Prosím o kontrolu logu pomalé PC předem moc děkuji.

[bmwacs]

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-01-26 17:08:03
-----------------------------
17:08:04.000 OS Version: Windows 6.0.6002 Service Pack 2
17:08:04.000 Number of processors: 1 586 0xF0D
17:08:04.003 ComputerName: MARTIN-PC UserName: Martin
17:08:05.389 Initialize success
17:08:19.476 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
17:08:19.506 Disk 0 Vendor: Hitachi_ BBFO Size: 238475MB BusType: 3
17:08:19.657 Disk 0 MBR read successfully
17:08:19.668 Disk 0 MBR scan
17:08:19.677 Disk 0 unknown MBR code
17:08:19.682 Disk 0 Partition 1 00 12 Compaq diag NTFS 10997 MB offset 63
17:08:19.725 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 113860 MB offset 22523904
17:08:19.752 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 110276 MB offset 255709184
17:08:19.788 Disk 0 Partition 4 00 12 Compaq diag NTFS 3340 MB offset 481554432
17:08:19.800 Disk 0 scanning sectors +488394752
17:08:19.980 Disk 0 scanning C:\Windows\system32\drivers
17:08:33.362 Service scanning
17:08:48.058 Service MpKsl0051a6f1 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{31F958AC-AAAB-44C1-BEE1-2A6146BAD80D}\MpKsl0051a6f1.sys **LOCKED** 32
17:08:57.803 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
17:09:03.640 Modules scanning
17:09:18.830 Disk 0 trace - called modules:
17:09:18.854 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys spue.sys >>UNKNOWN [0x85fa1938]<<
17:09:18.859 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x871c1198]
17:09:18.866 3 CLASSPNP.SYS[891a48b3] -> nt!IofCallDriver -> [0x85289700]
17:09:18.872 5 acpi.sys[833c06bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8608a028]
17:09:18.878 Scan finished successfully
17:11:56.953 Disk 0 MBR has been saved successfully to "C:\Users\Martin\Desktop\MBR.dat"
17:11:57.018 The log file has been saved successfully to "C:\Users\Martin\Desktop\aswMBR.txt"

[bmwacs]

RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6002 (Service Pack 2)
Number of processors #1
==============================================
>SSDT State
==============================================
==============================================
>Shadow
==============================================
==============================================
>Processes
==============================================
0x8227BC10 [384] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x8EF59478 [500] C:\Windows\System32\smss.exe (Microsoft Corporation, Windows Session Manager)
0xA7AC3D90 [516] C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation., Bluetooth Tray Application)
0x9F7B6D90 [532] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc., Synaptics Pointing Device starter)
0x878D9020 [572] C:\Windows\System32\csrss.exe (Microsoft Corporation, Client Server Runtime Process)
0x9174D1E8 [640] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated, Acer eDataSecurity Management Loader)
0x9170EC80 [644] C:\Windows\System32\wininit.exe (Microsoft Corporation, Windows Start-Up Application)
0x90DFDD90 [652] C:\Windows\System32\csrss.exe (Microsoft Corporation, Client Server Runtime Process)
0x9F645020 [684] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink, Notification tool for RealTek audio chip)
0x9C48D7D8 [692] C:\Windows\System32\services.exe (Microsoft Corporation, Services and Controller app)
0x9C4B1B58 [720] C:\Windows\System32\winlogon.exe (Microsoft Corporation, Windows Logon Application)
0x9C4B4D90 [736] C:\Windows\System32\lsass.exe (Microsoft Corporation, LSA Shell)
0x9C4A6D90 [744] C:\Windows\System32\lsm.exe (Microsoft Corporation, Local Session Manager Service)
0x85792B68 [752] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation, PresentationFontCache.exe)
0x82286C48 [776] C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc., Acer eLock Management)
0x9C4B49C0 [908] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x9F7E8BA0 [956] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor, HD Audio Control Panel)
0x9C4A8D90 [972] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x9C4DED90 [1004] C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation, Antimalware Service Executable)
0x9C5E2408 [1104] C:\Windows\System32\atiesrxx.exe (AMD, AMD External Events Service Module)
0x9C5E6D90 [1128] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x82278270 [1148] C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC., APN Updater)
0x9C580D90 [1172] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x9C5697E0 [1188] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x9C5C0858 [1280] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x9C585D90 [1300] C:\Windows\System32\SLsvc.exe (Microsoft Corporation, Microsoft Software Licensing Service)
0x9C5AB388 [1336] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x82219A78 [1344] C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation, Služba Windows Media Player Network Sharing)
0x903C44E8 [1348] C:\Users\Martin\AppData\Local\temp\RtkBtMnt.exe (Realtek Semiconductor Corp., Realtek HD Audio Data Rerouter)
0x9C5F2D90 [1448] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x82270020 [1532] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc., ArcSoft Connect Service)
0x82261B08 [1576] C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated, Adobe Acrobat Update Service)
0x9F627020 [1580] C:\Windows\System32\atieclxx.exe (AMD, AMD External Events Client Module)
0x8568CD90 [1660] C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc., ArcSoft TotalMedia)
0x9175F020 [1772] C:\Windows\System32\spoolsv.exe (Microsoft Corporation, Spooler SubSystem App)
0x9F64F6F8 [1812] C:\Windows\System32\wlanext.exe (Microsoft Corporation, Windows Wireless LAN 802.11 Extensibility Framework)
0x91776C70 [1848] C:\Windows\System32\dwm.exe (Microsoft Corporation, Správce oken plochy)
0x9177DD90 [1896] C:\Windows\System32\taskeng.exe (Microsoft Corporation, Task Scheduler Engine)
0x9177A278 [1904] C:\Windows\explorer.exe (Microsoft Corporation, Průzkumník Windows)
0x917A4D90 [2028] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x9F7BA3C0 [2036] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated, Acer eDataSecurity Management Service)
0x822D2020 [2204] C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc., acer eNet Management Service)
0x823FD308 [2292] C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN, Ask Toolbar Notifier)
0x822D12D8 [2348] C:\Windows\System32\taskeng.exe (Microsoft Corporation, Task Scheduler Engine)
0x822B7D90 [2376] C:\Windows\System32\rundll32.exe (Microsoft Corporation, Windows host process (Rundll32))
0x917147D8 [2404] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc., Acer ePower Management DMC)
0x8BD58020 [2460] C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation, Intel(R) PROSet/Wireless Event Log Service)
0x82340268 [2508] C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Inc., Acer VCM)
0x823822B0 [2528] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation, RAID Monitor)
0x8237BD90 [2580] C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company, -)
0x823A6020 [2620] C:\Acer\Mobility Center\MobilityService.exe (-, app)
0x823A1D90 [2644] C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (Yuna Software, Service - Messenger Plus! for Skype)
0x8239C020 [2720] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc., Catalyst Control Center: Monitoring program)
0x823EE5C8 [2736] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x90D6CD90 [2760] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation, Microsoft Security Client User Interface)
0x823F4D90 [2788] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation, Intel(R) PROSet/Wireless Registry Service)
0x82353020 [2796] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc., Synaptics TouchPad Enhancements)
0x877684E0 [2856] C:\Program Files\Acer\Acer VCM\RS_Service.exe (Acer Inc., Raw Socket Service)
0x877812F0 [2904] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x877935B0 [2952] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0xA7A03A58 [2988] C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation, Microsoft Windows Search Indexer)
0xA7A164E8 [3076] C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc., Modem Audio Service)
0xA7A0B570 [3092] C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc., eRecoveryService)
0xA7A3FC48 [3164] C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe (-, Service)
0xA7AB7908 [3328] C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer, WMIServi Application)
0x8232ED90 [3428] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation, Windows Media Player Network Sharing Service Configuration Application)
0x8232B900 [3440] C:\Windows\ehome\ehtray.exe (Microsoft Corporation, Media Center Tray Applet)
0x917AB520 [3484] C:\Windows\ehome\ehmsas.exe (Microsoft Corporation, Media Center Media Status Aggregator Service)
0xA7A7FD90 [3544] C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation, WMI Provider Host)
0xA7A7FB00 [3552] C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation, WMI Provider Host)
0x9F7E3D90 [3628] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc., ArcSoft Connect Daemon)
0xA7AC8020 [3724] C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation, Sink to receive asynchronous callbacks for WMI client application)
0x82299D90 [3732] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc., eRecovery agent)
0xA7B095C8 [3764] C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation, Microsoft Network Realtime Inspection Service)
0x8798F950 [3904] C:\Users\Martin\AppData\Local\VNT\vntldr.exe (APN LLC., Virtual New Tab Loader)
0x8584A360 [3948] C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc., TMMonitor)
0xA7B60838 [4000] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc., Launch Manager)
0x8545E020 [4124] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc., Catalyst Control Center: Host application)
0x85A60D90 [4176] C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation, Internet Explorer)
0x856DFD90 [4420] C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation, Internet Explorer)
0x8776D8B8 [4556] C:\Program Files\Acer\Acer VCM\acp2HID.exe (Acer Inc., CP2 HID Agent)
0x85AB03B8 [4616] C:\Windows\System32\SearchFilterHost.exe (Microsoft Corporation, Microsoft Windows Search Filter Host)
0x856E9500 [4716] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe (Adobe Systems Incorporated, Adobe® Flash® Player Installer/Uninstaller 11.9 r900)
0x9C40E508 [5060] C:\Users\Martin\Desktop\RKUnhookerLE.EXE (UG North, RKULE, SR2 Overlord)
0x8236D3E0 [5288] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x85410D50 [5728] C:\Program Files\Core Temp\Core Temp.exe (-, CPU temperature and system information utility)
0x85880D90 [6136] C:\Windows\System32\SearchProtocolHost.exe (Microsoft Corporation, Microsoft Windows Search Protocol Host)
0x84E3AC10 [4] System
0x9C5B2318 [1264] C:\Windows\System32\audiodg.exe (Microsoft Corporation, Windows Audio Device Graph Isolation )
==============================================
>Drivers
==============================================
0x8D001000 C:\Windows\system32\DRIVERS\atikmdag.sys 10399744 bytes (Advanced Micro Devices, Inc., ATI Radeon Kernel Mode Driver)
0x82C17000 C:\Windows\system32\ntkrnlpa.exe 3907584 bytes (Microsoft Corporation, NT Kernel & System)
0x82C17000 PnpManager 3907584 bytes
0x82C17000 RAW 3907584 bytes
0x82C17000 WMIxWDM 3907584 bytes
0x8DC0C000 C:\Windows\system32\DRIVERS\NETw5v32.sys 3706880 bytes (Intel Corporation, Intel® Wireless WiFi Link Driver)
0x9BCB0000 Win32k 2121728 bytes
0x9BCB0000 C:\Windows\System32\win32k.sys 2121728 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x8860E000 C:\Windows\system32\drivers\RTKVHDA.sys 1945600 bytes (Realtek Semiconductor Corp., Realtek(r) High Definition Audio Function Driver)
0x89007000 C:\Windows\System32\Drivers\Ntfs.sys 1114112 bytes (Společnost Microsoft, NT File System Driver)
0x88C77000 C:\Windows\system32\drivers\ndis.sys 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x88809000 C:\Windows\system32\DRIVERS\HSX_DPV.sys 1060864 bytes (Conexant Systems, Inc., HSF_DP driver)
0x83296000 PCI_PNP0732 995328 bytes
0x83296000 sptd 995328 bytes
