virus 2

Zpráva

Pavla V. · #1 Příspěvek od **Pavla V.** » 05 lis 2013 16:17

Dobrý den, děkuji předem za pomoc. Vkládám log z druhého PC kde také Avast našel virus.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Martin a Paja at 2013-11-05 16:11:52
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 364 GB (79%) free of 461 GB
Total RAM: 3274 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:12:18, on 5.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\PoivY.com\PoivY\PoivY.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Program Files\trend micro\Martin a Paja.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:21320
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [BtTray] "c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [CLWCSM] "c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [YouCam Mirage] "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [File Sanitizer] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [PoivY] "C:\Program Files (x86)\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized
O4 - HKCU\..\Run: [RIMDeviceManager] C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14663 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\vcsFPService.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\RtsCM64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
-Minimized
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"taskhost.exe"
taskeng.exe {85206E52-5526-4E77-961E-EB398CD516A4}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6496.108e4600.1983262519 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 6496 "\\.\pipe\gecko-crash-server-pipe.6496" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe" --proxy-stub-channel=Flash6460.61ECF308.30573 --host-broker-channel=Flash6460.61ECF308.11263 --host-pid=6460 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe" --channel=2464.0038F7DC.1020968766 --proxy-stub-channel=Flash6460.61ECF308.30573 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Martin a Paja\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForMartin a Paja.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-11-05 1567016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14 81024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2013-03-06 107736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - c:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14 69760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-20 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-05 606544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-20 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-10 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-11-05 1567016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-05 606544]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-02-04 1702912]
"RtsCM"=C:\Windows\RTSCM64.EXE [2013-03-07 144456]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-01-11 3011824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PoivY"=C:\Program Files (x86)\PoivY.com\PoivY\PoivY.exe [2013-07-18 19650352]
"RIMDeviceManager"=C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe [2012-01-19 2061648]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2013-02-07 683656]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2013-03-21 185144]
""= []
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-03-13 642656]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2013-01-31 337184]
"BtTray"=c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-01-10 379904]
"CLWCSM"=c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe [2013-02-20 249096]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2013-03-12 77088]
"YouCam Mirage"=c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2013-02-02 136488]
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2013-02-02 167488]
"File Sanitizer"=c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2013-03-06 13685464]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-11-21 111136]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-11-21 493088]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2013-05-16 3830224]
"RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-11-02 90448]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-10-15 1673680]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-05 3568312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-11-05 16:11:52 ----D---- C:\rsit
2013-11-05 16:11:52 ----D---- C:\Program Files\trend micro
2013-11-05 13:38:11 ----D---- C:\Users\Martin a Paja\AppData\Roaming\AVAST Software
2013-11-05 11:49:28 ----A---- C:\Windows\wininit.ini
2013-11-05 10:51:18 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-11-05 10:51:17 ----A---- C:\Windows\system32\ieui.dll
2013-11-05 10:51:15 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-11-05 10:51:14 ----A---- C:\Windows\system32\iesetup.dll
2013-11-05 10:51:14 ----A---- C:\Windows\system32\iernonce.dll
2013-11-05 10:51:13 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-05 10:51:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-11-05 10:51:11 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-11-05 10:51:11 ----A---- C:\Windows\system32\ie4uinit.exe
2013-11-05 10:51:10 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-05 10:51:10 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-05 10:51:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-11-05 10:51:08 ----A---- C:\Windows\system32\iertutil.dll
2013-11-05 10:51:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-11-05 10:51:01 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-05 10:51:00 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-11-05 10:51:00 ----A---- C:\Windows\system32\jscript.dll
2013-11-05 10:50:58 ----A---- C:\Windows\system32\jscript9.dll
2013-11-05 10:50:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-11-05 10:50:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-11-05 10:50:53 ----A---- C:\Windows\system32\urlmon.dll
2013-11-05 10:50:48 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-05 10:50:47 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-11-05 10:50:45 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-11-05 10:50:43 ----A---- C:\Windows\system32\wininet.dll
2013-11-05 10:50:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-11-05 10:50:39 ----A---- C:\Windows\system32\ieframe.dll
2013-11-05 10:50:34 ----A---- C:\Windows\system32\mshtml.dll
2013-11-05 10:50:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-11-05 10:42:24 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-11-05 10:42:24 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-11-05 10:42:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-11-05 10:42:13 ----A---- C:\Windows\system32\advapi32.dll
2013-11-05 10:42:11 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-11-05 10:42:10 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-11-05 10:42:10 ----A---- C:\Windows\system32\tdh.dll
2013-11-05 10:42:09 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-11-05 10:42:08 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-11-05 10:42:08 ----A---- C:\Windows\system32\ntdll.dll
2013-11-05 10:42:06 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-11-05 10:42:05 ----A---- C:\Windows\system32\wow64.dll
2013-11-05 10:42:00 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-11-05 10:41:59 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-11-05 10:41:59 ----A---- C:\Windows\SYSWOW64\user.exe
2013-11-05 10:41:59 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-11-05 10:41:59 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-11-05 10:41:56 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-11-05 10:41:56 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-11-05 10:41:51 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-11-05 10:41:50 ----A---- C:\Windows\system32\mswsock.dll
2013-11-05 10:41:50 ----A---- C:\Windows\system32\drivers\afd.sys
2013-11-05 10:41:49 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-11-05 10:41:48 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-11-05 10:41:45 ----A---- C:\Windows\system32\WebClnt.dll
2013-11-05 10:41:44 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-11-05 10:41:44 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-11-05 10:41:44 ----A---- C:\Windows\system32\davclnt.dll
2013-11-05 10:41:43 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-11-05 10:41:41 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-11-05 10:41:41 ----A---- C:\Windows\system32\comctl32.dll
2013-11-05 10:41:40 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-11-05 10:41:40 ----A---- C:\Windows\system32\dciman32.dll
2013-11-05 10:41:40 ----A---- C:\Windows\system32\atmfd.dll
2013-11-05 10:41:39 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-11-05 10:41:39 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-11-05 10:41:39 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-11-05 10:41:39 ----A---- C:\Windows\system32\lpk.dll
2013-11-05 10:41:39 ----A---- C:\Windows\system32\fontsub.dll
2013-11-05 10:41:39 ----A---- C:\Windows\system32\atmlib.dll
2013-11-05 10:41:38 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-11-05 10:41:27 ----A---- C:\Windows\system32\win32k.sys
2013-11-05 10:41:22 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-11-05 10:41:22 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-05 10:40:01 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-11-05 10:40:00 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-11-05 10:39:59 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-20 14:36:00 ----D---- C:\ProgramData\Oracle
2013-10-20 14:33:36 ----D---- C:\ProgramData\AskPartnerNetwork
2013-10-20 14:33:36 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2013-10-20 14:33:26 ----D---- C:\ProgramData\APN
2013-10-20 14:31:01 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-10-20 14:30:53 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-10-20 14:30:53 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-10-20 14:30:53 ----A---- C:\Windows\SYSWOW64\java.exe
2013-10-20 14:30:38 ----D---- C:\Program Files (x86)\Java
2013-10-19 20:18:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-10-18 19:32:30 ----A---- C:\Windows\system32\drivers\RimSerial_AMD64.sys
2013-10-18 19:31:30 ----D---- C:\Program Files (x86)\Research In Motion

