430616 2008-07-10] (Microsoft Corporation)
S4 SQLSERVERAGENT; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [428384 2010-04-03] (Microsoft Corporation)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2013-12-11] (PS Media s.r.o.)
S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [345744 2012-11-12] (Acer Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [104960 2012-07-07] (ASIX Electronics Corp.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-14] (ESET)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-11-02] (Dritek System Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-11 09:33 - 2015-10-11 09:34 - 00019953 _____ C:\Users\uzivatel\Desktop\FRST.txt
2015-10-09 17:33 - 2015-10-09 17:33 - 00000000 ____D C:\Users\uzivatel\AppData\Roaming\Windows Live Writer
2015-10-09 17:33 - 2015-10-09 17:33 - 00000000 ____D C:\Users\uzivatel\AppData\Local\Windows Live Writer
2015-10-09 17:33 - 2015-10-09 17:33 - 00000000 ____D C:\Users\uzivatel\AppData\Local\{0946EDAC-0F37-44BE-BB1C-718450FEA276}
2015-10-07 20:05 - 2015-10-07 20:06 - 00000000 ____D C:\Users\uzivatel\AppData\Local\{0BA9E147-51C6-48C3-8703-B8A7B196DE21}
2015-10-05 10:47 - 2015-10-11 09:33 - 00000000 ____D C:\Users\uzivatel\Desktop\FRST-OlderVersion
2015-09-26 17:38 - 2015-09-26 17:38 - 00000000 ____D C:\Users\uzivatel\AppData\Local\{CDB9942C-401E-42F4-89C8-0FD032F3FFDE}
2015-09-25 15:05 - 2015-09-25 15:05 - 00000610 _____ C:\Users\uzivatel\Desktop\Einstein.lnk
2015-09-24 09:01 - 2015-09-24 09:01 - 00000000 ____D C:\UNIQA
2015-09-23 13:23 - 2015-09-12 15:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-09-23 13:23 - 2015-09-12 15:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2015-09-23 13:23 - 2015-09-12 15:29 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2015-09-23 13:23 - 2015-09-12 15:29 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2015-09-23 13:23 - 2015-09-12 15:29 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2015-09-14 14:11 - 2015-09-14 14:11 - 00000000 ____D C:\Users\uzivatel\AppData\Roaming\eModel
2015-09-14 14:11 - 2015-09-14 14:11 - 00000000 ____D C:\Users\uzivatel\AppData\Local\eModel
2015-09-14 14:10 - 2015-09-14 14:10 - 00000000 ____D C:\Users\uzivatel\AppData\Local\MetLife
2015-09-14 14:07 - 2015-09-14 14:07 - 00000308 _____ C:\Users\uzivatel\Desktop\eModel - MetLife.appref-ms