0x83296000 C:\Windows\System32\Drivers\spue.sys 995328 bytes
0x88E06000 C:\Windows\System32\drivers\tcpip.sys 970752 bytes (Microsoft Corporation, TCP/IP Driver)
0x806E0000 C:\Windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Code Integrity Module)
0xA5B20000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x88F0E000 C:\Windows\System32\Drivers\dump_iaStor.sys 819200 bytes
0x88A80000 C:\Windows\system32\DRIVERS\iaStor.sys 819200 bytes (Intel Corporation, Intel Matrix Storage Manager driver - ia32)
0x8890C000 C:\Windows\system32\DRIVERS\HSX_CNXT.sys 741376 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0xA1A7B000 C:\Windows\system32\drivers\spsys.sys 720896 bytes (Microsoft Corporation, security processor)
0x8CA57000 C:\Windows\System32\drivers\dxgkrnl.sys 655360 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x8CAF7000 C:\Windows\system32\DRIVERS\HDAudBus.sys 577536 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x83207000 C:\Windows\system32\drivers\Wdf01000.sys 528384 bytes (Microsoft Corporation, Kernel Mode Driver Framework Runtime)
0x88C05000 C:\Windows\System32\Drivers\ksecdd.sys 466944 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x80616000 C:\Windows\system32\mcupdate_GenuineIntel.dll 458752 bytes (Microsoft Corporation, Intel Microcode Update Library)
0xA1A0E000 C:\Windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, Zásobník protokolu HTTP)
0x8E000000 C:\Windows\system32\DRIVERS\rixdptsk.sys 335872 bytes (REDC, RICOH XD SM Driver)
0xA5A37000 C:\Windows\System32\DRIVERS\srv.sys 323584 bytes (Microsoft Corporation, Server driver)
0x9BF00000 C:\Windows\System32\ATMFD.DLL 315392 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0x8CA0B000 C:\Windows\system32\DRIVERS\atikmpag.sys 311296 bytes (Advanced Micro Devices, Inc., AMD multi-vendor Miniport Driver)
0x88A11000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x91C0C000 C:\Windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x833B8000 C:\Windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI Driver for NT)
0xA5A9E000 C:\Windows\system32\DRIVERS\atksgt.sys 274432 bytes
0x8069F000 C:\Windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)
0x8E161000 C:\Windows\system32\DRIVERS\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x8CB8F000 C:\Windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x8E50B000 C:\Windows\system32\DRIVERS\HSXHWAZL.sys 249856 bytes (Conexant Systems, Inc., HSF_HWAZL WDM driver)
0x91CC6000 C:\Windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x88DAD000 C:\Windows\system32\drivers\NETIO.SYS 241664 bytes (Microsoft Corporation, Network I/O Subsystem)
0x8E0EC000 C:\Windows\System32\Drivers\a8n4hirk.SYS 233472 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0xA1BB6000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x89117000 C:\Windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x8E45B000 C:\Windows\system32\DRIVERS\usbhub.sys 217088 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x82FD1000 ACPI_HAL 208896 bytes
0x82FD1000 C:\Windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x88B6E000 C:\Windows\system32\drivers\fltmgr.sys 204800 bytes (Společnost Microsoft, Microsoft Filesystem Filter Manager)
0x91C54000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x88BB0000 C:\Windows\system32\DRIVERS\MpFilter.sys 196608 bytes (Microsoft Corporation, Microsoft antimalware file system filter driver)
0x8E132000 C:\Windows\system32\DRIVERS\msiscsi.sys 192512 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x8E08F000 C:\Windows\system32\DRIVERS\SynTP.sys 188416 bytes (Synaptics, Inc., Synaptics Touchpad Driver)
0x8E4B9000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x88D82000 C:\Windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x8E1D5000 C:\Windows\system32\DRIVERS\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0x91DC9000 C:\Windows\system32\DRIVERS\nwifi.sys 172032 bytes (Microsoft Corporation, NativeWiFi Miniport Driver)
0xA5A0F000 C:\Windows\System32\DRIVERS\srv2.sys 163840 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x89167000 C:\Windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)
0x807C8000 C:\Windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x83392000 C:\Windows\System32\Drivers\SCSIPORT.SYS 155648 bytes (Microsoft Corporation, SCSI Port Driver)
0x8E4E6000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xB5003000 C:\Windows\System32\Drivers\IT9135BDA.sys 147456 bytes (ITE , IT9135 BDA Driver )
0x88FD6000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x8919F000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0xA1B76000 C:\Windows\system32\drivers\mrxdav.sys 135168 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0x91D3A000 C:\Windows\System32\Drivers\usbvideo.sys 135168 bytes (Microsoft Corporation, USB Video Class Driver)
0x8E548000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0xA1B97000 C:\Windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x88B50000 C:\Windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)
0xA1B2B000 C:\Windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)
0x88EF3000 C:\Windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x91D8A000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x8E1AD000 C:\Windows\system32\DRIVERS\MsgPlusDriver.sys 110592 bytes (Yune Software, MsgPlusDriver WDM Driver)
0x8DFB3000 C:\Windows\system32\DRIVERS\sdbus.sys 106496 bytes (Microsoft Corporation, SecureDigital Bus Driver)
0xA1B48000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0xA5B07000 C:\Windows\system32\DRIVERS\NisDrvWFP.sys 102400 bytes (Microsoft Corporation, Microsoft Network Realtime Inspection Driver)
0x8E4A1000 C:\Windows\system32\drivers\AtihdLH3.sys 98304 bytes (Advanced Micro Devices, AMD High Definition Audio Function Driver)
0x8E0D2000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0x8E5D8000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x91D0C000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x8CBDC000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x91D23000 C:\Windows\system32\DRIVERS\usbccgp.sys 94208 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0xA5AE1000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x91C8F000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, Plánovač paketů technologie QoS)
0x8E59B000 C:\Windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)
0xA1B61000 C:\Windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x8E40F000 C:\Windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x8E052000 C:\Windows\system32\DRIVERS\winbondcir.sys 86016 bytes (Winbond Electronics Corporation, Winbond MCE CIR Port Driver)
0x88BE9000 C:\Windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x8DFDE000 C:\Windows\system32\DRIVERS\rimsptsk.sys 81920 bytes (REDC, RICOH MS Driver)
0x8E5B1000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x91DA5000 C:\Windows\system32\drivers\WudfPf.sys 81920 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0x8E067000 C:\Windows\system32\DRIVERS\i8042prt.sys 77824 bytes (Microsoft Corporation, i8042 Port Driver)
0x8E5C5000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x91CB3000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xA5A86000 C:\Windows\system32\DRIVERS\PSDVdisk.sys 73728 bytes (Egis Incorporated, Acer eDataSecurity Management PSD Virtual Disk Driver)
0x8918E000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x8E490000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x80686000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x8DFCD000 C:\Windows\system32\DRIVERS\rimmptsk.sys 69632 bytes (REDC, RICOH SD Driver)
0x88BA0000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x889D9000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 65536 bytes (Microsoft Corporation, Hid Class Library)
0x91DB9000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x88A70000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x8DF95000 C:\Windows\system32\DRIVERS\ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0x807EF000 C:\Windows\System32\drivers\partmgr.sys 65536 bytes (Microsoft Corporation, Partition Management Driver)
0x8E424000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)
0x891EA000 C:\Windows\system32\DRIVERS\intelppm.sys 61440 bytes (Microsoft Corporation, Processor Device Driver)
0x91D7B000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x89158000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0x88DE8000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x8CBCD000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x88A02000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x8DFA5000 C:\Windows\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0x9BEF0000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x8E436000 C:\Windows\system32\DRIVERS\circlass.sys 57344 bytes (Microsoft Corporation, Consumer IR Class Driver for eHome)
0x91CA5000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x8E584000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x88A62000 C:\Windows\system32\drivers\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x83288000 C:\Windows\system32\drivers\WDFLDR.SYS 57344 bytes (Microsoft Corporation, Kernel Mode Driver Framework Loader)
0x91D5B000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x889C1000 C:\Windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Modem Device Driver)
0x8E1C8000 C:\Windows\system32\DRIVERS\STREAM.SYS 53248 bytes (Microsoft Corporation, WDM CODEC Class Device Driver 2.0)
0x8E44E000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0xB5037000 C:\Users\Martin\AppData\Local\Temp\aswMBR.sys 49152 bytes
0xA1A00000 C:\Windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x88600000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x8D9EC000 C:\Windows\System32\drivers\watchdog.sys 49152 bytes (Microsoft Corporation, Watchdog Driver)
0x889CE000 C:\Windows\system32\DRIVERS\hidir.sys 45056 bytes (Microsoft Corporation, Infrared Miniport Driver for Input Devices)
0x8E084000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Keyboard Class Driver)
0x8E0BF000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mouse Class Driver)