======List of files/folders modified in the last 1 months======

2013-11-05 16:11:52 ----RD---- C:\Program Files
2013-11-05 16:11:44 ----D---- C:\Windows\Temp
2013-11-05 16:03:30 ----D---- C:\Windows\Tasks
2013-11-05 16:03:30 ----D---- C:\Windows\system32\Tasks
2013-11-05 15:14:24 ----D---- C:\Windows\system32\config
2013-11-05 15:03:03 ----SHD---- C:\System Volume Information
2013-11-05 14:59:53 ----A---- C:\Windows\SYSWOW64\bscs.ini
2013-11-05 14:57:34 ----AD---- C:\Windows
2013-11-05 14:56:52 ----A---- C:\Windows\SYSWOW64\LOCALSERVICE.INI
2013-11-05 14:56:46 ----A---- C:\Windows\SYSWOW64\LOCALDEVICE.INI
2013-11-05 14:05:34 ----D---- C:\Windows\Microsoft.NET
2013-11-05 14:04:15 ----RSD---- C:\Windows\assembly
2013-11-05 13:40:49 ----D---- C:\Windows\System32
2013-11-05 13:40:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-05 13:40:48 ----D---- C:\Windows\inf
2013-11-05 13:36:28 ----D---- C:\ProgramData\PDFC
2013-11-05 13:35:05 ----D---- C:\Windows\system32\drivers
2013-11-05 13:30:29 ----D---- C:\Windows\winsxs
2013-11-05 13:30:22 ----A---- C:\Windows\system32\aswBoot.exe
2013-11-05 13:26:40 ----D---- C:\ProgramData\AVAST Software
2013-11-05 13:19:31 ----D---- C:\Windows\Panther
2013-11-05 13:16:20 ----D---- C:\Windows\SysWOW64
2013-11-05 13:16:19 ----D---- C:\Program Files (x86)\Internet Explorer
2013-11-05 13:16:18 ----D---- C:\Program Files\Internet Explorer
2013-11-05 13:16:16 ----D---- C:\Windows\AppPatch
2013-11-05 13:16:08 ----D---- C:\Windows\system32\DriverStore
2013-11-05 11:00:18 ----SHD---- C:\Windows\Installer
2013-11-05 10:57:39 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-11-05 10:55:45 ----D---- C:\Windows\ModemLogs
2013-11-05 10:54:51 ----D---- C:\ProgramData\Microsoft Help
2013-11-05 10:54:03 ----D---- C:\Windows\debug
2013-11-05 10:54:01 ----D---- C:\Windows\Minidump
2013-11-05 10:51:44 ----D---- C:\Windows\system32\catroot
2013-11-05 10:51:36 ----D---- C:\Windows\system32\catroot2
2013-11-05 10:47:27 ----D---- C:\Windows\system32\MRT
2013-11-05 10:44:55 ----D---- C:\Windows\system32\drivers\etc
2013-11-05 10:44:36 ----A---- C:\Windows\system32\MRT.exe
2013-11-05 10:43:20 ----D---- C:\ProgramData\Spyware Terminator
2013-11-05 10:43:09 ----D---- C:\Windows\system32\cs-CZ
2013-11-04 19:14:08 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-11-03 17:21:29 ----D---- C:\Windows\Prefetch
2013-10-31 19:44:31 ----D---- C:\Windows\system32\NDF
2013-10-27 23:16:28 ----D---- C:\Users\Martin a Paja\AppData\Roaming\Skype
2013-10-20 18:38:01 ----D---- C:\ProgramData\Skype
2013-10-20 18:37:56 ----RD---- C:\Program Files (x86)\Skype
2013-10-20 17:16:40 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-20 14:45:59 ----RD---- C:\Program Files (x86)
2013-10-20 14:36:00 ----HD---- C:\ProgramData
2013-10-20 14:31:21 ----D---- C:\Program Files (x86)\Common Files
2013-10-08 21:13:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-08 20:27:03 ----SD---- C:\Users\Martin a Paja\AppData\Roaming\Microsoft
2013-10-06 11:43:25 ----D---- C:\Windows\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\drivers\amd_sata.sys [2012-10-12 82600]
R0 amd_xata;amd_xata; C:\Windows\system32\drivers\amd_xata.sys [2012-10-12 42664]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-11-05 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-11-05 205320]
R0 hpdskflt;HP Filter; C:\Windows\system32\drivers\hpdskflt.sys [2013-03-02 30520]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\Windows\system32\DRIVERS\PinFile.sys [2013-03-19 49856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\Windows\system32\DRIVERS\SDDisk2K.sys [2013-03-27 212672]
R0 SDDToki;SDDToki; C:\Windows\system32\DRIVERS\SDDToki.sys [2013-01-07 131928]
R0 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-11-05 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-11-05 1032416]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-11-05 409832]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-11-05 65264]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-11-05 38984]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-11-05 84328]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2013-08-12 51496]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\drivers\Accelerometer.sys [2013-03-02 43320]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\drivers\amdhub30.sys [2012-11-29 107688]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-03-13 11635200]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-03-13 578560]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\amdxhc.sys [2012-11-29 228008]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-02-14 96768]
R3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service; C:\Windows\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\Windows\System32\Drivers\BtL2caScoIf.sys [2012-07-20 56904]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2013-04-28 80384]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [2012-12-06 49632]
R3 clwcsm;CyberLink Webcam Sharing Manager 4.2; C:\Windows\system32\DRIVERS\clwcsm.sys [2013-02-19 42432]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\drivers\HpqKbFiltr.sys [2013-01-29 25912]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-02-23 2426672]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2011-07-20 44032]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 rtbth;RTBTH Bluetooth Device Driver; C:\Windows\system32\DRIVERS\rtbth.sys [2012-10-09 692832]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-02-26 819784]
R3 rtsuvc;HP HD Webcam [Fixed]; C:\Windows\system32\DRIVERS\rtsuvc.sys [2013-03-07 8243144]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-02-04 544768]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\drivers\SynTP.sys [2013-01-11 468720]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2013-04-28 552960]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2013-02-18 65752]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2011-07-25 74752]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2013-01-23 288328]
S3 RTSPER;Realtek PCIe CardReader Driver; C:\Windows\system32\DRIVERS\RtsPer.sys [2013-02-01 448072]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [2013-01-11 28400]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [2013-01-11 32496]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-03-13 240640]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-10-15 166352]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-05 50344]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-02-01 1626872]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2013-03-12 491320]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPFSService;HP File Sanitizer; c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2013-03-06 1730776]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-01-31 553248]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2013-03-02 43320]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-28 12784]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2013-02-07 1135752]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-05-16 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-05-16 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-05-15 171928]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2012-09-07 1148664]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-02-04 332800]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2013-02-12 3165232]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-01-10 138752]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2013-03-21 1420600]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-03-20 1018680]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-28 288272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-12 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S3 FLCDLOCK;HP Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2013-03-04 556856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-12 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-19 118680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-12 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 05 lis 2013 16:29

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.

Utilitu spustte a prikazte ji, at skenuje - klik na Scan
Kliknutim na Save log ulozte log aswMBR na plochu
Obsah logu aswMBR mi sem vlozte

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

Provedte aktualizaci
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

Pavla V. · #3 Příspěvek od **Pavla V.** » 06 lis 2013 00:15

díky tady jsou logy:

# AdwCleaner v3.011 - Report created 05/11/2013 at 23:33:06
# Updated 03/11/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Martin a Paja - HP-BOBIK
# Running from : C:\Users\Martin a Paja\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Users\Martin a Paja\AppData\Local\Temp\apn

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\AskPartnerNetwork

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Users\Martin a Paja\AppData\Roaming\Mozilla\Firefox\Profiles\s6utub75.default\prefs.js ]

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Martin a Paja\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1364 octets] - [05/11/2013 23:31:33]
AdwCleaner[S0].txt - [1258 octets] - [05/11/2013 23:33:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1318 octets] ##########

