zpomalený internet./pc jede pořádna plný výkon 100%
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:16-04-2016 01
Ran by PC-Standa (administrator) on PC-STANDA-PC (18-11-2016 11:34:28)
Running from C:\Users\PC-Standa\Desktop
Loaded Profiles: PC-Standa (Available Profiles: PC-Standa & Hanička)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
() C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
() C:\Program Files\AWIS\AWKasa\bin\mysqld-nt.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Futuredial Inc.) C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPNetworkCommunicatorCom.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPCustPartic.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPNetworkCommunicatorCom.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ASUS Sync Loader] => C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe [638976 2013-03-01] (Futuredial Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-4064253568-945658341-771417536-1001\...\Run: [HP DeskJet 4530 series (NET)] => C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe [2544648 2015-03-09] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-4064253568-945658341-771417536-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6889176 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-4064253568-945658341-771417536-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2016-11-13] (AVAST Software)
Startup: C:\Users\Hanička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2012-11-10]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6B9BDB96-1517-416E-864A-42FADC091769}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6D5C2257-A403-4E5E-951E-BEEC77C48134}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F643A4B4-57AC-4506-A66F-FBE46BC10B4B}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4064253568-945658341-771417536-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4064253568-945658341-771417536-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4064253568-945658341-771417536-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-29] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2016-11-13] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-29] (Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\PC-Standa\AppData\Roaming\Mozilla\Firefox\Profiles\gn700ure.default-1432741357672
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-29] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4064253568-945658341-771417536-1001: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\PC-Standa\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll [2010-06-09] ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-09-25] [not signed]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-09-25] [not signed]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-09-25] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2016-11-13]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\Alwil Software\Avast5\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\Alwil Software\Avast5\SafePrice\FF [2016-11-13]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [197128 2016-11-13] (AVAST Software)
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [794624 2007-11-01] (Intel Corporation) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-08-09] (Flexera Software, Inc.)
R2 MySQL; C:\Program Files\AWIS\AWKasa\bin\mysqld-nt.exe [2203648 2012-12-02] () [File not signed]
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [483328 2007-11-01] (Intel Corporation) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-11-13] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-11-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-11-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-11-13] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-11-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-11-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-11-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-11-13] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-11-13] (AVAST Software)
S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [477312 2010-01-29] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
S3 AVerIR; C:\Windows\System32\DRIVERS\AVerIR.sys [88576 2010-01-12] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
S3 HTCAND32; C:\Windows\System32\Drivers\ANDROIDUSB.sys [25088 2009-10-26] (HTC, Corporation) [File not signed]
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [9216 2010-02-22] (MBB Incorporated)
S3 pmx3gmdm; C:\Windows\System32\DRIVERS\pmx3gmdm.sys [103552 2009-12-29] (Olivetti) [File not signed]
S3 pmx3gnet; C:\Windows\System32\DRIVERS\pmx3gnet.sys [116736 2009-12-29] (Olivetti) [File not signed]
S3 Ser2plx86; C:\Windows\System32\DRIVERS\ser2pl.sys [134144 2013-02-22] (Prolific Technology Inc.)
S3 trufos; C:\Windows\System32\drivers\trufos.sys [343456 2016-10-29] (BitDefender S.R.L.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-17 11:42 - 2016-11-17 11:56 - 00000000 ___DC C:\rsit
2016-11-17 11:38 - 2016-11-17 11:40 - 00688992 _____ (Swearware) C:\Users\PC-Standa\Downloads\dds.exe
2016-11-17 11:37 - 2016-11-17 11:38 - 01107968 _____ C:\Users\PC-Standa\Downloads\RSIT.exe
2016-11-17 10:00 - 2016-11-17 10:01 - 03910208 _____ C:\Users\PC-Standa\Downloads\adwcleaner.exe
2016-11-13 13:58 - 2016-11-13 13:57 - 00319760 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-11-13 13:57 - 2016-11-13 13:57 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-11-10 22:10 - 2016-11-10 22:10 - 00532270 _____ C:\Users\PC-Standa\Desktop\Zpráva_autoDNA_WP0ZZZ99Z1S640268.pdf
2016-11-10 15:17 - 2016-11-10 15:28 - 00007194 _____ C:\Windows\ntbtlog.txt
2016-11-10 07:12 - 2016-11-10 07:13 - 08270712 _____ (Piriform Ltd) C:\Users\PC-Standa\Downloads\ccsetup523(2).exe
2016-10-30 09:20 - 2016-10-30 09:20 - 00000000 ____D C:\Users\Hanička\AppData\Roaming\Sun
2016-10-29 19:51 - 2016-10-29 19:51 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\msvcr90.dll
2016-10-29 19:51 - 2016-10-29 19:51 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\msvcp90.dll
2016-10-29 19:51 - 2016-10-29 19:51 - 00343456 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2016-10-29 19:51 - 2016-10-29 19:51 - 00001046 _____ C:\Users\PC-Standa\Desktop\MWAVSCAN.lnk
2016-10-29 19:45 - 2016-10-29 19:48 - 154422000 _____ C:\Users\PC-Standa\Desktop\mwav.exe
2016-10-29 19:33 - 2016-10-29 19:35 - 56134208 _____ (Oracle Corporation) C:\Users\PC-Standa\Downloads\jre-8u111-windows-i586.exe
2016-10-29 19:33 - 2016-10-29 19:33 - 00000000 ____D C:\Program Files\Common Files\Java
2016-10-29 19:32 - 2016-10-29 19:32 - 00000000 ____D C:\Users\PC-Standa\AppData\Roaming\Sun
2016-10-29 19:22 - 2016-10-29 19:22 - 00737856 _____ (Oracle Corporation) C:\Users\PC-Standa\Downloads\jre-8u111-windows-i586-iftw.exe
2016-10-28 11:58 - 2016-10-28 11:58 - 08270712 _____ (Piriform Ltd) C:\Users\PC-Standa\Downloads\ccsetup523(1).exe
2016-10-28 11:52 - 2016-10-28 11:52 - 00733304 _____ () C:\Users\PC-Standa\Downloads\ccleaner-seznam-listicka(1).exe
2016-10-28 11:36 - 2016-10-28 11:36 - 00001024 _____ C:\Users\PC-Standa\Downloads\ccsetup523.exe
2016-10-28 10:54 - 2016-10-28 10:54 - 00733304 _____ () C:\Users\PC-Standa\Downloads\ccleaner-seznam-listicka.exe
2016-10-28 10:50 - 2016-10-28 10:51 - 00733304 _____ () C:\Users\PC-Standa\Downloads\ccleaner-seznam-listicka.exe.part
2016-10-23 10:59 - 2016-10-23 11:00 - 00064627 _____ C:\Users\PC-Standa\Downloads\0000002848136369_20160930_K_009_000_M_C.pdf
2016-10-22 23:44 - 2016-10-22 23:44 - 00002062 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-10-22 23:44 - 2016-10-22 23:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-18 11:40 - 2016-05-11 17:51 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-18 11:34 - 2016-04-17 11:38 - 00013266 _____ C:\Users\PC-Standa\Desktop\FRST.txt
2016-11-18 11:34 - 2016-04-17 10:23 - 00000000 ___DC C:\FRST
2016-11-18 11:32 - 2014-11-30 08:57 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-17 17:50 - 2016-05-11 17:51 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf3b21afca7b.job
2016-11-17 11:44 - 2014-04-21 19:20 - 00000000 ____D C:\Program Files\trend micro
2016-11-17 11:32 - 2009-07-14 05:34 - 00013760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-17 11:32 - 2009-07-14 05:34 - 00013760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-17 11:27 - 2010-03-06 17:06 - 01593078 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-17 11:27 - 2009-07-14 09:44 - 00672370 _____ C:\Windows\system32\perfh005.dat
2016-11-17 11:27 - 2009-07-14 09:44 - 00142934 _____ C:\Windows\system32\perfc005.dat
2016-11-17 11:27 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-11-17 11:21 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-17 11:15 - 2016-04-18 21:01 - 00000000 ___DC C:\AdwCleaner
2016-11-17 11:13 - 2010-03-06 22:43 - 00000000 ____D C:\ProgramData\ICQ
2016-11-14 20:03 - 2010-03-25 21:07 - 00000000 ____D C:\Users\PC-Standa\AppData\Local\ElevatedDiagnostics
2016-11-14 20:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-11-13 16:31 - 2013-04-04 20:13 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2016-11-13 14:00 - 2013-03-20 17:30 - 00224752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-11-13 14:00 - 2011-06-29 20:31 - 00735488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-11-13 14:00 - 2010-03-06 17:21 - 00433768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-11-13 13:58 - 2014-05-08 21:36 - 00034008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-11-13 13:58 - 2014-01-14 18:18 - 00118664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-11-13 13:58 - 2013-03-20 17:30 - 00060424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-11-13 13:58 - 2012-02-26 21:03 - 00091232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-11-13 13:58 - 2010-03-06 17:21 - 00092256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-11-13 13:57 - 2012-02-26 21:03 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-11-12 09:26 - 2016-08-21 20:21 - 00000000 ____D C:\Users\PC-Standa\AppData\Roaming\WiseUpdate
2016-11-10 07:18 - 2015-08-13 16:11 - 00000925 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-11-08 16:38 - 2012-04-05 20:28 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-11-08 16:38 - 2011-05-14 23:53 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-11-08 16:37 - 2010-03-06 17:34 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-05 15:30 - 2015-08-12 22:58 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-29 19:54 - 2015-08-13 15:51 - 00000055 _____ C:\Windows\Lic.xxx
2016-10-29 19:51 - 2015-08-13 15:50 - 00156392 _____ (MicroWorld Technologies Inc.) C:\Windows\system32\eEmpty.exe
2016-10-29 19:51 - 2009-07-14 03:04 - 00000500 _____ C:\Windows\win.ini
2016-10-29 19:31 - 2014-08-11 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-10-29 19:29 - 2014-08-11 20:46 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-10-29 19:28 - 2014-08-11 20:44 - 00000000 ____D C:\Program Files\Java
2016-10-28 11:16 - 2016-09-25 20:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-10-28 11:16 - 2014-01-19 19:33 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-10-26 16:29 - 2010-03-06 17:29 - 00407720 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-22 13:16 - 2010-05-06 20:36 - 00000000 ____D C:\ProgramData\Skype
2016-10-22 09:09 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
==================== Files in the root of some directories =======
2015-07-15 20:45 - 2015-07-15 20:45 - 6420480 _____ () C:\Program Files\GUTF306.tmp
2012-06-27 21:32 - 2012-06-27 21:33 - 0601088 ____R () C:\Users\PC-Standa\AppData\Roaming\SharedSettings.ccs
2013-12-12 18:55 - 2013-12-12 18:55 - 0000302 ____R () C:\Users\PC-Standa\AppData\Local\config.ini
2010-03-07 13:12 - 2010-09-15 20:16 - 0008192 ____R () C:\Users\PC-Standa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-17 08:22 - 2013-11-17 08:22 - 0007602 ____R () C:\Users\PC-Standa\AppData\Local\Resmon.ResmonCfg
2013-12-12 18:55 - 2013-12-12 18:55 - 0000000 ____R () C:\Users\PC-Standa\AppData\Local\simedit.log
2016-05-01 15:55 - 2016-05-01 15:55 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-05-06 20:43 - 2010-05-06 20:43 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-09-20 21:49 - 2012-08-09 22:49 - 0000241 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\PC-Standa\AppData\Local\temp\libeay32.dll
C:\Users\PC-Standa\AppData\Local\temp\msvcr120.dll
C:\Users\PC-Standa\AppData\Local\temp\sqlite3.dll
Some zero byte size files/folders:
==========================
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\VDLL.DLL
C:\Windows\System32\runouce.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-10-27 21:17
==================== End of FRST.txt ============================
info.txt logfile of random's system information tool 1.10 2016-11-17 11:56:39
======MBR======
0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9AE1A0B10A00008020210007DF130C000800000020030000DF140C07FEFFFF0028030000C84D09000000000000000000000000000000000000000000000000000000000000000055AA