0x8E579000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x8DFF2000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x8E1A2000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x891D6000 C:\Windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8CB84000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x80600000 C:\Windows\system32\DRIVERS\BATTC.SYS 40960 bytes (Microsoft Corporation, Battery Class Driver)
0x8E07A000 C:\Windows\system32\DRIVERS\DKbFltr.sys 40960 bytes (Dritek System Inc., Dritek PS2 Keyboard Filter Driver)
0x91D71000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x8E444000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x91DF3000 C:\Windows\system32\DRIVERS\ndisuio.sys 40960 bytes (Microsoft Corporation, NDIS User mode I/O driver)
0x91D02000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0xA1BEF000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0xB5043000 C:\Windows\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0x891C0000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x887E9000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0xB502A000 C:\Windows\system32\DRIVERS\hidusb.sys 36864 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0x889F0000 C:\Windows\system32\DRIVERS\kbdhid.sys 36864 bytes (Microsoft Corporation, HID Keyboard Filter Driver)
0x88BE0000 C:\Windows\system32\DRIVERS\psdfilter.sys 36864 bytes (Egis Incorporated, Acer eDataSecurity Management PSD Filter Driver)
0xA5A00000 C:\Windows\system32\DRIVERS\PSDNServ.sys 36864 bytes (Egis Incorporated, Acer eDataSecurity Management PSD Named Pipe Driver)
0x8E592000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x9BED0000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x891E1000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8E129000 C:\Windows\system32\DRIVERS\wmiacpi.sys 36864 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0x83389000 C:\Windows\System32\Drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x91C86000 C:\Windows\system32\drivers\ws2ifsl.sys 36864 bytes (Microsoft Corporation, Winsock2 IFS Layer)
0x8E0CA000 C:\Windows\system32\drivers\Afc.sys 32768 bytes (Arcsoft, Inc., Arcsoft(R) ASPI Shell)
0x8E5F8000 C:\Users\Martin\AppData\Local\Temp\ALSysIO.sys 32768 bytes
0x88B48000 C:\Windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x80697000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x88800000 C:\Windows\system32\DRIVERS\mouhid.sys 32768 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0x807C0000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x8E569000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8E571000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x89150000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x91C00000 C:\Windows\system32\DRIVERS\xaudio.sys 32768 bytes (Conexant Systems, Inc., Modem Audio Device Driver)
0x887F2000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x889E9000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xA5AF7000 C:\Acer\Empowering Technology\eRecovery\int15.sys 28672 bytes (Acer, Inc., int15)
0x88A5B000 C:\Windows\system32\drivers\intelide.sys 28672 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0x8060F000 C:\Windows\system32\kdcom.dll 28672 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0x889F9000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0xA5A98000 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{31F958AC-AAAB-44C1-BEE1-2A6146BAD80D}\MpKsl0051a6f1.sys 24576 bytes (Microsoft Corporation, KSLDriver)
0xA5AFE000 C:\Windows\system32\DRIVERS\lirsgt.sys 20480 bytes
0x8E125000 C:\Windows\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xA5B03000 C:\Windows\system32\DRIVERS\mdmxsdk.sys 16384 bytes (Conexant, Diagnostic Interface x86 Driver)
0xB5027000 C:\Windows\System32\Drivers\BdaSup.SYS 12288 bytes (Microsoft Corporation, Microsoft BDA Driver Support Library)
0x83200000 C:\Windows\system32\DRIVERS\compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0xB5035000 C:\Windows\system32\drivers\MSPCLOCK.sys 8192 bytes (Microsoft Corporation, MS Proxy Clock)
0xB5033000 C:\Windows\system32\drivers\MSPQM.sys 8192 bytes (Microsoft Corporation, MS Proxy Quality Manager)
0x8E0EA000 C:\Windows\system32\DRIVERS\NTIDrvr.sys 8192 bytes (NewTech Infosystems, Inc., NTI CD-ROM Filter Driver)
0x8E434000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x8E0BD000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0x85FE21F8 unknown_irp_handler 3592 bytes
0x85FE11F8 unknown_irp_handler 3592 bytes
0x879DB1F8 unknown_irp_handler 3592 bytes
0x877A81F8 unknown_irp_handler 3592 bytes
0x879F91F8 unknown_irp_handler 3592 bytes
0x885CD1F8 unknown_irp_handler 3592 bytes
0x879FC1F8 unknown_irp_handler 3592 bytes
0x85FDE1F8 unknown_irp_handler 3592 bytes
0x85A331F8 unknown_irp_handler 3592 bytes
0x822FC1F8 unknown_irp_handler 3592 bytes
0x8BD59498 unknown_irp_handler 2920 bytes
0x878FB500 unknown_irp_handler 2816 bytes
==============================================
>Stealth
==============================================
WARNING: File locked for read access [C:\Windows\system32\drivers\sptd.sys]
==============================================
>Files
==============================================
==============================================
>Hooks
==============================================
ntkrnlpa.exe+0x000A868A, Type: Inline - RelativeJump 0x82CBF68A-->82CBF691 [ntkrnlpa.exe]
[1904]explorer.exe-->shell32.dll+0x0003B37C, Type: Code Mismatch 0x7651B37C + 242556 [F0 1F 00 10]
[1904]explorer.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x768E1414-->10002690 [PSDProtect.dll]
[1904]explorer.exe-->shell32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x768E14E0-->10001290 [PSDProtect.dll]
[2376]rundll32.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77C814BC-->73C34618 [shimeng.dll]
[2376]rundll32.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77B61170-->73C34618 [shimeng.dll]
[2376]rundll32.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x768E1414-->73C34618 [shimeng.dll]
[2376]rundll32.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77D51300-->73C34618 [shimeng.dll]
[2404]ePower_DMC.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77C814BC-->73C34618 [shimeng.dll]
[2404]ePower_DMC.exe-->crypt32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x73C01288-->73C34618 [shimeng.dll]
[2404]ePower_DMC.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77B61170-->73C34618 [shimeng.dll]
[2404]ePower_DMC.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x0041C07C-->73C34618 [shimeng.dll]
[2404]ePower_DMC.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x768E1414-->73C34618 [shimeng.dll]
[2404]ePower_DMC.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77D51300-->73C34618 [shimeng.dll]
[2404]ePower_DMC.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x4B0D11E8-->73C34618 [shimeng.dll]
[3732]eRAgent.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77C814BC-->73C34618 [shimeng.dll]
[3732]eRAgent.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77B61170-->73C34618 [shimeng.dll]
[3732]eRAgent.exe-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x0043F2C0-->6A911C53 [AcLayers.dll]
[3732]eRAgent.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x0043F318-->73C34618 [shimeng.dll]
[3732]eRAgent.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x768E1414-->73C34618 [shimeng.dll]
[3732]eRAgent.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77D51300-->73C34618 [shimeng.dll]
[4176]iexplore.exe-->shell32.dll+0x0003B37C, Type: Code Mismatch 0x7651B37C + 242556 [F0 1F 54 04]
[4176]iexplore.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x768E1414-->04542690 [PSDProtect.dll]
[4176]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x768E14E0-->04541290 [PSDProtect.dll]
[4176]iexplore.exe-->user32.dll-->DialogBoxIndirectParamA, Type: Inline - RelativeJump 0x7626847D-->701691C3 [ieframe.dll]
[4176]iexplore.exe-->user32.dll-->DialogBoxIndirectParamW, Type: Inline - RelativeJump 0x76252EF5-->7016915E [ieframe.dll]
[4176]iexplore.exe-->user32.dll-->DialogBoxParamA, Type: Inline - RelativeJump 0x76268152-->701690F9 [ieframe.dll]
[4176]iexplore.exe-->user32.dll-->DialogBoxParamW, Type: Inline - RelativeJump 0x762510B0-->6FF7189B [ieframe.dll]
[4176]iexplore.exe-->user32.dll-->EnableWindow, Type: Inline - RelativeJump 0x7622CD8B-->70019ECC [ieframe.dll]
[4176]iexplore.exe-->user32.dll-->MessageBoxExA, Type: Inline - RelativeJump 0x7627D639-->70168FA3 [ieframe.dll]
[4176]iexplore.exe-->user32.dll-->MessageBoxExW, Type: Inline - RelativeJump 0x7627D65D-->70168F3F [ieframe.dll]
[4176]iexplore.exe-->user32.dll-->MessageBoxIndirectA, Type: Inline - RelativeJump 0x7627D4D9-->70169080 [ieframe.dll]
[4176]iexplore.exe-->user32.dll-->MessageBoxIndirectW, Type: Inline - RelativeJump 0x7627D5D3-->70169007 [ieframe.dll]
[4420]iexplore.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77C814BC-->6FA947BB [IEShims.dll]
[4420]iexplore.exe-->crypt32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x73C01288-->6FA947BB [IEShims.dll]
[4420]iexplore.exe-->gdi32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77B61130-->6FAABCB1 [IEShims.dll]
[4420]iexplore.exe-->gdi32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77B6119C-->6FA963E7 [IEShims.dll]
[4420]iexplore.exe-->gdi32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77B611BC-->6FAAC871 [IEShims.dll]
[4420]iexplore.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77B61170-->6FA947BB [IEShims.dll]
[4420]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x77B6111C-->6FA96D22 [IEShims.dll]
[4420]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77B61110-->6FA95EC7 [IEShims.dll]
[4420]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x77B61174-->6FA94E2B [IEShims.dll]
[4420]iexplore.exe-->gdi32.dll-->kernel32.dll-->SearchPathW, Type: IAT modification 0x77B611AC-->6FAA029E [IEShims.dll]
[4420]iexplore.exe-->kernel32.dll-->CreateThread, Type: Inline - RelativeJump 0x75E2CB0E-->6FFD75CB [ieframe.dll]
[4420]iexplore.exe-->mswsock.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x6D64123C-->6FA947BB [IEShims.dll]
[4420]iexplore.exe-->shell32.dll+0x000889A8, Type: Inline - PushRet 0x765689A8-->C16FAA01 [unknown_code_page]
[4420]iexplore.exe-->shell32.dll+0x000889A9, Type: Code Mismatch 0x765689A9 + 559529 [01 AA 6F]