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-05 23:38:16
-----------------------------
23:38:16.737 OS Version: Windows x64 6.1.7601 Service Pack 1
23:38:16.737 Number of processors: 2 586 0x1001
23:38:16.739 ComputerName: HP-BOBIK UserName:
23:38:18.481 Initialize success
23:38:19.477 AVAST engine defs: 13110500
23:38:40.736 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000009d
23:38:40.739 Disk 0 Vendor: HGST_HTS GG2O Size: 476940MB BusType: 11
23:38:40.891 Disk 0 MBR read successfully
23:38:40.895 Disk 0 MBR scan
23:38:40.902 Disk 0 Windows 7 default MBR code
23:38:40.921 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1025 MB offset 2048
23:38:40.949 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 460803 MB offset 2101248
23:38:40.982 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15006 MB offset 945825792
23:38:40.998 Disk 0 Partition 4 00 0B FAT32 MSDOS5.0 100 MB offset 976558080
23:38:41.143 Disk 0 scanning C:\Windows\system32\drivers
23:38:58.475 Service scanning
23:39:22.747 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
23:39:49.955 Modules scanning
23:39:49.979 Disk 0 trace - called modules:
23:39:50.004 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
23:39:50.015 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004cd5060]
23:39:50.024 3 CLASSPNP.SYS[fffff8800113b43f] -> nt!IofCallDriver -> [0xfffffa8004cd47f0]
23:39:50.034 5 hpdskflt.sys[fffff88001e0242b] -> nt!IofCallDriver -> [0xfffffa8004842040]
23:39:50.047 7 amd_xata.sys[fffff880013ced00] -> nt!IofCallDriver -> \Device\0000009d[0xfffffa8004810060]
23:39:51.740 AVAST engine scan C:\Windows
23:39:54.451 AVAST engine scan C:\Windows\system32
23:43:42.892 AVAST engine scan C:\Windows\system32\drivers
23:44:08.435 AVAST engine scan C:\Users\Martin a Paja
23:53:50.434 AVAST engine scan C:\ProgramData
23:55:01.955 Scan finished successfully
23:56:24.732 Disk 0 MBR has been saved successfully to "C:\Users\Martin a Paja\Documents\MBR.dat"
23:56:24.815 The log file has been saved successfully to "C:\Users\Martin a Paja\Documents\aswMBR.txt"

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.05.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Martin a Paja :: HP-BOBIK [administrátor]

Ochrana: Povolena

6.11.2013 0:05:52
mbam-log-2013-11-06 (00-05-52).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 216989
Uplynulý čas: 5 minut, 30 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

#4 Příspěvek od **vyosek** » 06 lis 2013 01:10

V MBAMu udelejte nyni uplnou\kompletni kontrolu

Kde Avast hlasil havet??

Pavla V. · #5 Příspěvek od **Pavla V.** » 06 lis 2013 11:14

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.05.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Martin a Paja :: HP-BOBIK [administrátor]

Ochrana: Povolena

6.11.2013 10:20:44
mbam-log-2013-11-06 (10-20-44).txt

Typ: Kompletní kontrola (C:\|D:\|F:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 361569
Uplynulý čas: 49 minut, 27 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Tady je log:
Jinak předtím to hlásilo virus někde v Downloads na nějaké starší zapomenuté instalačce. Dala jsem truhly, pak Downloads trochu promazala. Vzápětí se něco pokusilo natáhnout z internetu, snad tomu avast zabránil.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

#6 Příspěvek od **vyosek** » 06 lis 2013 14:08

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

Pavla V. · #7 Příspěvek od **Pavla V.** » 06 lis 2013 18:36

Tady jsou logy:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by Martin a Paja (administrator) on HP-BOBIK on 06-11-2013 18:28:34
Running from C:\Users\Martin a Paja\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(DigitalPersona, Inc.) c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(DigitalPersona, Inc.) c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(DigitalPersona, Inc.) c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(PoivY) C:\Program Files (x86)\PoivY.com\PoivY\PoivY.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Development Company, L.P.) c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-02-04] (IDT, Inc.)
HKLM\...\Run: [RtsCM] - C:\Windows\RtsCM64.exe [144456 2013-03-07] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3011824 2013-01-11] (Synaptics Incorporated)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKCU\...\Run: [PoivY] - C:\Program Files (x86)\PoivY.com\PoivY\PoivY.exe [19650352 2013-07-18] (PoivY)
HKCU\...\Run: [RIMDeviceManager] - C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe [2061648 2012-01-19] (Research In Motion Limited)
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-02-07] (PDF Complete Inc)
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-03-21] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-01-31] (Hewlett-Packard Company)
HKLM-x32\...\Run: [BtTray] - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)
HKLM-x32\...\Run: [CLWCSM] - C:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe [249096 2013-02-20] (cyberlink)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] - C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe [77088 2013-03-12] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-02-02] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-02-02] (CyberLink Corp.)
HKLM-x32\...\Run: [File Sanitizer] - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe [13685464 2013-03-06] (Hewlett-Packard)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448 2011-11-02] (Research In Motion Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-05] (AVAST Software)
Lsa: [Notification Packages] DPPassFilter scecli
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: HP File Sanitizer - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 81.90.240.1 81.90.240.2

