notebook - zavšivený (viry, spyware)

Zpráva

termat · #1 Příspěvek od **termat** » 04 čer 2014 18:01

Zdravím všechny rádce,

prosím o pomoc....švagr mi svěřil notebook, HP Probook 4510, Win 7, je totálně zpomalený, kliknu kamkoliv a čekám 3 minuty na odpověď.
Prostě je asi úúúplně zavirovaný..Právě (po půl hodině) se mi podařilo stáhnout RSIT ale když běžel přes hodinu, nevydržela jsem a restartovala notebook a spustila nouzový režim..POdařilo se mi spustit RSIT a tady je log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Macák at 2014-06-04 18:50:41
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 42 GB (9%) free of 476 GB
Total RAM: 3036 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:51:00, on 4.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe
C:\Users\Macák\Downloads\RSIT.exe
C:\Program Files\trend micro\Macák.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15788&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Macák\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\system32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Macák\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 5832 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5, personas@christopher.beard:1.6.2, radiobar@toolbar:1.0.0, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25, {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll

C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\extensions\
radiobar@toolbar

C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\
askcom.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-08 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]
DefaultTab Browser Helper - C:\Users\Macák\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll [2014-02-05 468600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-06-03 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"M-Audio Taskbar Icon"=C:\Windows\system32\M-AudioTaskBarIcon.exe [2009-10-02 643592]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-03 500208]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-01-20 43848]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2565520]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1612920]
"IJNetworkScannerSelectorEX"=C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-01-20 152392]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-06-03 3888648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe silent []
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden []

C:\Users\Macák\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Macák\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux4"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux3"=wdmaud.drv
"aux5"=wdmaud.drv
"aux6"=wdmaud.drv
"aux7"=wdmaud.drv
"Midi"=wdmaud.drv
"midi1"=wdmaud.drv
"midi2"=wdmaud.drv
"midi3"=wdmaud.drv
"midi4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-06-04 18:48:42 ----A---- C:\Windows\ntbtlog.txt
2014-06-04 18:22:45 ----D---- C:\Program Files\trend micro
2014-06-04 18:20:57 ----D---- C:\rsit
2014-06-03 21:19:07 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-06-03 21:18:46 ----A---- C:\Windows\avastSS.scr
2014-06-03 19:00:37 ----D---- C:\Temp
2014-05-25 15:22:49 ----N---- C:\bootsqm.dat
2014-05-17 17:38:40 ----D---- C:\Program Files\Common Files\DESIGNER
2014-05-17 17:34:05 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-17 17:34:03 ----A---- C:\Windows\system32\mshtml.dll
2014-05-15 12:30:43 ----A---- C:\Windows\system32\aepdu.dll
2014-05-15 12:30:42 ----A---- C:\Windows\system32\aeinv.dll
2014-05-15 12:30:28 ----A---- C:\Windows\system32\ntkrnlpa.exe
2014-05-15 12:30:27 ----A---- C:\Windows\system32\kerberos.dll
2014-05-15 12:30:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-15 12:30:25 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-15 12:30:24 ----A---- C:\Windows\system32\winlogon.exe
2014-05-15 12:30:24 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-15 12:30:23 ----A---- C:\Windows\system32\objsel.dll
2014-05-15 12:30:22 ----A---- C:\Windows\system32\wdigest.dll
2014-05-15 12:30:22 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-15 12:30:22 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\schannel.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-15 12:30:19 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-15 12:30:19 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\adprovider.dll
2014-05-15 12:30:18 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-15 12:30:18 ----A---- C:\Windows\system32\sspicli.dll
2014-05-15 12:30:18 ----A---- C:\Windows\system32\lsass.exe
2014-05-15 12:30:18 ----A---- C:\Windows\system32\credssp.dll
2014-05-15 12:30:17 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-15 12:30:17 ----A---- C:\Windows\system32\secur32.dll
2014-05-15 12:29:40 ----A---- C:\Windows\system32\shell32.dll
2014-05-11 16:37:58 ----D---- C:\Program Files\Mozilla Firefox
2014-05-06 23:07:10 ----SD---- C:\Windows\system32\CompatTel

