Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

nějaký vir

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15725
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: nějaký vir

#16 Příspěvek od JaRon »

over ci subor hosts naozaj obsahuje iba jeden riadok - ak to bude OK, skontroluj PC s MBAM
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
celeston
Návštěvník
Návštěvník
Příspěvky: 275
Registrován: 26 pro 2007 13:34
Kontaktovat uživatele:
Kontaktovat uživatele celeston

Re: nějaký vir

#17 Příspěvek od celeston »

Ja se omlouvam ,ale ais nerozumim dobre slovensky.nemohl by mi poradit ten druhy co mi psal? nevim co je over si subor hots.
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15725
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: nějaký vir

#18 Příspěvek od JaRon »

OK, prenecham Ta kolegovi - hned ako sa objavi prehovori na Teba rodnou recou :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
celeston
Návštěvník
Návštěvník
Příspěvky: 275
Registrován: 26 pro 2007 13:34
Kontaktovat uživatele:
Kontaktovat uživatele celeston

Re: nějaký vir

#19 Příspěvek od celeston »

Opravu Host jsem uz delal.
Nahoru
celeston
Návštěvník
Návštěvník
Příspěvky: 275
Registrován: 26 pro 2007 13:34
Kontaktovat uživatele:
Kontaktovat uživatele celeston

Re: nějaký vir

#20 Příspěvek od celeston »

cernohous13 píše:Omluva za vstup :oops:

v RoqueKilleru - Pak klikni na Oprava proxy a Zpráva - otevře se log, ten sem vlož

Můžeš mi prosím jeste poradit?
Nahoru
celeston
Návštěvník
Návštěvník
Příspěvky: 275
Registrován: 26 pro 2007 13:34
Kontaktovat uživatele:
Kontaktovat uživatele celeston

Re: nějaký vir

#21 Příspěvek od celeston »

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.02.19.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Ondra :: ONDRA-PC [administrátor]

19.2.2014 10:59:27
mbam-log-2014-02-19 (10-59-27).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 345138
Uplynulý čas: 32 minut, 46 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)
Nahoru
celeston
Návštěvník
Návštěvník
Příspěvky: 275
Registrován: 26 pro 2007 13:34
Kontaktovat uživatele:
Kontaktovat uživatele celeston

Re: nějaký vir

#22 Příspěvek od celeston »

Problém ale stále nevyřešen. :(
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: nějaký vir

#23 Příspěvek od vyosek »

Zdravim :)

:arrow: Dejte log dle tohoto http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
celeston
Návštěvník
Návštěvník
Příspěvky: 275
Registrován: 26 pro 2007 13:34
Kontaktovat uživatele:
Kontaktovat uživatele celeston

Re: nějaký vir

#24 Příspěvek od celeston »

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by Ondra (administrator) on ONDRA-PC on 19-02-2014 12:12:59
Running from C:\Users\Ondra\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Pirrit\AutoUpdater.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(ICQ, LLC.) D:\ICQ\ICQ7.6\ICQ.exe
(forum.viry.cz) C:\Users\Ondra\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304 2013-03-07] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
AppInit_DLLs: C:\Windows\System32\guard64.dll => C:\Windows\System32\guard64.dll [390392 2012-11-08] (COMODO)
AppInit_DLLs: C:\Windows\System32\guard64.dll => C:\Windows\System32\guard64.dll [390392 2012-11-08] (COMODO)
AppInit_DLLs: C:\Windows\system32\guard64.dll => C:\Windows\system32\guard64.dll [390392 2012-11-08] (COMODO)
AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll => C:\Windows\SysWOW64\guard32.dll [301264 2012-11-08] (COMODO)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {92237EB0-6A9C-47c0-AC86-2D39E38DC6A2} URL = http://search.yahoo.com/search?p={searc ... type=STDVM
SearchScopes: HKCU - {B094E0CC-0197-4be1-8297-2B67F4B8DECE} URL = http://www.bing.com/search?q={searchTer ... R2&pc=SPLH
SearchScopes: HKCU - {B822A610-8C08-48c5-99E8-7FA421361062} URL = http://www.google.com/cse?cx=partner-pu ... 4067623346
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default
FF SelectedSearchEngine: Yahoo
FF Homepage: www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\searchplugins\ividi.xml
FF SearchPlugin: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Bcool - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\Extensions\4fd64262c0f4d@4fd64262c0f86.info [2012-06-11]
FF Extension: Garmin Communicator - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-20]
FF Extension: Pirrit Suggestor - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\Extensions\suggestor@suggestor.pirrit.com.xpi [2014-02-19]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-09-17]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Ondra\AppData\Roaming\IDM\idmmzcc3