FireFox:
========
FF ProfilePath: C:\Users\Martin a Paja\AppData\Roaming\Mozilla\Firefox\Profiles\s6utub75.default
FF Homepage: hxxp://www.centrum.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll (DigitalPersona, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com", "hxxp://www.google.cz/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Chrome DigitalPersona Agent) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll (DigitalPersona, Inc.)
CHR Extension: () - C:\Users\Martin a Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk\25.60699_0
CHR Extension: (Google Docs) - C:\Users\Martin a Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Martin a Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Martin a Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Martin a Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! Online Security) - C:\Users\Martin a Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (DigitalPersona Extension) - C:\Users\Martin a Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab\1.0.0.5313_0
CHR Extension: (Google Wallet) - C:\Users\Martin a Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Martin a Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-05] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1626872 2013-02-01] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [491320 2013-03-12] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [556856 2013-03-04] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [553248 2013-01-31] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-28] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-28] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1135752 2013-02-07] (PDF Complete Inc)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1148664 2012-09-07] (Crawler.com)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-05] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-05] ()
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-20] (Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49632 2012-12-06] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 clwcsm; C:\Windows\System32\DRIVERS\clwcsm.sys [42432 2013-02-19] (CyberLink Corporation)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-02-18] (Hewlett-Packard Company)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-27] (Microsoft Corporation)
R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2013-03-19] (WinMagic, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [692832 2012-10-09] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8243144 2013-03-07] (Realtek Semiconductor Corp.)
R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [212672 2013-03-27] (WinMagic Inc.)
R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131928 2013-01-07] (WinMagic Inc.)
S1 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [28400 2013-01-11] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-08-12] (Windows (R) Win 7 DDK provider)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-20] (IVT Corporation)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-20] (IVT Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-06 18:28 - 2013-11-06 18:28 - 00000000 ____D C:\FRST
2013-11-06 18:26 - 2013-11-06 18:26 - 01957098 _____ (Farbar) C:\Users\Martin a Paja\Desktop\FRST64.exe
2013-11-06 18:26 - 2013-11-06 18:26 - 00112128 _____ (forum.viry.cz) C:\Users\Martin a Paja\Desktop\FRSTLauncher.exe
2013-11-06 17:56 - 2013-11-06 17:57 - 00001078 _____ C:\Windows\system32dbgraw.bmp
2013-11-05 23:59 - 2013-11-05 23:59 - 00001148 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-05 23:59 - 2013-11-05 23:59 - 00000000 ____D C:\Users\Martin a Paja\AppData\Roaming\Malwarebytes
2013-11-05 23:59 - 2013-11-05 23:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-05 23:59 - 2013-11-05 23:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-05 23:59 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-05 23:56 - 2013-11-05 23:56 - 00002313 _____ C:\Users\Martin a Paja\Desktop\aswMBR.txt
2013-11-05 23:56 - 2013-11-05 23:56 - 00000512 _____ C:\Users\Martin a Paja\Documents\MBR.dat
2013-11-05 23:31 - 2013-11-05 23:33 - 00000000 ____D C:\AdwCleaner
2013-11-05 23:27 - 2013-11-05 23:28 - 04745728 _____ (AVAST Software) C:\Users\Martin a Paja\Desktop\aswMBR.exe
2013-11-05 23:27 - 2013-11-05 23:27 - 01073262 _____ C:\Users\Martin a Paja\Desktop\adwcleaner.exe
2013-11-05 16:11 - 2013-11-05 16:12 - 00000000 ____D C:\rsit
2013-11-05 16:11 - 2013-11-05 16:12 - 00000000 ____D C:\Program Files\trend micro
2013-11-05 16:11 - 2013-11-05 16:11 - 00832273 _____ C:\Users\Martin a Paja\Desktop\RSITx64.exe
2013-11-05 16:03 - 2013-11-05 23:34 - 00000364 _____ C:\Windows\Tasks\HPCeeScheduleForMartin a Paja.job
2013-11-05 16:03 - 2013-11-05 16:03 - 00003230 _____ C:\Windows\System32\Tasks\HPCeeScheduleForMartin a Paja
2013-11-05 13:38 - 2013-11-05 13:38 - 00000000 ____D C:\Users\Martin a Paja\AppData\Roaming\AVAST Software
2013-11-05 13:18 - 2013-11-06 11:26 - 00000280 _____ C:\Windows\setupact.log
2013-11-05 13:18 - 2013-11-05 13:35 - 00025260 _____ C:\Windows\PFRO.log
2013-11-05 13:18 - 2013-11-05 13:18 - 00000000 _____ C:\Windows\setuperr.log
2013-11-05 11:49 - 2013-11-05 11:49 - 00001235 _____ C:\Windows\wininit.ini
2013-11-05 10:51 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-05 10:51 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-05 10:51 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-05 10:51 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-05 10:51 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-05 10:51 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-05 10:51 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-05 10:51 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-05 10:51 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-05 10:51 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-05 10:51 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-05 10:51 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-05 10:51 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-05 10:51 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-05 10:51 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-05 10:51 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-05 10:51 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-05 10:51 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-05 10:51 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-05 10:50 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-05 10:50 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-05 10:50 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-05 10:50 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-05 10:50 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-05 10:50 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-05 10:50 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-05 10:50 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-05 10:50 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-05 10:50 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-05 10:50 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-05 10:50 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-05 10:44 - 2013-11-05 10:42 - 00450639 ____R C:\Windows\system32\Drivers\etc\hosts.20131105-104455.backup
2013-11-05 10:42 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-05 10:42 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-05 10:42 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-05 10:42 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-11-05 10:42 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-05 10:42 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-11-05 10:42 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-11-05 10:42 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-11-05 10:42 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-11-05 10:42 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-11-05 10:42 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-11-05 10:42 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-11-05 10:42 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-11-05 10:41 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-05 10:41 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-05 10:41 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-05 10:41 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-11-05 10:41 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-11-05 10:41 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-11-05 10:41 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-11-05 10:41 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-11-05 10:41 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-11-05 10:41 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-05 10:41 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-11-05 10:41 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-11-05 10:41 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-11-05 10:41 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-11-05 10:41 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-11-05 10:41 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-11-05 10:41 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-11-05 10:41 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-11-05 10:41 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-11-05 10:41 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-11-05 10:41 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-11-05 10:41 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-11-05 10:41 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-11-05 10:41 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-11-05 10:41 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-11-05 10:41 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-11-05 10:41 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-11-05 10:41 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-11-05 10:41 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-11-05 10:41 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-11-05 10:41 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-11-05 10:40 - 2013-08-01 10:19 - 00984512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-11-05 10:40 - 2013-08-01 10:19 - 00265152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-11-05 10:39 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-11-02 20:04 - 2013-11-02 20:04 - 00041472 _____ C:\Users\Martin a Paja\Downloads\Pomocne_tabulky.xls
2013-10-27 20:05 - 2013-10-27 20:05 - 00226767 _____ C:\Users\Martin a Paja\Downloads\agprac20131027_htm.zip
2013-10-27 07:12 - 2013-10-27 07:12 - 01530368 _____ C:\Users\Martin a Paja\Downloads\MR5.ppt
2013-10-20 19:36 - 2013-10-20 19:36 - 00684032 _____ C:\Users\Martin a Paja\Downloads\regrese.pps
2013-10-20 14:36 - 2013-10-20 14:36 - 00000000 ____D C:\ProgramData\Oracle
2013-10-20 14:31 - 2013-10-20 14:30 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-20 14:30 - 2013-10-20 14:30 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-20 14:30 - 2013-10-20 14:30 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-20 14:30 - 2013-10-20 14:30 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-20 14:30 - 2013-10-20 14:30 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-20 14:27 - 2013-10-20 14:27 - 00915368 _____ (Oracle Corporation) C:\Users\Martin a Paja\Downloads\chromeinstall-7u45.exe
2013-10-20 10:45 - 2013-10-20 10:45 - 00050176 _____ C:\Users\Martin a Paja\Downloads\trszvfucr073113_2_6.xls
2013-10-20 10:43 - 2013-10-20 10:43 - 00049152 _____ C:\Users\Martin a Paja\Downloads\trszvfucr073113_2_5.xls
2013-10-20 10:42 - 2013-10-20 10:42 - 00049664 _____ C:\Users\Martin a Paja\Downloads\trszvfucr073113_2_4.xls
2013-10-20 10:40 - 2013-10-20 10:40 - 00049664 _____ C:\Users\Martin a Paja\Downloads\trszvfucr073113_2_3.xls
2013-10-20 10:38 - 2013-10-20 10:38 - 00049664 _____ C:\Users\Martin a Paja\Downloads\trszvfucr073113_2_2.xls
2013-10-20 10:29 - 2013-10-20 10:29 - 00047104 _____ C:\Users\Martin a Paja\Downloads\trszvfucr073113_2_1.xls
2013-10-20 10:27 - 2013-10-20 10:27 - 00028160 _____ C:\Users\Martin a Paja\Downloads\trszvfucr073113_1_4.xls
2013-10-20 10:26 - 2013-10-20 10:27 - 00046080 _____ C:\Users\Martin a Paja\Downloads\trszvfucr073113_1_1.xls
2013-10-20 10:18 - 2013-11-04 19:06 - 00000000 ____D C:\Users\Martin a Paja\Desktop\DIPLOMKA
2013-10-19 20:18 - 2013-10-19 20:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-19 10:10 - 2013-10-19 10:12 - 00019456 ___SH C:\Users\Martin a Paja\Documents\Thumbs.db
2013-10-18 21:04 - 2013-10-18 21:04 - 00000000 ___RD C:\Users\Martin a Paja\Desktop\Nová Aktovka
2013-10-18 19:40 - 2013-10-18 19:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_RimUsb_AMD64_01007.Wdf
2013-10-18 19:32 - 2013-10-18 19:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_RimSerial_AMD64_01007.Wdf
2013-10-18 19:32 - 2011-07-20 13:58 - 00044032 _____ (Research in Motion Ltd) C:\Windows\system32\Drivers\RimSerial_AMD64.sys
2013-10-18 19:31 - 2013-10-18 19:31 - 00000000 ____D C:\Users\Martin a Paja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlackBerry
2013-10-18 19:31 - 2013-10-18 19:31 - 00000000 ____D C:\Program Files (x86)\Research In Motion
2013-10-17 21:49 - 2013-10-17 21:52 - 119528976 _____ C:\Users\Martin a Paja\Downloads\710_b042_multilanguage (1).exe
2013-10-12 19:45 - 2013-10-12 19:45 - 00047616 _____ C:\Users\Martin a Paja\Downloads\Statistics of APPS 2009 filled in.xls
2013-10-12 08:44 - 2013-10-12 08:44 - 00178688 _____ C:\Users\Martin a Paja\Downloads\HLMAKRO.xls
2013-10-08 20:12 - 2013-10-08 20:12 - 00000000 ___SD C:\Users\Martin a Paja\Documents\Zdroje dat