======List of files/folders modified in the last 1 month======

2014-06-04 18:48:42 ----D---- C:\Windows
2014-06-04 18:47:45 ----D---- C:\Windows\Temp
2014-06-04 18:47:45 ----D---- C:\Windows\system32\config
2014-06-04 18:22:45 ----RD---- C:\Program Files
2014-06-04 17:44:00 ----D---- C:\Users\Macák\AppData\Roaming\Dropbox
2014-06-04 17:42:57 ----D---- C:\Users\Macák\AppData\Roaming\DropboxMaster
2014-06-04 12:38:36 ----SHD---- C:\System Volume Information
2014-06-04 11:02:19 ----D---- C:\Windows\system32\drivers
2014-06-03 21:19:25 ----D---- C:\Windows\system32\Tasks
2014-06-03 21:18:46 ----A---- C:\Windows\system32\aswBoot.exe
2014-06-03 18:07:41 ----SHD---- C:\Windows\Installer
2014-06-03 18:07:41 ----D---- C:\Program Files\Common Files
2014-06-03 18:07:38 ----D---- C:\Program Files\Zoner
2014-05-28 09:13:10 ----D---- C:\Program Files\Canon
2014-05-27 23:27:14 ----D---- C:\Windows\system32\catroot
2014-05-27 23:27:10 ----ASD---- C:\ProgramData\Microsoft
2014-05-27 23:26:39 ----D---- C:\Program Files\Common Files\Digidesign
2014-05-27 23:25:17 ----HD---- C:\ProgramData
2014-05-27 23:20:21 ----HD---- C:\Program Files\InstallShield Installation Information
2014-05-21 21:40:43 ----D---- C:\Windows\Microsoft.NET
2014-05-21 21:36:01 ----RSD---- C:\Windows\assembly
2014-05-18 11:05:05 ----D---- C:\Windows\winsxs
2014-05-18 11:01:22 ----D---- C:\Windows\System32
2014-05-18 11:01:20 ----D---- C:\Windows\system32\cs-CZ
2014-05-17 18:37:32 ----D---- C:\Windows\system32\MRT
2014-05-17 17:39:14 ----A---- C:\Windows\system32\MRT.exe
2014-05-17 17:38:49 ----D---- C:\ProgramData\Microsoft Help
2014-05-17 17:34:13 ----D---- C:\Windows\system32\catroot2
2014-05-14 16:50:59 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-05-14 07:42:32 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-05-11 08:48:44 ----D---- C:\Users\Macák\AppData\Roaming\vlc
2014-05-07 08:56:28 ----D---- C:\Program Files\Mozilla Thunderbird

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2010-06-15 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 TPkd;TPkd; C:\Windows\system32\drivers\TPkd.sys [2009-05-21 90472]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-05-09 21576]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2010-06-15 33848]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-06-03 49944]
S0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-06-03 180632]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-11-16 428088]
S1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-06-03 81768]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-06-03 777488]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-06-03 411680]
S1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
S2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-06-03 24184]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-06-03 67824]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-06-03 68312]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BCM43XX;Broadcom 802.11 – ovladač síťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-14 1131008]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-12-19 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-12-19 25200]
S3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys []
S3 gMouUsb;USB Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102912]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 MAUSBFASTTRACK;Service for M-Audio FastTrack; C:\Windows\system32\DRIVERS\MAudioFastTrack.sys [2009-10-02 158344]
S3 MAUSBFT;Service for M-Audio Fast Track USB (WDM); C:\Windows\system32\DRIVERS\mausbft.sys []
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2013-07-25 18944]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-06-03 50344]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\Macák\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [2013-11-19 107520]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-25 116648]
S2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2010-06-15 26168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-25 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 108032]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-01-20 553288]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-11 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 04 čer 2014 18:10