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchKeyword: yahoo.com
CHR DefaultSearchProvider: Yahoo
CHR DefaultSearchURL: http://klit.startnow.com/s/?q={searchTe ... .1-x64-SP1
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U27) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Extension: (avast! WebRep) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-11-18]
CHR Extension: (Peněženka Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2012-09-17]
CHR HKLM-x32\...\Chrome\Extension: [ijbdeloioekcppaijjfhnolgmhikiihg] - C:\ProgramData\Bcool\ijbdeloioekcppaijjfhnolgmhikiihg.crx [2012-09-17]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-09-17] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
S2 PirritDesktop; C:\Users\Ondra\AppData\Local\PirritSuggestor\PirritService.exe [52568 2014-02-14] ()
R2 PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [59904 2014-02-14] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-25] ()

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [70992 2013-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-03-07] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [377920 2013-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [68920 2013-03-07] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178624 2013-03-07] ()
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-11-12] (DT Soft Ltd)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2011-12-13] ()
U3 a6j9q8n2; C:\Windows\System32\Drivers\a6j9q8n2.sys [0 ] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-19 12:12 - 2014-02-19 12:13 - 00016579 _____ () C:\Users\Ondra\Desktop\FRST.txt
2014-02-19 12:12 - 2014-02-19 12:12 - 00000000 ____D () C:\FRST
2014-02-19 12:11 - 2014-02-19 12:11 - 00112640 _____ (forum.viry.cz) C:\Users\Ondra\Desktop\FRSTLauncher.exe
2014-02-19 12:10 - 2014-02-19 12:10 - 02153472 _____ (Farbar) C:\Users\Ondra\Desktop\FRST64.exe
2014-02-19 11:34 - 2014-02-19 11:34 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-19 11:34 - 2014-02-19 11:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-19 11:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-19 08:34 - 2014-02-19 09:56 - 00000000 ____D () C:\Users\Ondra\Desktop\RK_Quarantine
2014-02-19 08:33 - 2014-02-19 08:33 - 03813376 _____ () C:\Users\Ondra\Desktop\RogueKiller.exe
2014-02-19 08:29 - 2014-02-19 12:03 - 00001624 _____ () C:\Windows\setupact.log
2014-02-19 08:29 - 2014-02-19 08:29 - 00000818 _____ () C:\Windows\PFRO.log
2014-02-19 08:29 - 2014-02-19 08:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-19 08:19 - 2014-02-19 08:24 - 00000000 ____D () C:\rsit
2014-02-19 08:07 - 2014-02-19 08:16 - 00000000 ____D () C:\Users\Ondra\.gimp-2.8
2014-02-19 08:07 - 2014-02-19 08:07 - 00000000 ____D () C:\Users\Ondra\AppData\Local\gegl-0.2
2014-02-19 07:41 - 2014-02-19 07:41 - 00000000 ____D () C:\Users\Ondra\AppData\Local\PirritSuggestor
2014-02-19 07:40 - 2014-02-19 07:40 - 00000000 ____D () C:\Users\Ondra\AppData\Roaming\Pirrit
2014-02-19 07:40 - 2014-02-19 07:40 - 00000000 ____D () C:\Program Files (x86)\Pirrit
2014-02-19 07:38 - 2014-02-19 07:44 - 00000000 ____D () C:\Users\Ondra\Documents\FotoMix Data
2014-02-15 08:33 - 2014-02-15 08:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 06:42 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 06:42 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 06:41 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 06:41 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 06:41 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 06:41 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 06:41 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 06:41 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 06:41 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 06:41 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 06:41 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 06:41 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 06:41 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 06:41 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 06:41 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 06:41 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 06:41 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 06:41 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 06:41 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 06:41 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 06:41 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 06:41 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 06:41 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 06:41 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 06:41 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 06:41 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 06:41 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 06:41 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 06:41 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 06:41 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 06:41 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 06:41 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 06:41 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 06:41 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 06:41 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 06:41 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 06:41 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 06:41 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 06:41 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 06:41 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 06:41 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 06:29 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 06:29 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 06:29 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 06:29 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 06:29 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 06:29 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 06:29 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 06:29 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 06:29 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 06:29 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 06:29 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 06:29 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 06:29 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 06:29 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 06:29 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 06:29 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 06:29 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 06:29 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 06:29 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 06:29 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 06:29 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 06:29 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 06:29 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 06:29 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 06:29 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 06:29 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 06:29 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 06:29 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-01-23 09:54 - 2013-12-27 19:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-23 09:54 - 2013-12-27 19:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