======Uninstall list======
Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
Adobe Acrobat Reader DC - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AC0F074E4100}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{BBEC10F9-AC15-41EE-A271-0B1077F53740}
Adobe Flash Player 23 NPAPI-->C:\Windows\system32\Macromed\Flash\FlashUtil32_23_0_0_207_Plugin.exe -maintain plugin
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824205020}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
ANT Drivers Installer x86-->MsiExec.exe /I{930CC583-C24C-4ECA-8CED-02A7D1B40920}
Avast Free Antivirus-->C:\Program Files\Alwil Software\Avast5\Setup\Instup.exe /control_panel
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)-->rundll32.exe C:\PROGRA~1\DIFX\3BF3CCEE2F621170\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\ant_libusb.inf_x86_neutral_54173307afc55815\ant_libusb.inf
Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_52F0DFAA648E25523CF0EE10FEDF6AC712ED34DB\pccsmcfd.inf
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)-->rundll32.exe C:\PROGRA~1\DIFX\3BF3CCEE2F621170\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\usb_ant_siusbxp_3_1.inf_x86_neutral_a786cf555bc1afd4\usb_ant_siusbxp_3_1.inf
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Data Lifeguard Diagnostic for Windows-->MsiExec.exe /X{E40CE517-0D42-4198-96B4-C8232B257EB5}
Elevated Installer-->MsiExec.exe /I{42B70DEB-600A-4A1C-86A3-2F2877276720}
FormatFactory 3.5.0.0-->C:\Program Files\FreeTime\FormatFactory\uninst.exe
Garmin Express Tray-->MsiExec.exe /I{CAE86049-E7B8-4B2D-8ADF-3BB3F4F1628A}
Garmin Express-->"C:\ProgramData\Package Cache\{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}\GarminExpressInstaller.exe" /uninstall
Google Earth-->MsiExec.exe /I{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HP DeskJet 4530 series Nápověda-->MsiExec.exe /I{6533E793-4E8D-4C7C-B287-4115DA1F40E3}
HP Dropbox Plugin-->MsiExec.exe /I{FDBB833E-02B5-470C-B811-F94FAA31B9BE}
HP Google Drive Plugin-->MsiExec.exe /I{0046D858-2EEB-4680-B0F1-ADFBECA44921}
HP Photo Creations-->C:\Program Files\HP Photo Creations\uninst.exe
HP Update-->MsiExec.exe /X{912D30CF-F39E-4B31-AD9A-123C6B794EE2}
Java 8 Update 111-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180111F0}
Java 8 Update 51-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218051F0}
Microsoft (R) C Runtime Library-->MsiExec.exe /I{51D569E0-8A28-11D2-B962-006097C4DE24}
Microsoft .NET Framework 4.5 CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\CSY\\Setup.exe /repair /x86 /lcid 1029
Microsoft .NET Framework 4.5 CSY Language Pack-->MsiExec.exe /X{CF2FF2C3-3013-33E4-8413-92090A340FE1}
Microsoft .NET Framework 4.5-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\\Setup.exe /repair /x86
Microsoft .NET Framework 4.5-->MsiExec.exe /X{9F612429-4A00-3D44-88CF-146DA2EE1F92}
Microsoft Common Controls 2 ActiveX Control DLL-->MsiExec.exe /I{3207D1B6-80E5-11D2-B95D-006097C4DE24}
Microsoft Common Controls 2 ActiveX Control DLL-->MsiExec.exe /I{D4A3A9E0-AA55-11D2-B97F-006097C4DE24}
Microsoft Internet Transfer Control DLL-->MsiExec.exe /I{7EBEDD29-AA66-11D2-B980-006097C4DE24}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.5-->MsiExec.exe /I{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft OLE 2.40 for Windows NT(TM) and Windows 95(TM) Operating Systems-->MsiExec.exe /I{8C0C59A0-7DC8-11D2-B95D-006097C4DE24}
Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft_VC100_CRT_SP1_x86-->MsiExec.exe /I{E3B64CC5-C011-40C0-92BC-7316CD5E5688}
Mozilla Firefox 49.0.2 (x86 cs)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
MySQL Connector/ODBC-->MsiExec.exe /I{DBB6755D-3ACC-416D-B810-188C6951A4B5}
Profesionální pokladní systém AWIS 4.1.2.745-->"C:\Program Files\AWIS\AWKasa\unins000.exe"
Security Update for Microsoft .NET Framework 4.5 (KB2737083)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {C2CC4CC0-255B-307E-A5A3-53B4000F6701}
Security Update for Microsoft .NET Framework 4.5 (KB2742613)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {C49E3F9E-F6F8-3A61-A151-54110A2873C0}
Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {1039F0CA-C1E1-3371-8524-144038BF1A28}
Security Update for Microsoft .NET Framework 4.5 (KB2861208)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {7F6C1243-B65F-3A2B-BE1F-4C7AC5CC5449}
Security Update for Microsoft .NET Framework 4.5 (KB2894854v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {1531A92E-2552-384F-B942-06A5D18DFA13}
Security Update for Microsoft .NET Framework 4.5 (KB2898864)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {74BB566B-123D-3B05-8FB2-13C7E66594A8}
Security Update for Microsoft .NET Framework 4.5 (KB2901118)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {EE10E9FC-E58F-3E75-870A-C52A1AEC455E}
Security Update for Microsoft .NET Framework 4.5 (KB2972107)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {CBD8D84A-257A-3A60-9819-5DF166F9CD25}
Security Update for Microsoft .NET Framework 4.5 (KB2972216)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {4DC3F78D-5CCF-37B9-9A05-EDDC456F4F20}
Security Update for Microsoft .NET Framework 4.5 (KB2978128)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {00BE0B8D-C610-34AA-ABD1-EE023DA39E5D}
Security Update for Microsoft .NET Framework 4.5 (KB3023224)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {3DDE5FB2-7F31-38AB-9407-F5698AD72FE8}
Security Update for Microsoft .NET Framework 4.5 (KB3035490)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {3DFE50DE-BA81-369E-B149-CC3B8AB09405}
Security Update for Microsoft .NET Framework 4.5 (KB3037581)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {C7D8B9A9-9C79-3278-A33E-C621DA724830}
Security Update for Microsoft .NET Framework 4.5 (KB3074230)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {CCEC28F6-82A2-35B0-8FE6-39C22A698F23}
Security Update for Microsoft .NET Framework 4.5 (KB3074550)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {A4953275-5880-3E7F-ABC2-BE1904624135}
Security Update for Microsoft .NET Framework 4.5 (KB3097996)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {63474770-8265-373F-8E8A-63BE4DB58739}
Security Update for Microsoft .NET Framework 4.5 (KB3098781)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {DB389F39-13F5-33DE-B9A2-C2AF6E3D4EDE}
Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {DF2F5DAC-93D7-434B-96B1-EAF4D891AD24}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BF11577A-6876-45AA-86C9-2BA4CFB8B019}
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784}
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {36842896-D83B-4C92-8261-6312B7DEB562}
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4C1BE82B-9AC0-4AB9-B76D-5467131955E1}
Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {08F2015D-61E9-4252-9355-AB8D15C73C96}
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FC572B0C-6356-46CC-A01E-CCCEC4340BF5}
Security Update for Microsoft Office 2007 suites (KB2956110) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {488CDF0A-098C-4CF5-8552-DA5F2F7B7829}
Security Update for Microsoft Office 2007 suites (KB2984938) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E359D786-B101-4545-B8AB-8652323CF3CA}
Security Update for Microsoft Office 2007 suites (KB2984943) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {800D1A82-D1B0-4ED4-89B4-C666B570ABA5}
Security Update for Microsoft Office 2007 suites (KB2986253) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1EBDB402-7B61-4224-994D-6882DC69F493}
Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8D2CDFAB-0079-43CC-A289-2F7A67F0A4DE}
Security Update for Microsoft Office 2007 suites (KB3114442) 32-Bit Edition -->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {69E0CBF6-BBD9-43F8-86DD-13B247CC26BE}
Security Update for Microsoft Office 2007 suites (KB3118300) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E789EDF-DD80-450E-BCAC-E7B8DB26A786}
Security Update for Microsoft Office 2007 suites (KB3118301) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F4139440-5426-4C6F-909B-F71CEB1071B1}
Security Update for Microsoft Office Access 2007 (KB2596614) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F774C8A-B1CE-486C-A64E-EA96AE48B813}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3118307) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {933143BE-F7F8-4816-B702-6F61AAB7C4D4}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3127889) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B2FAD7E1-67F9-435D-98BD-A77DBF4E1381}
Security Update for Microsoft Office Excel 2007 (KB3118395) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D6D8EAE4-5B61-4784-81DE-E41DAD350847}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office InfoPath 2007 (KB3114426) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {26C5C75F-E1FD-4F95-AA29-CA221C3AFEEE}
Security Update for Microsoft Office OneNote 2007 (KB3114456) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E0F25378-0690-4F53-998A-F5D63412BBD7}
Security Update for Microsoft Office Outlook 2007 (KB3118303) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A46489A-5B4C-4674-A90D-F6282EB179C3}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office PowerPoint 2007 (KB3114744) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D414541A-BC49-43A8-966B-C5AF19738562}
Security Update for Microsoft Office Publisher 2007 (KB2880506) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {724051CF-E09E-4F84-9946-F5014AB7389B}
Security Update for Microsoft Office Visio Viewer 2007 (KB2596915) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7FE99CC2-FBE5-422F-A6FB-49E0D8AFE919}
Security Update for Microsoft Office Word 2007 (KB3118308) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E48CBC9A-2AF7-40D4-BAE1-CEE4AD19978E}
Skype™ 7.29-->MsiExec.exe /X{FC965A47-4839-40CA-B618-18F486F042C6}
Studie vylepšování produktu HP DeskJet 4530 series-->MsiExec.exe /I{D44229AB-6986-411B-B42B-1B8358A9E15F}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7C3337E5-1294-4270-A64F-DCEF812159E5}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {A030537D-0034-46AD-A730-B1119786F607}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3115461) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8C829BE5-F60C-417A-89E3-9A1B427320F2}
Windows Common Controls ActiveX Control DLL-->MsiExec.exe /I{3207D1B9-80E5-11D2-B95D-006097C4DE24}
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)-->rundll32.exe C:\PROGRA~1\DIFX\15B7F172FC21855D\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\grmnusb.inf_x86_neutral_3e4b654f12f06d57\grmnusb.inf
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Wise Registry Cleaner 9.34-->"C:\Program Files\Wise\Wise Registry Cleaner\unins000.exe"
Základní software zařízení HP DeskJet 4530 series-->MsiExec.exe /I{56B09CF5-3468-4CC4-8B31-8D2ADAA73234}
======System event log======
Computer Name: PC-Standa-PC
Event Code: 7036
Message: Stav služby Adobe Flash Player Update Service byl změněn na: Spuštěno
Record Number: 347629
Source Name: Service Control Manager
Time Written: 20151128145901.301554-000
Event Type: Informace
User:
Computer Name: PC-Standa-PC
Event Code: 7036
Message: Stav služby služba Zprostředkovatel softwaru služby Stínová kopie svazků byl změněn na: Zastaveno
Record Number: 347628
Source Name: Service Control Manager
Time Written: 20151128145743.590109-000
Event Type: Informace
User:
Computer Name: PC-Standa-PC
Event Code: 7036
Message: Stav služby Stínová kopie svazku byl změněn na: Zastaveno
Record Number: 347627
Source Name: Service Control Manager
Time Written: 20151128145443.569812-000
Event Type: Informace
User:
Computer Name: PC-Standa-PC
Event Code: 7036
Message: Stav služby Služba WinHTTP WPAD byl změněn na: Zastaveno
Record Number: 347626
Source Name: Service Control Manager
Time Written: 20151128145434.531295-000
Event Type: Informace
User:
Computer Name: PC-Standa-PC
Event Code: 7036
Message: Stav služby Instalační služba modulů systému Windows byl změněn na: Zastaveno
Record Number: 347625
Source Name: Service Control Manager
Time Written: 20151128144214.847988-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: PC-Standa-PC
Event Code: 490
Message: taskhost (3244) WebCacheLocal: Pokus o otevření souboru C:\Users\PC-Standa\AppData\Local\Microsoft\Windows\WebCache\V01.chk pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Record Number: 239313
Source Name: ESENT
Time Written: 20160326120617.000000-000
Event Type: Chyba
User:
Computer Name: PC-Standa-PC
Event Code: 490
Message: taskhost (3244) WebCacheLocal: Pokus o otevření souboru C:\Users\PC-Standa\AppData\Local\Microsoft\Windows\WebCache\V01.chk pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Record Number: 239312
Source Name: ESENT
Time Written: 20160326071002.000000-000
Event Type: Chyba
User:
Computer Name: PC-Standa-PC
Event Code: 454
Message: taskhost (3244) WebCacheLocal: Při zotavení či obnovení databáze došlo k neočekávané chybě -510.
