Prosím o kontrolu

[daveing]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by host (administrator) on SOUCEK-HOST-T on 06-11-2013 20:44:09
Running from C:\Users\host\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\launcher_service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Andrea Electronics Corporation) C:\Windows\system32\AEADISRV.EXE
() C:\Program Files\Comodo\Dragon\dragon_updater.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Lenovo Group Limited) C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
(Software602) C:\Program Files\Software602\Print2PDF\Print2PDF.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\TrackPoint\tp4serv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\GeekBuddy\unit_manager.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\GeekBuddy\unit.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\host\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [2219184 2010-11-18] (ESET)
HKLM\...\Run: [Print2PDF Print Monitor] - C:\Program Files\Software602\Print2PDF\Print2PDF.exe [141368 2010-12-03] (Software602)
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [TrackPointSrv] - C:\Program Files\Lenovo\TrackPoint\tp4serv.exe [93032 2009-11-24] (Lenovo Group Limited)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [BMISR] - C:\Program Files\KYE\WebMate\BM.exe [229376 2008-02-19] ()
HKLM\...\Run: [] - [x]
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\Comodo\COMODO Internet Security\cistray.exe [1576152 2013-10-20] (COMODO)
HKLM\...\Run: [tvncontrol] - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-10-11] (Comodo Security Solutions, Inc.)
HKCU\...\Run: [Google Update] - C:\Users\host\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-31] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKU\Výroba\...\Run: [Google Update] - C:\Users\Výroba\AppData\Local\Google\Update\GoogleUpdate.exe [ 2010-12-14] (Google Inc.)
Startup: C:\Users\host\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk
ShortcutTarget: Lingea Update Center.lnk -> C:\Program Files\Common Files\Lingea Shared\luc.exe (Lingea)

==================== Internet (Whitelisted) ====================

BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{98BC5212-5C11-437E-B7BC-C9DD25832303}: [NameServer]156.154.70.25,156.154.71.25

FireFox:
========
FF ProfilePath: C:\Users\host\AppData\Roaming\Mozilla\Firefox\Profiles\hzqsp59w.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=040413
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP21DF&PC=UP21&dt=040413&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler - C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\host\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\host\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\host\AppData\Roaming\Mozilla\Firefox\Profiles\hzqsp59w.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: PrivDog - C:\Users\host\AppData\Roaming\Mozilla\Firefox\Profiles\hzqsp59w.default\Extensions\PrivDog@AdTrustMedia.com
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=040413
CHR RestoreOnStartup: "hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=040413"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\host\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\host\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\host\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\host\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U27) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (602XML Filler) - C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
CHR Plugin: (Google Update) - C:\Users\host\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Extension: (PrivDog) - C:\Users\host\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.7.0.12_0
CHR Extension: (Skype Click to Call) - C:\Users\host\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.7.0.12055_0
CHR Extension: (Google Wallet) - C:\Users\host\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Program Files\AdTrustMedia\PrivDog\PrivDog_chrome.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Výroba\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [73728 2010-04-14] (Software602 a.s.)
R2 CLPSLauncher; C:\Program Files\Common Files\COMODO\launcher_service.exe [70352 2013-10-11] (Comodo Security Solutions, Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4832192 2013-10-20] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [131288 2013-09-24] (COMODO)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2104968 2013-10-09] ()
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [33584 2010-11-18] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [810144 2010-11-18] (ESET)
R2 GeekBuddyRSP; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-10-11] (Comodo Security Solutions, Inc.)
S2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [101736 2011-07-12] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [127336 2011-07-12] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [131888 2010-08-09] (Samsung Electronics CO., LTD.)
S2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [131432 2011-07-12] (Lenovo Group Limited)