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-11 09:33 - 2014-08-30 08:37 - 00000000 ____D C:\FRST
2015-10-11 09:33 - 2014-08-30 08:31 - 02195456 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2015-10-11 09:31 - 2013-11-19 15:49 - 00000000 ____D C:\Users\uzivatel\AppData\Local\Deployment
2015-10-11 09:31 - 2013-11-02 06:06 - 01205135 _____ C:\Windows\WindowsUpdate.log
2015-10-11 09:26 - 2015-08-31 19:15 - 00000976 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-11 09:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-10-09 21:26 - 2015-08-31 19:15 - 00000972 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-09 18:21 - 2015-02-17 16:15 - 00000000 ____D C:\ProgramData\firebird
2015-10-09 18:01 - 2015-07-09 16:03 - 00000000 ____D C:\Einstein
2015-10-09 17:37 - 2014-09-16 11:58 - 00000000 ____D C:\ProgramData\CPC
2015-10-09 17:36 - 2015-02-26 15:56 - 00000000 ____D C:\DATA_CPC
2015-10-09 17:33 - 2014-01-03 18:43 - 00000000 ____D C:\Users\uzivatel\AppData\Local\Windows Live
2015-10-09 16:42 - 2013-11-02 06:55 - 00961748 _____ C:\Windows\system32\perfh005.dat
2015-10-09 16:42 - 2013-11-02 06:55 - 00239690 _____ C:\Windows\system32\perfc005.dat
2015-10-09 16:42 - 2012-07-26 09:28 - 02380420 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-09 16:41 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2015-10-07 20:09 - 2015-04-14 20:24 - 00000000 ____D C:\Users\uzivatel\Desktop\Karolínka
2015-10-06 14:47 - 2015-02-12 15:12 - 00000000 ____D C:\Users\uzivatel\Desktop\OK
2015-10-06 14:13 - 2013-12-11 19:28 - 00000000 _____ C:\Windows\SysWOW64\sinstall.log
2015-10-06 14:12 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-06 14:11 - 2014-08-29 21:17 - 00000000 ____D C:\AdwCleaner
2015-10-06 14:11 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-10-01 17:30 - 2015-02-26 14:00 - 00000000 ____D C:\Users\uzivatel\AppData\Local\ČSOB_Pojišťovna,_a.s
2015-10-01 16:39 - 2014-09-16 11:58 - 00000000 ____D C:\Program Files (x86)\CPC
2015-10-01 16:24 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-09-26 18:31 - 2013-11-19 15:53 - 00002147 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-25 15:05 - 2015-07-09 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wüstenrot
2015-09-24 09:29 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2015-09-24 09:04 - 2014-01-08 21:43 - 00120352 _____ C:\Users\uzivatel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-24 09:02 - 2015-03-13 14:32 - 00460872 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-23 13:26 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-09-21 09:57 - 2013-12-11 19:30 - 00000000 ____D C:\Users\uzivatel\AppData\Roaming\Skype
2015-09-19 21:21 - 2013-11-19 15:51 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-19 21:21 - 2013-11-19 15:51 - 00003712 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-17 23:07 - 2014-10-18 15:06 - 00811472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-17 23:07 - 2014-10-18 15:06 - 00177616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-17 10:27 - 2015-02-17 16:16 - 00000000 ____D C:\Users\uzivatel\Documents\AXAStudio
2015-09-14 14:07 - 2015-04-17 10:02 - 00000000 ____D C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetLife
2015-09-14 09:50 - 2013-11-19 15:51 - 00000000 ____D C:\Users\uzivatel\AppData\Local\Google

==================== Files in the root of some directories =======

2015-02-25 14:44 - 2015-02-25 14:44 - 0000032 _____ () C:\Users\uzivatel\AppData\Roaming\driver_install.log
2014-01-03 18:41 - 2014-01-03 18:41 - 0003584 _____ () C:\Users\uzivatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-02 07:34 - 2013-11-02 07:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\uzivatel\AppData\Local\Temp\nfpxiidg.dll
C:\Users\uzivatel\AppData\Local\Temp\setup_EOC_einstein_v339.exe
C:\Users\uzivatel\AppData\Local\Temp\setup_EOC_einstein_v340.exe
C:\Users\uzivatel\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-10-07 09:40

==================== End of FRST.txt ============================

#6 Příspěvek od **Rudy** » 11 říj 2015 10:39

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [LManager] => [X]
HKU\S-1-5-21-3305348813-2771938429-208643079-1001\...\MountPoints2: {458b71eb-7867-11e3-be78-e89d0ba9f37c} - "D:\OpenFiles.exe"
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2012-12-29] (IvoSoft)
BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll [2012-12-29] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2012-12-29] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2012-12-29] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2012-12-29] (IvoSoft)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\uzivatel\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

zdenekkoste · #7 Příspěvek od **zdenekkoste** » 14 říj 2015 13:27

Fix result of Farbar Recovery Scan Tool (x64) Version:12-10-2015
Ran by uzivatel (2015-10-14 14:21:07) Run:1
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel (Available Profiles: uzivatel)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [LManager] => [X]
HKU\S-1-5-21-3305348813-2771938429-208643079-1001\...\MountPoints2: {458b71eb-7867-11e3-be78-e89d0ba9f37c} - "D:\OpenFiles.exe"
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2012-12-29] (IvoSoft)
BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll [2012-12-29] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2012-12-29] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2012-12-29] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2012-12-29] (IvoSoft)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\uzivatel\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LManager => value removed successfully
"HKU\S-1-5-21-3305348813-2771938429-208643079-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{458b71eb-7867-11e3-be78-e89d0ba9f37c}" => key removed successfully
HKCR\CLSID\{458b71eb-7867-11e3-be78-e89d0ba9f37c} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => key removed successfully
HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => key removed successfully
HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => key removed successfully
HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => key removed successfully
HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}" => key removed successfully
"HKCR\CLSID\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}" => key removed successfully
"HKCR\CLSID\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{553891B7-A0D5-4526-BE18-D3CE461D6310} => value removed successfully
"HKCR\CLSID\{553891B7-A0D5-4526-BE18-D3CE461D6310}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{553891B7-A0D5-4526-BE18-D3CE461D6310} => value removed successfully
"HKCR\Wow6432Node\CLSID\{553891B7-A0D5-4526-BE18-D3CE461D6310}" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.