Record Number: 239311
Source Name: ESENT
Time Written: 20160326010512.000000-000
Event Type: Chyba
User:
Computer Name: PC-Standa-PC
Event Code: 439
Message: taskhost (3244) WebCacheLocal: Pro soubor C:\Users\PC-Standa\AppData\Local\Microsoft\Windows\WebCache\V01.chk nelze zapsat stínové záhlaví. Chyba -1032
Record Number: 239310
Source Name: ESENT
Time Written: 20160326010511.000000-000
Event Type: Chyba
User:
Computer Name: PC-Standa-PC
Event Code: 490
Message: taskhost (3244) WebCacheLocal: Pokus o otevření souboru C:\Users\PC-Standa\AppData\Local\Microsoft\Windows\WebCache\V01.chk pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Record Number: 239309
Source Name: ESENT
Time Written: 20160326010511.000000-000
Event Type: Chyba
User:
=====Security event log=====
Computer Name: PC-Standa-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 153357
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160418012816.748590-000
Event Type: Úspěšný audit
User:
Computer Name: PC-Standa-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: PC-STANDA-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x224
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 153356
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160418012816.748590-000
Event Type: Úspěšný audit
User:
Computer Name: PC-Standa-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
Oprávnění: SeAssignPrimaryTokenPrivilege
SeAuditPrivilege
SeImpersonatePrivilege
Record Number: 153355
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160418012816.233789-000
Event Type: Úspěšný audit
User:
Computer Name: PC-Standa-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: PC-STANDA-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x224
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 153354
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160418012816.233789-000
Event Type: Úspěšný audit
User:
Computer Name: PC-Standa-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-20
Název účtu: NETWORK SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e4
Oprávnění: SeAssignPrimaryTokenPrivilege
SeAuditPrivilege
SeImpersonatePrivilege
Record Number: 153353
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160418012815.999788-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\Wbem;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\PC Connectivity Solution;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\Common Files\Teleca Shared;c:\mysql\bin;C:\Program Files\AWIS\AWKasa\bin;C:\Program Files\Skype\Phone\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=1
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 22 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=1601
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by PC-Standa at 2016-11-17 11:42:15
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 12 GB (16%) free of 76 GB
Total RAM: 2038 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:54:33, on 17.11.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe
C:\PROGRA~1\HP\HPDESK~1\Bin\HPNETW~1.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Users\PC-Standa\Downloads\RSIT.exe
C:\Program Files\trend micro\PC-Standa.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ASUS Sync Loader] "C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe" -startup
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [HP DeskJet 4530 series (NET)] "C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH61N3D0DB0661:NW" -scfn "HP DeskJet 4530 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MySQL - Unknown owner - C:\Program Files\AWIS\AWKasa\bin\mysqld-nt.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
--
End of file - 6014 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0bf3b21afca7b.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\PC-Standa\AppData\Roaming\Mozilla\Firefox\Profiles\gn700ure.default-1432741357672
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
"sp@avast.com"=C:\Program Files\Alwil Software\Avast5\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npLegitCheckPlugin.dll
NPOFF12.DLL
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-29 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2016-11-13 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-29 186944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ASUS Sync Loader"=C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe [2013-03-01 638976]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2016-11-15 9080768]
""= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HP DeskJet 4530 series (NET)"=C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe [2015-03-09 2544648]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-09-28 6889176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AndroidSync]
C:\Program Files\Android-Sync\AndroidSync.exe [2012-09-30 5817776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mobile Connectivity Suite]
C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe [2009-11-19 598016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-08-28 739880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0
"NoSimpleNetIDList"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3filter"=ac3filter.acm
"msacm.avis"=ff_acm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2016-11-17 11:42:14 ----DC---- C:\rsit
2016-11-13 13:58:22 ----A---- C:\Windows\system32\aswBoot.exe
2016-11-13 13:57:57 ----A---- C:\Windows\avastSS.scr
2016-11-10 15:17:13 ----A---- C:\Windows\ntbtlog.txt
2016-10-29 19:51:38 ----A---- C:\Windows\system32\drivers\trufos.sys
2016-10-29 19:51:32 ----A---- C:\Windows\system32\msvcp90.dll
2016-10-29 19:51:31 ----A---- C:\Windows\system32\msvcr90.dll
2016-10-29 19:33:09 ----D---- C:\Program Files\Common Files\Java
2016-10-29 19:32:11 ----D---- C:\Users\PC-Standa\AppData\Roaming\Sun
======List of files/folders modified in the last 1 month======
2016-11-17 11:44:41 ----D---- C:\Program Files\trend micro
2016-11-17 11:27:26 ----D---- C:\Windows\system32\config
2016-11-17 11:27:11 ----D---- C:\Windows\System32
2016-11-17 11:27:11 ----D---- C:\Windows\inf
2016-11-17 11:27:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-17 11:24:49 ----D---- C:\Windows\Temp
2016-11-17 11:15:00 ----DC---- C:\AdwCleaner
2016-11-17 11:13:05 ----D---- C:\Windows\system32\drivers
2016-11-17 11:13:04 ----D---- C:\ProgramData\ICQ
2016-11-17 10:09:37 ----SHD---- C:\Windows\Installer
2016-11-17 10:09:12 ----DC---- C:\Config.Msi
2016-11-17 10:09:12 ----D---- C:\ProgramData\Microsoft Help
2016-11-16 18:12:27 ----D---- C:\ProgramData
2016-11-14 20:03:50 ----D---- C:\Windows\system32\NDF
2016-11-13 16:31:30 ----D---- C:\Program Files\Common Files\Adobe AIR
2016-11-13 14:15:37 ----D---- C:\Windows
2016-11-13 13:59:46 ----D---- C:\Windows\system32\Tasks
2016-11-13 13:58:45 ----D---- C:\Windows\winsxs
2016-11-12 09:26:59 ----D---- C:\Users\PC-Standa\AppData\Roaming\WiseUpdate
2016-11-10 15:35:47 ----D---- C:\Windows\SoftwareDistribution
2016-11-08 16:38:27 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-11-08 16:37:16 ----D---- C:\Windows\system32\Macromed
2016-11-05 13:53:39 ----D---- C:\Windows\Prefetch
2016-11-04 20:26:13 ----SHD---- C:\System Volume Information
2016-10-29 19:51:29 ----A---- C:\Windows\system32\eEmpty.exe
2016-10-29 19:51:13 ----A---- C:\Windows\win.ini
2016-10-29 19:33:09 ----D---- C:\Program Files\Common Files
2016-10-29 19:29:38 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2016-10-29 19:28:48 ----D---- C:\Program Files\Java
2016-10-28 11:16:17 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-10-28 11:16:17 ----D---- C:\Program Files\Mozilla Firefox
2016-10-28 09:14:54 ----D---- C:\Windows\debug
2016-10-26 16:29:08 ----N---- C:\Windows\system32\MpSigStub.exe
2016-10-22 13:16:45 ----D---- C:\ProgramData\Skype
2016-10-22 09:09:36 ----D---- C:\Windows\rescache
2016-10-18 20:16:09 ----D---- C:\Windows\Microsoft.NET
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-11-13 60424]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-11-13 224752]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-11-13 35096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-11-13 91232]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-11-13 735488]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-11-13 433768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-11-13 92256]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-11-13 118664]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2000-01-01 19384]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2000-01-01 15416]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-07-22 180736]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-08 2506232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-19 30720]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-11-13 34008]
S3 AVerAF35;AVerMedia A867 USB DVB-T; C:\Windows\System32\Drivers\AVerAF35.sys [2010-01-29 477312]
S3 AVerIR;AVerMedia Infrared Receiver; C:\Windows\system32\DRIVERS\AVerIR.sys [2010-01-12 88576]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-08-29 81448]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2007-08-29 99880]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2007-05-17 28464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-08-29 17448]
S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 15720]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2000-01-01 987704]
S3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2000-01-01 214072]
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2010-02-22 9216]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 pmx3gmdm;Olivetti USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\pmx3gmdm.sys [2009-12-29 103552]
S3 pmx3gnet;Olivetti USB-NDIS miniport; C:\Windows\system32\DRIVERS\pmx3gnet.sys [2009-12-29 116736]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 Ser2plx86;Prolific Serial port WDF driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2013-02-22 134144]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2016-10-29 343456]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2000-01-01 668216]
S3 WinUsb;Android-Sync USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2016-11-13 197128]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-11-01 794624]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MySQL;MySQL; C:\Program Files\AWIS\AWKasa\bin\mysqld-nt.exe [2012-12-02 2203648]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2009-10-07 87344]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-11-01 483328]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08 270016]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2012-07-09 46528]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-09 1044816]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-09-30 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-10-22 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-21 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím kontrolu děkuji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím kontrolu děkuji
Zdravím, stáhni a spusť AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
Re: Prosím kontrolu děkuji
# AdwCleaner v6.030 - Log soubor vytvořen 17/11/2016 na 10:53:09
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-16.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X86)
# Uživatelské jméno : PC-Standa - PC-STANDA-PC
# Beží od : C:\Users\PC-Standa\Downloads\adwcleaner.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
SLužba nalezena: swdumon
SLužba nalezena: EsgScanner
***** [ Adresáře ] *****
Složka nalezena: C:\Users\PC-Standa\AppData\Local\slimware utilities inc
Složka nalezena: C:\Users\PC-Standa\AppData\Local\SlimWare Utilities Inc
Složka nalezena: C:\Users\PC-Standa\AppData\Roaming\download Manager
Složka nalezena: C:\ProgramData\ICQ\ICQNewTab
Složka nalezena: C:\ProgramData\Application Data\ICQ\ICQNewTab
***** [ Soubory ] *****
Soubor nalezen: C:\Users\PC-Standa\AppData\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.xml
Soubor nalezen: C:\Users\Hanička\AppData\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.xml
Soubor nalezen: C:\Windows\system32\drivers\swdumon.sys
Soubor nalezen: C:\Windows\system32\drivers\EsgScanner.sys
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL soubory.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupce ] *****
Žádné infikovaný zástupce nenalezen.
***** [ Plánovač úloh ] *****
Žádný nebezpečná úloha nenalezena.
***** [ Registry ] *****
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4064253568-945658341-771417536-1001\Software\ICQ\ICQToolbar
Klíč nalezen: HKU\S-1-5-21-4064253568-945658341-771417536-1003\Software\ICQ\ICQToolbar
Klíč nalezen: HKU\S-1-5-21-4064253568-945658341-771417536-1003\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
***** [ Internetové prohlížeče ] *****
Firefox nastavení nalezeno: [C:\Users\Hanička\AppData\Roaming\Mozilla\Firefox\Profiles\30ko17a8.default\prefs.js] - "extensions.wrc.SearchRules.rambler.ru.style" - ".WRCN {display:none} .b-serp__list .WRCN {display:inline !impor
Firefox nastavení nalezeno: [C:\Users\Hanička\AppData\Roaming\Mozilla\Firefox\Profiles\30ko17a8.default\prefs.js] - "extensions.wrc.SearchRules.rambler.ru.url" - "^hxxp\\:\\/\\/nova\\.rambler\\.ru\\/.+"
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium báze.
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [2819 Bajtů] - [17/11/2016 10:53:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2893 Bajtů] ##########
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-16.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X86)
# Uživatelské jméno : PC-Standa - PC-STANDA-PC
# Beží od : C:\Users\PC-Standa\Downloads\adwcleaner.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
SLužba nalezena: swdumon
SLužba nalezena: EsgScanner
***** [ Adresáře ] *****
Složka nalezena: C:\Users\PC-Standa\AppData\Local\slimware utilities inc
Složka nalezena: C:\Users\PC-Standa\AppData\Local\SlimWare Utilities Inc
Složka nalezena: C:\Users\PC-Standa\AppData\Roaming\download Manager
Složka nalezena: C:\ProgramData\ICQ\ICQNewTab
Složka nalezena: C:\ProgramData\Application Data\ICQ\ICQNewTab
***** [ Soubory ] *****
Soubor nalezen: C:\Users\PC-Standa\AppData\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.xml
Soubor nalezen: C:\Users\Hanička\AppData\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.xml
Soubor nalezen: C:\Windows\system32\drivers\swdumon.sys
Soubor nalezen: C:\Windows\system32\drivers\EsgScanner.sys
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL soubory.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupce ] *****
Žádné infikovaný zástupce nenalezen.
