Kontrola logu - prosím o pomoc

[Vhaveja]

Dobrý den,

prosím Vás o kontrolu logu. Počítač funguje velmi zpomaleně, často se hlasitě točí větráček, zahřívá se a někdy se notebook úplně vypne.

Pročistil jsem ho cc cleanerem, provedu ještě degragmentaci disku. Nejsem však odborník, proto Vás prosím o pomoc. Díky.


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 02
Ran by Gábinka (administrator) on GÁBINKA-PC on 17-01-2014 20:49:48
Running from C:\Users\Gábinka\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
() C:\Windows\PLFSetI.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Users\Gábinka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Gábinka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Gábinka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Gábinka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Gábinka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Gábinka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Gábinka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Gábinka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Gábinka\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11046504 2010-07-13] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [818720 2010-02-26] (Acer Incorporated)
HKLM\...\Run: [OOTag] - C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe [13856 2010-02-23] (Microsoft)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-06-09] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-05-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [OOTag] - C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [830032 2009-11-26] (Dritek System Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Gábinka\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-28] (Google Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Ferrari\Screensaver\run_Ferrari.exe [154144 2009-12-16] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Ferrari\Screensaver\run_Ferrari.exe [154144 2009-12-16] ()

==================== Internet (Whitelisted) ====================

ProxyServer: 10.100.100.8:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 6j58n1i42p
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 6j58n1i42p
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... AW_csCZ477
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... AW_csCZ477
BHO: No Name - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\G\u00E1binka\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\G\u00E1binka\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\G\u00E1binka\AppData\Local\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\G\u00E1binka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Extension: (Disk Google) - C:\Users\Gábinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-01]
CHR Extension: (YouTube) - C:\Users\Gábinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-28]
CHR Extension: (Vyhled\u00E1v\u00E1n\u00ED Google) - C:\Users\Gábinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-28]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Gábinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2012-06-12]
CHR Extension: (Facebook Friend Inviter) - C:\Users\Gábinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fojfflomljfbdfdcfmiihnijjfnnakdn [2013-03-26]
CHR Extension: (Cloud Reader) - C:\Users\Gábinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2012-04-23]
CHR Extension: (Cheapstamatic) - C:\Users\Gábinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lamcdjgcnmmghjceofmdaghmgoehlkbn [2012-04-23]
CHR Extension: (Pen\u011B\u017Eenka Google) - C:\Users\Gábinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (piZap Photo Editor) - C:\Users\Gábinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\occpjibghkbopohbefbejkklnfdkdmok [2012-04-23]
CHR Extension: (Gmail) - C:\Users\Gábinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-28]
CHR StartMenuInternet: Google Chrome - C:\Users\Gábinka\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)

==================== Drivers (Whitelisted) ====================

S3 PCDSRVC{5368CD8C-E7E1FAF1-06020200}_0; \??\c:\users\admini~1\appdata\local\temp\zffjg6e4dzuu\pcdrdiag\bin\pcdsrvc_x64.pkms [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-17 20:49 - 2014-01-17 20:50 - 00011136 _____ C:\Users\Gábinka\Downloads\FRST.txt
2014-01-17 20:49 - 2014-01-17 20:49 - 00000000 ____D C:\FRST
2014-01-17 20:47 - 2014-01-17 20:47 - 02075648 _____ (Farbar) C:\Users\Gábinka\Downloads\FRST64.exe
2014-01-17 20:37 - 2014-01-17 20:37 - 00000056 _____ C:\Windows\setupact.log
2014-01-17 20:37 - 2014-01-17 20:37 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 20:35 - 2014-01-17 20:35 - 00000000 ____D C:\Windows\pss
2014-01-17 20:33 - 2014-01-17 20:33 - 00039074 _____ C:\Users\Gábinka\Desktop\cc_20140117_203320.reg
2014-01-15 20:55 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 20:55 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 20:55 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 20:55 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 20:55 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 20:55 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 20:55 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 20:55 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 20:55 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 20:51 - 2014-01-15 20:52 - 759115776 _____ C:\Users\Gábinka\Downloads\Sherlock.S03E01.The.Empty.Hearse.HDTV.XviD.avi
2014-01-15 19:17 - 2014-01-15 19:33 - 115106080 _____ C:\Users\Gábinka\Downloads\New Girl S03E12 HDTV x264-LOL.mp4.crdownload
2014-01-15 19:17 - 2014-01-15 19:17 - 00039538 _____ C:\Users\Gábinka\Downloads\New Girl - 03x12 - Basketsball.LOL.English.C.orig.Addic7ed.com.srt
2014-01-15 17:20 - 2014-01-15 17:20 - 00065995 _____ C:\Users\Gábinka\Downloads\SHERLOCK-S02E03-The-Reichenbach-Fall.zip
2014-01-15 17:20 - 2013-12-30 11:04 - 00082456 _____ C:\Users\Gábinka\Downloads\SHERLOCK S02E03 - The Reichenbach Fall (HDTV).srt
2014-01-15 17:20 - 2013-12-30 11:02 - 00077899 _____ C:\Users\Gábinka\Downloads\SHERLOCK S02E03 - The Reichenbach Fall (BRrip).srt
2014-01-15 17:20 - 2013-12-29 21:15 - 00000187 _____ C:\Users\Gábinka\Downloads\SHERLOCK S02E03 - Pasující verze.txt
2014-01-15 17:18 - 2014-01-15 17:19 - 733941760 _____ C:\Users\Gábinka\Downloads\Sherlock - s02e03 - The Reichenbach Fall.avi
2014-01-14 22:34 - 2014-01-14 22:34 - 00012884 _____ C:\Users\Gábinka\Downloads\e15478492c28a785e60c689d2bfd7b46108710a2.zip
2014-01-14 22:34 - 2014-01-14 07:56 - 00031920 _____ C:\Users\Gábinka\Downloads\Teen Wolf - 03x14 - More Bad Than Good.EXCELLENCE.English.C.orig.srt
2014-01-14 22:33 - 2014-01-14 22:44 - 255577681 _____ C:\Users\Gábinka\Downloads\Teen Wolf S03E14 HDTV x264-EXCELLENCE.mp4
2014-01-14 18:05 - 2014-01-14 18:08 - 733927424 _____ C:\Users\Gábinka\Downloads\Sherlock-s02e02-The-hounds-of-Baskerville--Pes-Baskervillský-+-cz-titulky.avi.crdownload
2014-01-14 17:58 - 2014-01-14 17:58 - 00074311 _____ C:\Users\Gábinka\Downloads\Sherlock.S02E02.The.Hounds.Of.Baskerville.srt
2014-01-14 17:46 - 2013-12-29 21:05 - 00074228 _____ C:\Users\Gábinka\Downloads\SHERLOCK S02E02 - The Hounds of Baskerville (HDTV).srt
2014-01-14 17:46 - 2013-12-29 21:05 - 00074227 _____ C:\Users\Gábinka\Downloads\SHERLOCK S02E02 - The Hounds of Baskerville (BRrip).srt
2014-01-14 17:46 - 2013-12-29 21:04 - 00074227 _____ C:\Users\Gábinka\Downloads\SHERLOCK S02E02 - The Hounds of Baskerville (Blu-ray).srt
2014-01-14 17:46 - 2013-12-29 21:02 - 00000532 _____ C:\Users\Gábinka\Downloads\SHERLOCK S02E02 - Pasující verze.txt
2014-01-14 17:45 - 2014-01-14 17:46 - 00092386 _____ C:\Users\Gábinka\Downloads\SHERLOCK-S02E02-The-Hounds-of-Baskerville.zip
2014-01-13 21:58 - 2014-01-13 22:01 - 734988288 _____ C:\Users\Gábinka\Downloads\Sherlock - s02e01 - A Scandal In Belgravia.avi
2014-01-13 17:27 - 2010-09-25 14:39 - 00098081 _____ C:\Users\Gábinka\Desktop\Sherlock S01E03.srt
2014-01-13 17:26 - 2014-01-12 23:42 - 734037218 _____ C:\Users\Gábinka\Desktop\Sherlock s01e03 - The Great Game.avi.crdownload
2014-01-13 16:54 - 2014-01-13 16:54 - 00049777 _____ C:\Users\Gábinka\Downloads\Pomucka_pro_mzdy_platna_od_ledna_2014_zipped.zip
2014-01-13 16:53 - 2014-01-13 16:53 - 00319283 _____ C:\Users\Gábinka\Downloads\Personalni_cinnost_priklady___zadani_zipped.zip
2014-01-13 16:39 - 2014-01-13 16:39 - 00037376 _____ C:\Users\Gábinka\Downloads\2_DPPO_-_transformace_HV_na_zaklad_dane_-_zadani.xls
2014-01-10 22:14 - 2014-01-10 22:15 - 364904448 _____ C:\Users\Gábinka\Downloads\Pretty-Little-Liars-S04E14---CZtitulky.avi.crdownload
2014-01-09 17:58 - 2014-01-09 18:00 - 147912006 _____ C:\Users\Gábinka\Downloads\New.Girl.S03E11.HDTV.x264-2HD.mp4.crdownload
2014-01-09 17:58 - 2014-01-09 17:58 - 00042192 _____ C:\Users\Gábinka\Downloads\New Girl - 03x11 - Clavado En Un Bar.2HD.English.HI.C.updated.Addic7ed.com.srt
2014-01-07 21:17 - 2014-01-07 21:17 - 00014623 _____ C:\Users\Gábinka\Desktop\APD dopis.odt
2014-01-03 21:27 - 2014-01-03 21:28 - 00000000 ____D C:\Users\Gábinka\Desktop\škola

==================== One Month Modified Files and Folders =======

2014-01-17 20:50 - 2014-01-17 20:49 - 00011136 _____ C:\Users\Gábinka\Downloads\FRST.txt
2014-01-17 20:49 - 2014-01-17 20:49 - 00000000 ____D C:\FRST
2014-01-17 20:47 - 2014-01-17 20:47 - 02075648 _____ (Farbar) C:\Users\Gábinka\Downloads\FRST64.exe
2014-01-17 20:45 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-17 20:45 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-17 20:44 - 2012-03-27 07:07 - 02092048 _____ C:\Windows\WindowsUpdate.log
2014-01-17 20:42 - 2012-03-27 16:55 - 00678234 _____ C:\Windows\system32\perfh005.dat
2014-01-17 20:42 - 2012-03-27 16:55 - 00139670 _____ C:\Windows\system32\perfc005.dat
2014-01-17 20:42 - 2009-07-14 06:13 - 01601472 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-17 20:39 - 2012-03-28 19:09 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-17 20:37 - 2014-01-17 20:37 - 00000056 _____ C:\Windows\setupact.log
2014-01-17 20:37 - 2014-01-17 20:37 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 20:37 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-17 20:37 - 2009-07-14 05:45 - 00444360 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-17 20:35 - 2014-01-17 20:35 - 00000000 ____D C:\Windows\pss
2014-01-17 20:33 - 2014-01-17 20:33 - 00039074 _____ C:\Users\Gábinka\Desktop\cc_20140117_203320.reg
2014-01-17 20:32 - 2010-06-10 12:59 - 00000000 ____D C:\Windows\Panther
2014-01-17 20:26 - 2010-06-10 12:42 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-17 20:24 - 2013-08-15 19:57 - 00000000 ____D C:\Windows\system32\MRT
2014-01-17 20:22 - 2012-12-01 14:03 - 00000000 ___RD C:\Users\Gábinka\Disk Google
2014-01-17 20:20 - 2012-08-09 08:35 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-17 20:20 - 2012-03-28 21:10 - 00000000 ____D C:\Users\Gábinka\AppData\Roaming\Skype
2014-01-16 01:02 - 2012-03-28 19:09 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-16 01:00 - 2012-03-28 19:07 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1500580916-3531426988-457952603-1004UA.job
2014-01-16 00:14 - 2012-04-14 10:25 - 00000000 ____D C:\Users\Gábinka\AppData\Roaming\vlc
2014-01-15 23:00 - 2012-03-28 19:07 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1500580916-3531426988-457952603-1004Core.job
2014-01-15 20:52 - 2014-01-15 20:51 - 759115776 _____ C:\Users\Gábinka\Downloads\Sherlock.S03E01.The.Empty.Hearse.HDTV.XviD.avi
2014-01-15 19:33 - 2014-01-15 19:17 - 115106080 _____ C:\Users\Gábinka\Downloads\New Girl S03E12 HDTV x264-LOL.mp4.crdownload
2014-01-15 19:17 - 2014-01-15 19:17 - 00039538 _____ C:\Users\Gábinka\Downloads\New Girl - 03x12 - Basketsball.LOL.English.C.orig.Addic7ed.com.srt
2014-01-15 17:20 - 2014-01-15 17:20 - 00065995 _____ C:\Users\Gábinka\Downloads\SHERLOCK-S02E03-The-Reichenbach-Fall.zip
2014-01-15 17:19 - 2014-01-15 17:18 - 733941760 _____ C:\Users\Gábinka\Downloads\Sherlock - s02e03 - The Reichenbach Fall.avi
2014-01-14 22:44 - 2014-01-14 22:33 - 255577681 _____ C:\Users\Gábinka\Downloads\Teen Wolf S03E14 HDTV x264-EXCELLENCE.mp4
2014-01-14 22:34 - 2014-01-14 22:34 - 00012884 _____ C:\Users\Gábinka\Downloads\e15478492c28a785e60c689d2bfd7b46108710a2.zip
2014-01-14 18:08 - 2014-01-14 18:05 - 733927424 _____ C:\Users\Gábinka\Downloads\Sherlock-s02e02-The-hounds-of-Baskerville--Pes-Baskervillský-+-cz-titulky.avi.crdownload
2014-01-14 17:58 - 2014-01-14 17:58 - 00074311 _____ C:\Users\Gábinka\Downloads\Sherlock.S02E02.The.Hounds.Of.Baskerville.srt
2014-01-14 17:46 - 2014-01-14 17:45 - 00092386 _____ C:\Users\Gábinka\Downloads\SHERLOCK-S02E02-The-Hounds-of-Baskerville.zip
2014-01-14 07:56 - 2014-01-14 22:34 - 00031920 _____ C:\Users\Gábinka\Downloads\Teen Wolf - 03x14 - More Bad Than Good.EXCELLENCE.English.C.orig.srt
2014-01-13 22:01 - 2014-01-13 21:58 - 734988288 _____ C:\Users\Gábinka\Downloads\Sherlock - s02e01 - A Scandal In Belgravia.avi
2014-01-13 17:13 - 2013-09-04 22:27 - 00000000 ____D C:\Users\Gábinka\Desktop\ipod
2014-01-13 16:54 - 2014-01-13 16:54 - 00049777 _____ C:\Users\Gábinka\Downloads\Pomucka_pro_mzdy_platna_od_ledna_2014_zipped.zip
2014-01-13 16:53 - 2014-01-13 16:53 - 00319283 _____ C:\Users\Gábinka\Downloads\Personalni_cinnost_priklady___zadani_zipped.zip
2014-01-13 16:39 - 2014-01-13 16:39 - 00037376 _____ C:\Users\Gábinka\Downloads\2_DPPO_-_transformace_HV_na_zaklad_dane_-_zadani.xls
2014-01-12 23:42 - 2014-01-13 17:26 - 734037218 _____ C:\Users\Gábinka\Desktop\Sherlock s01e03 - The Great Game.avi.crdownload
2014-01-10 22:15 - 2014-01-10 22:14 - 364904448 _____ C:\Users\Gábinka\Downloads\Pretty-Little-Liars-S04E14---CZtitulky.avi.crdownload
2014-01-09 18:00 - 2014-01-09 17:58 - 147912006 _____ C:\Users\Gábinka\Downloads\New.Girl.S03E11.HDTV.x264-2HD.mp4.crdownload
2014-01-09 17:58 - 2014-01-09 17:58 - 00042192 _____ C:\Users\Gábinka\Downloads\New Girl - 03x11 - Clavado En Un Bar.2HD.English.HI.C.updated.Addic7ed.com.srt
2014-01-07 21:17 - 2014-01-07 21:17 - 00014623 _____ C:\Users\Gábinka\Desktop\APD dopis.odt
2014-01-04 03:27 - 2012-05-02 17:37 - 00000000 ____D C:\Users\Gábinka\Desktop\filmy
2014-01-03 21:28 - 2014-01-03 21:27 - 00000000 ____D C:\Users\Gábinka\Desktop\škola
2013-12-30 11:04 - 2014-01-15 17:20 - 00082456 _____ C:\Users\Gábinka\Downloads\SHERLOCK S02E03 - The Reichenbach Fall (HDTV).srt
2013-12-30 11:02 - 2014-01-15 17:20 - 00077899 _____ C:\Users\Gábinka\Downloads\SHERLOCK S02E03 - The Reichenbach Fall (BRrip).srt
2013-12-29 21:15 - 2014-01-15 17:20 - 00000187 _____ C:\Users\Gábinka\Downloads\SHERLOCK S02E03 - Pasující verze.txt
2013-12-29 21:05 - 2014-01-14 17:46 - 00074228 _____ C:\Users\Gábinka\Downloads\SHERLOCK S02E02 - The Hounds of Baskerville (HDTV).srt
2013-12-29 21:05 - 2014-01-14 17:46 - 00074227 _____ C:\Users\Gábinka\Downloads\SHERLOCK S02E02 - The Hounds of Baskerville (BRrip).srt
2013-12-29 21:04 - 2014-01-14 17:46 - 00074227 _____ C:\Users\Gábinka\Downloads\SHERLOCK S02E02 - The Hounds of Baskerville (Blu-ray).srt
2013-12-29 21:02 - 2014-01-14 17:46 - 00000532 _____ C:\Users\Gábinka\Downloads\SHERLOCK S02E02 - Pasující verze.txt

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-10 23:26

==================== End Of Log ============================

[Rudy]

Zdravím!

Otevřte poznámkový blok a zkopírujte do něj:

Start
BHO: No Name - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1500580916-3531426988-457952603-1004UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1500580916-3531426988-457952603-1004Core.job
End

Uložte do C:\Users\Gábinka\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Nepředpokládám, že by toto mohl být nějaký závažný problém. Po skončení akce dejte ještě log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[Vhaveja]

Log z FRST přikládám, jdu spustit combofix.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-01-2014 02
Ran by Gábinka at 2014-01-17 21:28:29 Run:1
Running from C:\Users\Gábinka\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
BHO: No Name - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1500580916-3531426988-457952603-1004UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1500580916-3531426988-457952603-1004Core.job
End
*****************

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => Key deleted successfully.
HKCR\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => Key not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1500580916-3531426988-457952603-1004UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1500580916-3531426988-457952603-1004Core.job => Moved successfully.

==== End of Fixlog ====

[Vhaveja]

Zde log z combofixu

ComboFix 14-01-16.03 - Gábinka 17.01.2014 21:34:05.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3838.2729 [GMT 1:00]
Spuštěný z: c:\users\Gßbinka\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-17 do 2014-01-17 )))))))))))))))))))))))))))))))
.
.
2014-01-17 20:42 . 2014-01-17 20:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-17 20:40 . 2014-01-17 20:40 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8401A5A3-12F3-48CC-BF23-56DCC428FC90}\offreg.dll
2014-01-17 19:49 . 2014-01-17 19:49 -------- d-----w- C:\FRST
2014-01-17 19:29 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8401A5A3-12F3-48CC-BF23-56DCC428FC90}\mpengine.dll
2014-01-15 19:55 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 19:55 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 19:55 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 19:55 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 19:55 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 19:55 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 19:55 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-15 19:55 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-15 19:55 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-17 19:20 . 2012-08-09 07:35 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-12-04 04:18 . 2013-12-04 04:18 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-04 04:18 . 2013-12-04 04:18 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-04 04:18 . 2013-12-04 04:18 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-04 04:18 . 2013-12-04 04:18 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-04 04:18 . 2013-12-04 04:18 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-04 04:18 . 2013-12-04 04:18 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-04 04:18 . 2013-12-04 04:18 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-04 04:18 . 2013-12-04 04:18 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-04 04:18 . 2013-12-04 04:18 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-12-04 04:18 . 2013-12-04 04:18 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-12-04 04:18 . 2013-12-04 04:18 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-04 04:18 . 2013-12-04 04:18 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-12-04 04:18 . 2013-12-04 04:18 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-04 04:18 . 2013-12-04 04:18 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-04 04:18 . 2013-12-04 04:18 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-04 04:18 . 2013-12-04 04:18 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-04 04:18 . 2013-12-04 04:18 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-04 04:18 . 2013-12-04 04:18 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-04 04:18 . 2013-12-04 04:18 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-04 04:18 . 2013-12-04 04:18 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-04 04:18 . 2013-12-04 04:18 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-04 04:18 . 2013-12-04 04:18 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-12-04 04:18 . 2013-12-04 04:18 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-04 04:18 . 2013-12-04 04:18 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-04 04:18 . 2013-12-04 04:18 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-04 04:18 . 2013-12-04 04:18 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-04 04:18 . 2013-12-04 04:18 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-04 04:18 . 2013-12-04 04:18 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-04 04:18 . 2013-12-04 04:18 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-04 04:18 . 2013-12-04 04:18 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-04 04:18 . 2013-12-04 04:18 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-04 04:18 . 2013-12-04 04:18 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-04 04:18 . 2013-12-04 04:18 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-12-04 04:18 . 2013-12-04 04:18 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-04 04:18 . 2013-12-04 04:18 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-04 04:18 . 2013-12-04 04:18 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-12-04 04:18 . 2013-12-04 04:18 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-04 04:18 . 2013-12-04 04:18 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-04 04:18 . 2013-12-04 04:18 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-04 04:18 . 2013-12-04 04:18 413696 ----a-w- c:\windows\system32\html.iec
2013-12-04 04:18 . 2013-12-04 04:18 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-04 04:18 . 2013-12-04 04:18 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-04 04:18 . 2013-12-04 04:18 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-04 04:18 . 2013-12-04 04:18 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-04 04:18 . 2013-12-04 04:18 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-04 04:18 . 2013-12-04 04:18 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-04 04:18 . 2013-12-04 04:18 235520 ----a-w- c:\windows\system32\url.dll
2013-12-04 04:18 . 2013-12-04 04:18 195584 ----a-w- c:\windows\system32\msrating.dll
2013-12-04 04:18 . 2013-12-04 04:18 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-04 04:18 . 2013-12-04 04:18 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-04 04:18 . 2013-12-04 04:18 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-04 04:18 . 2013-12-04 04:18 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-04 04:18 . 2013-12-04 04:18 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-04 04:18 . 2013-12-04 04:18 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-04 04:18 . 2013-12-04 04:18 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-04 04:18 . 2013-12-04 04:18 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-04 04:18 . 2013-12-04 04:18 101376 ----a-w- c:\windows\system32\inseng.dll
2013-12-04 04:18 . 2013-12-04 04:18 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-04 04:18 . 2013-12-04 04:18 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 11:54 . 2013-12-13 02:05 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-13 02:05 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-13 02:05 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-13 02:05 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-13 02:05 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-13 02:05 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-13 02:05 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-13 02:05 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-13 02:05 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-13 02:05 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-13 02:05 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-13 02:05 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-13 02:05 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-13 02:05 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-13 02:04 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-13 02:05 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-13 02:04 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-13 02:05 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-13 02:05 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-13 02:05 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-13 02:05 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-13 02:05 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-13 02:05 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-13 02:05 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-12 02:42 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-12 02:42 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-19 02:33 . 2012-07-05 08:09 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-12 02:23 . 2013-12-12 02:42 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-12 02:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-10-30 02:32 . 2013-12-12 02:42 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-10-30 02:19 . 2013-12-12 02:42 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-26 102400]
"OOTag"="c:\program files (x86)\Acer\OOBEOffer\OOTag.exe" [2010-02-23 13856]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-11-26 830032]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-25 1129760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 PCDSRVC{5368CD8C-E7E1FAF1-06020200}_0;PCDSRVC{5368CD8C-E7E1FAF1-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\users\admini~1\appdata\local\temp\zffjg6e4dzuu\pcdrdiag\bin\pcdsrvc_x64.pkms;c:\users\admini~1\appdata\local\temp\zffjg6e4dzuu\pcdrdiag\bin\pcdsrvc_x64.pkms [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-28 18:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-13 11046504]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-26 818720]
"OOTag"="c:\program files (x86)\Acer\OOBEOffer\ootag.exe" [2010-02-23 13856]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-05-21 295936]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-09 206208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=ferrari_one_200&r=27360312i306l04e3z1m6j58n1i42p
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 10.100.100.8:3128
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{5368CD8C-E7E1FAF1-06020200}_0]
"ImagePath"="\??\c:\users\admini~1\appdata\local\temp\zffjg6e4dzuu\pcdrdiag\bin\pcdsrvc_x64.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-01-17 21:44:53
ComboFix-quarantined-files.txt 2014-01-17 20:44
.
Před spuštěním: Volných bajtů: 362 911 969 280
Po spuštění: Volných bajtů: 362 537 459 712
.
- - End Of File - - D5AED9F9DE17EF9F821A17C571C83C30
A36C5E4F47E84449FF07ED3517B43A31

[Vhaveja]

Našlo se něco prosím?

[Rudy]

Omlouvám se, nějak jste mi unikl. Přesuňte ComboFix na kořenový adresář c:\. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

File::
c:\users\admini~1\appdata\local\temp\zffjg6e4dzuu\pcdrdiag\bin\pcdsrvc_x64.pkms
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

Driver::
PCDSRVC{5368CD8C-E7E1FAF1-06020200}_0

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte rovněž na kořenový adresář c:\ jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[Vhaveja]

Dobrý den,

Děkuji za odpověď, jsem teď po restore systému do původního stavu a řeším další věc s kolegou.

[Rudy]

OK. Zamykám.