[4420]iexplore.exe-->shell32.dll+0x000889B0, Type: Code Mismatch 0x765689B0 + 559536 [E0 61 A9 6F 79 F7 A9 6F]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x768E125C-->6FAABCB1 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateDirectoryW, Type: IAT modification 0x768E13B0-->6FA96291 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x768E1460-->6FA963E7 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateHardLinkW, Type: IAT modification 0x768E11A4-->6FAAC4FD [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x768E12E8-->6FAA7FAF [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x768E13B4-->6FAAC871 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->FindClose, Type: IAT modification 0x768E132C-->6FAAF9AD [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->FindFirstFileW, Type: IAT modification 0x768E1328-->6FAAFD53 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->FindNextFileW, Type: IAT modification 0x768E1114-->6FAB082A [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->GetBinaryTypeW, Type: IAT modification 0x768E1280-->6FAA9FAB [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->GetFileAttributesA, Type: IAT modification 0x768E1370-->6FAA0ADF [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->GetFileAttributesExW, Type: IAT modification 0x768E14A4-->6FAA96EF [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->GetFileAttributesW, Type: IAT modification 0x768E13BC-->6FA95F62 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->GetLongPathNameW, Type: IAT modification 0x768E14EC-->6FAA99DF [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileIntW, Type: IAT modification 0x768E1390-->6FAAA2A9 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileSectionNamesW, Type: IAT modification 0x768E1164-->6FAAA8FF [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileSectionW, Type: IAT modification 0x768E1100-->6FAAA5CD [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileStringW, Type: IAT modification 0x768E13A0-->6FAAAC3B [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->GetShortPathNameA, Type: IAT modification 0x768E136C-->6FAA9B53 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->GetShortPathNameW, Type: IAT modification 0x768E1428-->6FAA9CC9 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x768E14E0-->6FA96D22 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x768E1284-->6FA95EC7 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x768E1448-->6FA94E2B [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->MoveFileExW, Type: IAT modification 0x768E13C0-->6FAAE121 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x768E130C-->6FAAE0E9 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->RemoveDirectoryW, Type: IAT modification 0x768E13AC-->6FAAEEC7 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->ReplaceFileW, Type: IAT modification 0x768E1140-->6FAAE4B7 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->SearchPathW, Type: IAT modification 0x768E1384-->6FAA029E [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->SetCurrentDirectoryW, Type: IAT modification 0x768E124C-->6FAAF560 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->SetFileAttributesW, Type: IAT modification 0x768E13B8-->6FAA93FB [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->WritePrivateProfileSectionW, Type: IAT modification 0x768E1168-->6FAAB2A5 [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->kernel32.dll-->WritePrivateProfileStringW, Type: IAT modification 0x768E116C-->6FAAB5CB [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->ntdll.dll-->NtQueryDirectoryFile, Type: IAT modification 0x768E2320-->6FAA8C7A [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->user32.dll-->LoadImageW, Type: IAT modification 0x768E1890-->6FAACB6F [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->user32.dll-->PrivateExtractIconsW, Type: IAT modification 0x768E1A6C-->6FAAD17F [IEShims.dll]
[4420]iexplore.exe-->shell32.dll-->user32.dll-->WinHelpW, Type: IAT modification 0x768E191C-->6FAAD71F [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->advapi32.dll-->RegCloseKey, Type: IAT modification 0x77D5154C-->6FA96692 [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x77D51548-->6FAA19CA [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->advapi32.dll-->RegDeleteKeyW, Type: IAT modification 0x77D51544-->6FAB3421 [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->advapi32.dll-->RegEnumValueW, Type: IAT modification 0x77D51524-->6FAA0E28 [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x77D51528-->6FA960B5 [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->advapi32.dll-->RegQueryInfoKeyW, Type: IAT modification 0x77D51520-->6FAA1555 [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->advapi32.dll-->RegQueryValueExW, Type: IAT modification 0x77D5152C-->6FA97278 [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->CallNextHookEx, Type: Inline - RelativeJump 0x76228E3B-->7003800F [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->CreateDialogIndirectParamA, Type: Inline - RelativeJump 0x762426F1-->70169500 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->CreateDialogIndirectParamW, Type: Inline - RelativeJump 0x76249A62-->70169538 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->CreateDialogParamA, Type: Inline - RelativeJump 0x762417AA-->70169490 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->CreateDialogParamW, Type: Inline - RelativeJump 0x762272A2-->701694C8 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->CreateWindowExA, Type: Inline - RelativeJump 0x7622DC2A-->6FFE362B [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->CreateWindowExW, Type: Inline - RelativeJump 0x76231305-->700403FF [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->DefWindowProcA, Type: Inline - RelativeJump 0x7622DB88-->6FFD97F5 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->DefWindowProcA, Type: Inline - SEH 0x7622DB8D [unknown_code_page]
[4420]iexplore.exe-->user32.dll-->DefWindowProcA, Type: Inline - SEH 0x7622DB8E [unknown_code_page]
[4420]iexplore.exe-->user32.dll-->DefWindowProcW, Type: Inline - RelativeJump 0x762403B4-->70038072 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->DefWindowProcW, Type: Inline - SEH 0x762403B9 [unknown_code_page]
[4420]iexplore.exe-->user32.dll-->DefWindowProcW, Type: Inline - SEH 0x762403BA [unknown_code_page]
[4420]iexplore.exe-->user32.dll-->DialogBoxIndirectParamA, Type: Inline - RelativeJump 0x7626847D-->701691C3 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->DialogBoxIndirectParamW, Type: Inline - RelativeJump 0x76252EF5-->7016915E [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->DialogBoxParamA, Type: Inline - RelativeJump 0x76268152-->701690F9 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->DialogBoxParamW, Type: Inline - RelativeJump 0x762510B0-->6FF7189B [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->EnableWindow, Type: Inline - RelativeJump 0x7622CD8B-->70019ECC [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->EndDialog, Type: Inline - RelativeJump 0x7625326E-->70169ED9 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->GetAsyncKeyState, Type: Inline - RelativeJump 0x7622863C-->6FFBDECD [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->GetKeyState, Type: Inline - RelativeJump 0x76238CB1-->6FFBDDA7 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->IsDialogMessage, Type: Inline - RelativeJump 0x76241847-->70169C05 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->IsDialogMessageW, Type: Inline - RelativeJump 0x76240745-->70169C2D [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77D511A8-->6FAABCB1 [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77D512B8-->6FA963E7 [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x77D511B4-->6FAA7FAF [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77D511B0-->6FAAC871 [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->kernel32.dll-->FindClose, Type: IAT modification 0x77D511E4-->6FAAF9AD [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->kernel32.dll-->FindFirstFileW, Type: IAT modification 0x77D511EC-->6FAAFD53 [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->kernel32.dll-->FindNextFileW, Type: IAT modification 0x77D511E8-->6FAB082A [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->kernel32.dll-->GetPrivateProfileStringW, Type: IAT modification 0x77D51328-->6FAAAC3B [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77D51300-->6FA947BB [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x77D51250-->6FA96D22 [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->6FA95EC7 [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x77D512FC-->6FA94E2B [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x77D511AC-->6FAAE0E9 [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->kernel32.dll-->SearchPathW, Type: IAT modification 0x77D51154-->6FAA029E [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->kernel32.dll-->SetCurrentDirectoryW, Type: IAT modification 0x77D511D8-->6FAAF560 [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->kernel32.dll-->WritePrivateProfileStringW, Type: IAT modification 0x77D512BC-->6FAAB5CB [IEShims.dll]
[4420]iexplore.exe-->user32.dll-->keybd_event, Type: Inline - RelativeJump 0x7627D972-->7016A45A [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->MessageBoxExA, Type: Inline - RelativeJump 0x7627D639-->70168FA3 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->MessageBoxExW, Type: Inline - RelativeJump 0x7627D65D-->70168F3F [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->MessageBoxIndirectA, Type: Inline - RelativeJump 0x7627D4D9-->70169080 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->MessageBoxIndirectW, Type: Inline - RelativeJump 0x7627D5D3-->70169007 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->SendInput, Type: Inline - RelativeJump 0x76252F75-->7016A49D [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->SetCursorPos, Type: Inline - RelativeJump 0x76266FB2-->7016A576 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->SetKeyboardState, Type: Inline - RelativeJump 0x76250987-->7016A4F5 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x762287AD-->700125C4 [ieframe.dll]
[4420]iexplore.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x762298DB-->7005ED18 [ieframe.dll]
[4420]iexplore.exe-->wininet.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x63001400-->6FA947BB [IEShims.dll]
[4420]iexplore.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x4B0D11E8-->6FA947BB [IEShims.dll]