***** [ Plánovač úloh ] *****
Žádný nebezpečná úloha nenalezena.
***** [ Registry ] *****
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4064253568-945658341-771417536-1001\Software\ICQ\ICQToolbar
Klíč nalezen: HKU\S-1-5-21-4064253568-945658341-771417536-1003\Software\ICQ\ICQToolbar
Klíč nalezen: HKU\S-1-5-21-4064253568-945658341-771417536-1003\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
***** [ Internetové prohlížeče ] *****
Firefox nastavení nalezeno: [C:\Users\Hanička\AppData\Roaming\Mozilla\Firefox\Profiles\30ko17a8.default\prefs.js] - "extensions.wrc.SearchRules.rambler.ru.style" - ".WRCN {display:none} .b-serp__list .WRCN {display:inline !impor
Firefox nastavení nalezeno: [C:\Users\Hanička\AppData\Roaming\Mozilla\Firefox\Profiles\30ko17a8.default\prefs.js] - "extensions.wrc.SearchRules.rambler.ru.url" - "^hxxp\\:\\/\\/nova\\.rambler\\.ru\\/.+"
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium báze.
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [2819 Bajtů] - [17/11/2016 10:53:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2893 Bajtů] ##########
Re: Prosím kontrolu děkuji
ComboFix 16-11-13.01 - PC-Standa 19.11.2016 20:00:12.6.1 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2038.1076 [GMT 1:00]
Spuštěný z: c:\users\PC-Standa\Desktop\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-10-20 do 2016-11-20 )))))))))))))))))))))))))))))))
.
.
2016-11-20 04:04 . 2016-11-20 04:04 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-11-20 04:04 . 2016-11-20 04:04 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2016-11-20 04:04 . 2016-11-20 04:04 -------- d-----w- c:\users\Hanička\AppData\Local\temp
2016-11-20 04:04 . 2016-11-20 04:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-11-20 04:04 . 2016-11-20 04:06 -------- d-----w- c:\users\PC-Standa\AppData\Local\temp
2016-11-19 17:14 . 2016-11-19 17:15 95748 ----a-w- c:\windows\UpdateTool Uninstaller.exe
2016-11-19 15:55 . 2016-11-19 15:55 -------- d-----w- c:\users\PC-Standa\AppData\Local\JABLOCOM
2016-11-19 15:55 . 2016-11-19 15:55 284844 ----a-w- c:\windows\JabloTool Uninstaller.exe
2016-11-19 15:51 . 2016-11-19 15:51 -------- d-----w- c:\program files\Common Files\Redemption
2016-11-19 15:51 . 2016-11-19 15:51 -------- d-----w- c:\program files\Common Files\NKTWAB
2016-11-19 10:49 . 2016-11-19 17:11 -------- d-----w- c:\program files\JabloCOM
2016-11-17 10:42 . 2016-11-17 10:56 -------- dc----w- C:\rsit
2016-11-13 12:58 . 2016-11-13 12:57 319760 ----a-w- c:\windows\system32\aswBoot.exe
2016-11-13 12:57 . 2016-11-13 12:57 53208 ----a-w- c:\windows\avastSS.scr
2016-11-04 19:26 . 2016-10-19 10:14 9727984 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{57823FEA-BD2A-4C07-B893-07141699822B}\mpengine.dll
2016-10-30 08:20 . 2016-10-30 08:20 -------- d-----w- c:\users\Hanička\AppData\Roaming\Sun
2016-10-29 18:51 . 2016-10-29 18:51 343456 ----a-w- c:\windows\system32\drivers\trufos.sys
2016-10-29 18:51 . 2016-10-29 18:51 572928 ----a-w- c:\windows\system32\msvcp90.dll
2016-10-29 18:51 . 2016-10-29 18:51 655872 ----a-w- c:\windows\system32\msvcr90.dll
2016-10-29 18:33 . 2016-10-29 18:33 -------- d-----w- c:\program files\Common Files\Java
2016-10-27 01:02 . 2016-10-27 01:02 2595472 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\VBE6.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-11-13 13:00 . 2013-03-20 16:30 224752 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-11-13 13:00 . 2010-03-06 16:21 433768 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-11-13 13:00 . 2011-06-29 19:31 735488 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-11-13 12:58 . 2014-01-14 17:18 118664 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-11-13 12:58 . 2014-05-08 20:36 34008 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-11-13 12:58 . 2013-03-20 16:30 60424 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-11-13 12:58 . 2012-02-26 20:03 91232 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-11-13 12:58 . 2010-03-06 16:21 92256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-11-13 12:57 . 2012-02-26 20:03 35096 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-11-08 15:38 . 2012-04-05 19:28 796352 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-11-08 15:38 . 2011-05-14 22:53 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-10-29 18:51 . 2015-08-13 14:50 156392 ----a-w- c:\windows\system32\eEmpty.exe
2016-10-29 18:29 . 2014-08-11 19:46 95808 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2016-10-26 15:29 . 2010-03-06 16:29 407720 ------w- c:\windows\system32\MpSigStub.exe
2016-09-30 15:20 . 2016-10-17 16:27 4000488 ----a-w- c:\windows\system32\ntkrnlpa.exe
2016-09-30 15:20 . 2016-10-17 16:27 3944680 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-09-30 05:54 . 2016-10-17 16:27 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-09-30 05:54 . 2016-10-17 16:27 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2016-09-30 05:42 . 2016-10-17 16:27 498688 ----a-w- c:\windows\system32\vbscript.dll
2016-09-30 05:42 . 2016-10-17 16:27 62464 ----a-w- c:\windows\system32\iesetup.dll
2016-09-30 05:42 . 2016-10-17 16:27 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2016-09-30 05:42 . 2016-10-17 16:27 341504 ----a-w- c:\windows\system32\html.iec
2016-09-30 05:41 . 2016-10-17 16:27 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2016-09-30 05:32 . 2016-10-17 16:27 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2016-09-30 05:32 . 2016-10-17 16:27 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2016-09-30 05:32 . 2016-10-17 16:27 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2016-09-30 05:27 . 2016-10-17 16:27 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2016-09-30 05:19 . 2016-10-17 16:27 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2016-09-30 05:12 . 2016-10-17 16:27 4608512 ----a-w- c:\windows\system32\jscript9.dll
2016-09-30 05:05 . 2016-10-17 16:27 2055680 ----a-w- c:\windows\system32\inetcpl.cpl
2016-09-30 05:05 . 2016-10-17 16:27 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2016-09-30 04:46 . 2016-10-17 16:27 2444288 ----a-w- c:\windows\system32\wininet.dll
2016-09-15 15:15 . 2016-10-17 16:27 741888 ----a-w- c:\windows\system32\inetcomm.dll
2016-09-15 15:15 . 2016-10-17 16:27 84480 ----a-w- c:\windows\system32\INETRES.dll
2016-09-12 20:53 . 2016-10-17 16:27 67304 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2016-09-12 20:53 . 2016-10-17 16:27 137960 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2016-09-12 20:49 . 2016-10-17 16:27 172032 ----a-w- c:\windows\system32\wdigest.dll
2016-09-12 20:49 . 2016-10-17 16:27 99840 ----a-w- c:\windows\system32\sspicli.dll
2016-09-12 20:49 . 2016-10-17 16:27 65536 ----a-w- c:\windows\system32\TSpkg.dll
2016-09-12 20:49 . 2016-10-17 16:27 655360 ----a-w- c:\windows\system32\rpcrt4.dll
2016-09-12 20:49 . 2016-10-17 16:27 254464 ----a-w- c:\windows\system32\schannel.dll
2016-09-12 20:49 . 2016-10-17 16:27 22016 ----a-w- c:\windows\system32\secur32.dll
2016-09-12 20:49 . 2016-10-17 16:27 141312 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-12 20:49 . 2016-10-17 16:27 260608 ----a-w- c:\windows\system32\msv1_0.dll
2016-09-12 20:49 . 2016-10-17 16:27 223232 ----a-w- c:\windows\system32\ncrypt.dll
2016-09-12 20:49 . 2016-10-17 16:27 60416 ----a-w- c:\windows\system32\msobjs.dll
2016-09-12 20:49 . 2016-10-17 16:27 146432 ----a-w- c:\windows\system32\msaudite.dll
2016-09-12 20:49 . 2016-10-17 16:27 1063936 ----a-w- c:\windows\system32\lsasrv.dll
2016-09-12 20:49 . 2016-10-17 16:27 553472 ----a-w- c:\windows\system32\kerberos.dll
2016-09-12 20:49 . 2016-10-17 16:27 17408 ----a-w- c:\windows\system32\credssp.dll
2016-09-12 20:49 . 2016-10-17 16:27 76800 ----a-w- c:\windows\system32\adsmsext.dll
2016-09-12 20:49 . 2016-10-17 16:27 690688 ----a-w- c:\windows\system32\adtschema.dll
2016-09-12 20:29 . 2016-10-17 16:27 50176 ----a-w- c:\windows\system32\auditpol.exe
2016-09-12 20:28 . 2016-10-17 16:27 2399232 ----a-w- c:\windows\system32\win32k.sys
2016-09-12 20:26 . 2016-10-17 16:27 226304 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2016-09-12 20:26 . 2016-10-17 16:27 98304 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2016-09-12 20:26 . 2016-10-17 16:27 124416 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2016-09-12 20:25 . 2016-10-17 16:27 36352 ----a-w- c:\windows\system32\cryptbase.dll
2016-09-12 20:25 . 2016-10-17 16:27 22016 ----a-w- c:\windows\system32\lsass.exe
2016-09-12 20:25 . 2016-10-17 16:27 15872 ----a-w- c:\windows\system32\sspisrv.dll
2016-09-12 19:08 . 2016-10-17 16:27 1251328 ----a-w- c:\windows\system32\DWrite.dll
2016-09-12 19:08 . 2016-10-17 16:27 909824 ----a-w- c:\windows\system32\FntCache.dll
2016-09-10 15:53 . 2016-10-17 16:27 2291712 ----a-w- c:\windows\system32\MSVidCtl.dll
2016-09-09 18:01 . 2016-10-17 16:27 1310528 ----a-w- c:\windows\system32\ntdll.dll
2016-09-09 18:00 . 2016-10-17 16:27 400896 ----a-w- c:\windows\system32\srcore.dll
2016-09-09 18:00 . 2016-10-17 16:27 43008 ----a-w- c:\windows\system32\srclient.dll
2016-09-09 17:59 . 2016-10-17 16:27 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2016-09-09 17:59 . 2016-10-17 16:27 38912 ----a-w- c:\windows\system32\csrsrv.dll
2016-09-09 17:59 . 2016-10-17 16:27 644096 ----a-w- c:\windows\system32\advapi32.dll
2016-09-09 17:59 . 2016-10-17 16:27 6656 ----a-w- c:\windows\system32\apisetschema.dll
2016-09-09 17:59 . 2016-10-17 16:27 50688 ----a-w- c:\windows\system32\appidapi.dll
2016-09-09 17:42 . 2016-10-17 16:27 97792 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2016-09-09 17:42 . 2016-10-17 16:27 50688 ----a-w- c:\windows\system32\drivers\appid.sys
2016-09-09 17:42 . 2016-10-17 16:27 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2016-09-09 17:42 . 2016-10-17 16:27 29696 ----a-w- c:\windows\system32\appidsvc.dll
2016-09-09 17:39 . 2016-10-17 16:27 262656 ----a-w- c:\windows\system32\rstrui.exe
2016-09-09 17:37 . 2016-10-17 16:27 69632 ----a-w- c:\windows\system32\smss.exe
2016-09-08 20:34 . 2016-10-17 16:27 208896 ----a-w- c:\windows\system32\WebClnt.dll
2016-09-08 20:34 . 2016-10-17 16:27 87040 ----a-w- c:\windows\system32\davclnt.dll
2016-09-08 14:49 . 2016-10-17 16:27 117248 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2016-09-08 14:49 . 2016-10-17 16:27 81408 ----a-w- c:\windows\system32\drivers\dfsc.sys
2015-07-15 19:45 . 2015-07-15 19:45 6420480 ----a-w- c:\program files\GUTF306.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-11-13 12:57 832488 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP DeskJet 4530 series (NET)"="c:\program files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe" [2015-03-09 2544648]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2016-09-28 6889176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS Sync Loader"="c:\program files\ASUS\ASUS Sync\asusUPCTLoader.exe" [2013-03-01 638976]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2016-11-15 9080768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2016-09-22 587288]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="c:\program files\Garmin\Express Tray\ExpressTray.exe" [2016-04-08 1399208]
.
c:\users\Hanička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AndroidSync]
2012-09-30 22:00 5817776 ----a-w- c:\program files\Android-Sync\AndroidSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mobile Connectivity Suite]
2009-11-19 14:19 598016 ----a-r- c:\program files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2007-05-31 15:21 648072 ----a-w- c:\windows\WindowsMobile\wmdcBase.exe
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2016-11-13 118664]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2016-09-20 324224]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2016-11-13 34008]
R3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys [2010-01-29 477312]
R3 AVerIR;AVerMedia Infrared Receiver;c:\windows\system32\DRIVERS\AVerIR.sys [2010-01-12 88576]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2007-05-17 28464]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-09-30 102912]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-02-22 9216]
R3 pmx3gmdm;Olivetti USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\pmx3gmdm.sys [2009-12-29 103552]
R3 pmx3gnet;Olivetti USB-NDIS miniport;c:\windows\system32\DRIVERS\pmx3gnet.sys [2009-12-29 116736]
R3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\DRIVERS\ser2pl.sys [2013-02-22 134144]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-21 1343400]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2016-11-13 35096]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2016-11-13 735488]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2016-11-13 433768]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2016-11-13 92256]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 jusb;jusb;c:\windows\system32\Drivers\jusb.sys [2012-02-09 29184]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
HsfXAudioService REG_MULTI_SZ HsfXAudioService
.