==================== One Month Modified Files and Folders =======

2014-02-19 12:13 - 2014-02-19 12:12 - 00016579 _____ () C:\Users\Ondra\Desktop\FRST.txt
2014-02-19 12:12 - 2014-02-19 12:12 - 00000000 ____D () C:\FRST
2014-02-19 12:11 - 2014-02-19 12:11 - 00112640 _____ (forum.viry.cz) C:\Users\Ondra\Desktop\FRSTLauncher.exe
2014-02-19 12:10 - 2014-02-19 12:10 - 02153472 _____ (Farbar) C:\Users\Ondra\Desktop\FRST64.exe
2014-02-19 12:03 - 2014-02-19 08:29 - 00001624 _____ () C:\Windows\setupact.log
2014-02-19 11:34 - 2014-02-19 11:34 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-19 11:34 - 2014-02-19 11:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-19 11:28 - 2013-11-28 08:16 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-19 11:28 - 2012-12-25 17:51 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-19 11:01 - 2011-10-16 13:21 - 00000000 ____D () C:\Users\Ondra\AppData\Roaming\ICQ
2014-02-19 09:56 - 2014-02-19 08:34 - 00000000 ____D () C:\Users\Ondra\Desktop\RK_Quarantine
2014-02-19 09:49 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-19 09:49 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-19 09:47 - 2011-04-12 09:34 - 00668882 _____ () C:\Windows\system32\perfh005.dat
2014-02-19 09:47 - 2011-04-12 09:34 - 00141542 _____ () C:\Windows\system32\perfc005.dat
2014-02-19 09:47 - 2009-07-14 06:13 - 00869652 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-19 09:45 - 2013-11-25 19:23 - 01183519 _____ () C:\Windows\WindowsUpdate.log
2014-02-19 09:40 - 2013-11-28 08:16 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-19 09:40 - 2013-11-19 09:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-19 09:40 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-19 08:33 - 2014-02-19 08:33 - 03813376 _____ () C:\Users\Ondra\Desktop\RogueKiller.exe
2014-02-19 08:29 - 2014-02-19 08:29 - 00000818 _____ () C:\Windows\PFRO.log
2014-02-19 08:29 - 2014-02-19 08:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-19 08:24 - 2014-02-19 08:19 - 00000000 ____D () C:\rsit
2014-02-19 08:22 - 2012-07-01 18:02 - 00000000 ____D () C:\Program Files\trend micro
2014-02-19 08:17 - 2013-02-24 18:14 - 00000000 ____D () C:\Users\Ondra\Desktop\Baci
2014-02-19 08:17 - 2011-11-12 18:47 - 00000000 ____D () C:\Users\Ondra\AppData\Local\CrashDumps
2014-02-19 08:16 - 2014-02-19 08:07 - 00000000 ____D () C:\Users\Ondra\.gimp-2.8
2014-02-19 08:07 - 2014-02-19 08:07 - 00000000 ____D () C:\Users\Ondra\AppData\Local\gegl-0.2
2014-02-19 08:07 - 2011-10-16 00:58 - 00000000 ____D () C:\Users\Ondra
2014-02-19 08:02 - 2013-01-27 21:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-19 08:02 - 2011-10-16 13:39 - 00000000 ____D () C:\Users\Ondra\AppData\Roaming\Adobe
2014-02-19 07:57 - 2011-10-26 22:00 - 00000000 ____D () C:\Users\Ondra\AppData\Local\Adobe
2014-02-19 07:45 - 2011-10-16 15:26 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-02-19 07:44 - 2014-02-19 07:38 - 00000000 ____D () C:\Users\Ondra\Documents\FotoMix Data
2014-02-19 07:41 - 2014-02-19 07:41 - 00000000 ____D () C:\Users\Ondra\AppData\Local\PirritSuggestor
2014-02-19 07:40 - 2014-02-19 07:40 - 00000000 ____D () C:\Users\Ondra\AppData\Roaming\Pirrit
2014-02-19 07:40 - 2014-02-19 07:40 - 00000000 ____D () C:\Program Files (x86)\Pirrit
2014-02-17 11:37 - 2013-07-18 20:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 11:36 - 2012-11-04 12:41 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 16:18 - 2011-10-16 15:41 - 00000000 ____D () C:\Users\Ondra\AppData\Roaming\Skype
2014-02-16 08:09 - 2013-09-27 14:48 - 00000000 ____D () C:\Users\Ondra\Documents\FIFA 14
2014-02-16 08:05 - 2013-01-25 18:34 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-02-16 08:05 - 2011-10-19 13:37 - 00000000 ____D () C:\ProgramData\Origin
