VIRY.CZ

Zdravíčko ...
Prosím o kontrolu tohoto stroje, kolegyně si stěžuje, že je velmi pomalý a některé aplikace nejdou spouštět (mozilla, chrome).
Provedl jsem zatím jen odinstalování avastu a avg + nějakých toolbarů.
Mozilla mi šlape, ale všechno opravdu trvá, než se to tak nějak probere, přitom to není žádná extrémní plečka ten NTB ...
Děkuji za pomoc.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-11-2015
Ran by BittnerovaJ (administrator) on BITTNEROVAJ-PC (18-11-2015 16:32:00)
Running from C:\Users\BittnerovaJ\Desktop
Loaded Profiles: BittnerovaJ (Available Profiles: BittnerovaJ)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\RtkBleServ.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\Temp\F4EE10E3-F848-45E1-A5BE-6253BDAB1F0B\DismHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\BittnerovaJ\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-04] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216576 2014-03-10] (Realtek Semiconductor Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2781936 2013-12-24] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [670960 2013-12-24] (Synaptics)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation)
HKLM-x32\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKU\S-1-5-21-2969052298-1365134077-4108394097-1000\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27648 2014-06-16] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\Users\BittnerovaJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2014-09-23]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.197.152.132 217.197.144.22
Tcpip\..\Interfaces\{1AA59C7F-D2EA-428B-9D6C-58FE33940017}: [DhcpNameServer] 217.197.152.132 217.197.144.22

Internet Explorer:
==================
HKU\S-1-5-21-2969052298-1365134077-4108394097-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-2969052298-1365134077-4108394097-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={EBDC8F6F-BC3E-4587-8D12-3CF150DCB036}&mid=7919c539846847cdb6b44101dc759643-5f01e4bd4775ebd2bdf319ea6af869fdca1dc0a4&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0215pit&pr=fr&d=2015-03-27 13:37:28&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-21] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)

FireFox:
========
FF ProfilePath: C:\Users\BittnerovaJ\AppData\Roaming\Mozilla\Firefox\Profiles\69n5em42.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: seznam.cz
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\BittnerovaJ\AppData\Roaming\Mozilla\Firefox\Profiles\69n5em42.default\searchplugins\avg-secure-search.xml [2015-03-27]
FF SearchPlugin: C:\Users\BittnerovaJ\AppData\Roaming\Mozilla\Firefox\Profiles\69n5em42.default\searchplugins\google-avast.xml [2015-01-22]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-03-27]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.cz/","hxxps://www.facebook.com/"
CHR Profile: C:\Users\BittnerovaJ\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\BittnerovaJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-16]
CHR Extension: (Dokumenty Google) - C:\Users\BittnerovaJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-16]
CHR Extension: (Disk Google) - C:\Users\BittnerovaJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-16]
CHR Extension: (YouTube) - C:\Users\BittnerovaJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-16]
CHR Extension: (Vyhledávání Google) - C:\Users\BittnerovaJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-16]
CHR Extension: (Tabulky Google) - C:\Users\BittnerovaJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\BittnerovaJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (Clip to OneNote) - C:\Users\BittnerovaJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojbdfnpnhogfdgjbigejoaolejmgdhk [2015-09-05]
CHR Extension: (Avast Online Security) - C:\Users\BittnerovaJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-16]
CHR Extension: (Autodesk Homestyler) - C:\Users\BittnerovaJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2015-08-16]
CHR Extension: (ČSFD Vyhledávač) - C:\Users\BittnerovaJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnomkaadjmphnfnjihfmdkabiahgjmfb [2015-08-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\BittnerovaJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-16]
CHR Extension: (Desktop) - C:\Users\BittnerovaJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pafkcccccfmnjkhhndjfffifnflhkpdo [2015-08-16]
CHR Extension: (Gmail) - C:\Users\BittnerovaJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-16]
CHR Extension: (Calculator - kalkulačka) - C:\Users\BittnerovaJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppilpeehmlhboiknckikefgpdkpnhkgc [2015-08-16]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [95232 2014-03-27] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [42496 2013-04-25] (Realtek Semiconductor Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 RtkA2dp; C:\Windows\System32\drivers\RtkA2dp.sys [178904 2013-11-05] (Realtek Semiconductor Corporation)
R3 RtkAvrcpCtrlr; C:\Windows\System32\DRIVERS\RtkAvrcpCtrlr.sys [66904 2013-06-21] (Realtek Semiconductor Corporation)
R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [559320 2014-03-04] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [2988760 2013-12-26] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [2853400 2014-01-23] (Sonix Co. Ltd.)
R3 TXEIx64; C:\Windows\System32\DRIVERS\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-18 16:32 - 2015-11-18 16:32 - 00014153 _____ C:\Users\BittnerovaJ\Desktop\FRST.txt
2015-11-18 16:31 - 2015-11-18 16:32 - 00000000 ____D C:\FRST
2015-11-18 16:30 - 2015-11-18 16:30 - 00112640 _____ (forum.viry.cz) C:\Users\BittnerovaJ\Desktop\FRSTLauncher.exe
2015-11-18 16:28 - 2015-11-18 16:28 - 02008576 _____ (Farbar) C:\Users\BittnerovaJ\Desktop\FRST64.exe
2015-11-18 16:25 - 2015-11-18 16:25 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-18 16:25 - 2015-11-18 16:25 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-18 16:24 - 2015-11-18 16:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-02 22:27 - 2015-11-02 22:27 - 00000000 ____D C:\Users\BittnerovaJ\Documents\My Bluetooth
2015-10-19 09:57 - 2015-10-19 10:10 - 00000000 ____D C:\78fcd90c0a1a6aa56f

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-18 16:27 - 2009-07-14 05:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-18 16:27 - 2009-07-14 05:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-18 16:25 - 2015-07-10 13:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-18 16:24 - 2014-09-20 21:12 - 01158527 _____ C:\Windows\WindowsUpdate.log
2015-11-18 16:08 - 2014-09-21 07:56 - 01441604 _____ C:\Users\BittnerovaJ\AppData\Local\BTServer.log
2015-11-18 16:07 - 2015-03-27 10:02 - 00000000 ____D C:\ProgramData\MFAData
2015-11-18 16:07 - 2015-01-02 09:43 - 00000000 ____D C:\Program Files (x86)\AVG
2015-11-18 16:07 - 2010-11-21 04:47 - 00510394 _____ C:\Windows\PFRO.log
2015-11-18 16:07 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-18 16:07 - 2009-07-14 05:51 - 00054131 _____ C:\Windows\setupact.log
2015-11-18 16:06 - 2015-07-26 09:36 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-18 16:06 - 2014-09-21 07:49 - 21425496 _____ C:\Users\Public\CAFADEBUG.log
2015-11-18 15:55 - 2014-09-21 12:01 - 00000000 ____D C:\ProgramData\AVAST Software
2015-11-18 15:54 - 2014-10-02 19:06 - 00000000 ____D C:\ProgramData\CanonIJPLM
2015-11-18 15:51 - 2014-09-21 12:27 - 00000000 ____D C:\Users\BittnerovaJ\AppData\Local\CrashDumps
2015-11-03 12:21 - 2014-11-10 15:15 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-02 22:34 - 2014-11-15 20:49 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-11-02 22:33 - 2011-04-12 09:34 - 00668792 _____ C:\Windows\system32\perfh005.dat
2015-11-02 22:33 - 2011-04-12 09:34 - 00141420 _____ C:\Windows\system32\perfc005.dat
2015-11-02 22:33 - 2009-07-14 06:13 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-02 22:32 - 2014-09-22 20:00 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-02 21:53 - 2015-10-11 20:19 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-02 21:53 - 2014-09-20 21:23 - 00001397 _____ C:\Users\BittnerovaJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-02 21:38 - 2015-01-02 09:34 - 00000000 ____D C:\Users\BittnerovaJ\AppData\Roaming\Anvsoft
2015-11-02 20:11 - 2014-12-26 14:18 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-19 10:27 - 2014-12-11 12:31 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-19 10:27 - 2014-09-21 11:30 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-19 10:10 - 2014-09-20 22:30 - 00000000 ____D C:\Windows\system32\MRT
2015-10-19 09:57 - 2014-09-20 22:30 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-09-21 07:56 - 2015-11-18 16:08 - 1441604 _____ () C:\Users\BittnerovaJ\AppData\Local\BTServer.log
2015-08-02 20:34 - 2015-08-02 20:34 - 0000000 _____ () C:\Users\BittnerovaJ\AppData\Local\{BCE68430-8A96-4060-9F95-7A52A60B835B}
2014-09-21 07:59 - 2014-09-21 07:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\BittnerovaJ\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravím,

pokud tam bylo AVG doporučuji v Nouzáku projet ještě AVG Removerem, protože AVG po sobě nikdy neuklidí.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.

AVG v nouzáku teda ještě jednou odstřelené, ccleaner na potřetí už v registrech nic nehlásil, tak asi stačilo ...
Po provedení tohoto vytížení procesoru kleslo ze 100% na nějakých 75% ...

# AdwCleaner v5.016 - Logfile created 19/11/2015 at 08:33:43
# Updated 01/11/2015 by Xplode
# Database : 2015-11-01.2 [Local]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : BittnerovaJ - BITTNEROVAJ-PC
# Running from : C:\Users\BittnerovaJ\Downloads\adwcleaner_5.016.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Users\BittnerovaJ\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\BittnerovaJ\AppData\Roaming\IHlpr

***** [ Files ] *****

[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[-] File Deleted : C:\Users\BittnerovaJ\AppData\Roaming\Mozilla\Firefox\Profiles\69n5em42.default\searchplugins\avg-secure-search.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[!] Key Not Deleted : HKU\S-1-5-21-2969052298-1365134077-4108394097-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

***** [ Web browsers ] *****

[-] [C:\Users\BittnerovaJ\AppData\Roaming\Mozilla\Firefox\Profiles\69n5em42.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2017 bytes] ##########

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

ComboFix 15-11-17.01 - BittnerovaJ 20.11.2015 7:25.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.1934.838 [GMT 1:00]
Spuštěný z: c:\users\BittnerovaJ\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\BITTNE~1\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe
c:\users\BittnerovaJ\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_TeamViewer
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-10-20 do 2015-11-20 )))))))))))))))))))))))))))))))
.
.
2015-11-19 07:31 . 2015-11-19 07:33 -------- d-----w- C:\AdwCleaner
2015-11-18 16:09 . 2015-11-18 16:09 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{975B3C67-E7B5-4E18-94DB-604D894EFCFD}\offreg.2376.dll
2015-11-18 15:55 . 2015-10-30 22:56 276480 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub.ScriptedSandboxPlugin.dll
2015-11-18 15:54 . 2015-10-20 01:12 5570496 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-11-18 15:53 . 2015-10-20 01:06 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-11-18 15:42 . 2015-11-18 15:42 -------- d-----w- c:\users\BittnerovaJ\AppData\Roaming\TeamViewer
2015-11-18 15:40 . 2015-11-18 15:40 5286088 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-11-18 15:40 . 2015-10-20 02:33 11140960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{975B3C67-E7B5-4E18-94DB-604D894EFCFD}\mpengine.dll
2015-11-18 15:31 . 2015-11-18 15:32 -------- d-----w- C:\FRST
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-19 06:35 . 2014-09-20 21:30 145617392 ----a-w- c:\windows\system32\MRT.exe
2015-11-18 15:40 . 2014-11-10 14:15 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-11-18 15:40 . 2014-11-10 14:15 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-29 17:50 . 2015-11-18 15:53 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-18 15:53 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-18 15:53 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-18 15:53 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:49 . 2015-11-18 15:53 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-18 15:53 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-18 15:53 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-18 15:53 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39 . 2015-11-18 15:53 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-20 01:05 . 2015-11-18 15:54 344064 ----a-w- c:\windows\system32\schannel.dll
2015-10-20 00:45 . 2015-11-18 15:54 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2015-10-20 00:45 . 2015-11-18 15:54 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-10-13 00:29 . 2015-10-13 00:29 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 00:22 . 2015-10-13 00:22 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-10-01 18:06 . 2015-10-14 13:24 692672 ----a-w- c:\windows\system32\winload.efi
2015-10-01 18:04 . 2015-10-14 13:24 616360 ----a-w- c:\windows\system32\winresume.efi
2015-10-01 18:00 . 2015-10-14 13:24 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-10-01 18:00 . 2015-10-14 13:24 59392 ----a-w- c:\windows\system32\appidapi.dll
2015-10-01 18:00 . 2015-10-14 13:24 32768 ----a-w- c:\windows\system32\appidsvc.dll
2015-10-01 18:00 . 2015-10-14 13:24 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-10-01 18:00 . 2015-10-14 13:24 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-10-01 17:50 . 2015-10-14 13:24 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-10-01 17:00 . 2015-10-14 13:24 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2015-09-18 19:22 . 2015-10-15 09:04 25432 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-09-18 19:19 . 2015-10-15 09:04 700416 ----a-w- c:\windows\system32\invagent.dll
2015-09-18 19:19 . 2015-10-15 09:04 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-09-18 19:19 . 2015-10-15 09:04 503808 ----a-w- c:\windows\system32\devinv.dll
2015-09-18 19:19 . 2015-10-15 09:04 1291264 ----a-w- c:\windows\system32\appraiser.dll
2015-09-18 19:19 . 2015-10-15 09:04 73216 ----a-w- c:\windows\system32\acmigration.dll
2015-09-18 19:09 . 2015-10-15 09:04 1163776 ----a-w- c:\windows\system32\aeinv.dll
2015-09-02 03:04 . 2015-09-09 09:20 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 09:20 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 09:20 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 09:20 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 09:20 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 09:20 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 09:20 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 09:20 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-02 01:47 . 2015-09-09 09:20 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 09:20 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-09 09:31 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-09 09:31 1887232 ----a-w- c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-09 09:31 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-09 09:31 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-09 09:31 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-09 09:31 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-09 09:31 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-09 09:31 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-08-26 13:57 . 2015-08-23 18:36 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-06-27 292848]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S2 AvrcpService;AvrcpService;c:\program files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe;c:\program files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [x]
S2 BTDevManager;BTDevManager;c:\program files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe;c:\program files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 RtkBleServ;RtkBleServ;c:\program files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe;c:\program files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [x]
S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe;c:\windows\SYSNATIVE\SAsrv.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
S3 RtkA2dp;Realtek Bluetooth A2dp Source Service;c:\windows\system32\drivers\RtkA2dp.sys;c:\windows\SYSNATIVE\drivers\RtkA2dp.sys [x]
S3 RtkAvrcpCtrlr;Realtek Bluetooth A/V Remote Control Controller Device Driver;c:\windows\system32\DRIVERS\RtkAvrcpCtrlr.sys;c:\windows\SYSNATIVE\DRIVERS\RtkAvrcpCtrlr.sys [x]
S3 RtkBtFilter;Realtek Bluetooth Filter Driver;c:\windows\system32\DRIVERS\RtkBtfilter.sys;c:\windows\SYSNATIVE\DRIVERS\RtkBtfilter.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 TXEIx64;Intel(R) Trusted Execution Engine Interface ;c:\windows\system32\DRIVERS\TXEIx64.sys;c:\windows\SYSNATIVE\DRIVERS\TXEIx64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-09-30 20:47 285880 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2015-11-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-10 15:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2013-09-04 907480]
"ForteConfig"="c:\program files\Conexant\ForteConfig\fmapp.exe" [2010-10-26 49056]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616]
"BtServer"="c:\program files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe" [2014-03-10 216576]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 217.197.152.132 217.197.144.22
FF - ProfilePath - c:\users\BittnerovaJ\AppData\Roaming\Mozilla\Firefox\Profiles\69n5em42.default\
FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search/?trackid=sp-006
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxps://www.google.com/search/?trackid=sp-006
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-Zoner Photo Studio Service 16 - c:\program files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEc:\program files\Zoner\Photo Studio 16\Program32\ZPSService.exe
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynLenovoGestureMgr - c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\SysWOW64\SAsrv.exe
.
**************************************************************************
.
Celkový čas: 2015-11-20 07:41:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-11-20 06:41
.
Před spuštěním: Volných bajtů: 268 482 437 120
Po spuštění: Volných bajtů: 267 840 917 504
.
- - End Of File - - 0FDBF61DF4D84CA942EB9C5D4F7312FA
A36C5E4F47E84449FF07ED3517B43A31

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jak se PC chová.

Podle mého už všechno šlape úplně ok, díky moc!
Hned dám NTB slečně zpět ať to porovná, ale pokud jde o mě tak to bude v pohodě, procesor už je v klidu ma nějakých 2-5%, paměť taky cajk a NTB zkrátka "něco dělá" až když to po něm chci třeba spuštěním aplikace atd.
Ještě jednou moc děkuji za pomoc!!
Klaním se =)

Není zač a