[bmwacs]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 26-01-2014 03
Ran by Martin at 2014-01-26 22:46:06 Run:2
Running from C:\Users\Martin\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKCU\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!
CMD: shutdown /r /f /t 2

End
*****************

HKCU\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} => Key not found.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

[bmwacs]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2014
Ran by Martin (administrator) on MARTIN-PC on 26-01-2014 22:51:13
Running from G:\
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Safe Mode (minimal)

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [PLFSet] - C:\Windows\PLFSet.dll [45056 2007-12-14] ( )
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [8534560 2008-03-11] (NVIDIA Corporation)
HKLM\...\Run: [SynTPStart] - C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2008-01-24] (Synaptics, Inc.)
HKLM\...\Run: [eDataSecurity Loader] - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [518656 2008-02-25] (Egis Incorporated)
HKLM\...\Run: [eAudio] - C:\Acer\Empowering Technology\eAudio\eAudio.exe [1286144 2007-10-10] (CyberLink)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2008-01-24] (Realtek Semiconductor)
HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\QtZgAcer.EXE [707080 2008-01-02] (Dritek System Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1778640 2014-01-13] (APN)
HKLM\...\Run: [VNT] - C:\Program Files\VNT\vntldr.exe [202192 2014-01-13] (APN LLC.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [ 2007-08-21] ()
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [ 2007-08-21] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.dalesearch.com/?q={searchTer ... 0&tsp=5009
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.dalesearch.com/?q={searchTer ... 0&tsp=5009
BHO: Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (HiTRUST)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll (APN LLC.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default
FF NewTab: hxxp://www.dalesearch.com/?babsrc=NT_ss&mntrId ... 0&tsp=5009
FF DefaultSearchEngine: DaleSearch
FF SelectedSearchEngine: DaleSearch
FF Homepage: www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=0.9.9 - C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Martin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Martin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Ask Toolbar - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default\Extensions\toolbar_PTV-RG@apn.ask.com.xpi [2013-08-29]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-04-09]
FF Extension: DownThemAll! - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-08-22]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-24]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-24]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR Plugin: (Shockwave Flash) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Extension: (Ask Toolbar) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaahnibljmklpljnbpgfobmfpfhplch [2013-10-01]
CHR Extension: (Skype Click to Call) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-13]
CHR Extension: (Peněženka Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR HKLM\...\Chrome\Extension: [aaaahnibljmklpljnbpgfobmfpfhplch] - C:\ProgramData\AskPartnerNetwork\Toolbar\PTV-RG\CRX\ToolbarCR.crx [2014-01-13]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR StartMenuInternet: Google Chrome - C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

S2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-01-13] (APN LLC.)
S3 DAUpdaterSvc; D:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
S2 eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [491008 2008-02-25] (Egis Incorporated)
S2 eLockService; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [24576 2007-10-01] (Acer Inc.)
S2 eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [131072 2007-12-20] (Acer Inc.)
S2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [57344 2007-09-10] (Acer Inc.)
S2 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-12-19] ()
S2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-11-27] ()
S2 MsgPlusService; C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [128000 2013-05-07] (Yuna Software)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
S2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [233472 2007-09-28] (Acer Inc.)
S3 Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [155344 2011-06-29] (Avanquest Software)
S2 WMIService; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [167936 2007-09-20] (acer)
S3 8799CE71; C:\Windows\system32\8799CE71.exe [x]