2014-02-16 07:46 - 2012-07-01 21:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 12:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-15 08:33 - 2014-02-15 08:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 19:54 - 2013-05-15 19:37 - 00000000 ____D () C:\Windows\rescache
2014-02-13 06:43 - 2013-11-09 12:59 - 00844366 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-12 13:23 - 2011-10-16 13:35 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 13:23 - 2011-10-16 13:35 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-08 16:55 - 2013-11-09 11:37 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-02-08 16:55 - 2012-06-02 17:18 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-02-06 13:16 - 2014-02-13 06:41 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 06:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 06:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 06:41 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 06:41 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 06:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 06:41 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 06:41 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-13 06:41 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-13 06:41 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 06:41 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 06:41 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 06:41 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 06:41 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 06:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 06:41 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 06:41 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 06:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 06:41 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 06:41 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-13 06:41 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-13 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 06:41 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 06:41 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-13 06:41 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-13 06:41 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 06:41 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 06:41 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-13 06:41 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-13 06:41 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 06:41 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 06:41 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 06:41 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 06:41 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-13 06:41 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 06:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 06:41 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 06:41 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 06:41 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 18:28 - 2012-12-25 17:51 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 18:28 - 2012-11-13 20:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 18:28 - 2011-10-16 13:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 01:23 - 2011-10-16 13:35 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-25 12:54 - 2012-05-29 10:05 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-01-23 09:55 - 2011-11-15 12:17 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-21 03:53 - 2013-11-19 09:27 - 01179576 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-01-21 03:53 - 2013-11-19 09:27 - 01048152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

Some content of TEMP:
====================
C:\Users\Ondra\AppData\Local\Temp\AAMHelper.exe
C:\Users\Ondra\AppData\Local\Temp\ntdll_dump.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-18 19:41




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:75.13 GB) (Free:12.44 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:390.63 GB) (Free:317.52 GB) NTFS

Available physical RAM: 5660.05 MB
Total physical RAM: 8168.63 MB
Percentage of memory in use: 30%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: DC15DC15)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=391 GB) - (Type=OF Extended)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Defense+ (Enabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ondra\Desktop" je 3058 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================


a tady zasílám ten druhej co se mi vytvřil na ploše Addition


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2014
Ran by Ondra at 2014-02-19 12:13:20
Running from C:\Users\Ondra\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Defense+ (Enabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32 Version: - Microsoft)
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Czech (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Aktualizace NVIDIA 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.4.5.0 - Asmedia Technology)
Assassins Creed IV Black Flag (x32 Version: - Ubisoft)
avast! Free Antivirus (x32 Version: 8.0.1483.0 - AVAST Software)
Bluetooth Win7 Suite (64) (Version: 7.2.0.65 - Atheros Communications)
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: - ) Hidden
CCleaner (Version: 3.11 - Piriform)
COMODO Internet Security (Version: 5.8.15089.2124 - COMODO Security Solutions Inc.)
DAEMON Tools Lite (x32 Version: 4.45.1.0236 - DT Soft Ltd)
Defraggler (Version: 2.10 - Piriform)
DVDFab 8.0.8.2 (15/03/2011) (x32 Version: - Fengtao Software Inc.)
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
Far Cry 3 (x32 Version: 1.01 - Ubisoft)
FIFA 14 (x32 Version: 1.0.0.4 - Electronic Arts)
Garmin USB Drivers (x32 Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Earth Plug-in (x32 Version: 7.1.2.2041 - Google)
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
ICQ7.6 (x32 Version: 7.6 - ICQ)
ImgBurn (x32 Version: 2.5.6.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections 15.6.25.0 (Version: 15.6.25.0 - Intel)
Intel(R) Network Connections 15.6.25.0 (Version: 15.6.25.0 - Intel) Hidden
Java Auto Updater (x32 Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 27 (x32 Version: 6.0.270 - Oracle)
JMicron JMB36X Driver (x32 Version: 1.17.58.2 - JMicron Technology Corp.)
K-Lite Mega Codec Pack 9.6.0 (x32 Version: 9.6.0 - )
Mafia II (x32 Version: - 2K Czech)
Malwarebytes Anti-Malware verze 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (CSY) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 cs) (x32 Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0.1 - Mozilla)
NVIDIA GeForce Experience 1.8.2 (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Ovladač 3D Vision 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.26.4 (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3182 - NVIDIA Corporation) Hidden
NVIDIA Systémový software PhysX 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (Version: 1.2.20 - NVIDIA Corporation)
Origin (x32 Version: 9.1.11.2678 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
PirritSuggestor version 1.5 (x32 Version: 1.5 - Pirrit Solutions)
PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)
Rapture3D 2.4.8 Game (x32 Version: - Blue Ripple Sound)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (Version: 5.0.1132 - SUPERAntiSpyware.com)
TL-WN721N/TL-WN722N Driver (x32 Version: 1.0.0 - TP-LINK)
TP-LINK Wireless Configuration Utility (x32 Version: 1.0.0 - TP-LINK)
Ubisoft Game Launcher (x32 Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version: - Microsoft)
Uplay (x32 Version: 4.0 - Ubisoft)
Virtua Tennis 4™ (x32 Version: 1.0.0000.130 - SEGA)
Virtua Tennis 4™ (x32 Version: 1.0.0000.130 - SEGA) Hidden
War Thunder (x32 Version: - Gaijin Entertainment)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
WinRAR (Version: - )

==================== Restore Points =========================

18-02-2014 18:48:42 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-02-19 10:53 - 00000741 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {086FFE81-8F0B-4DE6-BCBD-4C3E09E0E1E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-16] (Google Inc.)
Task: {4955543E-1622-4CC9-964F-121C6372652A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-03-07] (AVAST Software)
Task: {A3C1A3E2-5104-4515-AE35-1F6F0B642B0C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-16] (Google Inc.)
Task: {E8486DD8-9631-439F-9EEF-6500542F57C1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-19 09:25 - 2013-11-11 16:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-10-16 15:51 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2014-02-19 07:40 - 2014-02-14 11:29 - 00059904 _____ () C:\Program Files (x86)\Pirrit\AutoUpdater.exe
2013-11-09 11:37 - 2013-11-25 15:53 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-18 16:26 - 2014-02-18 15:15 - 02272256 _____ () C:\Program Files\AVAST Software\Avast\defs\14021801\algo.dll
2014-02-15 08:33 - 2014-02-15 08:33 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-05 18:28 - 2014-02-05 18:28 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== Faulty Device Manager Devices =============

Name: USB camera
Description: USB camera
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ASUS Bluetooth
Description: ASUS Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/19/2014 09:42:28 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/19/2014 09:08:47 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/19/2014 08:54:01 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/19/2014 08:41:16 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/19/2014 08:31:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/19/2014 08:22:05 AM) (Source: Application Hang) (User: )
Description: Program RSITx64.exe verze 3.3.6.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 348

Čas spuštění: 01cf2d42e6f4b8b4

Čas ukončení: 0

Cesta k aplikaci: C:\Users\Ondra\Downloads\RSITx64.exe

ID hlášení:

Error: (02/19/2014 08:08:27 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: gspawn-win32-helper.exe, verze: 0.0.0.0, časové razítko: 0x52952d96
Název chybujícího modulu: libglib-2.0-0.dll, verze: 2.38.0.0, časové razítko: 0x52952d95
Kód výjimky: 0x40000015
Posun chyby: 0x00037ced
ID chybujícího procesu: 0x178c
Čas spuštění chybující aplikace: 0xgspawn-win32-helper.exe0
Cesta k chybující aplikaci: gspawn-win32-helper.exe1
Cesta k chybujícímu modulu: gspawn-win32-helper.exe2
ID zprávy: gspawn-win32-helper.exe3

Error: (02/19/2014 08:08:12 AM) (Source: Application Hang) (User: )
Description: Program gimp-2.8.exe verze 2.8.10.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 17f8

Čas spuštění: 01cf2d414e517511

Čas ukončení: 0

Cesta k aplikaci: C:\Program Files\GIMP 2\bin\gimp-2.8.exe

ID hlášení: 95743e90-9934-11e3-b1e5-f46d04592120

Error: (02/19/2014 07:30:46 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/18/2014 09:11:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/19/2014 09:54:00 AM) (Source: Service Control Manager) (User: )
Description: Služba PirritDesktop byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/19/2014 09:42:40 AM) (Source: Service Control Manager) (User: )
Description: Služba PirritUpdater přestala během spouštění reagovat.

Error: (02/19/2014 09:42:40 AM) (Source: Service Control Manager) (User: )
Description: Služba PirritDesktop přestala během spouštění reagovat.

Error: (02/19/2014 09:27:49 AM) (Source: Service Control Manager) (User: )
Description: Služba PirritDesktop byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/19/2014 09:08:36 AM) (Source: Service Control Manager) (User: )
Description: Služba PirritUpdater přestala během spouštění reagovat.

Error: (02/19/2014 09:08:35 AM) (Source: Service Control Manager) (User: )
Description: Služba PirritDesktop přestala během spouštění reagovat.

Error: (02/19/2014 08:58:22 AM) (Source: Service Control Manager) (User: )
Description: Služba PirritDesktop byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/19/2014 08:53:50 AM) (Source: Service Control Manager) (User: )
Description: Služba PirritUpdater přestala během spouštění reagovat.

Error: (02/19/2014 08:53:50 AM) (Source: Service Control Manager) (User: )
Description: Služba PirritDesktop přestala během spouštění reagovat.

Error: (02/19/2014 08:44:15 AM) (Source: Service Control Manager) (User: )
Description: Služba PirritDesktop byla neočekávaně ukončena. Tento stav nastal již 1krát.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-04-27 00:20:49.297
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-27 00:20:49.250
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-15 17:15:35.683
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-15 17:15:35.667
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-15 17:15:35.636
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-15 17:15:35.620
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-15 17:12:53.037
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-15 17:12:53.005
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-15 17:12:52.990
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-15 17:12:52.974
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 30%
Total physical RAM: 8168.63 MB
Available physical RAM: 5660.05 MB
Total Pagefile: 16335.44 MB
Available Pagefile: 13646.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:75.13 GB) (Free:12.44 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:390.63 GB) (Free:317.52 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: DC15DC15)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=391 GB) - (Type=OF Extended)

==================== End Of Log ============================
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: nějaký vir

#25 Příspěvek od vyosek »

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {92237EB0-6A9C-47c0-AC86-2D39E38DC6A2} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=STDVM
SearchScopes: HKCU - {B094E0CC-0197-4be1-8297-2B67F4B8DECE} URL = http://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH
SearchScopes: HKCU - {B822A610-8C08-48c5-99E8-7FA421361062} URL = http://www.google.com/cse?cx=partner-pu ... e=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346

FF SelectedSearchEngine: Yahoo
FF SearchPlugin: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\searchplugins\ividi.xml
FF SearchPlugin: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\searchplugins\searchplugins-backup
FF Extension: Bcool - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\Extensions\4fd64262c0f4d@4fd64262c0f86.info [2012-06-11]
FF Extension: Pirrit Suggestor - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\Extensions\suggestor@suggestor.pirrit.com.xpi [2014-02-19]

CHR DefaultSearchKeyword: yahoo.com
CHR DefaultSearchProvider: Yahoo
CHR DefaultSearchURL: http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=CZ&install_date=20130108&user_guid=B71F6D26F9934C2DA4BD7C1464215D44&machine_id=c7f7d1b7f97cfa79ef74e5b3682a6ff7&browser=CR&os=win&os_version=6.1-x64-SP1
CHR DefaultNewTabURL: 
CHR HKLM-x32\...\Chrome\Extension: [ijbdeloioekcppaijjfhnolgmhikiihg] - C:\ProgramData\Bcool\ijbdeloioekcppaijjfhnolgmhikiihg.crx [2012-09-17]

S2 PirritDesktop; C:\Users\Ondra\AppData\Local\PirritSuggestor\PirritService.exe [52568 2014-02-14] ()
R2 PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [59904 2014-02-14] ()

2014-02-19 12:11 - 2014-02-19 12:11 - 00112640 _____ (forum.viry.cz) C:\Users\Ondra\Desktop\FRSTLauncher.exe
2014-02-19 08:34 - 2014-02-19 09:56 - 00000000 ____D () C:\Users\Ondra\Desktop\RK_Quarantine
2014-02-19 08:33 - 2014-02-19 08:33 - 03813376 _____ () C:\Users\Ondra\Desktop\RogueKiller.exe
014-02-19 07:41 - 2014-02-19 07:41 - 00000000 ____D () C:\Users\Ondra\AppData\Local\PirritSuggestor
2014-02-19 07:40 - 2014-02-19 07:40 - 00000000 ____D () C:\Users\Ondra\AppData\Roaming\Pirrit
2014-02-19 07:40 - 2014-02-19 07:40 - 00000000 ____D () C:\Program Files (x86)\Pirrit
C:\Users\Ondra\AppData\Local\PirritSuggestor
C:\Program Files (x86)\Pirrit

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
CMD: shutdown /r /f /t 2

End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
celeston
Návštěvník
Návštěvník
Příspěvky: 275
Registrován: 26 pro 2007 13:34
Kontaktovat uživatele:
Kontaktovat uživatele celeston

Re: nějaký vir

#26 Příspěvek od celeston »

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2014
Ran by Ondra at 2014-02-19 12:40:57 Run:1
Running from C:\Users\Ondra\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {92237EB0-6A9C-47c0-AC86-2D39E38DC6A2} URL = http://search.yahoo.com/search?p={searc ... type=STDVM
SearchScopes: HKCU - {B094E0CC-0197-4be1-8297-2B67F4B8DECE} URL = http://www.bing.com/search?q={searchTer ... R2&pc=SPLH
SearchScopes: HKCU - {B822A610-8C08-48c5-99E8-7FA421361062} URL = http://www.google.com/cse?cx=partner-pu ... e=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346

FF SelectedSearchEngine: Yahoo
FF SearchPlugin: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\searchplugins\ividi.xml
FF SearchPlugin: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\searchplugins\searchplugins-backup
FF Extension: Bcool - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\Extensions\4fd64262c0f4d@4fd64262c0f86.info [2012-06-11]
FF Extension: Pirrit Suggestor - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\Extensions\suggestor@suggestor.pirrit.com.xpi [2014-02-19]

CHR DefaultSearchKeyword: yahoo.com
CHR DefaultSearchProvider: Yahoo
CHR DefaultSearchURL: http://klit.startnow.com/s/?q={searchTe ... .1-x64-SP1
CHR DefaultNewTabURL:
CHR HKLM-x32\...\Chrome\Extension: [ijbdeloioekcppaijjfhnolgmhikiihg] - C:\ProgramData\Bcool\ijbdeloioekcppaijjfhnolgmhikiihg.crx [2012-09-17]

S2 PirritDesktop; C:\Users\Ondra\AppData\Local\PirritSuggestor\PirritService.exe [52568 2014-02-14] ()
R2 PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [59904 2014-02-14] ()