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

termat · #3 Příspěvek od **termat** » 04 čer 2014 18:39

Takže bylo to trochu komplikovanější, ale zadařilo se, ale zase to muselo být z nouzového režimu..byly tam dva logy, tady je první S0:
# AdwCleaner v3.211 - Report created 04/06/2014 at 19:15:13
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Macák - MACÁK-PC
# Running from : C:\Users\Macák\Downloads\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : DefaultTabUpdate

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Program Files\DefaultTab
Folder Deleted : C:\Program Files\ICQ6Toolbar
Folder Deleted : C:\Users\Macák\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\ICQToolbarData
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\Extensions\addon@defaulttab.com.xpi
File Deleted : C:\Users\MACK~1\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-11.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-12.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-13.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-14.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-15.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-16.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-17.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-18.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-19.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-20.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Windows\System32\Tasks\DTReg

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6213387F-42A7-45D4-988C-970535913F0A}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6213387F-42A7-45D4-988C-970535913F0A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]

-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", true);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Deleted : user_pref("icqtoolbar.history", "odpady%20ve%20starov%C4%9Bku||odpady%20ve%20st%C5%99edov%C4%9Bku||historie%20nakl%C3%A1d%C3%A1n%C3%AD%20s%20odpady||odpady%20historie||recyklace%20historie||FENDER%20F[...]
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "3.6.28");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "125727203712572720361257279446259");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1345474453);
Line Deleted : user_pref("icqtoolbar.version", "1.1.5");
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");

-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Macák\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc

*************************

AdwCleaner[R0].txt - [9299 octets] - [04/06/2014 19:14:06]
AdwCleaner[S0].txt - [9247 octets] - [04/06/2014 19:15:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9307 octets] ##########

termat · #4 Příspěvek od **termat** » 04 čer 2014 18:39

a tady je ten druhý R0:

# AdwCleaner v3.211 - Report created 04/06/2014 at 19:14:06
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Macák - MACÁK-PC
# Running from : C:\Users\Macák\Downloads\adwcleaner_3.211.exe
# Option : Scan

***** [ Services ] *****

Service Found : DefaultTabUpdate

***** [ Files / Folders ] *****

File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\Extensions\addon@defaulttab.com.xpi
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\Askcom.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-10.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-11.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-12.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-13.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-14.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-15.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-16.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-17.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-18.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-19.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-20.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-3.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-4.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-5.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-6.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-7.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-8.xml
File Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\searchplugins\icqplugin-9.xml
File Found : C:\Users\MACK~1\AppData\Local\Temp\Uninstall.exe
File Found : C:\Windows\System32\Tasks\DTReg
Folder Found : C:\Program Files\DefaultTab
Folder Found : C:\Program Files\ICQ6Toolbar
Folder Found : C:\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\Users\Macák\AppData\Roaming\DefaultTab
Folder Found : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\ICQToolbarData

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKCU\Software\AppDataLow\Software\DefaultTab
Key Found : HKCU\Software\Default Tab
Key Found : HKCU\Software\DefaultTab
Key Found : HKCU\Software\dt soft\daemon tools toolbar
Key Found : HKCU\Software\ICQ\ICQToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Found : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Found : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Found : HKLM\Software\Default Tab
Key Found : HKLM\Software\DefaultTab
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6213387F-42A7-45D4-988C-970535913F0A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6213387F-42A7-45D4-988C-970535913F0A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://eu.ask.com?o=15788&l=dis
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://start.icq.com/

-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\prefs.js ]