==================== Drivers (Whitelisted) ====================

S3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [140800 2011-10-19] (Windows (R) Win 7 DDK provider)
S3 Axtmvflt; C:\Windows\System32\DRIVERS\Axtmvflt.sys [3456 2007-03-22] (Axesstel)
S3 Axtmvmdm; C:\Windows\System32\DRIVERS\Axtmvmdm.sys [40064 2007-03-26] (Axesstel)
S3 Axtmvprt; C:\Windows\System32\Drivers\Axtmvprt.sys [38784 2007-03-26] (Axesstel)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [35064 2013-05-07] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20072 2013-09-24] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [582936 2013-09-24] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [44752 2013-09-24] (COMODO)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [137144 2010-09-03] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [115008 2010-07-29] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [134512 2010-07-29] (ESET)
R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [32608 2010-07-29] (ESET)
R2 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [41336 2010-07-29] (ESET)
R3 EST_BusEnum; C:\Windows\System32\DRIVERS\GenBus.sys [27136 2009-10-06] ( )
R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [15400 2013-10-07] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [85464 2013-09-24] (COMODO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 NUS_Bus; C:\Windows\System32\DRIVERS\NUS_Bus.sys [27392 2010-01-28] (Elite Silicon Technology Inc.)
R3 Tp4Track; C:\Windows\System32\DRIVERS\tp4track.sys [23152 2009-11-24] (Lenovo Group Limited)
S3 FreshIO; \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-06 20:43 - 2013-11-06 20:43 - 00000000 ____D C:\FRST
2013-11-06 20:42 - 2013-11-06 20:42 - 00000000 _____ C:\Users\host\Downloads\FRSTLauncher.exe
2013-11-06 20:42 - 2013-11-06 20:42 - 00000000 _____ C:\Users\host\Downloads\FRSTLauncher(1).exe
2013-11-06 20:41 - 2013-11-06 20:41 - 01089445 _____ (Farbar) C:\Users\host\Desktop\FRST.exe
2013-11-06 20:35 - 2013-11-06 20:40 - 00000000 ____D C:\Program Files\trend micro
2013-11-06 20:35 - 2013-11-06 20:35 - 00000000 ____D C:\rsit
2013-11-06 20:34 - 2013-11-06 20:34 - 00781909 _____ C:\Users\host\Desktop\RSIT.exe
2013-11-05 18:51 - 2013-11-05 18:51 - 00000000 ____D C:\Users\host\AppData\Roaming\Malwarebytes
2013-11-05 18:50 - 2013-11-05 18:50 - 00001073 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-05 18:50 - 2013-11-05 18:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-05 18:50 - 2013-11-05 18:50 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-05 18:50 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-05 18:48 - 2013-11-05 18:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\host\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-30 15:44 - 2013-10-30 15:45 - 08382123 _____ C:\Users\host\Downloads\opraveno_nový.rar
2013-10-30 15:36 - 2013-10-30 15:36 - 00000000 ____D C:\Users\host\Documents\opraveno_nový
2013-10-29 18:32 - 2013-10-29 18:32 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\gdiplus.dll
2013-10-23 17:28 - 2013-10-23 17:28 - 00001113 _____ C:\Users\Public\Desktop\Lingea Lexicon 5.lnk
2013-10-23 17:28 - 2013-10-23 17:28 - 00001108 _____ C:\Users\Public\Desktop\Lingea LexWin.lnk
2013-10-23 17:25 - 2013-10-23 17:28 - 00000000 ____D C:\Program Files\Common Files\Lingea Shared
2013-10-23 17:23 - 2013-10-23 17:23 - 00000000 ____D C:\Program Files\Lingea
2013-10-23 17:00 - 2013-10-23 20:30 - 00000000 ____D C:\Users\host\Documents\Lexicon
2013-10-23 16:57 - 2013-10-23 18:03 - 00000000 ____D C:\Users\host\Desktop\Lexicon 5 Anglický slovník Platinum
2013-10-22 12:43 - 2013-10-22 12:43 - 00002019 _____ C:\Users\Public\Desktop\GeekBuddy.lnk
2013-10-22 12:43 - 2013-10-22 12:43 - 00000000 ____D C:\Program Files\Common Files\COMODO
2013-10-09 19:06 - 2013-11-06 20:42 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2013-10-09 19:06 - 2013-10-09 19:06 - 00001888 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk
2013-10-09 19:06 - 2013-10-09 19:06 - 00001863 _____ C:\Users\Public\Desktop\Virtualizovaný Comodo Dragon.lnk
2013-10-09 19:06 - 2013-10-09 19:06 - 00000599 _____ C:\Users\Public\Desktop\Sdílený prostor.lnk
2013-10-09 19:04 - 2013-10-09 19:06 - 00000000 ___SD C:\ProgramData\Shared Space
2013-10-09 19:02 - 2013-10-09 19:02 - 00000000 ____D C:\Program Files\AdTrustMedia
2013-10-09 19:01 - 2013-10-09 19:06 - 00000000 ____D C:\ProgramData\COMODO
2013-10-09 19:01 - 2013-10-09 19:01 - 00000000 ____D C:\ProgramData\Adtrustmedia
2013-10-09 19:00 - 2013-10-29 18:32 - 00048392 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2013-10-09 19:00 - 2013-10-29 18:32 - 00000000 ____D C:\Program Files\Comodo
2013-10-09 19:00 - 2013-10-09 19:00 - 00001080 _____ C:\Users\Public\Desktop\Comodo Dragon.lnk
2013-10-09 19:00 - 2013-10-09 19:00 - 00000000 ____D C:\Users\host\AppData\Local\Comodo
2013-10-09 18:59 - 2013-10-09 18:59 - 00000000 ____D C:\ProgramData\Comodo Downloader
2013-10-09 18:42 - 2013-10-09 18:56 - 214262072 _____ (COMODO) C:\Users\host\Downloads\cispremium_installer.exe
2013-10-08 19:49 - 2013-10-08 19:57 - 04452670 _____ C:\Users\host\Downloads\Výstupy_z_proj-konečné_vezre.zip
2013-10-07 06:17 - 2013-10-07 06:17 - 00015400 _____ C:\Windows\system32\Drivers\hmd.sys