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2011-02-04] ()
S3 ENTECH; C:\Windows\system32\DRIVERS\ENTECH.sys [27672 2007-08-20] (EnTech Taiwan)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S2 int15; C:\Acer\Empowering Technology\eRecovery\int15.sys [15392 2007-07-03] (Acer, Inc.)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [145664 2013-12-24] (ITE )
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2011-02-04] ()
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 MsgPlusDriver; C:\Windows\System32\DRIVERS\MsgPlusDriver.sys [118096 2013-05-07] (Yune Software)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2009-11-19] (MCCI Corporation)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1729152 2007-12-14] ()
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2008-01-24] (Winbond Electronics Corporation)
S3 ALSysIO; \??\C:\Users\Martin\AppData\Local\Temp\ALSysIO.sys [x]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys [x]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S4 sptd; System32\Drivers\sptd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-26 22:14 - 2014-01-26 22:14 - 00000000 ____D C:\Users\Martin\Desktop\FRST-OlderVersion
2014-01-26 22:11 - 2014-01-26 22:11 - 00522360 _____ (Duplex Secure Ltd.) C:\Users\Martin\Desktop\SPTDinst-v186-x86.exe
2014-01-26 21:46 - 2014-01-26 21:46 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2014-01-26 17:26 - 2014-01-26 17:26 - 00098656 _____ C:\Users\Martin\Desktop\Report.txt
2014-01-26 17:15 - 2014-01-26 17:15 - 00035712 _____ C:\Windows\system32\Drivers\BlackBox.sys
2014-01-26 17:13 - 2014-01-26 17:13 - 00130803 _____ C:\Users\Martin\Desktop\RKUnhookerLE.zip
2014-01-26 17:13 - 2011-02-26 16:07 - 00139264 _____ () C:\Users\Martin\Desktop\RKUnhookerLE.EXE
2014-01-26 17:11 - 2014-01-26 17:11 - 00002081 _____ C:\Users\Martin\Desktop\aswMBR.txt
2014-01-26 17:11 - 2014-01-26 17:11 - 00000512 _____ C:\Users\Martin\Desktop\MBR.dat
2014-01-26 17:07 - 2014-01-26 17:07 - 04745728 _____ (AVAST Software) C:\Users\Martin\Desktop\aswmbr.exe
2014-01-26 00:55 - 2012-08-04 03:48 - 98077435 _____ (Igor Pavlov) C:\Users\Martin\Desktop\OTLPEStd.exe
2014-01-25 22:59 - 2013-12-12 10:32 - 728086778 _____ C:\Users\Martin\Desktop\Balada-pro-banditu_TV-RIP_zkousec_h264_MP3.mp4
2014-01-24 19:17 - 2014-01-24 19:17 - 00065545 _____ C:\ComboFix.txt
2014-01-24 19:00 - 2014-01-24 19:17 - 00000000 ____D C:\ComboFix
2014-01-24 19:00 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-24 19:00 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-24 19:00 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-24 19:00 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-24 19:00 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-24 19:00 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-24 19:00 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-24 19:00 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-24 18:58 - 2014-01-24 19:17 - 00000000 ____D C:\Qoobox
2014-01-24 18:56 - 2014-01-24 19:16 - 00000000 ____D C:\Windows\erdnt
2014-01-24 18:54 - 2014-01-24 18:55 - 05175240 ____R (Swearware) C:\Users\Martin\Desktop\ComboFix.exe
2014-01-24 18:53 - 2014-01-24 18:53 - 00443264 _____ C:\Users\Martin\Desktop\WeatherBlink.exe
2014-01-24 00:39 - 2014-01-24 00:39 - 00003262 _____ C:\Users\Martin\Desktop\RKreport[0]_S_01242014_003959.txt
2014-01-24 00:36 - 2014-01-24 00:42 - 00000000 ____D C:\Users\Martin\Desktop\RK_Quarantine
2014-01-24 00:36 - 2014-01-24 00:36 - 03809280 _____ C:\Users\Martin\Desktop\RogueKiller.exe
2014-01-24 00:31 - 2014-01-24 00:31 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Martin\Desktop\tdsskiller.exe
2014-01-23 21:45 - 2014-01-23 22:04 - 172207440 _____ C:\Users\Martin\Downloads\Teorie-velkeho-tresku-TBBT-S07E02-HDTV.mp4
2014-01-23 21:19 - 2014-01-23 21:39 - 185161290 _____ C:\Users\Martin\Downloads\Teorie.velkeho.tresku.S07E01.The.Hofstadter.Insufficiency.HDTV.XviD-AFG.avi
2014-01-23 17:30 - 2014-01-26 22:49 - 00008532 _____ C:\Windows\PFRO.log
2014-01-22 23:08 - 2014-01-22 23:08 - 00056547 _____ C:\Users\Martin\Desktop\OTL.zip
2014-01-22 23:07 - 2014-01-22 23:07 - 00012604 _____ C:\Users\Martin\Desktop\Extras.zip
2014-01-22 22:35 - 2014-01-22 22:35 - 00074558 _____ C:\Users\Martin\Desktop\Extras.Txt
2014-01-22 22:34 - 2014-01-22 22:34 - 00460284 _____ C:\Users\Martin\Desktop\OTL.Txt
2014-01-22 21:55 - 2014-01-22 21:55 - 00000512 _____ C:\PhysicalMBR.bin
2014-01-22 21:48 - 2014-01-22 21:48 - 00602112 _____ (OldTimer Tools) C:\Users\Martin\Desktop\OTL.exe
2014-01-22 21:47 - 2014-01-22 21:47 - 00602112 _____ (OldTimer Tools) C:\Users\Martin\Downloads\OTL.exe
2014-01-22 20:03 - 2014-01-22 20:10 - 00000000 ____D C:\Users\Martin\.smplayer
2014-01-22 20:02 - 2014-01-22 20:02 - 16870192 _____ C:\Users\Martin\Downloads\smplayer-0.8.5-win32.exe
2014-01-22 19:52 - 2014-01-22 20:52 - 00000000 ____D C:\ProgramData\ProgDVB
2014-01-22 19:51 - 2014-01-22 20:52 - 00000000 ____D C:\Program Files\ProgDVB
2014-01-22 19:50 - 2014-01-22 19:51 - 16724376 _____ C:\Users\Martin\Downloads\ProgDVB7.00Std.exe
2014-01-21 23:30 - 2014-01-21 23:30 - 00380416 _____ C:\Users\Martin\Desktop\djd4hw9e.exe
2014-01-21 18:07 - 2014-01-21 18:08 - 00020302 _____ C:\Users\Martin\Desktop\Addition.txt
2014-01-21 18:06 - 2014-01-21 18:08 - 00031319 _____ C:\Users\Martin\Desktop\FRST.txt
2014-01-21 18:05 - 2014-01-26 22:14 - 00000000 ____D C:\FRST
2014-01-21 18:04 - 2014-01-26 22:14 - 01222656 _____ (Farbar) C:\Users\Martin\Desktop\FRST.exe
2014-01-21 17:58 - 2014-01-21 17:59 - 04208656 _____ (Piriform Ltd) C:\Users\Martin\Downloads\dfsetup216.exe
2014-01-21 17:56 - 2014-01-21 17:56 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409(2).exe
2014-01-21 17:55 - 2014-01-21 17:55 - 00001238 _____ C:\Users\Martin\Documents\cc_20140121_175552.reg
2014-01-21 17:42 - 2014-01-21 17:42 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409(1).exe
2014-01-05 16:07 - 2014-01-05 17:30 - 732899328 _____ C:\Users\Martin\Downloads\Moderni-popelka-1_CzDab.avi
2014-01-05 12:19 - 2014-01-05 12:19 - 00001816 _____ C:\Users\Martin\Desktop\TotalMedia 3.5.lnk
2014-01-04 00:10 - 2014-01-04 00:34 - 744680960 _____ C:\Users\Martin\Downloads\Obušku-z-pytle-ven-1955.avi
2013-12-29 00:13 - 2013-12-29 00:13 - 00015974 _____ C:\Users\Martin\Documents\cc_20131229_001300.reg
2013-12-28 23:55 - 2013-12-28 23:56 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409.exe

==================== One Month Modified Files and Folders =======

2014-01-26 22:49 - 2014-01-23 17:30 - 00008532 _____ C:\Windows\PFRO.log
2014-01-26 22:48 - 2010-10-25 14:50 - 00000012 _____ C:\Windows\bthservsdp.dat
2014-01-26 22:48 - 2010-10-25 13:54 - 02068968 _____ C:\Windows\WindowsUpdate.log
2014-01-26 22:48 - 2006-11-02 14:01 - 00032572 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-26 22:48 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-26 22:48 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-26 22:48 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-26 22:42 - 2013-10-11 23:21 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-26 22:42 - 2013-09-11 16:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-26 22:39 - 2008-01-21 07:47 - 01540550 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-26 22:24 - 2013-10-09 08:14 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2670110533-408426820-3519810110-1000UA.job
2014-01-26 22:14 - 2014-01-26 22:14 - 00000000 ____D C:\Users\Martin\Desktop\FRST-OlderVersion
2014-01-26 22:14 - 2014-01-21 18:05 - 00000000 ____D C:\FRST
2014-01-26 22:14 - 2014-01-21 18:04 - 01222656 _____ (Farbar) C:\Users\Martin\Desktop\FRST.exe
2014-01-26 22:11 - 2014-01-26 22:11 - 00522360 _____ (Duplex Secure Ltd.) C:\Users\Martin\Desktop\SPTDinst-v186-x86.exe
2014-01-26 21:46 - 2014-01-26 21:46 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2014-01-26 21:33 - 2013-10-11 23:21 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-26 17:26 - 2014-01-26 17:26 - 00098656 _____ C:\Users\Martin\Desktop\Report.txt
2014-01-26 17:15 - 2014-01-26 17:15 - 00035712 _____ C:\Windows\system32\Drivers\BlackBox.sys
2014-01-26 17:13 - 2014-01-26 17:13 - 00130803 _____ C:\Users\Martin\Desktop\RKUnhookerLE.zip
2014-01-26 17:11 - 2014-01-26 17:11 - 00002081 _____ C:\Users\Martin\Desktop\aswMBR.txt
2014-01-26 17:11 - 2014-01-26 17:11 - 00000512 _____ C:\Users\Martin\Desktop\MBR.dat
2014-01-26 17:07 - 2014-01-26 17:07 - 04745728 _____ (AVAST Software) C:\Users\Martin\Desktop\aswmbr.exe
2014-01-26 15:00 - 2013-10-09 08:14 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2670110533-408426820-3519810110-1000Core.job
2014-01-26 00:00 - 2010-10-26 19:56 - 00000000 ____D C:\Users\Martin\AppData\Local\PokerStars
2014-01-25 20:13 - 2010-10-25 14:36 - 00184320 _____ C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-24 19:17 - 2014-01-24 19:17 - 00065545 _____ C:\ComboFix.txt
2014-01-24 19:17 - 2014-01-24 19:00 - 00000000 ____D C:\ComboFix
2014-01-24 19:17 - 2014-01-24 18:58 - 00000000 ____D C:\Qoobox
2014-01-24 19:16 - 2014-01-24 18:56 - 00000000 ____D C:\Windows\erdnt
2014-01-24 19:15 - 2006-11-02 11:23 - 00000215 _____ C:\Windows\system.ini
2014-01-24 18:55 - 2014-01-24 18:54 - 05175240 ____R (Swearware) C:\Users\Martin\Desktop\ComboFix.exe
2014-01-24 18:53 - 2014-01-24 18:53 - 00443264 _____ C:\Users\Martin\Desktop\WeatherBlink.exe
2014-01-24 00:42 - 2014-01-24 00:36 - 00000000 ____D C:\Users\Martin\Desktop\RK_Quarantine
2014-01-24 00:39 - 2014-01-24 00:39 - 00003262 _____ C:\Users\Martin\Desktop\RKreport[0]_S_01242014_003959.txt
2014-01-24 00:36 - 2014-01-24 00:36 - 03809280 _____ C:\Users\Martin\Desktop\RogueKiller.exe
2014-01-24 00:31 - 2014-01-24 00:31 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Martin\Desktop\tdsskiller.exe
2014-01-23 22:04 - 2014-01-23 21:45 - 172207440 _____ C:\Users\Martin\Downloads\Teorie-velkeho-tresku-TBBT-S07E02-HDTV.mp4
2014-01-23 21:39 - 2014-01-23 21:19 - 185161290 _____ C:\Users\Martin\Downloads\Teorie.velkeho.tresku.S07E01.The.Hofstadter.Insufficiency.HDTV.XviD-AFG.avi
2014-01-22 23:08 - 2014-01-22 23:08 - 00056547 _____ C:\Users\Martin\Desktop\OTL.zip
2014-01-22 23:07 - 2014-01-22 23:07 - 00012604 _____ C:\Users\Martin\Desktop\Extras.zip
2014-01-22 22:35 - 2014-01-22 22:35 - 00074558 _____ C:\Users\Martin\Desktop\Extras.Txt
2014-01-22 22:34 - 2014-01-22 22:34 - 00460284 _____ C:\Users\Martin\Desktop\OTL.Txt
2014-01-22 21:55 - 2014-01-22 21:55 - 00000512 _____ C:\PhysicalMBR.bin
2014-01-22 21:48 - 2014-01-22 21:48 - 00602112 _____ (OldTimer Tools) C:\Users\Martin\Desktop\OTL.exe
2014-01-22 21:47 - 2014-01-22 21:47 - 00602112 _____ (OldTimer Tools) C:\Users\Martin\Downloads\OTL.exe
2014-01-22 20:52 - 2014-01-22 19:52 - 00000000 ____D C:\ProgramData\ProgDVB
2014-01-22 20:52 - 2014-01-22 19:51 - 00000000 ____D C:\Program Files\ProgDVB
2014-01-22 20:52 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2014-01-22 20:49 - 2006-11-02 13:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2014-01-22 20:10 - 2014-01-22 20:03 - 00000000 ____D C:\Users\Martin\.smplayer
2014-01-22 20:03 - 2010-10-25 14:16 - 00000000 ____D C:\Users\Martin
2014-01-22 20:02 - 2014-01-22 20:02 - 16870192 _____ C:\Users\Martin\Downloads\smplayer-0.8.5-win32.exe
2014-01-22 19:51 - 2014-01-22 19:50 - 16724376 _____ C:\Users\Martin\Downloads\ProgDVB7.00Std.exe
2014-01-21 23:30 - 2014-01-21 23:30 - 00380416 _____ C:\Users\Martin\Desktop\djd4hw9e.exe
2014-01-21 18:08 - 2014-01-21 18:07 - 00020302 _____ C:\Users\Martin\Desktop\Addition.txt
2014-01-21 18:08 - 2014-01-21 18:06 - 00031319 _____ C:\Users\Martin\Desktop\FRST.txt
2014-01-21 17:59 - 2014-01-21 17:58 - 04208656 _____ (Piriform Ltd) C:\Users\Martin\Downloads\dfsetup216.exe
2014-01-21 17:59 - 2011-06-18 19:31 - 00000000 ____D C:\Program Files\Defraggler
2014-01-21 17:59 - 2010-10-25 19:43 - 00000000 ___RD C:\Users\Martin\Desktop\Programy
2014-01-21 17:56 - 2014-01-21 17:56 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409(2).exe
2014-01-21 17:55 - 2014-01-21 17:55 - 00001238 _____ C:\Users\Martin\Documents\cc_20140121_175552.reg
2014-01-21 17:42 - 2014-01-21 17:42 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409(1).exe
2014-01-19 08:32 - 2010-10-25 16:11 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-18 12:01 - 2008-04-22 02:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-18 11:58 - 2013-08-17 18:46 - 00000000 ____D C:\Windows\system32\MRT
2014-01-18 11:55 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-16 01:15 - 2013-11-09 21:28 - 00000000 ____D C:\Users\Martin\AppData\Local\VNT
2014-01-16 01:14 - 2013-11-09 21:28 - 00000000 ____D C:\Program Files\VNT
2014-01-07 23:46 - 2013-11-18 22:11 - 00000000 ____D C:\Users\Martin\Desktop\nevim
2014-01-05 17:30 - 2014-01-05 16:07 - 732899328 _____ C:\Users\Martin\Downloads\Moderni-popelka-1_CzDab.avi
2014-01-05 12:19 - 2014-01-05 12:19 - 00001816 _____ C:\Users\Martin\Desktop\TotalMedia 3.5.lnk
2014-01-04 00:34 - 2014-01-04 00:10 - 744680960 _____ C:\Users\Martin\Downloads\Obušku-z-pytle-ven-1955.avi
2013-12-29 00:13 - 2013-12-29 00:13 - 00015974 _____ C:\Users\Martin\Documents\cc_20131229_001300.reg
2013-12-29 00:04 - 2012-05-05 23:35 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-28 23:56 - 2013-12-28 23:55 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409.exe
2013-12-28 23:48 - 2011-10-13 16:30 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-28 23:48 - 2008-04-22 02:17 - 00000000 ____D C:\ProgramData\Adobe
2013-12-28 23:47 - 2010-10-25 16:32 - 00000000 ____D C:\Program Files\Adobe
2013-12-28 23:43 - 2011-01-27 18:58 - 00000000 ____D C:\Users\Martin\Downloads\Programy
2013-12-28 00:04 - 2013-12-23 11:56 - 00000000 ____D C:\Users\Martin\Downloads\Evolve
2013-12-27 20:08 - 2012-12-23 13:41 - 00000000 ____D C:\Users\Martin\AppData\Roaming\dvdcss
2013-12-27 00:51 - 2013-12-24 19:48 - 00000000 ____D C:\ProgramData\ArcSoft
2013-12-27 00:51 - 2008-04-22 01:42 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

Files to move or delete:
====================
C:\Users\Martin\AppData\Roaming\desktop.ini


Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\temp\RtkBtMnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-26 22:48

==================== End Of Log ============================

[bmwacs]

Zdá se že je vše v pořádku pokud en ozvu se a moc děkuji a tento proces byl za celou dobu co zde zasílám aspoň pro mš nejsložitější.

Smekám před lidmi co pomáhají lidem od všemožné virtuální havěti.

[bmwacs]

smažu všechny používané aplikace?

[bmwacs]

v Rootkit uhookeru odinstaluj ovladac.

Jak se to dělá?