==================== One Month Modified Files and Folders =======

2013-11-06 18:28 - 2013-11-06 18:28 - 00000000 ____D C:\FRST
2013-11-06 18:26 - 2013-11-06 18:26 - 01957098 _____ (Farbar) C:\Users\Martin a Paja\Desktop\FRST64.exe
2013-11-06 18:26 - 2013-11-06 18:26 - 00112128 _____ (forum.viry.cz) C:\Users\Martin a Paja\Desktop\FRSTLauncher.exe
2013-11-06 18:11 - 2013-04-29 00:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-06 17:59 - 2013-02-22 21:59 - 00000983 _____ C:\Windows\SysWOW64\bscs.ini
2013-11-06 17:58 - 2013-08-12 17:12 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-06 17:58 - 2013-08-12 13:42 - 01828458 _____ C:\Windows\WindowsUpdate.log
2013-11-06 17:57 - 2013-11-06 17:56 - 00001078 _____ C:\Windows\system32dbgraw.bmp
2013-11-06 17:56 - 2013-07-05 21:05 - 00003620 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2013-11-06 17:56 - 2013-07-05 21:05 - 00000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2013-11-06 12:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-06 11:34 - 2013-08-12 17:12 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-06 11:34 - 2013-07-05 21:09 - 00670476 _____ C:\Windows\system32\perfh005.dat
2013-11-06 11:34 - 2013-07-05 21:09 - 00142004 _____ C:\Windows\system32\perfc005.dat
2013-11-06 11:34 - 2009-07-14 06:13 - 01588790 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-06 11:34 - 2009-07-14 05:45 - 00026832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-06 11:34 - 2009-07-14 05:45 - 00026832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-06 11:27 - 2013-04-29 00:14 - 00000000 ____D C:\ProgramData\PDFC
2013-11-06 11:27 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-06 11:26 - 2013-11-05 13:18 - 00000280 _____ C:\Windows\setupact.log
2013-11-05 23:59 - 2013-11-05 23:59 - 00001148 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-05 23:59 - 2013-11-05 23:59 - 00000000 ____D C:\Users\Martin a Paja\AppData\Roaming\Malwarebytes
2013-11-05 23:59 - 2013-11-05 23:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-05 23:59 - 2013-11-05 23:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-05 23:56 - 2013-11-05 23:56 - 00002313 _____ C:\Users\Martin a Paja\Desktop\aswMBR.txt
2013-11-05 23:56 - 2013-11-05 23:56 - 00000512 _____ C:\Users\Martin a Paja\Documents\MBR.dat
2013-11-05 23:34 - 2013-11-05 16:03 - 00000364 _____ C:\Windows\Tasks\HPCeeScheduleForMartin a Paja.job
2013-11-05 23:33 - 2013-11-05 23:31 - 00000000 ____D C:\AdwCleaner
2013-11-05 23:28 - 2013-11-05 23:27 - 04745728 _____ (AVAST Software) C:\Users\Martin a Paja\Desktop\aswMBR.exe
2013-11-05 23:27 - 2013-11-05 23:27 - 01073262 _____ C:\Users\Martin a Paja\Desktop\adwcleaner.exe
2013-11-05 16:12 - 2013-11-05 16:11 - 00000000 ____D C:\rsit
2013-11-05 16:12 - 2013-11-05 16:11 - 00000000 ____D C:\Program Files\trend micro
2013-11-05 16:11 - 2013-11-05 16:11 - 00832273 _____ C:\Users\Martin a Paja\Desktop\RSITx64.exe
2013-11-05 16:03 - 2013-11-05 16:03 - 00003230 _____ C:\Windows\System32\Tasks\HPCeeScheduleForMartin a Paja
2013-11-05 13:38 - 2013-11-05 13:38 - 00000000 ____D C:\Users\Martin a Paja\AppData\Roaming\AVAST Software
2013-11-05 13:35 - 2013-11-05 13:18 - 00025260 _____ C:\Windows\PFRO.log
2013-11-05 13:31 - 2013-08-12 17:12 - 00001983 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-05 13:30 - 2013-08-12 17:12 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-05 13:30 - 2013-08-12 17:12 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-11-05 13:30 - 2013-08-12 17:12 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-05 13:30 - 2013-08-12 17:12 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-05 13:30 - 2013-08-12 17:12 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-11-05 13:30 - 2013-08-12 17:12 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-05 13:30 - 2013-08-12 17:12 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-05 13:30 - 2013-08-12 17:12 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-11-05 13:30 - 2013-08-12 17:12 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-05 13:30 - 2013-08-12 17:12 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-05 13:30 - 2013-08-12 14:55 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-05 13:26 - 2013-08-12 17:12 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-11-05 13:26 - 2013-08-12 14:54 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-05 13:19 - 2011-02-11 14:38 - 00000000 ____D C:\Windows\Panther
2013-11-05 13:18 - 2013-11-05 13:18 - 00000000 _____ C:\Windows\setuperr.log
2013-11-05 13:18 - 2009-07-14 05:45 - 00333216 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-05 13:15 - 2013-08-14 08:29 - 00000000 ____D C:\Users\Martin a Paja\Fotky
2013-11-05 11:56 - 2013-08-14 21:32 - 00000000 ____D C:\Users\Martin a Paja\Paja
2013-11-05 11:49 - 2013-11-05 11:49 - 00001235 _____ C:\Windows\wininit.ini
2013-11-05 10:57 - 2011-02-11 14:51 - 01564624 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-05 10:54 - 2013-09-20 16:17 - 00000000 ____D C:\Windows\Minidump
2013-11-05 10:54 - 2013-08-12 21:29 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-05 10:47 - 2013-08-13 20:22 - 00000000 ____D C:\Windows\system32\MRT