Obsah adresáře 'Naplánované úlohy'
.
2016-11-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 15:38]
.
2016-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0bf3b21afca7b.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-14 20:10]
.
2016-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-14 20:10]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
mSearch Bar = hxxp://www.google.com/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\PC-Standa\AppData\Roaming\Mozilla\Firefox\Profiles\gn700ure.default-1432741357672\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-CanonSolutionMenuEx - c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4064253568-945658341-771417536-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B6448A29-A741-BC9D-1E7A-751DD754BAAC}*]
"dbkajogadmdglbdjkmifeihpahlbcahlpankbobb"=hex:69,61,6d,67,61,6a,69,63,6b,6b,
69,65,69,66,6b,6f,6c,6c,00,00
"abmanlkddlahnapmofoimdaahieaepnall"=hex:70,61,63,62,6a,70,63,69,68,62,6f,69,
6c,63,6a,6c,6f,65,68,66,64,67,6d,63,6a,68,6b,67,6d,65,66,67,00,00
"mafaemopjhalfjmcahjnopokki"=hex:6f,61,66,6f,66,68,6f,64,6b,6c,67,68,6f,70,62,
6f,6c,66,61,70,64,68,67,6b,68,63,6b,64,6f,6c,00,67
.
Celkový čas: 2016-11-20 05:34:56
ComboFix-quarantined-files.txt 2016-11-20 04:34
.
Před spuštěním: Volných bajtů: 13 568 151 552
Po spuštění: Volných bajtů: 13 539 028 992
.
- - End Of File - - 21FBA4B770D6753FD88236138F4A4B87
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2038.1076 [GMT 1:00]
Spuštěný z: c:\users\PC-Standa\Desktop\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-10-20 do 2016-11-20 )))))))))))))))))))))))))))))))
.
.
2016-11-20 04:04 . 2016-11-20 04:04 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-11-20 04:04 . 2016-11-20 04:04 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2016-11-20 04:04 . 2016-11-20 04:04 -------- d-----w- c:\users\Hanička\AppData\Local\temp
2016-11-20 04:04 . 2016-11-20 04:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-11-20 04:04 . 2016-11-20 04:06 -------- d-----w- c:\users\PC-Standa\AppData\Local\temp
2016-11-19 17:14 . 2016-11-19 17:15 95748 ----a-w- c:\windows\UpdateTool Uninstaller.exe
2016-11-19 15:55 . 2016-11-19 15:55 -------- d-----w- c:\users\PC-Standa\AppData\Local\JABLOCOM
2016-11-19 15:55 . 2016-11-19 15:55 284844 ----a-w- c:\windows\JabloTool Uninstaller.exe
2016-11-19 15:51 . 2016-11-19 15:51 -------- d-----w- c:\program files\Common Files\Redemption
2016-11-19 15:51 . 2016-11-19 15:51 -------- d-----w- c:\program files\Common Files\NKTWAB
2016-11-19 10:49 . 2016-11-19 17:11 -------- d-----w- c:\program files\JabloCOM
2016-11-17 10:42 . 2016-11-17 10:56 -------- dc----w- C:\rsit
2016-11-13 12:58 . 2016-11-13 12:57 319760 ----a-w- c:\windows\system32\aswBoot.exe
2016-11-13 12:57 . 2016-11-13 12:57 53208 ----a-w- c:\windows\avastSS.scr
2016-11-04 19:26 . 2016-10-19 10:14 9727984 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{57823FEA-BD2A-4C07-B893-07141699822B}\mpengine.dll
2016-10-30 08:20 . 2016-10-30 08:20 -------- d-----w- c:\users\Hanička\AppData\Roaming\Sun
2016-10-29 18:51 . 2016-10-29 18:51 343456 ----a-w- c:\windows\system32\drivers\trufos.sys
2016-10-29 18:51 . 2016-10-29 18:51 572928 ----a-w- c:\windows\system32\msvcp90.dll
2016-10-29 18:51 . 2016-10-29 18:51 655872 ----a-w- c:\windows\system32\msvcr90.dll
2016-10-29 18:33 . 2016-10-29 18:33 -------- d-----w- c:\program files\Common Files\Java
2016-10-27 01:02 . 2016-10-27 01:02 2595472 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\VBE6.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-11-13 13:00 . 2013-03-20 16:30 224752 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-11-13 13:00 . 2010-03-06 16:21 433768 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-11-13 13:00 . 2011-06-29 19:31 735488 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-11-13 12:58 . 2014-01-14 17:18 118664 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-11-13 12:58 . 2014-05-08 20:36 34008 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-11-13 12:58 . 2013-03-20 16:30 60424 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-11-13 12:58 . 2012-02-26 20:03 91232 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-11-13 12:58 . 2010-03-06 16:21 92256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-11-13 12:57 . 2012-02-26 20:03 35096 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-11-08 15:38 . 2012-04-05 19:28 796352 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-11-08 15:38 . 2011-05-14 22:53 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-10-29 18:51 . 2015-08-13 14:50 156392 ----a-w- c:\windows\system32\eEmpty.exe
2016-10-29 18:29 . 2014-08-11 19:46 95808 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2016-10-26 15:29 . 2010-03-06 16:29 407720 ------w- c:\windows\system32\MpSigStub.exe
2016-09-30 15:20 . 2016-10-17 16:27 4000488 ----a-w- c:\windows\system32\ntkrnlpa.exe
2016-09-30 15:20 . 2016-10-17 16:27 3944680 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-09-30 05:54 . 2016-10-17 16:27 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-09-30 05:54 . 2016-10-17 16:27 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2016-09-30 05:42 . 2016-10-17 16:27 498688 ----a-w- c:\windows\system32\vbscript.dll
2016-09-30 05:42 . 2016-10-17 16:27 62464 ----a-w- c:\windows\system32\iesetup.dll
2016-09-30 05:42 . 2016-10-17 16:27 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2016-09-30 05:42 . 2016-10-17 16:27 341504 ----a-w- c:\windows\system32\html.iec
2016-09-30 05:41 . 2016-10-17 16:27 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2016-09-30 05:32 . 2016-10-17 16:27 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2016-09-30 05:32 . 2016-10-17 16:27 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2016-09-30 05:32 . 2016-10-17 16:27 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2016-09-30 05:27 . 2016-10-17 16:27 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2016-09-30 05:19 . 2016-10-17 16:27 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2016-09-30 05:12 . 2016-10-17 16:27 4608512 ----a-w- c:\windows\system32\jscript9.dll
2016-09-30 05:05 . 2016-10-17 16:27 2055680 ----a-w- c:\windows\system32\inetcpl.cpl
2016-09-30 05:05 . 2016-10-17 16:27 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2016-09-30 04:46 . 2016-10-17 16:27 2444288 ----a-w- c:\windows\system32\wininet.dll
2016-09-15 15:15 . 2016-10-17 16:27 741888 ----a-w- c:\windows\system32\inetcomm.dll
2016-09-15 15:15 . 2016-10-17 16:27 84480 ----a-w- c:\windows\system32\INETRES.dll
2016-09-12 20:53 . 2016-10-17 16:27 67304 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2016-09-12 20:53 . 2016-10-17 16:27 137960 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2016-09-12 20:49 . 2016-10-17 16:27 172032 ----a-w- c:\windows\system32\wdigest.dll
2016-09-12 20:49 . 2016-10-17 16:27 99840 ----a-w- c:\windows\system32\sspicli.dll
2016-09-12 20:49 . 2016-10-17 16:27 65536 ----a-w- c:\windows\system32\TSpkg.dll
2016-09-12 20:49 . 2016-10-17 16:27 655360 ----a-w- c:\windows\system32\rpcrt4.dll
2016-09-12 20:49 . 2016-10-17 16:27 254464 ----a-w- c:\windows\system32\schannel.dll
2016-09-12 20:49 . 2016-10-17 16:27 22016 ----a-w- c:\windows\system32\secur32.dll
2016-09-12 20:49 . 2016-10-17 16:27 141312 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-12 20:49 . 2016-10-17 16:27 260608 ----a-w- c:\windows\system32\msv1_0.dll
2016-09-12 20:49 . 2016-10-17 16:27 223232 ----a-w- c:\windows\system32\ncrypt.dll
2016-09-12 20:49 . 2016-10-17 16:27 60416 ----a-w- c:\windows\system32\msobjs.dll
2016-09-12 20:49 . 2016-10-17 16:27 146432 ----a-w- c:\windows\system32\msaudite.dll
2016-09-12 20:49 . 2016-10-17 16:27 1063936 ----a-w- c:\windows\system32\lsasrv.dll
2016-09-12 20:49 . 2016-10-17 16:27 553472 ----a-w- c:\windows\system32\kerberos.dll
2016-09-12 20:49 . 2016-10-17 16:27 17408 ----a-w- c:\windows\system32\credssp.dll
2016-09-12 20:49 . 2016-10-17 16:27 76800 ----a-w- c:\windows\system32\adsmsext.dll
2016-09-12 20:49 . 2016-10-17 16:27 690688 ----a-w- c:\windows\system32\adtschema.dll
2016-09-12 20:29 . 2016-10-17 16:27 50176 ----a-w- c:\windows\system32\auditpol.exe
2016-09-12 20:28 . 2016-10-17 16:27 2399232 ----a-w- c:\windows\system32\win32k.sys
2016-09-12 20:26 . 2016-10-17 16:27 226304 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2016-09-12 20:26 . 2016-10-17 16:27 98304 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2016-09-12 20:26 . 2016-10-17 16:27 124416 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2016-09-12 20:25 . 2016-10-17 16:27 36352 ----a-w- c:\windows\system32\cryptbase.dll
2016-09-12 20:25 . 2016-10-17 16:27 22016 ----a-w- c:\windows\system32\lsass.exe
2016-09-12 20:25 . 2016-10-17 16:27 15872 ----a-w- c:\windows\system32\sspisrv.dll
2016-09-12 19:08 . 2016-10-17 16:27 1251328 ----a-w- c:\windows\system32\DWrite.dll
2016-09-12 19:08 . 2016-10-17 16:27 909824 ----a-w- c:\windows\system32\FntCache.dll
2016-09-10 15:53 . 2016-10-17 16:27 2291712 ----a-w- c:\windows\system32\MSVidCtl.dll
2016-09-09 18:01 . 2016-10-17 16:27 1310528 ----a-w- c:\windows\system32\ntdll.dll
2016-09-09 18:00 . 2016-10-17 16:27 400896 ----a-w- c:\windows\system32\srcore.dll
2016-09-09 18:00 . 2016-10-17 16:27 43008 ----a-w- c:\windows\system32\srclient.dll
2016-09-09 17:59 . 2016-10-17 16:27 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2016-09-09 17:59 . 2016-10-17 16:27 38912 ----a-w- c:\windows\system32\csrsrv.dll
2016-09-09 17:59 . 2016-10-17 16:27 644096 ----a-w- c:\windows\system32\advapi32.dll
2016-09-09 17:59 . 2016-10-17 16:27 6656 ----a-w- c:\windows\system32\apisetschema.dll
2016-09-09 17:59 . 2016-10-17 16:27 50688 ----a-w- c:\windows\system32\appidapi.dll
2016-09-09 17:42 . 2016-10-17 16:27 97792 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2016-09-09 17:42 . 2016-10-17 16:27 50688 ----a-w- c:\windows\system32\drivers\appid.sys
2016-09-09 17:42 . 2016-10-17 16:27 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2016-09-09 17:42 . 2016-10-17 16:27 29696 ----a-w- c:\windows\system32\appidsvc.dll
2016-09-09 17:39 . 2016-10-17 16:27 262656 ----a-w- c:\windows\system32\rstrui.exe
2016-09-09 17:37 . 2016-10-17 16:27 69632 ----a-w- c:\windows\system32\smss.exe
2016-09-08 20:34 . 2016-10-17 16:27 208896 ----a-w- c:\windows\system32\WebClnt.dll
2016-09-08 20:34 . 2016-10-17 16:27 87040 ----a-w- c:\windows\system32\davclnt.dll
2016-09-08 14:49 . 2016-10-17 16:27 117248 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2016-09-08 14:49 . 2016-10-17 16:27 81408 ----a-w- c:\windows\system32\drivers\dfsc.sys
2015-07-15 19:45 . 2015-07-15 19:45 6420480 ----a-w- c:\program files\GUTF306.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-11-13 12:57 832488 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP DeskJet 4530 series (NET)"="c:\program files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe" [2015-03-09 2544648]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2016-09-28 6889176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS Sync Loader"="c:\program files\ASUS\ASUS Sync\asusUPCTLoader.exe" [2013-03-01 638976]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2016-11-15 9080768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2016-09-22 587288]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="c:\program files\Garmin\Express Tray\ExpressTray.exe" [2016-04-08 1399208]
.