"C:\Users\uzivatel\AppData\Local\Temp" folder move:

Could not move "C:\Users\uzivatel\AppData\Local\Temp" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-10-14 14:24:22)

C:\ProgramData\DP45977C.lfl => Is moved successfully
C:\Users\uzivatel\AppData\Local\Temp => moved successfully

==== End of Fixlog 14:24:22 ====

#8 Příspěvek od **Rudy** » 14 říj 2015 17:02

Smazáno. Nastala nějaká změna?

zdenekkoste · #9 Příspěvek od **zdenekkoste** » 14 říj 2015 19:13

Ne, nepozoruji žádnou změnu k lepšímu

#10 Příspěvek od **Rudy** » 14 říj 2015 19:16

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

zdenekkoste · #11 Příspěvek od **zdenekkoste** » 16 říj 2015 12:44

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 16. 10. 2015
Čas skenování: 13:29
Protokol: Výstup.txt
Správce: Ano

Verze: 0.0.0.0000
Databáze malwaru: v2015.10.16.04
Databáze rootkitů: v2015.10.06.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: uzivatel

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 356060
Uplynulý čas: 1 hod, 30 min, 16 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#12 Příspěvek od **Rudy** » 16 říj 2015 17:11

Tot je čistá. Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

zdenekkoste · #13 Příspěvek od **zdenekkoste** » 19 říj 2015 21:36

ComboFix 15-10-15.01 - uzivatel . 10. 2015 20:24:39.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3911.1991 [GMT 2:00]
Spuštěný z: c:\users\uzivatel\Desktop\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\uzivatel\AppData\Local\assembly\tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-09-19 do 2015-10-19 )))))))))))))))))))))))))))))))
.
.
2015-10-19 19:08 . 2015-10-19 19:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-15 15:34 . 2015-10-19 17:03 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-15 15:34 . 2015-10-15 15:34 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-10-15 15:34 . 2015-10-15 15:34 -------- d-----w- c:\programdata\Malwarebytes
2015-10-15 15:34 . 2015-10-05 07:50 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-10-15 15:34 . 2015-10-05 07:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-10-15 15:34 . 2015-10-05 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-10-14 17:27 . 2015-09-18 13:30 699904 ----a-w- c:\windows\system32\invagent.dll
2015-10-14 17:27 . 2015-09-18 13:30 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-10-14 17:27 . 2015-09-18 13:30 503296 ----a-w- c:\windows\system32\devinv.dll
2015-10-14 17:27 . 2015-09-18 13:30 1290752 ----a-w- c:\windows\system32\appraiser.dll
2015-10-14 17:27 . 2015-09-18 13:10 1163776 ----a-w- c:\windows\system32\aeinv.dll
2015-10-14 17:27 . 2015-09-18 15:09 32432 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-10-14 17:27 . 2015-09-18 13:30 73216 ----a-w- c:\windows\system32\acmigration.dll
2015-10-14 14:06 . 2015-09-18 13:30 19280896 ----a-w- c:\windows\system32\mshtml.dll
2015-10-14 14:02 . 2015-08-01 13:56 19778048 ----a-w- c:\windows\system32\shell32.dll
2015-10-14 12:26 . 2015-10-19 19:08 -------- d-----w- c:\users\uzivatel\AppData\Local\Temp
2015-10-09 15:33 . 2015-10-09 15:33 -------- d-----w- c:\users\uzivatel\AppData\Local\Windows Live Writer
2015-10-09 15:33 . 2015-10-09 15:33 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Windows Live Writer
2015-10-02 14:40 . 2015-10-02 14:40 17314496 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE12\MSO.DLL
2015-09-24 07:01 . 2015-09-24 07:01 -------- d-----w- C:\UNIQA
2015-09-23 11:23 . 2015-09-12 13:29 148480 ----a-w- c:\windows\system32\poqexec.exe
2015-09-23 11:23 . 2015-09-12 13:29 122880 ----a-w- c:\windows\system32\VmHostAI.dll
2015-09-23 11:23 . 2015-09-12 13:29 144896 ----a-w- c:\windows\system32\tssdisai.dll
2015-09-23 11:23 . 2015-09-12 13:29 126976 ----a-w- c:\windows\system32\RDWebAI.dll
2015-09-23 11:23 . 2015-09-12 13:29 135680 ----a-w- c:\windows\system32\appserverai.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-15 09:36 . 2013-11-19 14:35 143481208 ----a-w- c:\windows\system32\MRT.exe
2015-10-15 06:58 . 2014-12-04 23:01 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2015-10-05 16:50 . 2014-10-18 13:06 809952 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-05 16:50 . 2014-10-18 13:06 176096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-09-02 13:49 . 2015-09-09 17:18 2341376 ----a-w- c:\windows\system32\msxml6.dll