2014-02-19 12:11 - 2014-02-19 12:11 - 00112640 _____ (forum.viry.cz) C:\Users\Ondra\Desktop\FRSTLauncher.exe
2014-02-19 08:34 - 2014-02-19 09:56 - 00000000 ____D () C:\Users\Ondra\Desktop\RK_Quarantine
2014-02-19 08:33 - 2014-02-19 08:33 - 03813376 _____ () C:\Users\Ondra\Desktop\RogueKiller.exe
014-02-19 07:41 - 2014-02-19 07:41 - 00000000 ____D () C:\Users\Ondra\AppData\Local\PirritSuggestor
2014-02-19 07:40 - 2014-02-19 07:40 - 00000000 ____D () C:\Users\Ondra\AppData\Roaming\Pirrit
2014-02-19 07:40 - 2014-02-19 07:40 - 00000000 ____D () C:\Program Files (x86)\Pirrit
C:\Users\Ondra\AppData\Local\PirritSuggestor
C:\Program Files (x86)\Pirrit

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\Malwarebytes Anti-Malware => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{92237EB0-6A9C-47c0-AC86-2D39E38DC6A2} => Key deleted successfully.
HKCR\CLSID\{92237EB0-6A9C-47c0-AC86-2D39E38DC6A2} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B094E0CC-0197-4be1-8297-2B67F4B8DECE} => Key deleted successfully.
HKCR\CLSID\{B094E0CC-0197-4be1-8297-2B67F4B8DECE} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B822A610-8C08-48c5-99E8-7FA421361062} => Key deleted successfully.
HKCR\CLSID\{B822A610-8C08-48c5-99E8-7FA421361062} => Key not found.
Firefox SelectedSearchEngine deleted successfully.
C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\searchplugins\icq-search.xml => Moved successfully.
C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\searchplugins\ividi.xml => Moved successfully.
C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\searchplugins\searchplugins-backup => Moved successfully.
C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\Extensions\4fd64262c0f4d@4fd64262c0f86.info => Moved successfully.
C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eueouha6.default\Extensions\suggestor@suggestor.pirrit.com.xpi => Moved successfully.
CHR DefaultSearchKeyword: yahoo.com ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchProvider: Yahoo ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: http://klit.startnow.com/s/?q={searchTe ... .1-x64-SP1 ==> The Chrome "Settings" can be used to fix the entry.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ijbdeloioekcppaijjfhnolgmhikiihg => Key deleted successfully.
"C:\ProgramData\Bcool\ijbdeloioekcppaijjfhnolgmhikiihg.crx" => File/Directory not found.
PirritDesktop => Service deleted successfully.
PirritUpdater => Service deleted successfully.
C:\Users\Ondra\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Ondra\Desktop\RK_Quarantine => Moved successfully.
C:\Users\Ondra\Desktop\RogueKiller.exe => Moved successfully.
C:\Users\Ondra\AppData\Roaming\Pirrit => Moved successfully.
C:\Program Files (x86)\Pirrit => Moved successfully.
C:\Users\Ondra\AppData\Local\PirritSuggestor => Moved successfully.
"C:\Program Files (x86)\Pirrit" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========



The system needs a manual reboot.

==== End of Fixlog ====
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: nějaký vir

#27 Příspěvek od vyosek »

PC stale stavkuje?
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
celeston
Návštěvník
Návštěvník
Příspěvky: 275
Registrován: 26 pro 2007 13:34
Kontaktovat uživatele:
Kontaktovat uživatele celeston

Re: nějaký vir

#28 Příspěvek od celeston »

Vypadá to,že už je to dobré. A co to bylo za havet co s emi tam dostala? Já stahoval program na uprvau fotek nejakej no po nainstalovaní to zaclo reklamy atd.
Můžem PC kdyztak uplne dočistit at je v pohode nebo už to ej dobre?
Nahoru
celeston
Návštěvník
Návštěvník
Příspěvky: 275
Registrován: 26 pro 2007 13:34
Kontaktovat uživatele:
Kontaktovat uživatele celeston

Re: nějaký vir

#29 Příspěvek od celeston »

Ale co se týče tech reklam tak už sna dnic nevyskauje. Jeste byl problem v tom,že i tady an forum ruzne v textu třeba dvě písmenka byly modré (jako odkaz) slo na to klikout a zas nejaka reklama to tu ted už nemám tak sna dv poho..uf.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: nějaký vir

#30 Příspěvek od vyosek »

Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“