c:\users\Hanička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AndroidSync]
2012-09-30 22:00 5817776 ----a-w- c:\program files\Android-Sync\AndroidSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mobile Connectivity Suite]
2009-11-19 14:19 598016 ----a-r- c:\program files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2007-05-31 15:21 648072 ----a-w- c:\windows\WindowsMobile\wmdcBase.exe
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2016-11-13 118664]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2016-09-20 324224]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2016-11-13 34008]
R3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys [2010-01-29 477312]
R3 AVerIR;AVerMedia Infrared Receiver;c:\windows\system32\DRIVERS\AVerIR.sys [2010-01-12 88576]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2007-05-17 28464]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-09-30 102912]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-02-22 9216]
R3 pmx3gmdm;Olivetti USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\pmx3gmdm.sys [2009-12-29 103552]
R3 pmx3gnet;Olivetti USB-NDIS miniport;c:\windows\system32\DRIVERS\pmx3gnet.sys [2009-12-29 116736]
R3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\DRIVERS\ser2pl.sys [2013-02-22 134144]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-21 1343400]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2016-11-13 35096]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2016-11-13 735488]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2016-11-13 433768]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2016-11-13 92256]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 jusb;jusb;c:\windows\system32\Drivers\jusb.sys [2012-02-09 29184]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
HsfXAudioService REG_MULTI_SZ HsfXAudioService
.
Obsah adresáře 'Naplánované úlohy'
.
2016-11-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 15:38]
.
2016-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0bf3b21afca7b.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-14 20:10]
.
2016-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-14 20:10]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
mSearch Bar = hxxp://www.google.com/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\PC-Standa\AppData\Roaming\Mozilla\Firefox\Profiles\gn700ure.default-1432741357672\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-CanonSolutionMenuEx - c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4064253568-945658341-771417536-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B6448A29-A741-BC9D-1E7A-751DD754BAAC}*]
"dbkajogadmdglbdjkmifeihpahlbcahlpankbobb"=hex:69,61,6d,67,61,6a,69,63,6b,6b,
69,65,69,66,6b,6f,6c,6c,00,00
"abmanlkddlahnapmofoimdaahieaepnall"=hex:70,61,63,62,6a,70,63,69,68,62,6f,69,
6c,63,6a,6c,6f,65,68,66,64,67,6d,63,6a,68,6b,67,6d,65,66,67,00,00
"mafaemopjhalfjmcahjnopokki"=hex:6f,61,66,6f,66,68,6f,64,6b,6c,67,68,6f,70,62,
6f,6c,66,61,70,64,68,67,6b,68,63,6b,64,6f,6c,00,67
.
Celkový čas: 2016-11-20 05:34:56
ComboFix-quarantined-files.txt 2016-11-20 04:34
.
Před spuštěním: Volných bajtů: 13 568 151 552
Po spuštění: Volných bajtů: 13 539 028 992
.
- - End Of File - - 21FBA4B770D6753FD88236138F4A4B87
A36C5E4F47E84449FF07ED3517B43A31
Re: Prosím kontrolu děkuji
Doladíme 
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
Kód: Vybrat vše
File::
c:\program files\GUTF306.tmp
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Re: Prosím kontrolu děkuji
tak to běželo od včerejška do dnes .Celkem fofr
ComboFix 16-11-13.01 - PC-Standa 21.11.2016 19:51:42.8.1 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2038.1224 [GMT 1:00]
Spuštěný z: c:\users\PC-Standa\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\PC-Standa\Desktop\CFScript.txt
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files\GUTF306.tmp"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-10-22 do 2016-11-22 )))))))))))))))))))))))))))))))
.
.
2016-11-22 14:03 . 2016-11-22 14:03 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-11-22 14:03 . 2016-11-22 14:03 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2016-11-22 14:03 . 2016-11-22 14:03 -------- d-----w- c:\users\Hanička\AppData\Local\temp
2016-11-22 14:03 . 2016-11-22 14:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-11-20 15:06 . 2016-11-20 15:06 285144 ----a-w- c:\windows\JabloTool Uninstaller.exe
2016-11-20 04:35 . 2016-11-22 14:03 -------- d-----w- c:\users\PC-Standa\AppData\Local\temp
2016-11-19 15:55 . 2016-11-19 15:55 -------- d-----w- c:\users\PC-Standa\AppData\Local\JABLOCOM
2016-11-19 15:51 . 2016-11-20 15:03 -------- d-----w- c:\program files\Common Files\Redemption
2016-11-19 15:51 . 2016-11-20 15:03 -------- d-----w- c:\program files\Common Files\NKTWAB
2016-11-19 10:49 . 2016-11-20 15:04 -------- d-----w- c:\program files\JabloCOM
2016-11-17 10:42 . 2016-11-17 10:56 -------- dc----w- C:\rsit
2016-11-13 12:58 . 2016-11-13 12:57 319760 ----a-w- c:\windows\system32\aswBoot.exe
2016-11-13 12:57 . 2016-11-13 12:57 53208 ----a-w- c:\windows\avastSS.scr
2016-11-04 19:26 . 2016-10-19 10:14 9727984 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{57823FEA-BD2A-4C07-B893-07141699822B}\mpengine.dll
2016-10-30 08:20 . 2016-10-30 08:20 -------- d-----w- c:\users\Hanička\AppData\Roaming\Sun
2016-10-29 18:51 . 2016-10-29 18:51 343456 ----a-w- c:\windows\system32\drivers\trufos.sys
2016-10-29 18:51 . 2016-10-29 18:51 572928 ----a-w- c:\windows\system32\msvcp90.dll
2016-10-29 18:51 . 2016-10-29 18:51 655872 ----a-w- c:\windows\system32\msvcr90.dll
2016-10-29 18:33 . 2016-10-29 18:33 -------- d-----w- c:\program files\Common Files\Java
2016-10-27 01:02 . 2016-10-27 01:02 2595472 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\VBE6.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-11-13 13:00 . 2013-03-20 16:30 224752 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-11-13 13:00 . 2010-03-06 16:21 433768 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-11-13 13:00 . 2011-06-29 19:31 735488 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-11-13 12:58 . 2014-01-14 17:18 118664 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-11-13 12:58 . 2014-05-08 20:36 34008 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-11-13 12:58 . 2013-03-20 16:30 60424 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-11-13 12:58 . 2012-02-26 20:03 91232 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-11-13 12:58 . 2010-03-06 16:21 92256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-11-13 12:57 . 2012-02-26 20:03 35096 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-11-08 15:38 . 2012-04-05 19:28 796352 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-11-08 15:38 . 2011-05-14 22:53 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-10-29 18:51 . 2015-08-13 14:50 156392 ----a-w- c:\windows\system32\eEmpty.exe
2016-10-29 18:29 . 2014-08-11 19:46 95808 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2016-10-26 15:29 . 2010-03-06 16:29 407720 ------w- c:\windows\system32\MpSigStub.exe
2016-09-30 15:20 . 2016-10-17 16:27 4000488 ----a-w- c:\windows\system32\ntkrnlpa.exe
2016-09-30 15:20 . 2016-10-17 16:27 3944680 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-09-30 05:54 . 2016-10-17 16:27 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-09-30 05:54 . 2016-10-17 16:27 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2016-09-30 05:42 . 2016-10-17 16:27 498688 ----a-w- c:\windows\system32\vbscript.dll
2016-09-30 05:42 . 2016-10-17 16:27 62464 ----a-w- c:\windows\system32\iesetup.dll
2016-09-30 05:42 . 2016-10-17 16:27 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2016-09-30 05:42 . 2016-10-17 16:27 341504 ----a-w- c:\windows\system32\html.iec
2016-09-30 05:41 . 2016-10-17 16:27 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2016-09-30 05:32 . 2016-10-17 16:27 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2016-09-30 05:32 . 2016-10-17 16:27 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2016-09-30 05:32 . 2016-10-17 16:27 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2016-09-30 05:27 . 2016-10-17 16:27 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2016-09-30 05:19 . 2016-10-17 16:27 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2016-09-30 05:12 . 2016-10-17 16:27 4608512 ----a-w- c:\windows\system32\jscript9.dll
2016-09-30 05:05 . 2016-10-17 16:27 2055680 ----a-w- c:\windows\system32\inetcpl.cpl
2016-09-30 05:05 . 2016-10-17 16:27 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2016-09-30 04:46 . 2016-10-17 16:27 2444288 ----a-w- c:\windows\system32\wininet.dll
2016-09-15 15:15 . 2016-10-17 16:27 741888 ----a-w- c:\windows\system32\inetcomm.dll
2016-09-15 15:15 . 2016-10-17 16:27 84480 ----a-w- c:\windows\system32\INETRES.dll
2016-09-12 20:53 . 2016-10-17 16:27 67304 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2016-09-12 20:53 . 2016-10-17 16:27 137960 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2016-09-12 20:49 . 2016-10-17 16:27 172032 ----a-w- c:\windows\system32\wdigest.dll
2016-09-12 20:49 . 2016-10-17 16:27 99840 ----a-w- c:\windows\system32\sspicli.dll
2016-09-12 20:49 . 2016-10-17 16:27 65536 ----a-w- c:\windows\system32\TSpkg.dll
2016-09-12 20:49 . 2016-10-17 16:27 655360 ----a-w- c:\windows\system32\rpcrt4.dll
2016-09-12 20:49 . 2016-10-17 16:27 254464 ----a-w- c:\windows\system32\schannel.dll
2016-09-12 20:49 . 2016-10-17 16:27 22016 ----a-w- c:\windows\system32\secur32.dll
2016-09-12 20:49 . 2016-10-17 16:27 141312 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-12 20:49 . 2016-10-17 16:27 260608 ----a-w- c:\windows\system32\msv1_0.dll
2016-09-12 20:49 . 2016-10-17 16:27 223232 ----a-w- c:\windows\system32\ncrypt.dll
2016-09-12 20:49 . 2016-10-17 16:27 60416 ----a-w- c:\windows\system32\msobjs.dll
2016-09-12 20:49 . 2016-10-17 16:27 146432 ----a-w- c:\windows\system32\msaudite.dll
2016-09-12 20:49 . 2016-10-17 16:27 1063936 ----a-w- c:\windows\system32\lsasrv.dll
2016-09-12 20:49 . 2016-10-17 16:27 553472 ----a-w- c:\windows\system32\kerberos.dll
2016-09-12 20:49 . 2016-10-17 16:27 17408 ----a-w- c:\windows\system32\credssp.dll
2016-09-12 20:49 . 2016-10-17 16:27 76800 ----a-w- c:\windows\system32\adsmsext.dll
2016-09-12 20:49 . 2016-10-17 16:27 690688 ----a-w- c:\windows\system32\adtschema.dll
2016-09-12 20:29 . 2016-10-17 16:27 50176 ----a-w- c:\windows\system32\auditpol.exe
2016-09-12 20:28 . 2016-10-17 16:27 2399232 ----a-w- c:\windows\system32\win32k.sys
2016-09-12 20:26 . 2016-10-17 16:27 226304 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2016-09-12 20:26 . 2016-10-17 16:27 98304 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2016-09-12 20:26 . 2016-10-17 16:27 124416 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2016-09-12 20:25 . 2016-10-17 16:27 36352 ----a-w- c:\windows\system32\cryptbase.dll
2016-09-12 20:25 . 2016-10-17 16:27 22016 ----a-w- c:\windows\system32\lsass.exe
2016-09-12 20:25 . 2016-10-17 16:27 15872 ----a-w- c:\windows\system32\sspisrv.dll
2016-09-12 19:08 . 2016-10-17 16:27 1251328 ----a-w- c:\windows\system32\DWrite.dll
2016-09-12 19:08 . 2016-10-17 16:27 909824 ----a-w- c:\windows\system32\FntCache.dll
2016-09-10 15:53 . 2016-10-17 16:27 2291712 ----a-w- c:\windows\system32\MSVidCtl.dll