2015-09-02 13:49 . 2015-09-09 17:18 1850880 ----a-w- c:\windows\system32\msxml3.dll
2015-09-02 13:48 . 2015-09-09 16:06 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 13:38 . 2015-09-09 17:18 1744384 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-09-02 13:38 . 2015-09-09 17:18 1422336 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-09-02 13:38 . 2015-09-09 16:06 35328 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-01 23:25 . 2015-09-09 16:06 4065280 ----a-w- c:\windows\system32\win32k.sys
2015-08-28 21:59 . 2015-09-09 16:06 304128 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-27 18:41 . 2015-09-09 16:06 366592 ----a-w- c:\windows\system32\atmfd.dll
2015-08-13 10:49 . 2015-08-19 13:31 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2015-08-13 10:44 . 2015-08-19 13:31 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2015-08-05 13:52 . 2015-09-09 16:05 1287680 ----a-w- c:\windows\system32\schedsvc.dll
2015-08-04 14:42 . 2015-09-09 16:05 1229824 ----a-w- c:\windows\SysWow64\Windows.UI.Immersive.dll
2015-08-04 14:42 . 2015-09-09 16:05 8858112 ----a-w- c:\windows\SysWow64\twinui.dll
2015-08-04 14:42 . 2015-09-09 16:05 356352 ----a-w- c:\windows\SysWow64\SettingSync.dll
2015-08-04 14:42 . 2015-09-09 16:05 100864 ----a-w- c:\windows\SysWow64\SettingSyncInfo.dll
2015-08-04 14:42 . 2015-09-09 16:05 2038784 ----a-w- c:\windows\SysWow64\authui.dll
2015-08-04 13:54 . 2015-09-09 16:05 1399808 ----a-w- c:\windows\system32\Windows.UI.Immersive.dll
2015-08-04 13:54 . 2015-09-09 16:05 10116608 ----a-w- c:\windows\system32\twinui.dll
2015-08-04 13:53 . 2015-09-09 16:05 449024 ----a-w- c:\windows\system32\SettingSync.dll
2015-08-04 13:53 . 2015-09-09 16:05 128512 ----a-w- c:\windows\system32\SettingSyncInfo.dll
2015-08-04 13:53 . 2015-09-09 16:05 2307584 ----a-w- c:\windows\system32\authui.dll
2015-08-01 16:21 . 2015-09-09 16:05 73352 ----a-w- c:\windows\system32\appidapi.dll
2015-08-01 15:22 . 2015-09-09 16:05 63992 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-08-01 13:56 . 2015-09-09 16:05 18432 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-08-01 13:56 . 2015-09-09 16:05 139776 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-08-01 13:56 . 2015-09-09 16:05 39424 ----a-w- c:\windows\system32\appidsvc.dll
2015-07-30 13:11 . 2015-08-12 08:46 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 13:10 . 2015-08-12 08:46 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-29 14:45 . 2015-08-12 08:44 1412608 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-07-29 13:52 . 2015-08-12 08:44 1280000 ----a-w- c:\windows\system32\FntCache.dll
2015-07-29 13:52 . 2015-08-12 08:44 1840640 ----a-w- c:\windows\system32\DWrite.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2012-12-29 08:55 611328 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"="c:\program files (x86)\RadioController\RfBtnHelper.exe" [2013-11-02 111216]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 152392]
"SP_WSPCHK"="c:\program files\Common Files\SOFTPRO\Shared\SP_WspInit.exe" [2013-12-02 122208]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-12-11 30877280]
.
c:\users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CPP - CalcServer.lnk - c:\users\uzivatel\Desktop\OK\Pojišťovny\ČPP\CppCalcServer.exe [2015-2-18 1044992]
Kooperativa - PDF Server.lnk - c:\users\uzivatel\Desktop\OK\Pojišťovny\Kooperativa\KoopP7BNExtern\KoopPDFServerSA.exe [2015-2-12 1652224]
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
R3 DeviceFastLaneService;Device Fast-lane Service;c:\program files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe;c:\program files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [x]
R3 irstrtsv;Intel(R) Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe;c:\windows\SysWOW64\irstrtsv.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 SQLAgent$MSSQLSERVERNOVY;SQL Server Agent (MSSQLSERVERNOVY);c:\program files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\SQLAGENT.EXE [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 USecuAppSvc;Acer Theft Shield Service;c:\program files\Acer\Acer Theft Shield\USecuAppSvc.exe;c:\program files\Acer\Acer Theft Shield\USecuAppSvc.exe [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WSDScan;Podpora skenování WSD;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\System32\drivers\WUDFRd.sys;c:\windows\SYSNATIVE\drivers\WUDFRd.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0102;RsFx0102 Driver;c:\windows\system32\DRIVERS\RsFx0102.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0102.sys [x]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0150.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 edevmon;edevmon;c:\windows\system32\DRIVERS\edevmon.sys;c:\windows\SYSNATIVE\DRIVERS\edevmon.sys [x]