2013-11-05 10:44 - 2013-08-12 14:46 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-05 10:43 - 2013-08-12 22:52 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-11-05 10:42 - 2013-11-05 10:44 - 00450639 ____R C:\Windows\system32\Drivers\etc\hosts.20131105-104455.backup
2013-11-05 10:32 - 2013-08-12 13:55 - 00000000 ____D C:\Users\Martin a Paja\AppData\Local\Hewlett-Packard
2013-11-04 19:15 - 2013-08-13 19:39 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-11-04 19:14 - 2013-08-13 19:39 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-11-04 19:11 - 2013-08-12 22:44 - 00000000 ____D C:\Users\Martin a Paja\AppData\Local\Super Internet TV
2013-11-04 19:08 - 2013-08-14 23:51 - 00000000 ____D C:\Users\Martin a Paja\Martin
2013-11-04 19:06 - 2013-10-20 10:18 - 00000000 ____D C:\Users\Martin a Paja\Desktop\DIPLOMKA
2013-11-02 20:04 - 2013-11-02 20:04 - 00041472 _____ C:\Users\Martin a Paja\Downloads\Pomocne_tabulky.xls
2013-10-31 19:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-27 23:16 - 2013-08-12 14:25 - 00000000 ____D C:\Users\Martin a Paja\AppData\Roaming\Skype
2013-10-27 20:05 - 2013-10-27 20:05 - 00226767 _____ C:\Users\Martin a Paja\Downloads\agprac20131027_htm.zip
2013-10-27 07:12 - 2013-10-27 07:12 - 01530368 _____ C:\Users\Martin a Paja\Downloads\MR5.ppt
2013-10-21 20:42 - 2013-08-12 13:47 - 00003776 _____ C:\Windows\System32\Tasks\Registration
2013-10-20 19:36 - 2013-10-20 19:36 - 00684032 _____ C:\Users\Martin a Paja\Downloads\regrese.pps
2013-10-20 18:38 - 2013-07-05 20:47 - 00000000 ____D C:\ProgramData\Skype
2013-10-20 18:37 - 2013-08-13 20:05 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-20 17:16 - 2013-08-12 22:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-20 14:46 - 2013-08-12 22:12 - 00000000 ____D C:\Users\Martin a Paja\AppData\Local\Mozilla
2013-10-20 14:36 - 2013-10-20 14:36 - 00000000 ____D C:\ProgramData\Oracle
2013-10-20 14:30 - 2013-10-20 14:31 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-20 14:30 - 2013-10-20 14:30 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-20 14:30 - 2013-10-20 14:30 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-20 14:30 - 2013-10-20 14:30 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-20 14:30 - 2013-10-20 14:30 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-20 14:27 - 2013-10-20 14:27 - 00915368 _____ (Oracle Corporation) C:\Users\Martin a Paja\Downloads\chromeinstall-7u45.exe
2013-10-20 10:45 - 2013-10-20 10:45 - 00050176 _____ C:\Users\Martin a Paja\Downloads\trszvfucr073113_2_6.xls
2013-10-20 10:43 - 2013-10-20 10:43 - 00049152 _____ C:\Users\Martin a Paja\Downloads\trszvfucr073113_2_5.xls
2013-10-20 10:42 - 2013-10-20 10:42 - 00049664 _____ C:\Users\Martin a Paja\Downloads\trszvfucr073113_2_4.xls
2013-10-20 10:40 - 2013-10-20 10:40 - 00049664 _____ C:\Users\Martin a Paja\Downloads\trszvfucr073113_2_3.xls
2013-10-20 10:38 - 2013-10-20 10:38 - 00049664 _____ C:\Users\Martin a Paja\Downloads\trszvfucr073113_2_2.xls
2013-10-20 10:29 - 2013-10-20 10:29 - 00047104 _____ C:\Users\Martin a Paja\Downloads\trszvfucr073113_2_1.xls
2013-10-20 10:27 - 2013-10-20 10:27 - 00028160 _____ C:\Users\Martin a Paja\Downloads\trszvfucr073113_1_4.xls
2013-10-20 10:27 - 2013-10-20 10:26 - 00046080 _____ C:\Users\Martin a Paja\Downloads\trszvfucr073113_1_1.xls
2013-10-19 20:18 - 2013-10-19 20:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-19 10:12 - 2013-10-19 10:10 - 00019456 ___SH C:\Users\Martin a Paja\Documents\Thumbs.db
2013-10-19 07:36 - 2013-08-12 17:17 - 00002202 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-18 21:04 - 2013-10-18 21:04 - 00000000 ___RD C:\Users\Martin a Paja\Desktop\Nová Aktovka
2013-10-18 19:40 - 2013-10-18 19:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_RimUsb_AMD64_01007.Wdf
2013-10-18 19:32 - 2013-10-18 19:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_RimSerial_AMD64_01007.Wdf
2013-10-18 19:31 - 2013-10-18 19:31 - 00000000 ____D C:\Users\Martin a Paja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlackBerry
2013-10-18 19:31 - 2013-10-18 19:31 - 00000000 ____D C:\Program Files (x86)\Research In Motion
2013-10-17 21:52 - 2013-10-17 21:49 - 119528976 _____ C:\Users\Martin a Paja\Downloads\710_b042_multilanguage (1).exe
2013-10-12 19:45 - 2013-10-12 19:45 - 00047616 _____ C:\Users\Martin a Paja\Downloads\Statistics of APPS 2009 filled in.xls
2013-10-12 08:44 - 2013-10-12 08:44 - 00178688 _____ C:\Users\Martin a Paja\Downloads\HLMAKRO.xls
2013-10-10 17:25 - 2013-08-12 17:12 - 00003962 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-10 17:25 - 2013-08-12 17:12 - 00003710 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-08 21:13 - 2013-04-29 00:14 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-08 21:13 - 2013-04-29 00:14 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-08 21:13 - 2013-04-29 00:14 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-08 20:27 - 2013-08-12 21:29 - 00000000 ____D C:\Users\Martin a Paja\AppData\Local\Microsoft Help
2013-10-08 20:12 - 2013-10-08 20:12 - 00000000 ___SD C:\Users\Martin a Paja\Documents\Zdroje dat

Some content of TEMP:
====================
C:\Users\Martin a Paja\AppData\Local\Temp\Extract.exe
C:\Users\Martin a Paja\AppData\Local\Temp\Quarantine.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63065.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63239.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63337.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63523.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63556.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63563.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63779.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63782.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63791.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-11-01 16:45

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013
Ran by Martin a Paja at 2013-11-06 18:29:45
Running from C:\Users\Martin a Paja\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (x32)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Czech (x32 Version: 11.0.05)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (x32)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (x32)
AMD Accelerated Video Transcoding (Version: 12.10.100.30313)
AMD APP SDK Runtime (Version: 10.0.1124.2)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Media Foundation Decoders (Version: 1.0.80313.0931)
AMD Steady Video Plug-In (Version: 2.06.0000)
AMD VISION Engine Control Center (x32 Version: 2013.0313.929.15155)
Ask Toolbar (x32 Version: 12.6.0.11)
avast! Free Antivirus (x32 Version: 9.0.2007)
BlackBerry Device Manager 7.0 (x32 Version: 7.0.0.43)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0313.929.15155)
Catalyst Control Center InstallProxy (x32 Version: 2013.0313.929.15155)
Catalyst Control Center Localization All (x32 Version: 2013.0313.929.15155)
CCC Help Czech (x32 Version: 2013.0313.0928.15155)
CCC Help Danish (x32 Version: 2013.0313.0928.15155)
CCC Help Dutch (x32 Version: 2013.0313.0928.15155)
CCC Help English (x32 Version: 2013.0313.0928.15155)
CCC Help Finnish (x32 Version: 2013.0313.0928.15155)
CCC Help French (x32 Version: 2013.0313.0928.15155)
CCC Help German (x32 Version: 2013.0313.0928.15155)
CCC Help Greek (x32 Version: 2013.0313.0928.15155)
CCC Help Hungarian (x32 Version: 2013.0313.0928.15155)
CCC Help Chinese Standard (x32 Version: 2013.0313.0928.15155)
CCC Help Chinese Traditional (x32 Version: 2013.0313.0928.15155)
CCC Help Italian (x32 Version: 2013.0313.0928.15155)
CCC Help Japanese (x32 Version: 2013.0313.0928.15155)
CCC Help Korean (x32 Version: 2013.0313.0928.15155)
CCC Help Norwegian (x32 Version: 2013.0313.0928.15155)
CCC Help Polish (x32 Version: 2013.0313.0928.15155)
CCC Help Portuguese (x32 Version: 2013.0313.0928.15155)
CCC Help Russian (x32 Version: 2013.0313.0928.15155)
CCC Help Spanish (x32 Version: 2013.0313.0928.15155)
CCC Help Swedish (x32 Version: 2013.0313.0928.15155)
CCC Help Thai (x32 Version: 2013.0313.0928.15155)
CCC Help Turkish (x32 Version: 2013.0313.0928.15155)
ccc-utility64 (Version: 2013.0313.929.15155)
CCleaner (Version: 4.04)
CyberLink Media Suite 10 (x32 Version: 10.0.1.2106)
Cyberlink PhotoDirector (x32 Version: 3.0.1.3703)
CyberLink Power2Go 8 (x32 Version: 8.0.2.2321)
CyberLink PowerDirector 10 (x32 Version: 10.0.2.2531)
CyberLink PowerDVD 12 (x32 Version: 12.0.1.2627)
CyberLink Webcam Sharing Manager 4 (x32 Version: 4.2.1.1419)
CyberLink YouCam (x32 Version: 4.2.1.3801)
Energy Star (x32 Version: 1.0.9)
Evernote v. 4.6 (x32 Version: 4.6.0.7670)
Google Chrome (x32 Version: 30.0.1599.101)
Google Update Helper (x32 Version: 1.3.21.165)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000)
HP 3D DriveGuard (x32 Version: 6.0.10.1)
HP Client Security Manager (Version: 8.1.0.1451)
HP Connection Manager (x32 Version: 4.4.51.1)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8)
HP Device Access Manager (Version: 8.0.0.4)
HP Documentation (x32 Version: 1.1.3.0)
HP Drive Encryption (Version: 8.5.1.138)
HP ESU for Microsoft Windows 7 (x32 Version: 2.2.1)
HP File Sanitizer (x32 Version: 8.1.1.1)
HP HD Webcam Driver (x32 Version: 6.2.9200.10220)
HP Hotkey Support (x32 Version: 5.0.12.1)
HP Postscript Converter (Version: 4.0.4100)
HP Setup (x32 Version: 9.1.15453.4066)
HP SoftPaq Download Manager (x32 Version: 3.4.10.0)
HP Software Setup (x32 Version: 8.5.4.1)
HP Support Assistant (x32 Version: 7.0.39.15)
HP Support Information (x32 Version: 12.00.0000)
HP System Default Settings (x32 Version: 2.6.1)
HP Theft Recovery (x32 Version: 8.0.0.6)
IDT Audio (x32 Version: 1.0.6454.0)
IrfanView (remove only) (x32 Version: 4.36)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Malwarebytes Anti-Malware verze 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Antimalware Service Multi-Language Pack (Version: 3.0.8402.2)
Microsoft Office (x32 Version: 15.0.4420.1017)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Excel MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Slovak) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (Czech) 2007 (x32 Version: 12.0.4518.1025)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Shared 64-bit MUI (Czech) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Client MUI Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Mozilla Firefox 24.0 (x86 cs) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
opensource (x32 Version: 1.0.14960.3876)
PDF Complete Corporate Edition (x32 Version: 4.1.33)
PoivY (x32 Version: 4.13 build 735)
Ptw7 Framework (x32 Version: 7.1.100)
rajče průvodce verze 1.59.48.263 (x32)
Ralink Bluetooth Stack64 (Version: 11.0.737.1)
Ralink RT3290 802.11bgn Wi-Fi Adapter (x32 Version: 5.0.21.0)
Realtek Ethernet Controller Driver (x32 Version: 7.68.201.2013)
Realtek PCIE Card Reader (x32 Version: 1.1.9200.7)
Skype™ 6.9 (x32 Version: 6.9.106)
Spybot - Search & Destroy (x32 Version: 2.1.19)
Spyware Terminator 2012 (x32 Version: 3.0.0.80)
Super Internet TV v8.1 (Free Edition) (HKCU)
Synaptics Pointing Device Driver (Version: 16.3.9.0)
Total Commander 64-bit (Remove or Repair) (Version: 8.01)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Validity Fingerprint Sensor Driver (Version: 4.5.117.0)
XnView 2.04 (x32 Version: 2.04)

==================== Restore Points =========================

24-10-2013 05:53:45 Windows Update
27-10-2013 06:08:14 Windows Update
30-10-2013 17:56:22 Windows Update
03-11-2013 06:58:23 Windows Update
05-11-2013 09:42:33 Windows Update
05-11-2013 12:26:56 avast! antivirus system restore point
05-11-2013 14:02:33 HPSF Applying updates

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-11-05 10:44 - 00450639 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

Task: {25C0967B-F857-45CA-9FE2-97B291F6D517} - System32\Tasks\HPCeeScheduleForMartin a Paja => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {2C4F226C-33E6-47EA-A356-02C82D1A52A1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {359B89B5-11C9-4069-BBAE-BD4C2D196DE6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)
Task: {3B0ADC50-9291-4755-9148-C0088AE544FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-12] (Google Inc.)
Task: {3F63FBE8-2B19-40B3-B585-B2EA73831B30} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {581A75E6-B6E0-46DD-B261-465FBE2FCDA1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)
Task: {5CB081B1-FC49-4625-AFAA-C7101F74D555} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {8649BC42-D41D-41B8-8B05-98E6BC1E28B0} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2012-03-21] ()
Task: {B3D03441-666E-4986-A0A1-B138F01FA520} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {C91A07CD-91B0-48B8-B74F-74FFA0A3E9DA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-05] (AVAST Software)
Task: {EAA43F0A-2436-4983-9BE2-675FE783161D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-12] (Google Inc.)
Task: {F46DAE65-DEFF-487A-9C82-BC5535471CE2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {FAE3F912-CC74-422C-95E6-06C80B2C9863} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {FEB0A55B-0A28-406A-B2B5-0DAD9A7995B9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {FFB1B1EB-8D8F-4F0C-945F-3E97841F64E3} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-28] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMartin a Paja.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2013-01-10 21:30 - 2013-01-10 21:30 - 00022528 _____ () C:\Windows\system32\BsTrace.dll
2013-03-06 22:38 - 2013-03-06 22:38 - 03020504 _____ () c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll
2013-01-10 19:25 - 2013-01-10 19:25 - 00364544 _____ () C:\Windows\system32\BsExtendFunc.dll
2013-01-22 23:50 - 2013-01-22 23:50 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2013-01-22 23:50 - 2013-01-22 23:50 - 00028672 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResourcesNet4.dll
2013-11-06 17:58 - 2013-11-06 13:28 - 02138112 _____ () C:\Program Files\AVAST Software\Avast\defs\13110600\algo.dll
2013-02-22 23:05 - 2013-02-22 23:05 - 00387936 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2011-07-05 18:53 - 2011-07-05 18:53 - 00012800 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2013-08-12 22:50 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-08-12 22:50 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-08-12 22:50 - 2013-05-16 09:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-08-12 22:50 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-08-12 22:50 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-02-01 01:04 - 2013-02-01 01:04 - 00080120 _____ () C:\Windows\system32\BsProfilefunc.dll
2013-07-05 21:00 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 19:34 - 2012-06-08 19:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-11-05 13:30 - 2013-11-05 13:30 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-04-28 01:05 - 2011-04-28 01:05 - 00514570 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2013-10-19 20:18 - 2013-10-19 20:18 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/06/2013 02:05:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5211

Error: (11/06/2013 02:05:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5211

Error: (11/06/2013 02:05:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/06/2013 02:05:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2325

Error: (11/06/2013 02:05:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2325

Error: (11/06/2013 02:05:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/06/2013 02:05:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1311

Error: (11/06/2013 02:05:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1311

Error: (11/06/2013 02:05:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/06/2013 11:40:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5632

System errors:
=============
Error: (11/06/2013 05:56:52 PM) (Source: NetBT) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.101.
Počítač s IP adresou 192.168.0.100 nepovolil získání názvu
tímto počítačem.

Error: (11/06/2013 00:17:57 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (11/06/2013 11:40:17 AM) (Source: Microsoft-Windows-HAL) (User: )
Description: Firmware platformy při předchozím přechodu systémového napájení poškodil paměť. Zkontrolujte dostupnost aktualizovaného firmwaru pro váš systém.

Error: (11/06/2013 11:28:01 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 – funkce ochrany v reálném čase selhala z důvodu chyby.

Funkce: %%835

Kód chyby: 0x80004005

Popis chyby: Nespecifikovaná chyba

Důvod: %%842

Error: (11/06/2013 11:25:45 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (11/06/2013 09:19:37 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 – funkce ochrany v reálném čase selhala z důvodu chyby.

Funkce: %%835

Kód chyby: 0x80004005

Popis chyby: Nespecifikovaná chyba

Důvod: %%842

Error: (11/05/2013 11:35:47 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 – funkce ochrany v reálném čase selhala z důvodu chyby.

Funkce: %%835

Kód chyby: 0x80004005

Popis chyby: Nespecifikovaná chyba

Důvod: %%842

Error: (11/05/2013 11:18:11 PM) (Source: NetBT) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.101.
Počítač s IP adresou 192.168.0.100 nepovolil získání názvu
tímto počítačem.

Error: (11/05/2013 02:38:43 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Firmware platformy při předchozím přechodu systémového napájení poškodil paměť. Zkontrolujte dostupnost aktualizovaného firmwaru pro váš systém.

Error: (11/05/2013 01:36:33 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 – funkce ochrany v reálném čase selhala z důvodu chyby.

Funkce: %%835

Kód chyby: 0x80004005

Popis chyby: Nespecifikovaná chyba

Důvod: %%842

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 62%
Total physical RAM: 3274.43 MB
Available physical RAM: 1235.16 MB
Total Pagefile: 6547.03 MB
Available Pagefile: 4104.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:450 GB) (Free:350.96 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:14.65 GB) (Free:1.71 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.09 GB) (Free:0.08 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 03F2AD87)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=100 MB) - (Type=0B)

==================== End Of Log ============================

#8 Příspěvek od **vyosek** » 06 lis 2013 18:43

Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

Tez zahodte Spyware Terminator - ten je na tom jeste hure nez Spybot

A jeste odinstalujte Microsoft Security Essentials.

Mate tam hooodne bezpecnostniho SW a tim dochazi ke kolizim. Ponechte jen Avast

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-02-07] (PDF Complete Inc)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS

FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

CHR HKLM-x32\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1148664 2012-09-07] (Crawler.com)

2013-11-06 18:26 - 2013-11-06 18:26 - 00112128 _____ (forum.viry.cz) C:\Users\Martin a Paja\Desktop\FRSTLauncher.exe
2013-11-05 23:56 - 2013-11-05 23:56 - 00002313 _____ C:\Users\Martin a Paja\Desktop\aswMBR.txt
2013-11-05 23:56 - 2013-11-05 23:56 - 00000512 _____ C:\Users\Martin a Paja\Documents\MBR.dat
2013-11-05 23:31 - 2013-11-05 23:33 - 00000000 ____D C:\AdwCleaner
2013-11-05 23:27 - 2013-11-05 23:28 - 04745728 _____ (AVAST Software) C:\Users\Martin a Paja\Desktop\aswMBR.exe
2013-11-05 23:27 - 2013-11-05 23:27 - 01073262 _____ C:\Users\Martin a Paja\Desktop\adwcleaner.exe
C:\Users\Martin a Paja\AppData\Local\Temp\Extract.exe
C:\Users\Martin a Paja\AppData\Local\Temp\Quarantine.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63065.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63239.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63337.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63523.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63556.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63563.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63779.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63782.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63791.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMartin a Paja.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Hosts:

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Pavla V. · #9 Příspěvek od **Pavla V.** » 06 lis 2013 23:03

tady je log:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-10-2013
Ran by Martin a Paja at 2013-11-06 22:58:11 Run:1
Running from C:\Users\Martin a Paja\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-02-07] (PDF Complete Inc)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS

FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

CHR HKLM-x32\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1148664 2012-09-07] (Crawler.com)

2013-11-06 18:26 - 2013-11-06 18:26 - 00112128 _____ (forum.viry.cz) C:\Users\Martin a Paja\Desktop\FRSTLauncher.exe
2013-11-05 23:56 - 2013-11-05 23:56 - 00002313 _____ C:\Users\Martin a Paja\Desktop\aswMBR.txt
2013-11-05 23:56 - 2013-11-05 23:56 - 00000512 _____ C:\Users\Martin a Paja\Documents\MBR.dat
2013-11-05 23:31 - 2013-11-05 23:33 - 00000000 ____D C:\AdwCleaner
2013-11-05 23:27 - 2013-11-05 23:28 - 04745728 _____ (AVAST Software) C:\Users\Martin a Paja\Desktop\aswMBR.exe
2013-11-05 23:27 - 2013-11-05 23:27 - 01073262 _____ C:\Users\Martin a Paja\Desktop\adwcleaner.exe
C:\Users\Martin a Paja\AppData\Local\Temp\Extract.exe
C:\Users\Martin a Paja\AppData\Local\Temp\Quarantine.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63065.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63239.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63337.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63523.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63556.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63563.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63779.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63782.exe
C:\Users\Martin a Paja\AppData\Local\Temp\SP63791.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMartin a Paja.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Hosts:

End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PDF Complete => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CLMLServer_For_P2G8 => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CLVirtualDrive => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SDTray => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk => Key deleted successfully.
"C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx" => File/Directory not found.
SDScannerService => Service not found.
SDUpdateService => Service not found.
SDWSCService => Service not found.
ST2012_Svc => Service not found.
C:\Users\Martin a Paja\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Martin a Paja\Desktop\aswMBR.txt => Moved successfully.
C:\Users\Martin a Paja\Documents\MBR.dat => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Martin a Paja\Desktop\aswMBR.exe => Moved successfully.
C:\Users\Martin a Paja\Desktop\adwcleaner.exe => Moved successfully.
"C:\Users\Martin a Paja\AppData\Local\Temp\Extract.exe" => File/Directory not found.
C:\Users\Martin a Paja\AppData\Local\Temp\Quarantine.exe => Moved successfully.
"C:\Users\Martin a Paja\AppData\Local\Temp\SP63065.exe" => File/Directory not found.
"C:\Users\Martin a Paja\AppData\Local\Temp\SP63239.exe" => File/Directory not found.
"C:\Users\Martin a Paja\AppData\Local\Temp\SP63337.exe" => File/Directory not found.
"C:\Users\Martin a Paja\AppData\Local\Temp\SP63523.exe" => File/Directory not found.
"C:\Users\Martin a Paja\AppData\Local\Temp\SP63556.exe" => File/Directory not found.
"C:\Users\Martin a Paja\AppData\Local\Temp\SP63563.exe" => File/Directory not found.
"C:\Users\Martin a Paja\AppData\Local\Temp\SP63779.exe" => File/Directory not found.
"C:\Users\Martin a Paja\AppData\Local\Temp\SP63782.exe" => File/Directory not found.
"C:\Users\Martin a Paja\AppData\Local\Temp\SP63791.exe" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\HPCeeScheduleForMartin a Paja.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

#10 Příspěvek od **vyosek** » 07 lis 2013 09:24

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Pavla V. · #11 Příspěvek od **Pavla V.** » 07 lis 2013 15:27

Provedeno, akorát u TFC mi počítač vždy vytuhl a byl nutný tvrdý restart. Nepodařilo se mi taky odinstalovat Malwarebytes - nemůže najít odistalačku, i když tam vidět je, asi poškozená?

#12 Příspěvek od **vyosek** » 07 lis 2013 17:09

TCF obcas zlobi

Na MBAM pouzijte tedy tohle http://www.malwarebytes.org/mbam-clean.exe

Pavla V. · #13 Příspěvek od **Pavla V.** » 08 lis 2013 22:09

Tak super, díky moc. Pája

#14 Příspěvek od **vyosek** » 09 lis 2013 01:56

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

virus 2

virus 2

Re: virus 2

Re: virus 2

Re: virus 2

Re: virus 2

Re: virus 2

Re: virus 2

Re: virus 2

Re: virus 2

Re: virus 2

Re: virus 2

Re: virus 2

Re: virus 2

Re: virus 2