Line Found : user_pref("browser.search.order.1", "Ask.com");
Line Found : user_pref("icqtoolbar.allowSendURL", false);
Line Found : user_pref("icqtoolbar.engineVerified", true);
Line Found : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Found : user_pref("icqtoolbar.history", "odpady%20ve%20starov%C4%9Bku||odpady%20ve%20st%C5%99edov%C4%9Bku||historie%20nakl%C3%A1d%C3%A1n%C3%AD%20s%20odpady||odpady%20historie||recyklace%20historie||FENDER%20F[...]
Line Found : user_pref("icqtoolbar.installsource", "1");
Line Found : user_pref("icqtoolbar.numberOfSearches", 0);
Line Found : user_pref("icqtoolbar.previousFFVersion", "3.6.28");
Line Found : user_pref("icqtoolbar.skip_default_search", "no");
Line Found : user_pref("icqtoolbar.suggestions", false);
Line Found : user_pref("icqtoolbar.uniqueID", "125727203712572720361257279446259");
Line Found : user_pref("icqtoolbar.usageStatstTimestamp", 1345474453);
Line Found : user_pref("icqtoolbar.version", "1.1.5");
Line Found : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Found : user_pref("icqtoolbar.xmlLanguage", "cs");

-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Macák\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc

*************************

AdwCleaner[R0].txt - [9159 octets] - [04/06/2014 19:14:06]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9219 octets] ##########

#5 Příspěvek od **Rudy** » 04 čer 2014 19:14

Klikněte na >clean<, nechte proběhnout mazání a restartujte PC. Dejte nový log RSIT.

termat · #6 Příspěvek od **termat** » 04 čer 2014 19:51

hotovo, log R1:

# AdwCleaner v3.211 - Report created 04/06/2014 at 20:25:37
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Macák - MACÁK-PC
# Running from : C:\Users\Macák\Downloads\adwcleaner_3.211.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\prefs.js ]

-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Macák\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [9299 octets] - [04/06/2014 19:14:06]
AdwCleaner[R1].txt - [900 octets] - [04/06/2014 20:25:43]
AdwCleaner[S0].txt - [9387 octets] - [04/06/2014 19:15:13]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1019 octets] ##########

termat · #7 Příspěvek od **termat** » 04 čer 2014 19:51

log S1:
# AdwCleaner v3.211 - Report created 04/06/2014 at 20:45:41
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Macák - MACÁK-PC
# Running from : C:\Users\Macák\Downloads\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\prefs.js ]

-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Macák\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [9299 octets] - [04/06/2014 19:14:06]
AdwCleaner[R1].txt - [1099 octets] - [04/06/2014 20:25:43]
AdwCleaner[S0].txt - [9387 octets] - [04/06/2014 19:15:13]
AdwCleaner[S1].txt - [1023 octets] - [04/06/2014 20:45:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1083 octets] ##########

#8 Příspěvek od **Rudy** » 04 čer 2014 20:16

Rudy píše:Dejte nový log RSIT.

termat · #9 Příspěvek od **termat** » 04 čer 2014 20:23

zase v nouzovém režimu:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Macák at 2014-06-04 21:19:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 50 GB (11%) free of 476 GB
Total RAM: 3036 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:19:59, on 4.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Users\Macák\Downloads\RSIT.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\trend micro\Macák.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\system32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\RunOnce: [Report] C:\AdwCleaner\AdwCleaner[S1].txt
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 5597 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5, personas@christopher.beard:1.6.2, radiobar@toolbar:1.0.0, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25, {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll

C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\extensions\
radiobar@toolbar

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-08 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-06-03 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"M-Audio Taskbar Icon"=C:\Windows\system32\M-AudioTaskBarIcon.exe [2009-10-02 643592]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-03 500208]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-01-20 43848]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2565520]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1612920]
"IJNetworkScannerSelectorEX"=C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-01-20 152392]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-06-03 3888648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe silent []
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=C:\AdwCleaner\AdwCleaner[S1].txt [2014-06-04 1163]