S0 excsd;ExpressCache Storage Filter Driver;c:\windows\system32\DRIVERS\excsd.sys;c:\windows\SYSNATIVE\DRIVERS\excsd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 excfs;ExpressCache File System Filter Driver;c:\windows\system32\DRIVERS\excfs.sys;c:\windows\SYSNATIVE\DRIVERS\excfs.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 CCDMonitorService;CCDMonitorService;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 ETDService;Elan Service;c:\program files\Elantech\ETDService.exe;c:\program files\Elantech\ETDService.exe [x]
S2 ExpressCache;ExpressCache;c:\program files\Condusiv Technologies\ExpressCache\ExpressCache.exe;c:\program files\Condusiv Technologies\ExpressCache\ExpressCache.exe [x]
S2 FFSOpzSvc;Sleep memory optimizer;c:\program files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe;c:\program files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSOLAP$MSSQLSERVERNOVY;SQL Server Analysis Services (MSSQLSERVERNOVY);c:\program files (x86)\Microsoft SQL Server\MSAS10.MSSQLSERVERNOVY\OLAP\bin\msmdsrv.exe;c:\program files (x86)\Microsoft SQL Server\MSAS10.MSSQLSERVERNOVY\OLAP\bin\msmdsrv.exe [x]
S2 MSSQL$MSSQLSERVERNOVY;SQL Server (MSSQLSERVERNOVY);c:\program files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\sqlservr.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 ReportServer$MSSQLSERVERNOVY;SQL Server Reporting Services (MSSQLSERVERNOVY);c:\program files (x86)\Microsoft SQL Server\MSRS10.MSSQLSERVERNOVY\Reporting Services\ReportServer\bin\ReportingServicesService.exe;c:\program files (x86)\Microsoft SQL Server\MSRS10.MSSQLSERVERNOVY\Reporting Services\ReportServer\bin\ReportingServicesService.exe [x]
S2 RfButtonDriverService;Dritek RF Button Command Service;c:\windows\RfBtnSvc64.exe;c:\windows\RfBtnSvc64.exe [x]
S2 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe;c:\windows\SysWOW64\ssins.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 ePowerSvc;ePower Service;c:\program files\Acer\Acer Power Management\ePowerSvc.exe;c:\program files\Acer\Acer Power Management\ePowerSvc.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 irstrtdv;Intel(R) Rapid Start Technology Driver;c:\windows\System32\drivers\irstrtdv.sys;c:\windows\SYSNATIVE\drivers\irstrtdv.sys [x]
S3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;c:\windows\System32\drivers\aPs2Kb2Hid.sys;c:\windows\SYSNATIVE\drivers\aPs2Kb2Hid.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-10-16 09:08 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.71\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2012-12-29 08:56 741888 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-23 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-23 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-23 441888]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-01-29 13267016]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-01-18 1276488]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2015-07-08 5595848]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Export do &Tahiti - c:\program files (x86)\LightComp eDoklady Skenováni\iehelper.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 217.197.144.22 217.197.152.132
FF - ProfilePath - c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4hrrw47b.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-Viber - c:\users\uzivatel\AppData\Local\Viber\Viber.exe
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-dm paradies foto - c:\program files (x86)\dm\dm paradies foto\uninstall.exe
AddRemove-Money S3 - c:\program files (x86)\CIGLER SOFTWARE\Common Files\Money S3\Setup\Uninst.exe
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2015-10-19 21:15:35
ComboFix-quarantined-files.txt 2015-10-19 19:15
.
Před spuštěním: 316 836 085 760 bytes free
Po spuštění: 316 721 786 880 bytes free
.
- - End Of File - - 599EAB0832E3DF92446E848F0EF49812