2016-09-09 18:01 . 2016-10-17 16:27 1310528 ----a-w- c:\windows\system32\ntdll.dll
2016-09-09 18:00 . 2016-10-17 16:27 400896 ----a-w- c:\windows\system32\srcore.dll
2016-09-09 18:00 . 2016-10-17 16:27 43008 ----a-w- c:\windows\system32\srclient.dll
2016-09-09 17:59 . 2016-10-17 16:27 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2016-09-09 17:59 . 2016-10-17 16:27 38912 ----a-w- c:\windows\system32\csrsrv.dll
2016-09-09 17:59 . 2016-10-17 16:27 644096 ----a-w- c:\windows\system32\advapi32.dll
2016-09-09 17:59 . 2016-10-17 16:27 6656 ----a-w- c:\windows\system32\apisetschema.dll
2016-09-09 17:59 . 2016-10-17 16:27 50688 ----a-w- c:\windows\system32\appidapi.dll
2016-09-09 17:42 . 2016-10-17 16:27 97792 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2016-09-09 17:42 . 2016-10-17 16:27 50688 ----a-w- c:\windows\system32\drivers\appid.sys
2016-09-09 17:42 . 2016-10-17 16:27 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2016-09-09 17:42 . 2016-10-17 16:27 29696 ----a-w- c:\windows\system32\appidsvc.dll
2016-09-09 17:39 . 2016-10-17 16:27 262656 ----a-w- c:\windows\system32\rstrui.exe
2016-09-09 17:37 . 2016-10-17 16:27 69632 ----a-w- c:\windows\system32\smss.exe
2016-09-08 20:34 . 2016-10-17 16:27 208896 ----a-w- c:\windows\system32\WebClnt.dll
2016-09-08 20:34 . 2016-10-17 16:27 87040 ----a-w- c:\windows\system32\davclnt.dll
2016-09-08 14:49 . 2016-10-17 16:27 117248 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2016-09-08 14:49 . 2016-10-17 16:27 81408 ----a-w- c:\windows\system32\drivers\dfsc.sys
2015-07-15 19:45 . 2015-07-15 19:45 6420480 ----a-w- c:\program files\GUTF306.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-11-13 12:57 832488 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP DeskJet 4530 series (NET)"="c:\program files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe" [2015-03-09 2544648]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2016-09-28 6889176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS Sync Loader"="c:\program files\ASUS\ASUS Sync\asusUPCTLoader.exe" [2013-03-01 638976]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2016-11-15 9080768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2016-09-22 587288]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="c:\program files\Garmin\Express Tray\ExpressTray.exe" [2016-04-08 1399208]
.
c:\users\Hanička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AndroidSync]
2012-09-30 22:00 5817776 ----a-w- c:\program files\Android-Sync\AndroidSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mobile Connectivity Suite]
2009-11-19 14:19 598016 ----a-r- c:\program files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2007-05-31 15:21 648072 ----a-w- c:\windows\WindowsMobile\wmdcBase.exe
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2016-11-13 118664]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2016-09-20 324224]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2016-11-13 34008]
R3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys [2010-01-29 477312]
R3 AVerIR;AVerMedia Infrared Receiver;c:\windows\system32\DRIVERS\AVerIR.sys [2010-01-12 88576]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2007-05-17 28464]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-09-30 102912]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-02-22 9216]
R3 pmx3gmdm;Olivetti USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\pmx3gmdm.sys [2009-12-29 103552]
R3 pmx3gnet;Olivetti USB-NDIS miniport;c:\windows\system32\DRIVERS\pmx3gnet.sys [2009-12-29 116736]
R3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\DRIVERS\ser2pl.sys [2013-02-22 134144]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-21 1343400]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2016-11-13 35096]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2016-11-13 735488]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2016-11-13 433768]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2016-11-13 92256]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 jusb;jusb;c:\windows\system32\Drivers\jusb.sys [2012-02-09 29184]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
HsfXAudioService REG_MULTI_SZ HsfXAudioService
.
Obsah adresáře 'Naplánované úlohy'
.
2016-11-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 15:38]
.
2016-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0bf3b21afca7b.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-14 20:10]
.
2016-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-14 20:10]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
mSearch Bar = hxxp://www.google.com/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\PC-Standa\AppData\Roaming\Mozilla\Firefox\Profiles\gn700ure.default-1432741357672\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4064253568-945658341-771417536-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B6448A29-A741-BC9D-1E7A-751DD754BAAC}*]
"dbkajogadmdglbdjkmifeihpahlbcahlpankbobb"=hex:69,61,6d,67,61,6a,69,63,6b,6b,
69,65,69,66,6b,6f,6c,6c,00,00
"abmanlkddlahnapmofoimdaahieaepnall"=hex:70,61,63,62,6a,70,63,69,68,62,6f,69,
6c,63,6a,6c,6f,65,68,66,64,67,6d,63,6a,68,6b,67,6d,65,66,67,00,00
"mafaemopjhalfjmcahjnopokki"=hex:6f,61,66,6f,66,68,6f,64,6b,6c,67,68,6f,70,62,
6f,6c,66,61,70,64,68,67,6b,68,63,6b,64,6f,6c,00,67
.
Celkový čas: 2016-11-22 15:34:18
ComboFix-quarantined-files.txt 2016-11-22 14:33
ComboFix2.txt 2016-11-20 04:35
.
Před spuštěním: Volných bajtů: 12 242 018 304
Po spuštění: Volných bajtů: 11 820 118 016
.
- - End Of File - - 38DA8759CF3AC106CAFD4EF3DAC6CB14
A36C5E4F47E84449FF07ED3517B43A31
.Celkem fofr ComboFix 16-11-13.01 - PC-Standa 21.11.2016 19:51:42.8.1 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2038.1224 [GMT 1:00]
Spuštěný z: c:\users\PC-Standa\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\PC-Standa\Desktop\CFScript.txt
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files\GUTF306.tmp"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-10-22 do 2016-11-22 )))))))))))))))))))))))))))))))
.
.
2016-11-22 14:03 . 2016-11-22 14:03 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-11-22 14:03 . 2016-11-22 14:03 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2016-11-22 14:03 . 2016-11-22 14:03 -------- d-----w- c:\users\Hanička\AppData\Local\temp
2016-11-22 14:03 . 2016-11-22 14:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-11-20 15:06 . 2016-11-20 15:06 285144 ----a-w- c:\windows\JabloTool Uninstaller.exe
2016-11-20 04:35 . 2016-11-22 14:03 -------- d-----w- c:\users\PC-Standa\AppData\Local\temp
2016-11-19 15:55 . 2016-11-19 15:55 -------- d-----w- c:\users\PC-Standa\AppData\Local\JABLOCOM
2016-11-19 15:51 . 2016-11-20 15:03 -------- d-----w- c:\program files\Common Files\Redemption
2016-11-19 15:51 . 2016-11-20 15:03 -------- d-----w- c:\program files\Common Files\NKTWAB
2016-11-19 10:49 . 2016-11-20 15:04 -------- d-----w- c:\program files\JabloCOM
2016-11-17 10:42 . 2016-11-17 10:56 -------- dc----w- C:\rsit
2016-11-13 12:58 . 2016-11-13 12:57 319760 ----a-w- c:\windows\system32\aswBoot.exe
2016-11-13 12:57 . 2016-11-13 12:57 53208 ----a-w- c:\windows\avastSS.scr
2016-11-04 19:26 . 2016-10-19 10:14 9727984 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{57823FEA-BD2A-4C07-B893-07141699822B}\mpengine.dll
2016-10-30 08:20 . 2016-10-30 08:20 -------- d-----w- c:\users\Hanička\AppData\Roaming\Sun
2016-10-29 18:51 . 2016-10-29 18:51 343456 ----a-w- c:\windows\system32\drivers\trufos.sys
2016-10-29 18:51 . 2016-10-29 18:51 572928 ----a-w- c:\windows\system32\msvcp90.dll
2016-10-29 18:51 . 2016-10-29 18:51 655872 ----a-w- c:\windows\system32\msvcr90.dll
2016-10-29 18:33 . 2016-10-29 18:33 -------- d-----w- c:\program files\Common Files\Java
2016-10-27 01:02 . 2016-10-27 01:02 2595472 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\VBE6.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-11-13 13:00 . 2013-03-20 16:30 224752 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-11-13 13:00 . 2010-03-06 16:21 433768 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-11-13 13:00 . 2011-06-29 19:31 735488 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-11-13 12:58 . 2014-01-14 17:18 118664 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-11-13 12:58 . 2014-05-08 20:36 34008 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-11-13 12:58 . 2013-03-20 16:30 60424 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-11-13 12:58 . 2012-02-26 20:03 91232 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-11-13 12:58 . 2010-03-06 16:21 92256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-11-13 12:57 . 2012-02-26 20:03 35096 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-11-08 15:38 . 2012-04-05 19:28 796352 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-11-08 15:38 . 2011-05-14 22:53 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-10-29 18:51 . 2015-08-13 14:50 156392 ----a-w- c:\windows\system32\eEmpty.exe
2016-10-29 18:29 . 2014-08-11 19:46 95808 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2016-10-26 15:29 . 2010-03-06 16:29 407720 ------w- c:\windows\system32\MpSigStub.exe
2016-09-30 15:20 . 2016-10-17 16:27 4000488 ----a-w- c:\windows\system32\ntkrnlpa.exe
2016-09-30 15:20 . 2016-10-17 16:27 3944680 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-09-30 05:54 . 2016-10-17 16:27 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-09-30 05:54 . 2016-10-17 16:27 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2016-09-30 05:42 . 2016-10-17 16:27 498688 ----a-w- c:\windows\system32\vbscript.dll
2016-09-30 05:42 . 2016-10-17 16:27 62464 ----a-w- c:\windows\system32\iesetup.dll
2016-09-30 05:42 . 2016-10-17 16:27 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2016-09-30 05:42 . 2016-10-17 16:27 341504 ----a-w- c:\windows\system32\html.iec
2016-09-30 05:41 . 2016-10-17 16:27 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2016-09-30 05:32 . 2016-10-17 16:27 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2016-09-30 05:32 . 2016-10-17 16:27 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2016-09-30 05:32 . 2016-10-17 16:27 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2016-09-30 05:27 . 2016-10-17 16:27 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2016-09-30 05:19 . 2016-10-17 16:27 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2016-09-30 05:12 . 2016-10-17 16:27 4608512 ----a-w- c:\windows\system32\jscript9.dll
2016-09-30 05:05 . 2016-10-17 16:27 2055680 ----a-w- c:\windows\system32\inetcpl.cpl
2016-09-30 05:05 . 2016-10-17 16:27 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2016-09-30 04:46 . 2016-10-17 16:27 2444288 ----a-w- c:\windows\system32\wininet.dll
2016-09-15 15:15 . 2016-10-17 16:27 741888 ----a-w- c:\windows\system32\inetcomm.dll
2016-09-15 15:15 . 2016-10-17 16:27 84480 ----a-w- c:\windows\system32\INETRES.dll
2016-09-12 20:53 . 2016-10-17 16:27 67304 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2016-09-12 20:53 . 2016-10-17 16:27 137960 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2016-09-12 20:49 . 2016-10-17 16:27 172032 ----a-w- c:\windows\system32\wdigest.dll
2016-09-12 20:49 . 2016-10-17 16:27 99840 ----a-w- c:\windows\system32\sspicli.dll