C:\Users\Macák\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Macák\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux4"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux3"=wdmaud.drv
"aux5"=wdmaud.drv
"aux6"=wdmaud.drv
"aux7"=wdmaud.drv
"Midi"=wdmaud.drv
"midi1"=wdmaud.drv
"midi2"=wdmaud.drv
"midi3"=wdmaud.drv
"midi4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-06-04 20:49:46 ----A---- C:\Windows\system32\PerfStringBackup.TMP
2014-06-04 19:14:04 ----D---- C:\AdwCleaner
2014-06-04 18:48:42 ----A---- C:\Windows\ntbtlog.txt
2014-06-04 18:22:45 ----D---- C:\Program Files\trend micro
2014-06-04 18:20:57 ----D---- C:\rsit
2014-06-03 21:19:07 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-06-03 21:18:46 ----A---- C:\Windows\avastSS.scr
2014-06-03 19:00:37 ----D---- C:\Temp
2014-05-25 15:22:49 ----N---- C:\bootsqm.dat
2014-05-17 17:38:40 ----D---- C:\Program Files\Common Files\DESIGNER
2014-05-17 17:34:05 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-17 17:34:03 ----A---- C:\Windows\system32\mshtml.dll
2014-05-15 12:30:43 ----A---- C:\Windows\system32\aepdu.dll
2014-05-15 12:30:42 ----A---- C:\Windows\system32\aeinv.dll
2014-05-15 12:30:28 ----A---- C:\Windows\system32\ntkrnlpa.exe
2014-05-15 12:30:27 ----A---- C:\Windows\system32\kerberos.dll
2014-05-15 12:30:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-15 12:30:25 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-15 12:30:24 ----A---- C:\Windows\system32\winlogon.exe
2014-05-15 12:30:24 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-15 12:30:23 ----A---- C:\Windows\system32\objsel.dll
2014-05-15 12:30:22 ----A---- C:\Windows\system32\wdigest.dll
2014-05-15 12:30:22 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-15 12:30:22 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\schannel.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-15 12:30:19 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-15 12:30:19 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\adprovider.dll
2014-05-15 12:30:18 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-15 12:30:18 ----A---- C:\Windows\system32\sspicli.dll
2014-05-15 12:30:18 ----A---- C:\Windows\system32\lsass.exe
2014-05-15 12:30:18 ----A---- C:\Windows\system32\credssp.dll
2014-05-15 12:30:17 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-15 12:30:17 ----A---- C:\Windows\system32\secur32.dll
2014-05-15 12:29:40 ----A---- C:\Windows\system32\shell32.dll
2014-05-11 16:37:58 ----D---- C:\Program Files\Mozilla Firefox
2014-05-06 23:07:10 ----SD---- C:\Windows\system32\CompatTel

======List of files/folders modified in the last 1 month======

2014-06-04 21:19:49 ----D---- C:\Windows\Temp
2014-06-04 20:49:46 ----D---- C:\Windows\System32
2014-06-04 19:29:54 ----D---- C:\Windows\inf
2014-06-04 19:29:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-04 19:28:39 ----D---- C:\Users\Macák\AppData\Roaming\Dropbox
2014-06-04 19:28:24 ----D---- C:\Users\Macák\AppData\Roaming\DropboxMaster
2014-06-04 19:15:16 ----D---- C:\Windows\system32\Tasks
2014-06-04 19:15:15 ----RD---- C:\Program Files
2014-06-04 19:15:15 ----HD---- C:\ProgramData
2014-06-04 18:48:42 ----D---- C:\Windows
2014-06-04 18:47:45 ----D---- C:\Windows\system32\config
2014-06-04 12:38:36 ----SHD---- C:\System Volume Information
2014-06-04 11:02:19 ----D---- C:\Windows\system32\drivers
2014-06-03 21:18:46 ----A---- C:\Windows\system32\aswBoot.exe
2014-06-03 18:07:41 ----SHD---- C:\Windows\Installer
2014-06-03 18:07:41 ----D---- C:\Program Files\Common Files
2014-06-03 18:07:38 ----D---- C:\Program Files\Zoner
2014-05-28 09:13:10 ----D---- C:\Program Files\Canon
2014-05-27 23:27:14 ----D---- C:\Windows\system32\catroot
2014-05-27 23:27:10 ----ASD---- C:\ProgramData\Microsoft
2014-05-27 23:26:39 ----D---- C:\Program Files\Common Files\Digidesign
2014-05-27 23:20:21 ----HD---- C:\Program Files\InstallShield Installation Information
2014-05-21 21:40:43 ----D---- C:\Windows\Microsoft.NET
2014-05-21 21:36:01 ----RSD---- C:\Windows\assembly
2014-05-18 11:05:05 ----D---- C:\Windows\winsxs
2014-05-18 11:01:20 ----D---- C:\Windows\system32\cs-CZ
2014-05-17 18:37:32 ----D---- C:\Windows\system32\MRT
2014-05-17 17:39:14 ----A---- C:\Windows\system32\MRT.exe
2014-05-17 17:38:49 ----D---- C:\ProgramData\Microsoft Help
2014-05-17 17:34:13 ----D---- C:\Windows\system32\catroot2
2014-05-14 16:50:59 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-05-14 07:42:32 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-05-11 08:48:44 ----D---- C:\Users\Macák\AppData\Roaming\vlc
2014-05-07 08:56:28 ----D---- C:\Program Files\Mozilla Thunderbird