#14 Příspěvek od **Rudy** » 20 říj 2015 17:19

Dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

zdenekkoste · #15 Příspěvek od **zdenekkoste** » 21 říj 2015 14:36

Udělal jsem podle rady, zde je log, který se mi zobrazil.

ComboFix 15-10-15.01 - uzivatel . 10. 2015 13:30:51.2.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3911.2197 [GMT 2:00]
Spuštěný z: c:\users\uzivatel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\uzivatel\Desktop\CFscript.txt
AV: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-09-21 do 2015-10-21 )))))))))))))))))))))))))))))))
.
.
2015-10-21 12:16 . 2015-10-21 12:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-15 15:34 . 2015-10-15 15:34 -------- d-----w- c:\programdata\Malwarebytes
2015-10-14 17:27 . 2015-09-18 13:30 699904 ----a-w- c:\windows\system32\invagent.dll
2015-10-14 17:27 . 2015-09-18 13:30 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-10-14 17:27 . 2015-09-18 13:30 503296 ----a-w- c:\windows\system32\devinv.dll
2015-10-14 17:27 . 2015-09-18 13:30 1290752 ----a-w- c:\windows\system32\appraiser.dll
2015-10-14 17:27 . 2015-09-18 13:10 1163776 ----a-w- c:\windows\system32\aeinv.dll
2015-10-14 17:27 . 2015-09-18 15:09 32432 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-10-14 17:27 . 2015-09-18 13:30 73216 ----a-w- c:\windows\system32\acmigration.dll
2015-10-14 14:06 . 2015-09-18 13:30 19280896 ----a-w- c:\windows\system32\mshtml.dll
2015-10-14 14:02 . 2015-08-01 13:56 19778048 ----a-w- c:\windows\system32\shell32.dll
2015-10-14 12:26 . 2015-10-21 13:26 -------- d-----w- c:\users\uzivatel\AppData\Local\Temp
2015-10-09 15:33 . 2015-10-09 15:33 -------- d-----w- c:\users\uzivatel\AppData\Local\Windows Live Writer
2015-10-09 15:33 . 2015-10-09 15:33 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Windows Live Writer
2015-10-02 14:40 . 2015-10-02 14:40 17314496 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE12\MSO.DLL
2015-09-24 07:01 . 2015-09-24 07:01 -------- d-----w- C:\UNIQA
2015-09-23 11:23 . 2015-09-12 13:29 148480 ----a-w- c:\windows\system32\poqexec.exe
2015-09-23 11:23 . 2015-09-12 13:29 122880 ----a-w- c:\windows\system32\VmHostAI.dll
2015-09-23 11:23 . 2015-09-12 13:29 144896 ----a-w- c:\windows\system32\tssdisai.dll
2015-09-23 11:23 . 2015-09-12 13:29 126976 ----a-w- c:\windows\system32\RDWebAI.dll
2015-09-23 11:23 . 2015-09-12 13:29 135680 ----a-w- c:\windows\system32\appserverai.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-16 06:35 . 2014-10-18 13:06 809944 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-16 06:35 . 2014-10-18 13:06 176096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-15 09:36 . 2013-11-19 14:35 143481208 ----a-w- c:\windows\system32\MRT.exe
2015-10-15 06:58 . 2014-12-04 23:01 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2015-09-02 13:49 . 2015-09-09 17:18 2341376 ----a-w- c:\windows\system32\msxml6.dll
2015-09-02 13:49 . 2015-09-09 17:18 1850880 ----a-w- c:\windows\system32\msxml3.dll
2015-09-02 13:48 . 2015-09-09 16:06 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 13:38 . 2015-09-09 17:18 1744384 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-09-02 13:38 . 2015-09-09 17:18 1422336 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-09-02 13:38 . 2015-09-09 16:06 35328 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-01 23:25 . 2015-09-09 16:06 4065280 ----a-w- c:\windows\system32\win32k.sys
2015-08-28 21:59 . 2015-09-09 16:06 304128 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-27 18:41 . 2015-09-09 16:06 366592 ----a-w- c:\windows\system32\atmfd.dll
2015-08-13 10:49 . 2015-08-19 13:31 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2015-08-13 10:44 . 2015-08-19 13:31 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2015-08-05 13:52 . 2015-09-09 16:05 1287680 ----a-w- c:\windows\system32\schedsvc.dll
2015-08-04 14:42 . 2015-09-09 16:05 1229824 ----a-w- c:\windows\SysWow64\Windows.UI.Immersive.dll