2016-09-12 20:49 . 2016-10-17 16:27 65536 ----a-w- c:\windows\system32\TSpkg.dll
2016-09-12 20:49 . 2016-10-17 16:27 655360 ----a-w- c:\windows\system32\rpcrt4.dll
2016-09-12 20:49 . 2016-10-17 16:27 254464 ----a-w- c:\windows\system32\schannel.dll
2016-09-12 20:49 . 2016-10-17 16:27 22016 ----a-w- c:\windows\system32\secur32.dll
2016-09-12 20:49 . 2016-10-17 16:27 141312 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-12 20:49 . 2016-10-17 16:27 260608 ----a-w- c:\windows\system32\msv1_0.dll
2016-09-12 20:49 . 2016-10-17 16:27 223232 ----a-w- c:\windows\system32\ncrypt.dll
2016-09-12 20:49 . 2016-10-17 16:27 60416 ----a-w- c:\windows\system32\msobjs.dll
2016-09-12 20:49 . 2016-10-17 16:27 146432 ----a-w- c:\windows\system32\msaudite.dll
2016-09-12 20:49 . 2016-10-17 16:27 1063936 ----a-w- c:\windows\system32\lsasrv.dll
2016-09-12 20:49 . 2016-10-17 16:27 553472 ----a-w- c:\windows\system32\kerberos.dll
2016-09-12 20:49 . 2016-10-17 16:27 17408 ----a-w- c:\windows\system32\credssp.dll
2016-09-12 20:49 . 2016-10-17 16:27 76800 ----a-w- c:\windows\system32\adsmsext.dll
2016-09-12 20:49 . 2016-10-17 16:27 690688 ----a-w- c:\windows\system32\adtschema.dll
2016-09-12 20:29 . 2016-10-17 16:27 50176 ----a-w- c:\windows\system32\auditpol.exe
2016-09-12 20:28 . 2016-10-17 16:27 2399232 ----a-w- c:\windows\system32\win32k.sys
2016-09-12 20:26 . 2016-10-17 16:27 226304 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2016-09-12 20:26 . 2016-10-17 16:27 98304 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2016-09-12 20:26 . 2016-10-17 16:27 124416 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2016-09-12 20:25 . 2016-10-17 16:27 36352 ----a-w- c:\windows\system32\cryptbase.dll
2016-09-12 20:25 . 2016-10-17 16:27 22016 ----a-w- c:\windows\system32\lsass.exe
2016-09-12 20:25 . 2016-10-17 16:27 15872 ----a-w- c:\windows\system32\sspisrv.dll
2016-09-12 19:08 . 2016-10-17 16:27 1251328 ----a-w- c:\windows\system32\DWrite.dll
2016-09-12 19:08 . 2016-10-17 16:27 909824 ----a-w- c:\windows\system32\FntCache.dll
2016-09-10 15:53 . 2016-10-17 16:27 2291712 ----a-w- c:\windows\system32\MSVidCtl.dll
2016-09-09 18:01 . 2016-10-17 16:27 1310528 ----a-w- c:\windows\system32\ntdll.dll
2016-09-09 18:00 . 2016-10-17 16:27 400896 ----a-w- c:\windows\system32\srcore.dll
2016-09-09 18:00 . 2016-10-17 16:27 43008 ----a-w- c:\windows\system32\srclient.dll
2016-09-09 17:59 . 2016-10-17 16:27 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2016-09-09 17:59 . 2016-10-17 16:27 38912 ----a-w- c:\windows\system32\csrsrv.dll
2016-09-09 17:59 . 2016-10-17 16:27 644096 ----a-w- c:\windows\system32\advapi32.dll
2016-09-09 17:59 . 2016-10-17 16:27 6656 ----a-w- c:\windows\system32\apisetschema.dll
2016-09-09 17:59 . 2016-10-17 16:27 50688 ----a-w- c:\windows\system32\appidapi.dll
2016-09-09 17:42 . 2016-10-17 16:27 97792 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2016-09-09 17:42 . 2016-10-17 16:27 50688 ----a-w- c:\windows\system32\drivers\appid.sys
2016-09-09 17:42 . 2016-10-17 16:27 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2016-09-09 17:42 . 2016-10-17 16:27 29696 ----a-w- c:\windows\system32\appidsvc.dll
2016-09-09 17:39 . 2016-10-17 16:27 262656 ----a-w- c:\windows\system32\rstrui.exe
2016-09-09 17:37 . 2016-10-17 16:27 69632 ----a-w- c:\windows\system32\smss.exe
2016-09-08 20:34 . 2016-10-17 16:27 208896 ----a-w- c:\windows\system32\WebClnt.dll
2016-09-08 20:34 . 2016-10-17 16:27 87040 ----a-w- c:\windows\system32\davclnt.dll
2016-09-08 14:49 . 2016-10-17 16:27 117248 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2016-09-08 14:49 . 2016-10-17 16:27 81408 ----a-w- c:\windows\system32\drivers\dfsc.sys
2015-07-15 19:45 . 2015-07-15 19:45 6420480 ----a-w- c:\program files\GUTF306.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-11-13 12:57 832488 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP DeskJet 4530 series (NET)"="c:\program files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe" [2015-03-09 2544648]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2016-09-28 6889176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS Sync Loader"="c:\program files\ASUS\ASUS Sync\asusUPCTLoader.exe" [2013-03-01 638976]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2016-11-15 9080768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2016-09-22 587288]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="c:\program files\Garmin\Express Tray\ExpressTray.exe" [2016-04-08 1399208]
.
c:\users\Hanička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AndroidSync]
2012-09-30 22:00 5817776 ----a-w- c:\program files\Android-Sync\AndroidSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mobile Connectivity Suite]
2009-11-19 14:19 598016 ----a-r- c:\program files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2007-05-31 15:21 648072 ----a-w- c:\windows\WindowsMobile\wmdcBase.exe
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2016-11-13 118664]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2016-09-20 324224]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2016-11-13 34008]
R3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys [2010-01-29 477312]
R3 AVerIR;AVerMedia Infrared Receiver;c:\windows\system32\DRIVERS\AVerIR.sys [2010-01-12 88576]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2007-05-17 28464]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-09-30 102912]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-02-22 9216]
R3 pmx3gmdm;Olivetti USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\pmx3gmdm.sys [2009-12-29 103552]
R3 pmx3gnet;Olivetti USB-NDIS miniport;c:\windows\system32\DRIVERS\pmx3gnet.sys [2009-12-29 116736]
R3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\DRIVERS\ser2pl.sys [2013-02-22 134144]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-21 1343400]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2016-11-13 35096]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2016-11-13 735488]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2016-11-13 433768]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2016-11-13 92256]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 jusb;jusb;c:\windows\system32\Drivers\jusb.sys [2012-02-09 29184]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
HsfXAudioService REG_MULTI_SZ HsfXAudioService
.
Obsah adresáře 'Naplánované úlohy'
.
2016-11-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 15:38]
.
2016-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0bf3b21afca7b.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-14 20:10]
.
2016-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-14 20:10]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
mSearch Bar = hxxp://www.google.com/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\PC-Standa\AppData\Roaming\Mozilla\Firefox\Profiles\gn700ure.default-1432741357672\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4064253568-945658341-771417536-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B6448A29-A741-BC9D-1E7A-751DD754BAAC}*]
"dbkajogadmdglbdjkmifeihpahlbcahlpankbobb"=hex:69,61,6d,67,61,6a,69,63,6b,6b,
69,65,69,66,6b,6f,6c,6c,00,00
"abmanlkddlahnapmofoimdaahieaepnall"=hex:70,61,63,62,6a,70,63,69,68,62,6f,69,
6c,63,6a,6c,6f,65,68,66,64,67,6d,63,6a,68,6b,67,6d,65,66,67,00,00
"mafaemopjhalfjmcahjnopokki"=hex:6f,61,66,6f,66,68,6f,64,6b,6c,67,68,6f,70,62,
6f,6c,66,61,70,64,68,67,6b,68,63,6b,64,6f,6c,00,67
.
Celkový čas: 2016-11-22 15:34:18
ComboFix-quarantined-files.txt 2016-11-22 14:33
ComboFix2.txt 2016-11-20 04:35
.
Před spuštěním: Volných bajtů: 12 242 018 304
Po spuštění: Volných bajtů: 11 820 118 016
.
- - End Of File - - 38DA8759CF3AC106CAFD4EF3DAC6CB14
A36C5E4F47E84449FF07ED3517B43A31
Re: Prosím kontrolu děkuji
Stane setruddy píše:tak to běželo od včerejška do dnes
Přes Start >> Spustit zkopíruj do okna:
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Stáhni a spusť OTMoveIt
do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
Kód: Vybrat vše
:processes
explorer.exe
:files
c:\program files\GUTF306.tmp
C:\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
:commands
[purity]
[emptytemp]
[start explorer]pokud aplikace bude požadovat restart, klikni na YES
v tom případě sem zkopíruj obsah logu uloženého na C:\_OTMoveIt\MovedFiles\
Re: Prosím kontrolu děkuji
tak u ccleaner problém.Už mi to udělal.Při analýze se to sekne na 6% na cookies.A nechce to jít dále
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
c:\program files\GUTF306.tmp moved successfully.
File/Folder C:\*.tmp not found.
File/Folder C:\WINDOWS\System32\*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 313840 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Hanička
->Temp folder emptied: 271420 bytes
->Temporary Internet Files folder emptied: 177345 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 369015228 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2499 bytes
User: NeroMediaHomeUser.4
->Temp folder emptied: 0 bytes
User: PC-Standa
->Temp folder emptied: 138229772 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 376858 bytes
->FireFox cache emptied: 370328375 bytes
->Flash cache emptied: 1304 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 838,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 11222016_205248
Files moved on Reboot...
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
c:\program files\GUTF306.tmp moved successfully.
File/Folder C:\*.tmp not found.
File/Folder C:\WINDOWS\System32\*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 313840 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Hanička
->Temp folder emptied: 271420 bytes
->Temporary Internet Files folder emptied: 177345 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 369015228 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2499 bytes
User: NeroMediaHomeUser.4
->Temp folder emptied: 0 bytes
User: PC-Standa
->Temp folder emptied: 138229772 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 376858 bytes
->FireFox cache emptied: 370328375 bytes
->Flash cache emptied: 1304 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 838,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 11222016_205248
Files moved on Reboot...
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Re: Prosím kontrolu děkuji
Měls vypnutý prohlížeč ?truddy píše:tak u ccleaner problém.Už mi to udělal.Při analýze se to sekne na 6% na cookies.A nechce to jít dále
Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!
tímto po sobě uklidí.
Pak dej vědět jaký je stav PC.
Re: Prosím kontrolu děkuji
ahoj promiň dříve jsem nestíhal .Jo měl jsem vypnutý prohlížeč.Stáhl jsem si novou verzi a už to chodí.Jinak pc je mnohem lepší.Není to úplně nejlepší (vzhledem ke stáří pc a celkovému dlouhodomému přeplnění pc) a tak to stejně asi časem přeinstaluji.Nepotřebuji pc na hry,ale pouze na práci a listovéní na webu tak nemám potřebu kupovat nové pc.Ale pomohlo to!!Díky moc za ochotu 
.Jo měl jsem vypnutý prohlížeč.Stáhl jsem si novou verzi a už to chodí.Jinak pc je mnohem lepší.Není to úplně nejlepší (vzhledem ke stáří pc a celkovému dlouhodomému přeplnění pc) a tak to stejně asi časem přeinstaluji.Nepotřebuji pc na hry,ale pouze na práci a listovéní na webu tak nemám potřebu kupovat nové pc.Ale pomohlo to!!Díky moc za ochotu 
Přispějete na provoz fóra?