Avast hlásí Win32:Evo-gen [Susp], práce s počítačem se horší

[Mlok]

Zdravím a moc prosím o pomoc.
Při práci s počítačem mi Avast vyhazuje hlášku na podezřelý soubor s infekcí Win32:Evo-gen [Susp]. Ale když spustím test počítače, nenajde nic. Zkoušel jsem i jiné antiviry, ale výsledek stejný. Přikládám log z HijackThis.
Předem díky za pomoc

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:01:35, on 30.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Lely\T4C\Bin\T4CServiceManager.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Teamviewer\Version6\TeamViewer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [Seznam.chromeUpdatePref] C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe 13906
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: T4C Service Manager.lnk = C:\Program Files\Lely\T4C\Bin\T4CServiceManager.exe
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O15 - ESC Trusted Zone: http://www.benchmark-lely.com
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Lely Dairy Network Services (LDNService) - Lely - C:\Program Files\Lely\T4C\Bin\T4CNService.exe
O23 - Service: LFW Logger Service (LFWLogService) - LELY - C:\Program Files\Lely\T4C\Bin\LFWLogService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: T4C Backup (T4CBackup) - Lely Industries N.V. - C:\Program Files\Lely\T4C\Bin\BackupService.exe
O23 - Service: T4C Calm Synchroniser (T4CCalmSynch) - Lely Industries N.V. - C:\Program Files\Lely\T4C\Bin\T4CCalmSynchroniser.exe
O23 - Service: T4C Device Synchroniser (T4CDevSynch) - Lely Industries N.V. - C:\Program Files\Lely\T4C\Bin\T4CSynchroniser.exe
O23 - Service: T4C DLM (T4CDLM) - Lely Industries N.V. - C:\Program Files\Lely\T4C\Bin\LelyPDF.Service.exe
O23 - Service: T4C Generator (T4CGenerator) - Lely Industries N.V. - C:\Program Files\Lely\T4C\Bin\T4CServices.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\Teamviewer\Version6\TeamViewer_Service.exe
O23 - Service: VCPC Synchronizer (VcpcSynchronizer) - Lely Industries N.V. - C:\Program Files\Lely\T4C\Bin\VcpcSynchronizer.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

--
End of file - 7807 bytes

[Rudy]

Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

[Mlok]

Tak sem udělal všechno co bylo v tom návodu, tady to je:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-10-2013
Ran by Uzivatel (administrator) on UZIVATEL-PC on 30-10-2013 14:54:41
Running from C:\Users\Uzivatel\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(DeviceVM, Inc.) C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
() C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
(Microsoft Corporation) C:\Windows\system32\inetsrv\inetinfo.exe
(LELY) C:\Program Files\Lely\T4C\Bin\LFWLogService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL10_50.T4C3\MSSQL\Binn\sqlservr.exe
(DeviceVM, Inc.) C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Lely Industries N.V.) C:\Program Files\Lely\T4C\Bin\T4CServiceManager.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(Western Digital) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
() C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Lely Industries N.V.) C:\Program Files\Lely\T4C\Bin\BackupService.exe
(Lely Industries N.V.) C:\Program Files\Lely\T4C\Bin\T4CCalmSynchroniser.exe
(Lely Industries N.V.) C:\Program Files\Lely\T4C\Bin\T4CSynchroniser.exe
(Lely Industries N.V.) C:\Program Files\Lely\T4C\Bin\LelyPDF.Service.exe
(Lely Industries N.V.) C:\Program Files\Lely\T4C\Bin\T4CServices.exe
(TeamViewer GmbH) C:\Program Files\Teamviewer\Version6\TeamViewer_Service.exe
(Lely Industries N.V.) C:\Program Files\Lely\T4C\Bin\VcpcSynchronizer.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(TeamViewer GmbH) C:\Program Files\Teamviewer\Version6\TeamViewer.exe
(VIT-PCS GmbH) C:\PROGRA~1\FOERST~1\KM2\KALBMA~1.EXE
(Lely) C:\Program Files\Lely\T4C\Bin\T4CNService.exe
() C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe
(forum.viry.cz) C:\Users\Uzivatel\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BCU] - C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe [346320 2009-08-04] (DeviceVM, Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7547424 2009-06-25] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-10-01] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1009288 2012-09-13] ()
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
HKCU\...\Run: [Seznam.chromeUpdatePref] - C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe [942080 2013-02-13] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92296 2012-12-19] ()
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe -update plugin [814984 2013-08-28] (Adobe Systems Incorporated)
MountPoints2: {96a3d178-b00a-11df-930f-6cf0490296bd} - "F:\WD SmartWare.exe" autoplay=true
MountPoints2: {de3aea1d-b005-11df-a19b-806e6f6e6963} - D:\Launch.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
SearchScopes: HKCU - DefaultScope {9B4CB878-03E5-4cb7-B2DA-0C534504BACC} URL = http://uk.search.yahoo.com/search?p={se ... &type=IEBD
SearchScopes: HKCU - {11305978-6401-4F89-99E0-EA2413D2EDBF} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13906
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKCU - {44AA498F-9FCF-41B3-9907-5DAB7BA2AF9B} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13906
SearchScopes: HKCU - {44E46FB3-5EEB-4C3E-9B8C-12B4ABC6704C} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13906
SearchScopes: HKCU - {78F45281-D267-4589-B85B-FB77ABB35269} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13906
SearchScopes: HKCU - {95603BDF-10AF-4A30-992E-4F7B9365F371} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13906
SearchScopes: HKCU - {991D1310-232A-489D-B531-5ED788005B63} URL = http://search.seznam.cz/?q={searchTerms ... arch_13906
SearchScopes: HKCU - {9B4CB878-03E5-4cb7-B2DA-0C534504BACC} URL = http://uk.search.yahoo.com/search?p={se ... &type=IEBD
SearchScopes: HKCU - {A81519AF-ADBB-47A0-A4A9-23EBFE8F7819} URL = http://www.firmy.cz/phr/{searchTerms}?s ... arch_13906
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\ribyj95t.default
FF NewTab: hxxp://www.google.com/firefox
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: DownloadHelper - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\ribyj95t.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Seznam lištička - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\ribyj95t.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 BCUService; C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [219360 2009-08-04] (DeviceVM, Inc.)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [310272 2012-06-01] (Microsoft Corporation)
R2 GEST Service; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [68136 2009-07-30] ()
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [13824 2009-07-14] (Microsoft Corporation)
R2 LDNService; C:\Program Files\Lely\T4C\Bin\T4CNService.exe [94208 2010-08-11] (Lely)
R2 LFWLogService; C:\Program Files\Lely\T4C\Bin\LFWLogService.exe [90112 2010-02-15] (LELY)
R2 MSSQL$T4C3; c:\Program Files\Microsoft SQL Server\MSSQL10_50.T4C3\MSSQL\Binn\sqlservr.exe [43040096 2011-06-17] (Microsoft Corporation)
S4 SQLAgent$T4C3; c:\Program Files\Microsoft SQL Server\MSSQL10_50.T4C3\MSSQL\Binn\SQLAGENT.EXE [370016 2011-06-17] (Microsoft Corporation)
R2 T4CBackup; C:\Program Files\Lely\T4C\Bin\BackupService.exe [30720 2013-01-23] (Lely Industries N.V.)
R2 T4CCalmSynch; C:\Program Files\Lely\T4C\Bin\T4CCalmSynchroniser.exe [35328 2013-01-23] (Lely Industries N.V.)
R2 T4CDevSynch; C:\Program Files\Lely\T4C\Bin\T4CSynchroniser.exe [1041920 2013-01-23] (Lely Industries N.V.)
R2 T4CDLM; C:\Program Files\Lely\T4C\Bin\LelyPDF.Service.exe [10240 2013-01-23] (Lely Industries N.V.)
S4 T4CExpert; C:\Program Files\Lely\T4C\Bin\T4CExpertSystem.exe [19968 2013-01-23] (Lely Industries N.V.)
R2 T4CGenerator; C:\Program Files\Lely\T4C\Bin\T4CServices.exe [161280 2013-01-23] (Lely Industries N.V.)
R2 VcpcSynchronizer; C:\Program Files\Lely\T4C\Bin\VcpcSynchronizer.exe [344576 2013-01-23] (Lely Industries N.V.)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC)
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-30] ()
R3 e1qexpress; C:\Windows\System32\DRIVERS\e1q6032.sys [190464 2009-07-13] (Intel Corporation)
R3 gdrv; C:\Windows\gdrv.sys [17488 2013-10-29] (Windows (R) 2000 DDK provider)
S4 RsFx0151; C:\Windows\System32\DRIVERS\RsFx0151.sys [240736 2011-06-17] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-08-25] ()
U3 auxgf1n4; C:\Windows\System32\Drivers\auxgf1n4.sys [0 ] (Microsoft Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-30 14:54 - 2013-10-30 14:54 - 00000000 ____D C:\FRST
2013-10-30 14:52 - 2013-10-30 14:52 - 01089275 _____ (Farbar) C:\Users\Uzivatel\Desktop\FRST.exe
2013-10-30 14:52 - 2013-10-30 14:52 - 00112128 _____ (forum.viry.cz) C:\Users\Uzivatel\Desktop\FRSTLauncher.exe
2013-10-30 05:52 - 2013-10-30 05:52 - 00002979 _____ C:\Users\Uzivatel\Desktop\HiJackThis.lnk
2013-10-30 05:52 - 2013-10-30 05:52 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-10-30 05:52 - 2013-10-30 05:52 - 00000000 ____D C:\Program Files\Trend Micro
2013-10-30 05:48 - 2013-10-30 05:48 - 01402880 _____ C:\Users\Uzivatel\Downloads\HiJackThis.msi
2013-10-30 04:25 - 2013-10-30 04:25 - 00000000 ____D C:\Program Files\ESET
2013-10-30 04:24 - 2013-10-30 04:24 - 02347384 _____ (ESET) C:\Users\Uzivatel\Downloads\esetsmartinstaller_csy(1).exe
2013-10-29 16:21 - 2013-10-29 16:21 - 00007360 _____ C:\Windows\PFRO.log
2013-10-29 16:21 - 2013-10-29 16:21 - 00000056 _____ C:\Windows\setupact.log
2013-10-29 16:21 - 2013-10-29 16:21 - 00000000 _____ C:\Windows\setuperr.log
2013-10-29 15:28 - 2013-10-29 15:28 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\TuneUp Software
2013-10-29 15:26 - 2013-10-29 15:26 - 04436568 _____ (AVG Technologies) C:\Users\Uzivatel\Downloads\avg_free_stb_all_2014_4158_cnet.exe
2013-10-29 15:26 - 2013-10-29 15:26 - 00000000 ____D C:\Users\Uzivatel\AppData\Local\MFAData
2013-10-27 07:10 - 2013-10-27 07:10 - 00000000 ____D C:\Users\Uzivatel\Documents\8floor
2013-10-20 15:39 - 2013-10-20 18:03 - 898583990 _____ C:\Users\Uzivatel\Downloads\tady-hlidam-ja-2012.avi
2013-10-20 15:28 - 2013-10-20 15:28 - 00001147 _____ C:\Users\Uzivatel\Desktop\Moai Postav si svůj sen.lnk
2013-10-12 03:28 - 2013-10-12 04:51 - 769083393 _____ C:\Users\Uzivatel\Downloads\podfuck-cz.avi
2013-10-09 00:33 - 2013-09-24 09:58 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 00:33 - 2013-09-24 09:58 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 00:33 - 2013-09-24 09:58 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-09 00:33 - 2013-09-24 09:56 - 06036480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 00:33 - 2013-09-24 09:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-09 00:33 - 2013-09-24 09:56 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-09 00:33 - 2013-09-24 09:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 00:33 - 2013-09-24 09:55 - 11020800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 00:33 - 2013-09-24 09:55 - 02078208 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 00:33 - 2013-09-24 09:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 00:33 - 2013-09-24 09:09 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-09 00:33 - 2013-09-04 02:15 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 00:33 - 2013-09-04 02:14 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 00:33 - 2013-09-04 02:14 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 00:33 - 2013-09-04 02:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 00:33 - 2013-09-04 02:14 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 00:33 - 2013-09-04 02:14 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-09 00:33 - 2013-09-04 02:14 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 00:33 - 2013-08-28 02:04 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 00:33 - 2013-08-01 12:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 00:33 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 00:33 - 2013-07-12 11:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 00:33 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 00:33 - 2013-07-03 04:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 00:33 - 2013-07-03 04:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 00:33 - 2013-06-25 23:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 00:33 - 2013-06-06 05:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 00:33 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 00:33 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 00:33 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 00:33 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-05 03:09 - 2013-10-05 03:09 - 00001052 _____ C:\Users\Uzivatel\Desktop\Azkend.lnk
2013-10-05 03:09 - 2013-10-05 03:09 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\MythPeople
2013-10-04 15:18 - 2013-10-05 03:16 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-10-30 14:54 - 2013-10-30 14:54 - 00000000 ____D C:\FRST
2013-10-30 14:54 - 2010-07-08 20:59 - 00657210 _____ C:\service.log
2013-10-30 14:52 - 2013-10-30 14:52 - 01089275 _____ (Farbar) C:\Users\Uzivatel\Desktop\FRST.exe
2013-10-30 14:52 - 2013-10-30 14:52 - 00112128 _____ (forum.viry.cz) C:\Users\Uzivatel\Desktop\FRSTLauncher.exe
2013-10-30 09:25 - 2010-08-25 06:04 - 01200112 _____ C:\Windows\WindowsUpdate.log
2013-10-30 05:52 - 2013-10-30 05:52 - 00002979 _____ C:\Users\Uzivatel\Desktop\HiJackThis.lnk
2013-10-30 05:52 - 2013-10-30 05:52 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-10-30 05:52 - 2013-10-30 05:52 - 00000000 ____D C:\Program Files\Trend Micro
2013-10-30 05:48 - 2013-10-30 05:48 - 01402880 _____ C:\Users\Uzivatel\Downloads\HiJackThis.msi
2013-10-30 04:25 - 2013-10-30 04:25 - 00000000 ____D C:\Program Files\ESET
2013-10-30 04:24 - 2013-10-30 04:24 - 02347384 _____ (ESET) C:\Users\Uzivatel\Downloads\esetsmartinstaller_csy(1).exe
2013-10-30 00:00 - 2010-07-14 15:08 - 00000000 ____D C:\log
2013-10-29 22:03 - 2010-11-16 23:00 - 00000000 ____D C:\BackupShare
2013-10-29 16:29 - 2010-08-25 06:12 - 01907086 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-29 16:29 - 2009-07-14 05:34 - 00018240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-29 16:29 - 2009-07-14 05:34 - 00018240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-29 16:26 - 2013-03-21 06:28 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\Seznam.cz
2013-10-29 16:23 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\inetsrv
2013-10-29 16:21 - 2013-10-29 16:21 - 00007360 _____ C:\Windows\PFRO.log
2013-10-29 16:21 - 2013-10-29 16:21 - 00000056 _____ C:\Windows\setupact.log
2013-10-29 16:21 - 2013-10-29 16:21 - 00000000 _____ C:\Windows\setuperr.log
2013-10-29 16:21 - 2011-01-19 04:57 - 00000000 ____D C:\ProgramData\MFAData
2013-10-29 16:21 - 2010-08-25 06:34 - 00017488 _____ (Windows (R) 2000 DDK provider) C:\Windows\gdrv.sys
2013-10-29 16:21 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-29 15:28 - 2013-10-29 15:28 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\TuneUp Software
2013-10-29 15:26 - 2013-10-29 15:26 - 04436568 _____ (AVG Technologies) C:\Users\Uzivatel\Downloads\avg_free_stb_all_2014_4158_cnet.exe
2013-10-29 15:26 - 2013-10-29 15:26 - 00000000 ____D C:\Users\Uzivatel\AppData\Local\MFAData
2013-10-28 15:54 - 2011-06-09 14:06 - 00000000 ____D C:\ProgramData\AlawarWrapper
2013-10-27 16:52 - 2011-09-17 04:18 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hry.cz
2013-10-27 16:52 - 2011-09-17 04:18 - 00000000 ____D C:\Program Files\Hry.cz
2013-10-27 07:10 - 2013-10-27 07:10 - 00000000 ____D C:\Users\Uzivatel\Documents\8floor
2013-10-27 07:10 - 2012-12-28 16:21 - 00001770 _____ C:\Users\Uzivatel\Desktop\Hry.cz .lnk
2013-10-20 18:03 - 2013-10-20 15:39 - 898583990 _____ C:\Users\Uzivatel\Downloads\tady-hlidam-ja-2012.avi
2013-10-20 15:28 - 2013-10-20 15:28 - 00001147 _____ C:\Users\Uzivatel\Desktop\Moai Postav si svůj sen.lnk
2013-10-20 15:28 - 2012-09-21 13:47 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\AlawarEntertainment
2013-10-20 13:25 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2013-10-20 10:36 - 2011-02-05 10:50 - 00000308 _____ C:\Windows\Brownie.ini
2013-10-19 03:23 - 2010-08-31 02:03 - 00044350 _____ C:\Users\Uzivatel\Desktop\Prohánění.xls
2013-10-18 14:35 - 2011-02-05 10:53 - 00000460 _____ C:\Windows\BRWMARK.INI
2013-10-12 04:51 - 2013-10-12 03:28 - 769083393 _____ C:\Users\Uzivatel\Downloads\podfuck-cz.avi
2013-10-09 03:38 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-09 03:10 - 2012-05-01 03:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-09 03:10 - 2011-06-15 08:10 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 03:08 - 2009-07-14 05:33 - 00408480 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-09 03:07 - 2012-09-02 10:30 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-09 03:07 - 2011-03-06 10:21 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-09 02:09 - 2009-07-14 03:04 - 00000534 _____ C:\Windows\win.ini
2013-10-09 02:08 - 2013-08-11 02:00 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 02:05 - 2010-08-27 17:17 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-05 03:16 - 2013-10-04 15:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-05 03:16 - 2012-06-28 16:04 - 00000000 ____D C:\Users\Uzivatel\AppData\Local\Mozilla
2013-10-05 03:09 - 2013-10-05 03:09 - 00001052 _____ C:\Users\Uzivatel\Desktop\Azkend.lnk
2013-10-05 03:09 - 2013-10-05 03:09 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\MythPeople

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-29 07:28




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:279.36 GB) (Free:213.58 GB) NTFS
Drive e: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Available physical RAM: 998.24 MB
Total physical RAM: 3582.48 MB
Percentage of memory in use: 72%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 279 GB) (Disk ID: BB1CE5FC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=279 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Uzivatel\Desktop" je 3035 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
MountPoints2: {96a3d178-b00a-11df-930f-6cf0490296bd} - "F:\WD SmartWare.exe" autoplay=true
MountPoints2: {de3aea1d-b005-11df-a19b-806e6f6e6963} - D:\Launch.exe
SearchScopes: HKCU - DefaultScope {9B4CB878-03E5-4cb7-B2DA-0C534504BACC} URL = http://uk.search.yahoo.com/search?p={se ... &type=IEBD
SearchScopes: HKCU - {9B4CB878-03E5-4cb7-B2DA-0C534504BACC} URL = http://uk.search.yahoo.com/search?p={se ... &type=IEBD
FF Plugin: @microsoft.com/GENUINE - disabled No File
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Mlok]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 30-10-2013
Ran by Uzivatel at 2013-10-31 10:42:52 Run:1
Running from C:\Users\Uzivatel\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
MountPoints2: {96a3d178-b00a-11df-930f-6cf0490296bd} - "F:\WD SmartWare.exe" autoplay=true
MountPoints2: {de3aea1d-b005-11df-a19b-806e6f6e6963} - D:\Launch.exe
SearchScopes: HKCU - DefaultScope {9B4CB878-03E5-4cb7-B2DA-0C534504BACC} URL = http://uk.search.yahoo.com/search?p={se ... &type=IEBD
SearchScopes: HKCU - {9B4CB878-03E5-4cb7-B2DA-0C534504BACC} URL = http://uk.search.yahoo.com/search?p={se ... &type=IEBD
FF Plugin: @microsoft.com/GENUINE - disabled No File
End
*****************

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96a3d178-b00a-11df-930f-6cf0490296bd} => Key deleted successfully.
HKCR\CLSID\{96a3d178-b00a-11df-930f-6cf0490296bd} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{de3aea1d-b005-11df-a19b-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{de3aea1d-b005-11df-a19b-806e6f6e6963} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9B4CB878-03E5-4cb7-B2DA-0C534504BACC} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9B4CB878-03E5-4cb7-B2DA-0C534504BACC} => Key not found.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin: @microsoft.com/GENUINE - disabled No File not found.

==== End of Fixlog ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Mlok]

Omlouvám se že jsem se neozval dřív. Zkoušel jsem na počítači provádět práci, při které Avast vždycky hlásil že našel ten virus a hláška se objevila znovu, později, ale objevila. Ale systém my nabídl spuštění nějaké funkce která by měla vyhledat a odstranit problémy. Ještě během toho procesu se začal počítač chovat normálně. Není možné že byl ten problém způsoben nějakou systémovou chybou, která měla za následek náhlou změnu některých souborů a Avast to nesprávně detekoval jako infekci?

[Rudy]

V kterém souboru Avast nalezl toho vira?

[Mlok]

Tohle sem našel ve virové truhle:
Jméno:
App_Web_animalindividuallist.aspx.baefa154.********.dll
(tam co jsou ty hvězdičky se to při každém nálezu lišilo)

Původní umístění:
C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\t4c\c81c73ec\236a7478
(tohle bylo u všech stejný)

[Rudy]

To, co máte ve virové truhle, zneškodnil antivir. Můžete truhlu vysypat. To druhé, prosím, zkontrolujte online na www.virustotal.com. Výsledek oznamte. Moc se mi nezdá, že by v .NET Frameworku byl virus.

[Mlok]

Provedl jsem kontrolu a nic nalezeno nebylo, takže snad dobrý

[Rudy]

OK. Jiný problém nemáte?

[Mlok]

Ne, jiný problém nemám a tento myslím že můžeme považovat za vyřešený. Moc děkuji za pomoc

[Rudy]

Rádo se stalo!