2015-08-04 14:42 . 2015-09-09 16:05 8858112 ----a-w- c:\windows\SysWow64\twinui.dll
2015-08-04 14:42 . 2015-09-09 16:05 356352 ----a-w- c:\windows\SysWow64\SettingSync.dll
2015-08-04 14:42 . 2015-09-09 16:05 100864 ----a-w- c:\windows\SysWow64\SettingSyncInfo.dll
2015-08-04 14:42 . 2015-09-09 16:05 2038784 ----a-w- c:\windows\SysWow64\authui.dll
2015-08-04 13:54 . 2015-09-09 16:05 1399808 ----a-w- c:\windows\system32\Windows.UI.Immersive.dll
2015-08-04 13:54 . 2015-09-09 16:05 10116608 ----a-w- c:\windows\system32\twinui.dll
2015-08-04 13:53 . 2015-09-09 16:05 449024 ----a-w- c:\windows\system32\SettingSync.dll
2015-08-04 13:53 . 2015-09-09 16:05 128512 ----a-w- c:\windows\system32\SettingSyncInfo.dll
2015-08-04 13:53 . 2015-09-09 16:05 2307584 ----a-w- c:\windows\system32\authui.dll
2015-08-01 16:21 . 2015-09-09 16:05 73352 ----a-w- c:\windows\system32\appidapi.dll
2015-08-01 15:22 . 2015-09-09 16:05 63992 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-08-01 13:56 . 2015-09-09 16:05 18432 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-08-01 13:56 . 2015-09-09 16:05 139776 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-08-01 13:56 . 2015-09-09 16:05 39424 ----a-w- c:\windows\system32\appidsvc.dll
2015-07-30 13:11 . 2015-08-12 08:46 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 13:10 . 2015-08-12 08:46 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-29 14:45 . 2015-08-12 08:44 1412608 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-07-29 13:52 . 2015-08-12 08:44 1280000 ----a-w- c:\windows\system32\FntCache.dll
2015-07-29 13:52 . 2015-08-12 08:44 1840640 ----a-w- c:\windows\system32\DWrite.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2012-12-29 08:55 611328 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"="c:\program files (x86)\RadioController\RfBtnHelper.exe" [2013-11-02 111216]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 152392]
"SP_WSPCHK"="c:\program files\Common Files\SOFTPRO\Shared\SP_WspInit.exe" [2013-12-02 122208]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-12-11 30877280]
.
c:\users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CPP - CalcServer.lnk - c:\users\uzivatel\Desktop\OK\Pojišťovny\ČPP\CppCalcServer.exe [2015-2-18 1044992]
Kooperativa - PDF Server.lnk - c:\users\uzivatel\Desktop\OK\Pojišťovny\Kooperativa\KoopP7BNExtern\KoopPDFServerSA.exe [2015-2-12 1652224]
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
R3 DeviceFastLaneService;Device Fast-lane Service;c:\program files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe;c:\program files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [x]
R3 irstrtsv;Intel(R) Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe;c:\windows\SysWOW64\irstrtsv.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 SQLAgent$MSSQLSERVERNOVY;SQL Server Agent (MSSQLSERVERNOVY);c:\program files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\SQLAGENT.EXE [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 USecuAppSvc;Acer Theft Shield Service;c:\program files\Acer\Acer Theft Shield\USecuAppSvc.exe;c:\program files\Acer\Acer Theft Shield\USecuAppSvc.exe [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WSDScan;Podpora skenování WSD;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\System32\drivers\WUDFRd.sys;c:\windows\SYSNATIVE\drivers\WUDFRd.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0102;RsFx0102 Driver;c:\windows\system32\DRIVERS\RsFx0102.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0102.sys [x]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0150.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 excsd;ExpressCache Storage Filter Driver;c:\windows\system32\DRIVERS\excsd.sys;c:\windows\SYSNATIVE\DRIVERS\excsd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 excfs;ExpressCache File System Filter Driver;c:\windows\system32\DRIVERS\excfs.sys;c:\windows\SYSNATIVE\DRIVERS\excfs.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 CCDMonitorService;CCDMonitorService;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 ETDService;Elan Service;c:\program files\Elantech\ETDService.exe;c:\program files\Elantech\ETDService.exe [x]