==================== One Month Modified Files and Folders =======

2013-11-06 20:43 - 2013-11-06 20:43 - 00000000 ____D C:\FRST
2013-11-06 20:42 - 2013-11-06 20:42 - 00000000 _____ C:\Users\host\Downloads\FRSTLauncher.exe
2013-11-06 20:42 - 2013-11-06 20:42 - 00000000 _____ C:\Users\host\Downloads\FRSTLauncher(1).exe
2013-11-06 20:42 - 2013-10-09 19:06 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2013-11-06 20:42 - 2012-07-30 17:50 - 00000000 ____D C:\Users\host\AppData\Roaming\Skype
2013-11-06 20:41 - 2013-11-06 20:41 - 01089445 _____ (Farbar) C:\Users\host\Desktop\FRST.exe
2013-11-06 20:40 - 2013-11-06 20:35 - 00000000 ____D C:\Program Files\trend micro
2013-11-06 20:39 - 2009-07-14 05:34 - 00015360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-06 20:39 - 2009-07-14 05:34 - 00015360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-06 20:35 - 2013-11-06 20:35 - 00000000 ____D C:\rsit
2013-11-06 20:34 - 2013-11-06 20:34 - 00781909 _____ C:\Users\host\Desktop\RSIT.exe
2013-11-06 20:33 - 2010-12-14 11:57 - 01737806 _____ C:\Windows\WindowsUpdate.log
2013-11-06 20:29 - 2012-07-31 16:45 - 00000958 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1003UA.job
2013-11-06 20:26 - 2013-08-27 22:29 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-06 20:24 - 2010-12-14 13:18 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1000UA.job
2013-11-06 18:28 - 2010-12-14 12:10 - 01585078 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-06 18:25 - 2013-09-22 20:09 - 00000000 ___RD C:\Users\host\Dropbox
2013-11-06 18:25 - 2013-09-22 20:05 - 00000000 ____D C:\Users\host\AppData\Roaming\Dropbox
2013-11-06 18:24 - 2010-12-14 13:18 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1000Core.job
2013-11-06 17:40 - 2013-09-17 14:01 - 00000000 ____D C:\Users\host\Desktop\jazykovka_Kotlarska
2013-11-06 17:29 - 2012-07-31 16:45 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1003Core.job
2013-11-06 17:12 - 2013-01-20 14:19 - 00018648 _____ C:\Windows\setupact.log
2013-11-06 17:12 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-05 18:51 - 2013-11-05 18:51 - 00000000 ____D C:\Users\host\AppData\Roaming\Malwarebytes
2013-11-05 18:50 - 2013-11-05 18:50 - 00001073 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-05 18:50 - 2013-11-05 18:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-05 18:50 - 2013-11-05 18:50 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-05 18:49 - 2013-11-05 18:48 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\host\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-30 15:45 - 2013-10-30 15:44 - 08382123 _____ C:\Users\host\Downloads\opraveno_nový.rar
2013-10-30 15:38 - 2013-09-10 12:55 - 00000000 ____D C:\Users\host\Desktop\CPR
2013-10-30 15:36 - 2013-10-30 15:36 - 00000000 ____D C:\Users\host\Documents\opraveno_nový
2013-10-29 18:32 - 2013-10-29 18:32 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\gdiplus.dll
2013-10-29 18:32 - 2013-10-09 19:00 - 00048392 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2013-10-29 18:32 - 2013-10-09 19:00 - 00000000 ____D C:\Program Files\Comodo
2013-10-23 20:30 - 2013-10-23 17:00 - 00000000 ____D C:\Users\host\Documents\Lexicon
2013-10-23 18:03 - 2013-10-23 16:57 - 00000000 ____D C:\Users\host\Desktop\Lexicon 5 Anglický slovník Platinum
2013-10-23 17:28 - 2013-10-23 17:28 - 00001113 _____ C:\Users\Public\Desktop\Lingea Lexicon 5.lnk
2013-10-23 17:28 - 2013-10-23 17:28 - 00001108 _____ C:\Users\Public\Desktop\Lingea LexWin.lnk
2013-10-23 17:28 - 2013-10-23 17:25 - 00000000 ____D C:\Program Files\Common Files\Lingea Shared
2013-10-23 17:23 - 2013-10-23 17:23 - 00000000 ____D C:\Program Files\Lingea
2013-10-23 16:06 - 2013-01-10 21:44 - 00000000 ____D C:\Users\host\Desktop\Klárka
2013-10-22 12:43 - 2013-10-22 12:43 - 00002019 _____ C:\Users\Public\Desktop\GeekBuddy.lnk
2013-10-22 12:43 - 2013-10-22 12:43 - 00000000 ____D C:\Program Files\Common Files\COMODO
2013-10-13 20:21 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2013-10-10 16:28 - 2013-08-27 22:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-10 16:28 - 2011-09-12 15:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 19:18 - 2013-09-22 20:09 - 00001250 _____ C:\Users\host\Desktop\Dropbox.lnk
2013-10-09 19:18 - 2012-07-31 17:03 - 00002628 _____ C:\Users\host\Desktop\google.lnk
2013-10-09 19:09 - 2011-10-03 20:14 - 00000000 ___RD C:\Program Files\Skype
2013-10-09 19:09 - 2011-10-03 20:14 - 00000000 ____D C:\ProgramData\Skype
2013-10-09 19:08 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\LogFiles
2013-10-09 19:06 - 2013-10-09 19:06 - 00001888 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk
2013-10-09 19:06 - 2013-10-09 19:06 - 00001863 _____ C:\Users\Public\Desktop\Virtualizovaný Comodo Dragon.lnk
2013-10-09 19:06 - 2013-10-09 19:06 - 00000599 _____ C:\Users\Public\Desktop\Sdílený prostor.lnk
2013-10-09 19:06 - 2013-10-09 19:04 - 00000000 ___SD C:\ProgramData\Shared Space
2013-10-09 19:06 - 2013-10-09 19:01 - 00000000 ____D C:\ProgramData\COMODO
2013-10-09 19:02 - 2013-10-09 19:02 - 00000000 ____D C:\Program Files\AdTrustMedia
2013-10-09 19:01 - 2013-10-09 19:01 - 00000000 ____D C:\ProgramData\Adtrustmedia
2013-10-09 19:00 - 2013-10-09 19:00 - 00001080 _____ C:\Users\Public\Desktop\Comodo Dragon.lnk
2013-10-09 19:00 - 2013-10-09 19:00 - 00000000 ____D C:\Users\host\AppData\Local\Comodo
2013-10-09 18:59 - 2013-10-09 18:59 - 00000000 ____D C:\ProgramData\Comodo Downloader
2013-10-09 18:56 - 2013-10-09 18:42 - 214262072 _____ (COMODO) C:\Users\host\Downloads\cispremium_installer.exe
2013-10-08 19:57 - 2013-10-08 19:49 - 04452670 _____ C:\Users\host\Downloads\Výstupy_z_proj-konečné_vezre.zip
2013-10-07 06:17 - 2013-10-07 06:17 - 00015400 _____ C:\Windows\system32\Drivers\hmd.sys

Some content of TEMP:
====================
C:\Users\host\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Výroba\AppData\Local\Temp\7z.dll
C:\Users\Výroba\AppData\Local\Temp\install_flashplayer10ax_gtba_aih[1].exe
C:\Users\Výroba\AppData\Local\Temp\ose00000.exe
C:\Users\Výroba\AppData\Local\Temp\wmpfirefoxplugin.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-31 21:54

==================== End Of Log ============================

[daveing]

Přikládám adition, nelze přidat příponu aditon a comodo jsem aktualizoval.

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-10-2013
Ran by host at 2013-11-06 20:47:26
Running from C:\Users\host\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET Smart Security 4.2 (Disabled - Out of date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: COMODO Antivirus (Disabled - Up to date) {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
AS: ESET Smart Security 4.2 (Disabled - Out of date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Antivirus (Disabled - Up to date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Disabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
FW: ESET personal firewall (Disabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system (Version: 12.0.6612.1000)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader 9.4.1 - Czech (Version: 9.4.1)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
CCleaner (Version: 3.26)
Comodo Dragon (Version: 29.1.0.0)
COMODO Internet Security Premium (Version: 6.3.32439.2937)
Defraggler (Version: 2.10)
Dropbox (HKCU Version: 2.0.26)
ESET Smart Security (Version: 4.2.67.13)
GeekBuddy (Version: 4.9.73)
Google Chrome (HKCU Version: 30.0.1599.101)
ICQ7.5 (Version: 7.5)
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.1867)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java DB 10.5.3.0 (Version: 10.5.3.0)
Java(TM) 6 Update 27 (Version: 6.0.270)
Java(TM) SE Development Kit 6 Update 20 (Version: 1.6.0.200)
Lenovo Auto Scroll Utility (Version: 1.11)
Lenovo System Interface Driver (Version: 1.05)
Lingea Lexicon 5
Malwarebytes Anti-Malware verze 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended CSY Language Pack (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Czech) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Czech) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook MUI (Czech) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Czech) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Czech) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Slovak) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Czech) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Czech) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Czech) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 24.0 (x86 cs) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Nokia Connectivity Cable Driver (Version: 7.1.36.0)
On Screen Display (Version: 6.61.00)
PC Connectivity Solution (Version: 10.50.2.0)
PDFCreator (Version: 1.0.2)
pdfforge Toolbar v4.3 (Version: 4.3)
PrivDog (Version: 1.5.0.14)
SAMSUNG Intelli-studio
Samsung Universal Print Driver (Version: 2.02.05.00:24)
Skype Click to Call (Version: 6.7.12055)
Skype™ 6.9 (Version: 6.9.106)
Software602 Form Filler (Version: 4.00)
Software602 Print2PDF (Version: 9.0.10.1208)
ThinkPad FullScreen Magnifier (Version: 2.40)
ThinkPad Modem (Version: 7.62.00)
ThinkPad TrackPoint Driver (Version: 4.71.0.0)
Total Commander (Remove or Repair)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition
USB over IP Server (Version: 0.10.0308.0046)
Volume Activation Management Tool 2.0 (Version: 2.0.67.0)
WebMate (Version: 3.2.0.4)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
YouTube Downloader 3.3

==================== Restore Points =========================

05-09-2013 15:35:58 Naplánovaný kontrolní bod
23-09-2013 19:56:07 Naplánovaný kontrolní bod
03-10-2013 19:42:14 Naplánovaný kontrolní bod
09-10-2013 18:04:49 Instalace balíčku ovladače zařízení: COMODO Síťová služba
17-10-2013 20:43:49 Naplánovaný kontrolní bod
31-10-2013 21:02:16 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00B0A605-3D6E-4CDB-8445-F8FDF2EAA7C1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1003Core => C:\Users\host\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-31] (Google Inc.)
Task: {063F3677-BCB0-47F9-B508-36FFBB3DE257} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {36A9C584-5392-407C-8868-F14E9106F5A2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1000UA => C:\Users\Výroba\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-14] (Google Inc.)
Task: {4EB6B547-1F04-4D56-A092-4CF8E0747331} - System32\Tasks\Google Updater and Installer => C:\Users\host\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-31] (Google Inc.)
Task: {4EC58DB3-6690-4956-9C72-631C353D9EDB} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\Comodo\COMODO Internet Security\cfpconfg.exe [2013-09-24] (COMODO)
Task: {587B58DC-0FF7-4FFE-9C16-62436F5443A7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1000Core => C:\Users\Výroba\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-14] (Google Inc.)
Task: {5AAABFA8-D01C-44CC-A932-DB3917EE6584} - System32\Tasks\{FAF1115C-239C-4314-8F8C-2453C90F4E42} => Firefox.exe http://ui.skype.com/ui/0/6.6.0.106/cs/a ... age=tsMain
Task: {69FDEF99-2F15-4FC1-AFC8-578F8C4305A0} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\Comodo\COMODO Internet Security\cfpconfg.exe [2013-09-24] (COMODO)
Task: {AD682655-5493-4B10-AFC6-70E5249051B8} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)
Task: {ADB79A98-B94B-4D36-B75A-60D01836EB5C} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\Program Files\Comodo\COMODO Internet Security\cis.exe [2013-10-20] (COMODO)
Task: {C2692AE5-E3F9-47D1-BCE0-1D257AAAA404} - System32\Tasks\{ECCB4987-F05D-48D3-A614-5F726C69FCF3} => Firefox.exe http://ui.skype.com/ui/0/6.3.59.105/cs/ ... rogressBar
Task: {C6730024-41E1-4846-840A-764A36C88A18} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {CEE6D1AE-3670-44B7-BA32-2F26B8DE9980} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\Comodo\COMODO Internet Security\cfpconfg.exe [2013-09-24] (COMODO)
Task: {D51C2C2B-A196-4081-8633-0E18C2EF495F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1003UA => C:\Users\host\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-31] (Google Inc.)
Task: {DD19B719-A224-4D30-8A8C-D3F51240DAC8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: {F00575C8-FB88-49CC-AA39-60C4F6814FA7} - System32\Tasks\{4E8A55F7-9265-43C0-8F94-D93EB5E1DA89} => Firefox.exe http://ui.skype.com/ui/0/6.0.59.126/cs/ ... rogressBar
Task: {F9962308-6F41-46A3-A55B-9B833ADDBE78} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03] (Adobe Systems Incorporated)
Task: {FDCEC201-2E14-481B-9F02-74667257BD99} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\Comodo\COMODO Internet Security\cfpconfg.exe [2013-09-24] (COMODO)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1000Core.job => C:\Users\Výroba\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1000UA.job => C:\Users\Výroba\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1003Core.job => C:\Users\host\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1003UA.job => C:\Users\host\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-12-14 12:56 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2011-01-03 13:23 - 2010-12-02 01:13 - 00214528 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\Software602.dll
2011-10-05 02:52 - 2011-10-05 02:52 - 00756048 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\host\AppData\Roaming\Dropbox\bin\libcef.dll
2011-07-08 20:14 - 2013-10-01 20:23 - 03279768 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Lenovo PM Device
Description: Lenovo PM Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Lenovo
Service: IBMPMDRV
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/06/2013 08:24:27 PM) (Source: Application Hang) (User: )
Description: Program iexplore.exe verze 8.0.7601.17514 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: f98

Čas spuštění: 01cedb25ac33dd6f

Čas ukončení: 250

Cesta k aplikaci: C:\Program Files\Internet Explorer\iexplore.exe

ID hlášení: 04feb2e6-4719-11e3-8c93-0016d3b749b3

Error: (11/06/2013 07:02:51 PM) (Source: Microsoft Office 12) (User: )
Description: Accepted Safe Mode action : Microsoft Office PowerPoint.

Error: (11/06/2013 05:14:24 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: BM.exe, verze: 1.0.0.3, časové razítko: 0x47ba78bd
Název chybujícího modulu: BM.exe, verze: 1.0.0.3, časové razítko: 0x47ba78bd
Kód výjimky: 0xc0000005
Posun chyby: 0x0000ab86
ID chybujícího procesu: 0x968
Čas spuštění chybující aplikace: 0xBM.exe0
Cesta k chybující aplikaci: BM.exe1
Cesta k chybujícímu modulu: BM.exe2
ID zprávy: BM.exe3

Error: (11/05/2013 04:18:28 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: BM.exe, verze: 1.0.0.3, časové razítko: 0x47ba78bd
Název chybujícího modulu: BM.exe, verze: 1.0.0.3, časové razítko: 0x47ba78bd
Kód výjimky: 0xc0000005
Posun chyby: 0x0000ab86
ID chybujícího procesu: 0x178
Čas spuštění chybující aplikace: 0xBM.exe0
Cesta k chybující aplikaci: BM.exe1
Cesta k chybujícímu modulu: BM.exe2
ID zprávy: BM.exe3

Error: (11/03/2013 09:38:35 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: BM.exe, verze: 1.0.0.3, časové razítko: 0x47ba78bd
Název chybujícího modulu: BM.exe, verze: 1.0.0.3, časové razítko: 0x47ba78bd
Kód výjimky: 0xc0000005
Posun chyby: 0x0000ab86
ID chybujícího procesu: 0x26c
Čas spuštění chybující aplikace: 0xBM.exe0
Cesta k chybující aplikaci: BM.exe1
Cesta k chybujícímu modulu: BM.exe2
ID zprávy: BM.exe3

Error: (10/31/2013 10:02:01 PM) (Source: Software Protection Platform Service) (User: )
Description: Získání lístku pravosti se u šablony s ID 66c92734-d682-4d71-983e-d6ec3f16059f nezdařilo (hr=0x80072EE7)

Error: (10/31/2013 10:02:01 PM) (Source: Software Protection Platform Service) (User: )
Description: Podrobnosti chyby získávání licence
hr=0x80072EE7

Error: (10/31/2013 09:05:41 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: BM.exe, verze: 1.0.0.3, časové razítko: 0x47ba78bd
Název chybujícího modulu: BM.exe, verze: 1.0.0.3, časové razítko: 0x47ba78bd
Kód výjimky: 0xc0000005
Posun chyby: 0x0000ab86
ID chybujícího procesu: 0xa58
Čas spuštění chybující aplikace: 0xBM.exe0
Cesta k chybující aplikaci: BM.exe1
Cesta k chybujícímu modulu: BM.exe2
ID zprávy: BM.exe3

Error: (10/31/2013 06:07:28 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: BM.exe, verze: 1.0.0.3, časové razítko: 0x47ba78bd
Název chybujícího modulu: BM.exe, verze: 1.0.0.3, časové razítko: 0x47ba78bd
Kód výjimky: 0xc0000005
Posun chyby: 0x0000ab86
ID chybujícího procesu: 0xe14
Čas spuštění chybující aplikace: 0xBM.exe0
Cesta k chybující aplikaci: BM.exe1
Cesta k chybujícímu modulu: BM.exe2
ID zprávy: BM.exe3

Error: (10/31/2013 07:26:38 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: BM.exe, verze: 1.0.0.3, časové razítko: 0x47ba78bd
Název chybujícího modulu: BM.exe, verze: 1.0.0.3, časové razítko: 0x47ba78bd
Kód výjimky: 0xc0000005
Posun chyby: 0x0000ab86
ID chybujícího procesu: 0xe2c
Čas spuštění chybující aplikace: 0xBM.exe0
Cesta k chybující aplikaci: BM.exe1
Cesta k chybujícímu modulu: BM.exe2
ID zprávy: BM.exe3


System errors:
=============
Error: (11/06/2013 06:51:52 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšné provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte se na správce.

Error: (11/06/2013 06:24:30 PM) (Source: Disk) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR2.

Error: (11/06/2013 06:24:29 PM) (Source: Disk) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR2.

Error: (11/06/2013 06:24:29 PM) (Source: Disk) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR2.

Error: (11/06/2013 06:24:27 PM) (Source: Disk) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR2.

Error: (11/06/2013 06:24:26 PM) (Source: Disk) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR2.

Error: (11/06/2013 05:21:45 PM) (Source: DCOM) (User: )
Description: {005A3A96-BAC4-4B0A-94EA-C0CE100EA736}

Error: (11/06/2013 05:21:14 PM) (Source: Service Control Manager) (User: )
Description: Služba Centrum zabezpečení byla ukončena s následující chybou:
%%16389

Error: (11/06/2013 05:19:06 PM) (Source: Service Control Manager) (User: )
Description: Při čekání na odezvu transakce služby LanmanServer bylo dosaženo časového limitu (30000 ms).

Error: (11/06/2013 05:16:54 PM) (Source: TermService) (User: )
Description: Terminálový server nemohl pro používání k ověření serveru zaregistrovat hlavní název služby TERMSRV. Došlo k následující chybě: Zadaná doména neexistuje nebo není k dispozici.
.


Microsoft Office Sessions:
=========================
Error: (08/27/2013 02:25:57 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17908 seconds with 4980 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 72%
Total physical RAM: 1526.49 MB
Available physical RAM: 420.58 MB
Total Pagefile: 3052.98 MB
Available Pagefile: 1245.83 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.87 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:144.74 GB) (Free:81.54 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive f: (KINGSTON) (Removable) (Total:14.78 GB) (Free:11.97 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 813E558D)
Partition 1: (Active) - (Size=145 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=4 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)

==================== End Of Log ============================

[Rudy]

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start
Task: {00B0A605-3D6E-4CDB-8445-F8FDF2EAA7C1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1003Core => C:\Users\host\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-31] (Google Inc.)
Task: {36A9C584-5392-407C-8868-F14E9106F5A2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1000UA => C:\Users\Výroba\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-14] (Google Inc.)
Task: {D51C2C2B-A196-4081-8633-0E18C2EF495F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1003UA => C:\Users\host\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-31] (Google Inc.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No File
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
FF SearchEngineOrder.3: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP21DF& ... =040413&q=
CHR HomePage: hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=040413
CHR RestoreOnStartup: "hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=040413"
CHR Plugin: (Skype Toolbars) - C:\Users\host\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\npSkypeChromePlugin.dll No File
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
C:\Users\host\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[daveing]

Tak po provedení mi to napsalo:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-11-2013 01
Ran by host at 2013-11-12 17:40:58 Run:1
Running from C:\Users\host\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************

*****************


==== End of Fixlog ====

[Rudy]

Máte plná práva k vašemu profilu? Profil "host" je obvykle nemá.

[daveing]

No, právěže nevím, ale myslím, že by tu práva být měla, můžu to zkusit udělat ještě jednou.

[Rudy]

Profil musí mít práva admina.

[daveing]

Tak ano, má admin práva, můžu instalovat, můžu cokoliv měnit, takže admin práva by měli být.

[Rudy]

Tak jinudy. Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[daveing]

Log combofixu je tu.

ComboFix 13-12-10.01 - host 10.12.2013 18:16:29.2.1 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.1526.896 [GMT 1:00]
Spuštìný z: c:\users\host\Desktop\ComboFix.exe
AV: COMODO Antivirus *Disabled/Outdated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: COMODO Antivirus *Disabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\FlashPlayerApp.exe
.
---- Pøedchozí spuštìní -------
.
c:\programdata\Roaming
.
.
((((((((((((((((((((((((( Soubory vytvoøené od 2013-11-10 do 2013-12-10 )))))))))))))))))))))))))))))))
.
.
2013-12-10 17:37 . 2013-12-10 17:37 -------- d-----w- c:\users\Výroba\AppData\Local\temp
2013-12-10 17:37 . 2013-12-10 17:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-10 17:37 . 2013-12-10 17:37 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-12-05 20:03 . 2013-12-05 20:03 -------- d-----w- c:\program files\Common Files\COMODO
2013-11-25 21:49 . 2013-11-25 21:49 48392 ----a-w- c:\windows\system32\certsentry.dll
2013-11-14 21:18 . 2013-12-10 19:16 -------- d-----w- c:\users\host\AppData\Local\temp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-25 16:57 . 2012-10-20 15:29 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-11-25 16:57 . 2012-10-12 18:08 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-11-24 19:01 . 2011-09-12 14:03 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-14 11:38 . 2013-09-24 09:54 582936 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-11-14 11:38 . 2013-09-24 09:53 36000 ----a-w- c:\windows\system32\cmdcsr.dll
2013-11-12 18:36 . 2012-11-01 15:44 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-11-10 17:40 . 2012-10-12 18:08 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-10-29 17:32 . 2013-10-29 17:32 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2013-10-07 05:17 . 2013-10-07 05:17 15400 ----a-w- c:\windows\system32\drivers\hmd.sys
2013-10-07 05:17 . 2013-10-07 05:17 15400 ----a-w- c:\windows\inf\HMD\hmd.sys
2013-09-24 09:54 . 2013-09-24 09:54 85464 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 09:54 . 2013-09-24 09:54 44752 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 09:54 . 2013-09-24 09:54 20072 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 09:53 . 2013-09-24 09:53 354240 ----a-w- c:\windows\system32\guard32.dll
2013-09-24 09:53 . 2013-09-24 09:53 40664 ----a-w- c:\windows\system32\cmdkbd32.dll
2013-09-24 09:53 . 2013-09-24 09:53 280792 ----a-w- c:\windows\system32\cmdvrt32.dll
2010-02-10 02:18 . 2011-09-19 16:25 2131336 ----a-w- c:\program files\Common Files\AskToolbarInstaller.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštìcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\host\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\host\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\host\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-10-21 20549280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Print2PDF Print Monitor"="c:\program files\Software602\Print2PDF\Print2PDF.exe" [2010-12-03 141368]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"TrackPointSrv"="c:\program files\Lenovo\TrackPoint\tp4serv.exe" [2009-11-24 93032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-06 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-06 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-06 150552]
"BMISR"="c:\program files\KYE\WebMate\BM.exe" [2008-02-19 229376]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-11-11 1576152]
"tvncontrol"="c:\program files\Common Files\COMODO\GeekBuddyRSP.exe" [2013-11-28 2327248]
.
c:\users\host\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Lingea Update Center.lnk - c:\program files\Common Files\Lingea Shared\luc.exe [2013-10-23 275736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Start GeekBuddy.lnk - c:\program files\Comodo\GeekBuddy\launcher.exe "unit_manager.exe" [2013-11-28 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\host\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2011-07-12 101736]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-07-12 131432]
R2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2011-07-12 142696]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-10-19 140800]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys [2007-03-26 38784]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 131288]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [2010-08-09 131888]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-14 1343400]
S1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys [2013-05-07 35064]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2013-09-24 20072]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2013-11-14 582936]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2013-09-24 44752]
S1 HMD;COMODO livePCsupport Hardware Monitor Driver;c:\windows\system32\DRIVERS\hmd.sys [2013-10-07 15400]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2010-09-07 13680]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files\Common Files\COMODO\launcher_service.exe [2013-11-28 70352]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [2013-11-11 2098880]
S2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files\Common Files\COMODO\GeekBuddyRSP.exe [2013-11-28 2327248]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 127336]
S3 EST_BusEnum;Network USB Device Bus;c:\windows\system32\DRIVERS\GenBus.sys [2009-10-06 27136]
S3 NUS_Bus;Network USB Server Bus;c:\windows\system32\DRIVERS\NUS_Bus.sys [2010-01-28 27392]
S3 Tp4Track;PS/2 TrackPoint Driver;c:\windows\system32\DRIVERS\tp4track.sys [2009-11-24 23152]
.
.
Obsah adresáøe 'Naplánované úlohy'
.
2013-12-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-27 19:01]
.
2013-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1003Core.job
- c:\users\host\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-31 15:45]
.
2013-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1003UA.job
- c:\users\host\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-31 15:45]
.
.
------- Doplòkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{98BC5212-5C11-437E-B7BC-C9DD25832303}: NameServer = 156.154.70.25,156.154.71.25
FF - ProfilePath - c:\users\host\AppData\Roaming\Mozilla\Firefox\Profiles\hzqsp59w.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=040413
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP21DF&PC=UP21&dt=040413&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-11-06 21:11; {fe272bd1-5f76-4ea4-8501-a05d35d823fc}; c:\users\host\AppData\Roaming\Mozilla\Firefox\Profiles\hzqsp59w.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
FF - ExtSQL: 2013-11-12 18:00; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
.
--------------------- ZAMKNUTÉ KLÍÈE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na bìžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2864)
c:\windows\system32\guard32.dll
c:\users\host\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
c:\windows\System32\CSCDLL.dll
c:\windows\System32\npmproxy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\windows\system32\AEADISRV.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\COMODO\COMODO Internet Security\cavwp.exe
c:\windows\system32\taskhost.exe
c:\progra~1\LENOVO\VIRTSCRL\virtscrl.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Comodo\GeekBuddy\unit_manager.exe
c:\program files\Comodo\GeekBuddy\unit.exe
c:\program files\Comodo\COMODO Internet Security\cis.exe
.
**************************************************************************
.
Celkový èas: 2013-12-10 20:33:41 - poèítaè byl restartován
ComboFix-quarantined-files.txt 2013-12-10 19:33
.
Pøed spuštìním: Volných bajtù: 94 188 871 680
Po spuštìní: Volných bajtù: 93 954 084 864
.
- - End Of File - - C77DDE115024FEAE79FE02FACD5C8AF9
A36C5E4F47E84449FF07ED3517B43A31

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1003Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1003UA.job

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

Firefox::
FF - ProfilePath - c:\users\host\AppData\Roaming\Mozilla\Firefox\Profiles\hzqsp59w.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=040413
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP21DF& ... =040413&q=

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComoboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[daveing]

Doběhlo, tady je log.

ComboFix 13-12-18.01 - host 19.12.2013 19:49:38.3.1 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.1526.527 [GMT 1:00]
Spuštěný z: c:\users\host\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\host\Desktop\CFScript.txt
AV: COMODO Antivirus *Disabled/Updated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: COMODO Antivirus *Disabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1003Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1003UA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-19 do 2013-12-19 )))))))))))))))))))))))))))))))
.
.
2013-12-19 19:11 . 2013-12-19 19:11 -------- d-----w- c:\users\Výroba\AppData\Local\temp
2013-12-19 19:11 . 2013-12-19 19:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-19 19:11 . 2013-12-19 19:11 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-12-19 13:29 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2013-12-19 13:29 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2013-12-19 13:29 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-12-19 13:29 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2013-12-19 13:28 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2013-12-19 13:28 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2013-12-19 13:28 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-12-19 13:28 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-12-19 13:28 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-12-17 20:26 . 2013-12-17 21:26 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-17 16:02 . 2013-12-17 16:02 -------- d-----w- c:\program files\Common Files\COMODO
2013-11-25 21:49 . 2013-11-25 21:49 48392 ----a-w- c:\windows\system32\certsentry.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-19 11:35 . 2012-10-20 15:29 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-12-17 21:26 . 2011-09-12 14:03 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-10 20:48 . 2012-10-12 18:08 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-12-10 20:48 . 2012-11-01 15:44 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-11-25 16:57 . 2012-10-12 18:08 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-11-14 11:38 . 2013-09-24 09:54 582936 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-11-14 11:38 . 2013-09-24 09:53 36000 ----a-w- c:\windows\system32\cmdcsr.dll
2013-10-29 17:32 . 2013-10-29 17:32 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2013-10-07 05:17 . 2013-10-07 05:17 15400 ----a-w- c:\windows\system32\drivers\hmd.sys
2013-10-07 05:17 . 2013-10-07 05:17 15400 ----a-w- c:\windows\inf\HMD\hmd.sys
2013-09-24 09:54 . 2013-09-24 09:54 85464 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 09:54 . 2013-09-24 09:54 44752 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 09:54 . 2013-09-24 09:54 20072 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 09:53 . 2013-09-24 09:53 354240 ----a-w- c:\windows\system32\guard32.dll
2013-09-24 09:53 . 2013-09-24 09:53 40664 ----a-w- c:\windows\system32\cmdkbd32.dll
2013-09-24 09:53 . 2013-09-24 09:53 280792 ----a-w- c:\windows\system32\cmdvrt32.dll
2010-02-10 02:18 . 2011-09-19 16:25 2131336 ----a-w- c:\program files\Common Files\AskToolbarInstaller.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\host\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\host\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\host\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-14 20584608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Print2PDF Print Monitor"="c:\program files\Software602\Print2PDF\Print2PDF.exe" [2010-12-03 141368]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"TrackPointSrv"="c:\program files\Lenovo\TrackPoint\tp4serv.exe" [2009-11-24 93032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-06 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-06 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-06 150552]
"BMISR"="c:\program files\KYE\WebMate\BM.exe" [2008-02-19 229376]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-11-11 1576152]
"tvncontrol"="c:\program files\Common Files\COMODO\GeekBuddyRSP.exe" [2013-12-13 2327248]
.
c:\users\host\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Lingea Update Center.lnk - c:\program files\Common Files\Lingea Shared\luc.exe [2013-10-23 275736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Start GeekBuddy.lnk - c:\program files\Comodo\GeekBuddy\launcher.exe "unit_manager.exe" [2013-12-13 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\host\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2011-07-12 101736]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-07-12 131432]
R2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2011-07-12 142696]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-10-19 140800]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys [2007-03-26 38784]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 131288]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [2010-08-09 131888]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-14 1343400]
S1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys [2013-05-07 35064]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2013-09-24 20072]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2013-11-14 582936]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2013-09-24 44752]
S1 HMD;COMODO livePCsupport Hardware Monitor Driver;c:\windows\system32\DRIVERS\hmd.sys [2013-10-07 15400]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2010-09-07 13680]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files\Common Files\COMODO\launcher_service.exe [2013-12-13 70352]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [2013-11-11 2098880]
S2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files\Common Files\COMODO\GeekBuddyRSP.exe [2013-12-13 2327248]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 127336]
S3 EST_BusEnum;Network USB Device Bus;c:\windows\system32\DRIVERS\GenBus.sys [2009-10-06 27136]
S3 NUS_Bus;Network USB Server Bus;c:\windows\system32\DRIVERS\NUS_Bus.sys [2010-01-28 27392]
S3 Tp4Track;PS/2 TrackPoint Driver;c:\windows\system32\DRIVERS\tp4track.sys [2009-11-24 23152]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-27 21:26]
.
2013-12-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1003Core.job
- c:\users\host\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-31 15:45]
.
2013-12-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4127864644-3789871463-183690641-1003UA.job
- c:\users\host\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-31 15:45]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{98BC5212-5C11-437E-B7BC-C9DD25832303}: NameServer = 156.154.70.25,156.154.71.25
FF - ProfilePath - c:\users\host\AppData\Roaming\Mozilla\Firefox\Profiles\hzqsp59w.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-11-06 21:11; {fe272bd1-5f76-4ea4-8501-a05d35d823fc}; c:\users\host\AppData\Roaming\Mozilla\Firefox\Profiles\hzqsp59w.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
FF - ExtSQL: 2013-11-12 18:00; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(540)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'Explorer.exe'(2444)
c:\windows\system32\guard32.dll
c:\users\host\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
c:\windows\system32\prnfldr.dll
c:\windows\system32\Wlanapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\windows\system32\AEADISRV.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\COMODO\COMODO Internet Security\cavwp.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\taskhost.exe
c:\progra~1\LENOVO\VIRTSCRL\virtscrl.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Comodo\COMODO Internet Security\cis.exe
c:\program files\Comodo\GeekBuddy\unit_manager.exe
c:\program files\Comodo\GeekBuddy\unit.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2013-12-19 20:35:44 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-19 19:35
ComboFix2.txt 2013-12-10 19:33
.
Před spuštěním: Volných bajtů: 92 619 554 816
Po spuštění: Volných bajtů: 92 370 546 688
.
- - End Of File - - CEDADFE4CFDAAB9FE6F7BF40DAC6EC78
A36C5E4F47E84449FF07ED3517B43A31

[Rudy]

Smazáno. Log již vypadá OK.

[daveing]

Čím může tedy býti to, že se PC sám odpojuje od internetu? Na druhém PC se toto neděje, třeba to po opravě (ComboFix atd.) odezní.

[Rudy]

Ještě zkuste přeinstalovat ovladač síť. karty.