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2010-06-15 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 TPkd;TPkd; C:\Windows\system32\drivers\TPkd.sys [2009-05-21 90472]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-05-09 21576]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-06-03 81768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2010-06-15 33848]
R3 BCM43XX;Broadcom 802.11 – ovladač síťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-14 1131008]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-06-03 49944]
S0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-06-03 180632]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-11-16 428088]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-06-03 777488]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-06-03 411680]
S2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-06-03 24184]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-06-03 67824]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-06-03 68312]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-12-19 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-12-19 25200]
S3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys []
S3 gMouUsb;USB Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102912]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 MAUSBFASTTRACK;Service for M-Audio FastTrack; C:\Windows\system32\DRIVERS\MAudioFastTrack.sys [2009-10-02 158344]
S3 MAUSBFT;Service for M-Audio Fast Track USB (WDM); C:\Windows\system32\DRIVERS\mausbft.sys []
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2013-07-25 18944]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-06-03 50344]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-25 116648]
S2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2010-06-15 26168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-25 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 108032]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-01-20 553288]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-11 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#10 Příspěvek od **Rudy** » 04 čer 2014 21:05

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

termat · #11 Příspěvek od **termat** » 05 čer 2014 06:39

hotovo..tady je log po restartu:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Macák at 2014-06-05 07:37:33
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 51 GB (11%) free of 476 GB
Total RAM: 3036 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:37:45, on 5.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Macák\Downloads\RSIT.exe
C:\Program Files\trend micro\Macák.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\system32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 5608 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5, personas@christopher.beard:1.6.2, radiobar@toolbar:1.0.0, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25, {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll

C:\Users\Macák\AppData\Roaming\Mozilla\Firefox\Profiles\tqq18wc1.default\extensions\
radiobar@toolbar

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-08 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-06-03 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"M-Audio Taskbar Icon"=C:\Windows\system32\M-AudioTaskBarIcon.exe [2009-10-02 643592]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-03 500208]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-01-20 43848]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2565520]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1612920]
"IJNetworkScannerSelectorEX"=C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-01-20 152392]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-06-03 3888648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe silent []
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden []

C:\Users\Macák\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Macák\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux4"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux3"=wdmaud.drv
"aux5"=wdmaud.drv
"aux6"=wdmaud.drv
"aux7"=wdmaud.drv
"Midi"=wdmaud.drv
"midi1"=wdmaud.drv
"midi2"=wdmaud.drv
"midi3"=wdmaud.drv
"midi4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-06-05 07:28:54 ----D---- C:\_OTM
2014-06-04 19:14:04 ----D---- C:\AdwCleaner
2014-06-04 18:48:42 ----A---- C:\Windows\ntbtlog.txt
2014-06-04 18:22:45 ----D---- C:\Program Files\trend micro
2014-06-04 18:20:57 ----D---- C:\rsit
2014-06-03 21:19:07 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-06-03 21:18:46 ----A---- C:\Windows\avastSS.scr
2014-06-03 19:00:37 ----D---- C:\Temp
2014-05-25 15:22:49 ----N---- C:\bootsqm.dat
2014-05-17 17:38:40 ----D---- C:\Program Files\Common Files\DESIGNER
2014-05-17 17:34:05 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-17 17:34:03 ----A---- C:\Windows\system32\mshtml.dll
2014-05-15 12:30:43 ----A---- C:\Windows\system32\aepdu.dll
2014-05-15 12:30:42 ----A---- C:\Windows\system32\aeinv.dll
2014-05-15 12:30:28 ----A---- C:\Windows\system32\ntkrnlpa.exe
2014-05-15 12:30:27 ----A---- C:\Windows\system32\kerberos.dll
2014-05-15 12:30:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-15 12:30:25 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-15 12:30:24 ----A---- C:\Windows\system32\winlogon.exe
2014-05-15 12:30:24 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-15 12:30:23 ----A---- C:\Windows\system32\objsel.dll
2014-05-15 12:30:22 ----A---- C:\Windows\system32\wdigest.dll
2014-05-15 12:30:22 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-15 12:30:22 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\schannel.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-15 12:30:19 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-15 12:30:19 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-15 12:30:19 ----A---- C:\Windows\system32\adprovider.dll
2014-05-15 12:30:18 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-15 12:30:18 ----A---- C:\Windows\system32\sspicli.dll
2014-05-15 12:30:18 ----A---- C:\Windows\system32\lsass.exe
2014-05-15 12:30:18 ----A---- C:\Windows\system32\credssp.dll
2014-05-15 12:30:17 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-15 12:30:17 ----A---- C:\Windows\system32\secur32.dll
2014-05-15 12:29:40 ----A---- C:\Windows\system32\shell32.dll
2014-05-11 16:37:58 ----D---- C:\Program Files\Mozilla Firefox
2014-05-06 23:07:10 ----SD---- C:\Windows\system32\CompatTel

======List of files/folders modified in the last 1 month======

2014-06-05 07:37:35 ----D---- C:\Windows\Temp
2014-06-05 07:30:06 ----D---- C:\Windows\System32
2014-06-05 07:28:55 ----D---- C:\Windows\Tasks
2014-06-04 19:29:54 ----D---- C:\Windows\inf
2014-06-04 19:29:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-04 19:28:39 ----D---- C:\Users\Macák\AppData\Roaming\Dropbox
2014-06-04 19:28:24 ----D---- C:\Users\Macák\AppData\Roaming\DropboxMaster
2014-06-04 19:15:16 ----D---- C:\Windows\system32\Tasks
2014-06-04 19:15:15 ----RD---- C:\Program Files
2014-06-04 19:15:15 ----HD---- C:\ProgramData
2014-06-04 18:48:42 ----D---- C:\Windows
2014-06-04 18:47:45 ----D---- C:\Windows\system32\config
2014-06-04 12:38:36 ----SHD---- C:\System Volume Information
2014-06-04 11:02:19 ----D---- C:\Windows\system32\drivers
2014-06-03 21:18:46 ----A---- C:\Windows\system32\aswBoot.exe
2014-06-03 18:07:41 ----SHD---- C:\Windows\Installer
2014-06-03 18:07:41 ----D---- C:\Program Files\Common Files
2014-06-03 18:07:38 ----D---- C:\Program Files\Zoner
2014-05-28 09:13:10 ----D---- C:\Program Files\Canon
2014-05-27 23:27:14 ----D---- C:\Windows\system32\catroot
2014-05-27 23:27:10 ----ASD---- C:\ProgramData\Microsoft
2014-05-27 23:26:39 ----D---- C:\Program Files\Common Files\Digidesign
2014-05-27 23:20:21 ----HD---- C:\Program Files\InstallShield Installation Information
2014-05-21 21:40:43 ----D---- C:\Windows\Microsoft.NET
2014-05-21 21:36:01 ----RSD---- C:\Windows\assembly
2014-05-18 11:05:05 ----D---- C:\Windows\winsxs
2014-05-18 11:01:20 ----D---- C:\Windows\system32\cs-CZ
2014-05-17 18:37:32 ----D---- C:\Windows\system32\MRT
2014-05-17 17:39:14 ----A---- C:\Windows\system32\MRT.exe
2014-05-17 17:38:49 ----D---- C:\ProgramData\Microsoft Help
2014-05-17 17:34:13 ----D---- C:\Windows\system32\catroot2
2014-05-14 16:50:59 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-05-14 07:42:32 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-05-11 08:48:44 ----D---- C:\Users\Macák\AppData\Roaming\vlc
2014-05-07 08:56:28 ----D---- C:\Program Files\Mozilla Thunderbird

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2010-06-15 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 TPkd;TPkd; C:\Windows\system32\drivers\TPkd.sys [2009-05-21 90472]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-05-09 21576]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-06-03 81768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2010-06-15 33848]
R3 BCM43XX;Broadcom 802.11 – ovladač síťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-14 1131008]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-06-03 49944]
S0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-06-03 180632]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-11-16 428088]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-06-03 777488]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-06-03 411680]
S2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-06-03 24184]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-06-03 67824]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-06-03 68312]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-12-19 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-12-19 25200]
S3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys []
S3 gMouUsb;USB Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102912]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 MAUSBFASTTRACK;Service for M-Audio FastTrack; C:\Windows\system32\DRIVERS\MAudioFastTrack.sys [2009-10-02 158344]
S3 MAUSBFT;Service for M-Audio Fast Track USB (WDM); C:\Windows\system32\DRIVERS\mausbft.sys []
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2013-07-25 18944]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-06-03 50344]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-25 116648]
S2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2010-06-15 26168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-25 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 108032]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-01-20 553288]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-11 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#12 Příspěvek od **Rudy** » 05 čer 2014 17:29

Dvouklikem na soubor C:\Program Files\trend micro\Macák.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R3 - URLSearchHook: (no name) - - (no file)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

termat · #13 Příspěvek od **termat** » 06 čer 2014 06:00

Hotovo..
Notebook jsem nechala naběhnout do normálního stavu (né nouzového) a je stále zabržděný..
Ikony na ploše se zobrazovaly 5 minut..

Když to nechám resetovat a naběhnout do Nouzového stavu, tak to je trochu lepší než dřív..
..co dál?

#14 Příspěvek od **Rudy** » 06 čer 2014 17:53

Je-li to možné, zkuste obnovu systému k datu,kdy korektně fungoval.

termat · #15 Příspěvek od **termat** » 06 čer 2014 18:01

Bohužel, není žádný bod obnovy v notebooku.
Na systémové jednotce nebyly vytvořeny žádné body obnovy..
Co s tím?

VIRY.CZ

notebook - zavšivený (viry, spyware)

notebook - zavšivený (viry, spyware)

Re: notebook - zavšivený (viry, spyware)

Re: notebook - zavšivený (viry, spyware)

Re: notebook - zavšivený (viry, spyware)

Re: notebook - zavšivený (viry, spyware)

Re: notebook - zavšivený (viry, spyware)

Re: notebook - zavšivený (viry, spyware)

Re: notebook - zavšivený (viry, spyware)

Re: notebook - zavšivený (viry, spyware)

Re: notebook - zavšivený (viry, spyware)

Re: notebook - zavšivený (viry, spyware)

Re: notebook - zavšivený (viry, spyware)

Re: notebook - zavšivený (viry, spyware)

Re: notebook - zavšivený (viry, spyware)

Re: notebook - zavšivený (viry, spyware)