S2 ExpressCache;ExpressCache;c:\program files\Condusiv Technologies\ExpressCache\ExpressCache.exe;c:\program files\Condusiv Technologies\ExpressCache\ExpressCache.exe [x]
S2 FFSOpzSvc;Sleep memory optimizer;c:\program files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe;c:\program files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSOLAP$MSSQLSERVERNOVY;SQL Server Analysis Services (MSSQLSERVERNOVY);c:\program files (x86)\Microsoft SQL Server\MSAS10.MSSQLSERVERNOVY\OLAP\bin\msmdsrv.exe;c:\program files (x86)\Microsoft SQL Server\MSAS10.MSSQLSERVERNOVY\OLAP\bin\msmdsrv.exe [x]
S2 MSSQL$MSSQLSERVERNOVY;SQL Server (MSSQLSERVERNOVY);c:\program files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\sqlservr.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 ReportServer$MSSQLSERVERNOVY;SQL Server Reporting Services (MSSQLSERVERNOVY);c:\program files (x86)\Microsoft SQL Server\MSRS10.MSSQLSERVERNOVY\Reporting Services\ReportServer\bin\ReportingServicesService.exe;c:\program files (x86)\Microsoft SQL Server\MSRS10.MSSQLSERVERNOVY\Reporting Services\ReportServer\bin\ReportingServicesService.exe [x]
S2 RfButtonDriverService;Dritek RF Button Command Service;c:\windows\RfBtnSvc64.exe;c:\windows\RfBtnSvc64.exe [x]
S2 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe;c:\windows\SysWOW64\ssins.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 ePowerSvc;ePower Service;c:\program files\Acer\Acer Power Management\ePowerSvc.exe;c:\program files\Acer\Acer Power Management\ePowerSvc.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 irstrtdv;Intel(R) Rapid Start Technology Driver;c:\windows\System32\drivers\irstrtdv.sys;c:\windows\SYSNATIVE\drivers\irstrtdv.sys [x]
S3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;c:\windows\System32\drivers\aPs2Kb2Hid.sys;c:\windows\SYSNATIVE\drivers\aPs2Kb2Hid.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-10-16 09:08 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.71\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2012-12-29 08:56 741888 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-23 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-23 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-23 441888]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-01-29 13267016]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-01-18 1276488]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2015-07-08 5595848]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Export do &Tahiti - c:\program files (x86)\LightComp eDoklady Skenováni\iehelper.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 217.197.144.22 217.197.152.132
FF - ProfilePath - c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4hrrw47b.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
AddRemove-dm paradies foto - c:\program files (x86)\dm\dm paradies foto\uninstall.exe
AddRemove-Money S3 - c:\program files (x86)\CIGLER SOFTWARE\Common Files\Money S3\Setup\Uninst.exe
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Classic Shell\ClassicShellService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\Launch Manager\LManager.exe
c:\users\uzivatel\Desktop\OK\Pojic:\program files (x86)\RadioController\RfBtnHelper.exe
c:\users\uzivatel\Desktop\OK\Pojic:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Celkový čas: 2015-10-21 15:31:44 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-10-21 13:31
ComboFix2.txt 2015-10-19 19:15
.
Před spuštěním: 314 612 371 456 bytes free
Po spuštění: 314 628 816 896 bytes free
.
- - End Of File - - 56268528A70DA181A5A3C47AC98DEBEF

VIRY.CZ

Pomalý PC

Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC