Notebook se ze dne na den začal sekat

Zpráva

Fulgrim · #16 Příspěvek od **Fulgrim** » 30 lis 2014 16:36

Mám pocit, že jsem zkopíroval něco jiného než jsem měl.

Takže tady.

Zoek.exe v5.0.0.0 Updated 29-11-2014
Tool run by Karol on ne 30.11.2014 at 16:01:32,74.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Karol\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

30.11.2014 16:02:41 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\Symantec deleted successfully
C:\Program Files\Common Files\Symantec Shared deleted successfully
C:\PROGRA~3\Evernote deleted successfully
C:\Users\Karol\AppData\Roaming\TP deleted successfully
C:\Users\Karol\AppData\Local\cache deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3527025134-1619887513-3940662434-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\0wlvxx5l.default-1359325518549\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.search.defaulturl", "https://www.google.com/search");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "https://www.google.com/search");
user_pref("browser.search.useDBForOrder", "false");

Added to C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\0wlvxx5l.default-1359325518549\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\0wlvxx5l.default-1359325518549

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_30.11.2014_1620_.backup

==== Deleting Files \ Folders ======================

C:\Users\Karol\.android deleted
C:\PROGRA~2\Video Download Converter deleted
C:\KMPlayer_3-6-0-87.exe deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\Users\Karol\AppData\Local\Software deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\0wlvxx5l.default-1359325518549\CT1750559 deleted
"C:\Users\Karol\AppData\Local\{6C49ADED-5B6B-4DE6-B56A-C0316F3F69CB}" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [14.09.2014 08:15]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\0wlvxx5l.default-1359325518549
- Undetermined - {65030561-c150-4370-836c-7c9d04f7a1b4}
- Power Zoom - %ProfilePath%\extensions\{65030561-c150-4370-836c-7c9d04f7a1b4}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\0wlvxx5l.default-1359325518549
67D325B5AEB28E381B84E8DE1A90C7A8 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll - Shockwave Flash
2ED65CF5725FCD0DFD40F87782AE37D5 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll - Shockwave Flash

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[20.07.2014 22:02]

Avast Online Security - Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Karol\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Karol\AppData\Local\Comodo\Dragon\User Data\Default\Web Data was reset successfully
C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Karol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Karol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Karol\AppData\Local\Mozilla\Firefox\Profiles\0wlvxx5l.default-1359325518549\cache2 emptied successfully
C:\Users\Karol\AppData\Local\Mozilla\Firefox\Profiles\aci1whoo.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Karol\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully
C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=29 folders=11 53788068 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Karol\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\uTorrent\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Karol\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 30.11.2014 at 16:35:04,29 ======================

#17 Příspěvek od **altrok** » 30 lis 2014 17:03

Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Fulgrim · #18 Příspěvek od **Fulgrim** » 30 lis 2014 17:24

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by Karol (administrator) on KAROL-PC on 30-11-2014 17:21:04
Running from C:\Users\Karol\Desktop
Loaded Profile: Karol (Available profiles: Karol)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(forum.viry.cz) C:\Users\Karol\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [368728 2011-01-26] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392360 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3527025134-1619887513-3940662434-1000\...\Run: [Total CMA Pack] => C:\Program Files (x86)\Total CMA Pack\Total CMA Pack.exe [43255 2009-09-01] (CMA®)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3527025134-1619887513-3940662434-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
HKU\S-1-5-21-3527025134-1619887513-3940662434-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3527025134-1619887513-3940662434-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-3527025134-1619887513-3940662434-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: No Name -> {4B4D502D-5341-5400-76A7-7A786E7484D7} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\c7fgulhf.default-1417361977806
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-20]

Chrome:
=======
CHR Profile: C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-20]
CHR Extension: (Avast Online Security) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-01]
CHR Extension: (Peněženka Google) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-20] (AVAST Software)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-20] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-20] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-07-04] (Disc Soft Ltd)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-30 17:21 - 2014-11-30 17:21 - 00013499 _____ () C:\Users\Karol\Desktop\FRST.txt
2014-11-30 17:20 - 2014-11-30 17:21 - 00000000 ____D () C:\FRST
2014-11-30 17:14 - 2014-11-30 17:14 - 00112640 _____ (forum.viry.cz) C:\Users\Karol\Desktop\FRSTLauncher.exe
2014-11-30 17:13 - 2014-11-30 17:13 - 02117632 _____ (Farbar) C:\Users\Karol\Desktop\FRST64.exe
2014-11-30 17:03 - 2014-11-30 17:20 - 1028653056 _____ () C:\Users\Karol\Downloads\Wer (2013)
2014-11-30 16:39 - 2014-11-30 16:39 - 00000000 ____D () C:\Users\Karol\Desktop\Původní data aplikace Firefox
2014-11-30 16:29 - 2014-11-30 16:01 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-30 16:02 - 2014-11-30 16:35 - 00009570 _____ () C:\zoek-results.log
2014-11-30 16:01 - 2014-11-30 16:20 - 00000000 ____D () C:\zoek_backup
2014-11-30 16:00 - 2014-11-30 16:00 - 01294848 _____ () C:\Users\Karol\Desktop\zoek.exe
2014-11-30 15:29 - 2014-11-30 15:29 - 00015714 _____ () C:\ComboFix.txt
2014-11-30 10:49 - 2014-11-30 10:55 - 00000000 ____D () C:\AdwCleaner
2014-11-30 10:49 - 2014-11-30 10:49 - 02148864 _____ () C:\Users\Karol\Desktop\adwcleaner_4.102.exe
2014-11-30 02:38 - 2014-11-30 02:38 - 00000000 _____ () C:\Windows\Minidump\113014-37830-01.dmp
2014-11-30 01:18 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-30 01:18 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-30 01:18 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-30 01:18 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-30 01:18 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-30 01:18 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-30 01:18 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-30 01:18 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-30 01:17 - 2014-11-30 15:30 - 00000000 ____D () C:\Qoobox
2014-11-30 01:17 - 2014-11-30 15:17 - 00000000 ____D () C:\Windows\erdnt
2014-11-30 00:31 - 2014-11-30 01:16 - 00002692 _____ () C:\Users\Karol\Desktop\Rkill.txt
2014-11-30 00:31 - 2014-11-30 00:31 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Karol\Desktop\rkillex64.exe
2014-11-30 00:15 - 2014-11-30 00:15 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Karol\Desktop\rkillex.exe
2014-11-29 23:59 - 2014-11-30 00:00 - 05599228 ____R (Swearware) C:\Users\Karol\Desktop\ComboFix.exe
2014-11-29 23:56 - 2014-11-29 23:56 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Karol\Downloads\rkill.com
2014-11-29 20:49 - 2014-11-29 20:49 - 00262144 _____ () C:\Windows\Minidump\112914-34211-01.dmp
2014-11-29 20:01 - 2014-11-29 20:02 - 00000000 ____D () C:\Users\Karol\Desktop\test
2014-11-29 20:01 - 2014-11-29 20:01 - 00000000 ____D () C:\Users\Karol\Downloads\CrystalDiskInfo6_2_1
2014-11-29 19:59 - 2014-11-29 20:00 - 02817974 _____ () C:\Users\Karol\Downloads\CrystalDiskInfo6_2_1.zip
2014-11-29 14:25 - 2014-11-29 14:44 - 155375981 _____ () C:\Users\Karol\Downloads\Pokemon-Black-2.zip
2014-11-29 11:04 - 2014-11-29 11:04 - 00000000 ____D () C:\rsit
2014-11-29 11:04 - 2014-11-29 11:04 - 00000000 ____D () C:\Program Files\trend micro
2014-11-29 11:03 - 2014-11-29 11:04 - 01222144 _____ () C:\Users\Karol\Downloads\RSITx64.exe
2014-11-29 04:13 - 2014-11-29 04:13 - 00262144 _____ () C:\Windows\Minidump\112914-26769-01.dmp
2014-11-29 00:15 - 2014-11-29 00:15 - 00010312 ____N () C:\bootsqm.dat
2014-11-28 22:55 - 2014-11-28 23:03 - 525119816 _____ () C:\Users\Karol\Downloads\Dexter VIII (7) - Kodex oblĂ©kĂˇnĂ.Dexter S08E07 - Kodex oblekani.Lovok.DVB-T.x264.mp4
2014-11-28 21:44 - 2014-11-28 22:25 - 2238851455 _____ () C:\Users\Karol\Downloads\The.Walking.Dead.S05E07.720p.HDTV.x264-KILLERS.mkv
2014-11-23 20:51 - 2014-11-23 21:32 - 2325981665 ____R () C:\Users\Karol\Downloads\Černý jestřáb sestřelen.mkv
2014-11-23 19:30 - 2014-11-24 00:07 - 2090710196 _____ () C:\Users\Karol\Downloads\To byl zítra flám (2010) BRRip [x264-AC3-720p] CZ-EN.mkv
2014-11-23 19:25 - 2014-11-23 19:53 - 1465959576 ____R () C:\Users\Karol\Downloads\Hangover (CZ) WiZZi.avi
2014-11-22 12:33 - 2014-11-22 12:43 - 547078634 _____ () C:\Users\Karol\Downloads\Dexter VIII (6) - Kousek sebe.Dexter S08E06 - Kousek sebe.Lovok.DVB-T.x264.mp4
2014-11-22 11:58 - 2014-11-22 12:32 - 1740223259 _____ () C:\Users\Karol\Downloads\The.Walking.Dead.S05E06.1080p.WEB-DL.DD5.1.H.264-Cyphanix.mkv
2014-11-18 22:48 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 22:48 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 22:48 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 22:48 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-16 20:43 - 2014-11-23 20:37 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\vlc
2014-11-16 20:39 - 2014-11-16 20:39 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-11-16 20:39 - 2014-11-16 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-11-16 20:39 - 2014-11-16 20:39 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-11-16 11:34 - 2014-11-16 14:46 - 17470708 _____ () C:\Users\Karol\Downloads\Hry o Ĺľivot (Hunger Games) 2012 5.1 CZ dabing.avi.idn0rjr.partial
2014-11-15 23:23 - 2014-11-15 23:50 - 00000000 ____D () C:\Users\Karol\Downloads\mala velka britanie
2014-11-15 20:28 - 2014-11-15 23:06 - 00000000 ____D () C:\Users\Karol\Downloads\MVB
2014-11-15 15:45 - 2014-11-15 16:03 - 793470976 _____ () C:\Users\Karol\Downloads\Dexter .S08E05 HDTV.CZ Dabing.avi
2014-11-15 15:29 - 2014-11-15 15:41 - 703395458 _____ () C:\Users\Karol\Downloads\Dexter .S08E04 HDTV CZ Dabing.avi
2014-11-15 02:57 - 2014-11-15 02:57 - 00000000 __SHD () C:\Users\Karol\AppData\Local\EmieBrowserModeList
2014-11-11 21:57 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 21:57 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-11 21:57 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 21:57 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 21:57 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 21:57 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 21:57 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 21:57 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-11 21:57 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-11 21:57 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 21:57 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 21:57 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 21:57 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-11 21:57 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 21:57 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 21:57 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 21:57 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 21:57 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 21:57 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 21:57 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 21:57 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 21:57 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-11 21:57 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 21:57 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 21:57 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 21:57 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 21:57 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 21:57 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 21:57 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 21:57 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 21:57 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 21:57 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 21:57 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 21:57 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 21:56 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 21:56 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 21:56 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 21:56 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 21:56 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 21:56 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 21:56 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 21:56 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 21:56 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 21:56 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 21:56 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 21:56 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 21:56 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 21:56 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 21:56 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-11 21:56 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 21:56 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 21:56 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 21:56 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 21:56 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 21:56 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-11 21:56 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 21:56 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 21:56 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 21:56 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 21:56 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 21:56 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-11 21:56 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 21:56 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 21:56 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-11 21:56 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 21:56 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 21:56 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 21:56 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 21:55 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 21:55 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 21:55 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 21:55 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 21:55 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 21:55 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 21:55 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 21:55 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 21:55 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 21:55 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 21:55 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 21:55 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 21:55 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 21:55 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 21:55 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 21:55 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 21:55 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 21:55 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 21:55 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 21:55 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 21:55 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 21:55 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 21:55 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 21:55 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 21:55 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 21:55 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 21:55 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 21:55 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 21:55 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 21:55 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 21:55 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 21:55 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 21:55 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 21:22 - 2014-11-11 21:54 - 1907170285 _____ () C:\Users\Karol\Downloads\The.Walking.Dead.S05E05.720p.HDTV.x264-KILLERS.mkv
2014-11-09 20:39 - 2014-11-09 21:11 - 1384296379 _____ () C:\Users\Karol\Downloads\American.Horror.Story.S04E04.720p.HDTV.X264-DIMENSION.mkv
2014-11-07 23:56 - 2014-11-07 23:56 - 00000000 ____D () C:\ProgramData\Sun
2014-11-07 23:55 - 2014-11-07 23:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-07 23:55 - 2014-11-07 23:55 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-07 23:55 - 2014-11-07 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-07 23:54 - 2014-11-07 23:54 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-07 23:53 - 2014-11-07 23:53 - 00638888 _____ (Oracle Corporation) C:\Users\Karol\Downloads\chromeinstall-8u25.exe
2014-11-07 23:52 - 2014-11-08 00:07 - 00000000 ____D () C:\pokemmo
2014-11-05 22:45 - 2014-11-05 22:52 - 495920663 _____ () C:\Users\Karol\Downloads\Dexter VIII (4) - ZjizvenĂˇ tkĂˇĹ.Dexter S08E04 - Zjizvena tkan.Lovok.DVB-T.x264.mp4
2014-11-05 20:10 - 2014-11-05 20:16 - 408929880 _____ () C:\Users\Karol\Downloads\Dexter.S08E03.TVRip.XviD.CZ.avi
2014-11-05 17:19 - 2014-11-05 18:03 - 2120620282 _____ () C:\Users\Karol\Downloads\American.Horror.Story.S04E03.720p.HDTV.x264-KILLERS (1).mkv
2014-11-05 16:59 - 2014-11-05 17:16 - 1063763968 _____ () C:\Users\Karol\Downloads\American.Horror.Story.S04E03.720p.HDTV.x264-KILLERS.mkv.jy2ynvy.partial
2014-11-05 10:30 - 2014-11-05 11:05 - 1985539633 _____ () C:\Users\Karol\Downloads\American.Horror.Story.S04E02.720p.HDTV.X264-DIMENSION.mkv
2014-11-05 00:09 - 2014-11-05 00:47 - 2248835402 _____ () C:\Users\Karol\Downloads\American.Horror.Story.S04E01.720p.HDTV.X264-DIMENSION.mkv
2014-11-04 22:10 - 2014-11-04 22:53 - 2037643509 _____ () C:\Users\Karol\Downloads\The.Walking.Dead.S05E04.720p.HDTV.x264-KILLERS.mkv
2014-11-04 20:25 - 2014-11-04 20:54 - 1717961966 _____ () C:\Users\Karol\Downloads\The.Walking.Dead.S05E03.1080p.WEB-DL.DD5.1.H.264-Cyphanix.mkv
2014-11-04 19:13 - 2014-11-04 19:52 - 2029789585 _____ () C:\Users\Karol\Downloads\The.Walking.Dead.S05E02.720p.HDTV.x264-KILLERS (1).mkv
2014-11-02 23:09 - 2014-11-03 00:05 - 294685644 _____ () C:\Users\Karol\Downloads\The.Walking.Dead.S05E02.720p.HDTV.x264-KILLERS.mkv.qkukmpm.partial
2014-11-02 22:25 - 2014-11-29 00:22 - 00000000 ____D () C:\Users\Karol\Downloads\Subs
2014-11-02 20:53 - 2014-11-02 22:25 - 2248479026 _____ () C:\Users\Karol\Downloads\The.Walking.Dead.S05E01.720p.HDTV.x264-KILLERS.mkv
2014-11-02 16:21 - 2014-11-02 16:22 - 00000000 ____D () C:\Users\Karol\Downloads\obrázky wd
2014-11-01 01:26 - 2014-11-01 01:26 - 00000000 ____D () C:\Users\Karol\Downloads\Walking Dead
2014-11-01 00:14 - 2014-11-11 08:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-01 00:11 - 2014-11-01 00:18 - 00000000 ____D () C:\Users\Karol\Downloads\Dexter.S08E02.BDRip.XviD.CZ-TreZzoR

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-30 17:09 - 2011-11-27 17:16 - 01981659 _____ () C:\Windows\WindowsUpdate.log
2014-11-30 16:45 - 2012-08-18 19:21 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-30 16:42 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-30 16:42 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-30 16:35 - 2012-08-10 21:28 - 00000000 ____D () C:\ProgramData\clear.fi
2014-11-30 16:34 - 2014-07-20 22:02 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-30 16:34 - 2010-11-21 04:47 - 00309644 _____ () C:\Windows\PFRO.log
2014-11-30 16:34 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-30 16:34 - 2009-07-14 05:51 - 00121242 _____ () C:\Windows\setupact.log
2014-11-30 16:24 - 2014-07-20 22:02 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-30 16:20 - 2012-08-10 21:19 - 00000000 ____D () C:\Users\Karol
2014-11-30 15:24 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-30 10:56 - 2014-07-20 22:03 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-30 10:51 - 2013-04-01 15:57 - 00000000 ____D () C:\Users\Karol\AppData\Local\CrashDumps
2014-11-30 10:28 - 2012-08-10 21:46 - 00000000 ____D () C:\ProgramData\Norton
2014-11-30 02:38 - 2012-08-29 21:53 - 650743321 _____ () C:\Windows\MEMORY.DMP
2014-11-30 02:38 - 2012-08-29 21:53 - 00000000 ____D () C:\Windows\Minidump
2014-11-30 02:03 - 2013-06-15 10:29 - 00000000 ____D () C:\Users\uTorrent
2014-11-29 17:26 - 2011-11-27 18:00 - 00669578 _____ () C:\Windows\system32\perfh005.dat
2014-11-29 17:26 - 2011-11-27 18:00 - 00141948 _____ () C:\Windows\system32\perfc005.dat
2014-11-29 17:26 - 2009-07-14 06:13 - 01586150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-29 00:34 - 2014-09-14 08:16 - 00002176 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-11-27 13:45 - 2012-08-18 19:21 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-27 13:45 - 2012-08-18 19:21 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-27 13:45 - 2011-10-13 14:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-27 13:26 - 2014-07-20 22:03 - 00002187 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-24 00:07 - 2013-12-26 15:27 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\BitTorrent
2014-11-22 22:05 - 2014-07-20 22:02 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-16 01:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-12 22:19 - 2014-07-20 22:02 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-12 22:19 - 2014-07-20 22:02 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-12 22:09 - 2009-07-14 05:45 - 00271712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 22:08 - 2014-05-11 22:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 22:07 - 2012-08-18 19:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-09 18:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-09 17:59 - 2013-06-22 14:28 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\SoftGrid Client
2014-11-05 19:21 - 2013-10-18 09:03 - 00000149 _____ () C:\Users\Karol\Documents\PWOOptions.ini
2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-01 17:02 - 2014-08-09 16:41 - 00000000 ____D () C:\Users\Karol\Downloads\Červený trpaslík 1 - 9 série
2014-11-01 03:06 - 2012-10-29 21:49 - 00000000 ____D () C:\Windows\System32\Tasks\Games

Files to move or delete:
====================
C:\Users\uTorrent\dht.dat
C:\Users\uTorrent\dht_feed.dat
C:\Users\uTorrent\resume.dat
C:\Users\uTorrent\rss.dat
C:\Users\uTorrent\settings.dat
C:\Users\uTorrent\updates.dat
C:\Users\uTorrent\utorrent.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-16 01:50

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:119.98 GB) NTFS
Drive d: (5Dimenze - Vymitani dabla) (CDROM) (Total:3.05 GB) (Free:0 GB) UDF

Available physical RAM: 2644.16 MB
Total physical RAM: 3947.86 MB
Percentage of memory in use: 33%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 20B3CB6A)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450.7 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Karol\Desktop" je 44 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Fulgrim · #19 Příspěvek od **Fulgrim** » 30 lis 2014 17:24

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2014 01
Ran by Karol at 2014-11-30 17:22:04
Running from C:\Users\Karol\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
BitTorrent (HKU\S-1-5-21-3527025134-1619887513-3940662434-1000\...\BitTorrent) (Version: 7.9.2.34947 - BitTorrent Inc.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klikni a spusť 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4999.1042 - Microsoft Corporation)
Microsoft Office Starter 2010 - čeština (HKLM-x32\...\{90140011-0066-0405-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 cs)) (Version: 33.1 - Mozilla)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

30-11-2014 14:05:51 ComboFix created restore point
30-11-2014 15:02:19 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-30 16:02 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1FF45A15-7327-490D-9524-A0C5AF99961A} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {212CC624-4C79-4C1B-8377-48085EC460C5} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\WSCStub.exe
Task: {22310CDA-CB9C-4441-8603-5A05D0CA29CB} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2011-08-09] (Acer)
Task: {44B53BEF-7097-4CF3-84D7-5F13C235509E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {506843B0-8BE6-40A7-BF37-A8C47E0D44D0} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\SymErr.exe
Task: {569CF51B-3B4C-4CD5-A6C8-47D637B1C494} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-25] (CyberLink Corp.)
Task: {5E4C3F12-941B-4560-882B-A532224B5CB4} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-25] (Acer Incorporated)
Task: {5F425623-F8B8-45F2-9915-A5B8CA7CE456} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {708E17C0-72C7-455B-8C8D-79492FBC95AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-27] (Adobe Systems Incorporated)
Task: {8E8B90FA-95AA-4F43-B1C1-453939CFCDBD} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\SymErr.exe
Task: {8EDA6258-545E-4813-B96E-D01CA06AB62D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-20] (Google Inc.)
Task: {B9E30104-9E45-43DD-819E-BAA60E5B830B} - System32\Tasks\{1027E5D5-10E1-4471-8646-EA92DE8497FA} => E:\Dungeon.EXE
Task: {BCE944BD-AD30-4388-B172-C26711B2C4F7} - System32\Tasks\{BB7E77AA-3265-4F31-A364-9AC0823BC04A} => E:\Dungeon.EXE
Task: {C048BF5D-DB8D-4740-8EBE-3CA3C9A045AA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-20] (AVAST Software)
Task: {EF82C832-68B7-4D99-976D-55C3031CCB4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-20] (Google Inc.)
Task: {F5BE8CA7-3C88-4075-B868-13FDED05AF66} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-25] (CyberLink)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-01-22 01:45 - 2009-01-22 01:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-10-13 14:56 - 2011-03-25 10:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-07-20 22:02 - 2014-07-20 22:02 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-11-30 10:22 - 2014-11-30 10:22 - 02904064 _____ () C:\Program Files\AVAST Software\Avast\defs\14113000\algo.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-08-25 03:03 - 2011-08-25 03:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2014-07-20 22:02 - 2014-07-20 22:02 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-18 11:13 - 2014-10-18 11:13 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\39ff47a82cce6fab4fafee9b44846d97\IsdiInterop.ni.dll
2011-10-13 14:11 - 2010-09-14 02:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-3527025134-1619887513-3940662434-500 - Administrator - Disabled)
Guest (S-1-5-21-3527025134-1619887513-3940662434-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3527025134-1619887513-3940662434-1002 - Limited - Enabled)
Karol (S-1-5-21-3527025134-1619887513-3940662434-1000 - Administrator - Enabled) => C:\Users\Karol

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/30/2014 04:35:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2014 03:25:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2014 10:56:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2014 10:51:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: adwcleaner_4.102.exe, verze: 4.1.0.2, časové razítko: 0x54726304
Název chybujícího modulu: adwcleaner_4.102.exe, verze: 4.1.0.2, časové razítko: 0x54726304
Kód výjimky: 0xc0000005
Posun chyby: 0x00020ce1
ID chybujícího procesu: 0x175c
Čas spuštění chybující aplikace: 0xadwcleaner_4.102.exe0
Cesta k chybující aplikaci: adwcleaner_4.102.exe1
Cesta k chybujícímu modulu: adwcleaner_4.102.exe2
ID zprávy: adwcleaner_4.102.exe3

Error: (11/30/2014 10:39:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2014 10:30:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2014 10:24:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2014 10:20:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program iexplore.exe verze 11.0.9600.17420 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: fe4

Čas spuštění: 01d00c418251e960

Čas ukončení: 0

Cesta k aplikaci: C:\Program Files\Internet Explorer\iexplore.exe

ID hlášení: ea110de2-7871-11e4-900d-e89a8feb6c03

Error: (11/30/2014 02:52:16 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru C:\Windows\System32\msi.dll z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Průzkumník Windows.

Program: Průzkumník Windows
Soubor: C:\Windows\System32\msi.dll

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: C00000B5
Typ disku: 3

Error: (11/30/2014 02:52:16 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_706fccb39ad7e580\mfc90.dll z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program PMM Update Application.

Program: PMM Update Application
Soubor: C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_706fccb39ad7e580\mfc90.dll

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: C00000B5
Typ disku: 3

System errors:
=============
Error: (11/30/2014 04:20:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/30/2014 04:20:42 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/30/2014 04:20:42 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/30/2014 04:20:41 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/30/2014 04:20:41 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/30/2014 03:59:11 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (11/30/2014 03:17:24 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/30/2014 03:13:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/30/2014 03:07:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (11/30/2014 10:55:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Application Virtualization Client byla neočekávaně ukončena. Tento stav nastal již 1krát.

Microsoft Office Sessions:
=========================
Error: (11/30/2014 04:35:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2014 03:25:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2014 10:56:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2014 10:51:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: adwcleaner_4.102.exe4.1.0.254726304adwcleaner_4.102.exe4.1.0.254726304c000000500020ce1175c01d00c82f0968009C:\Users\Karol\Desktop\adwcleaner_4.102.exeC:\Users\Karol\Desktop\adwcleaner_4.102.exe7dd42883-7876-11e4-8098-e89a8feb6c03

Error: (11/30/2014 10:39:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2014 10:30:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2014 10:24:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2014 10:20:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.17420fe401d00c418251e9600C:\Program Files\Internet Explorer\iexplore.exeea110de2-7871-11e4-900d-e89a8feb6c03

Error: (11/30/2014 02:52:16 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\System32\msi.dllPrůzkumník WindowsC00000B53

Error: (11/30/2014 02:52:16 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_706fccb39ad7e580\mfc90.dllPMM Update ApplicationC00000B53

CodeIntegrity Errors:
===================================
Date: 2014-11-30 15:07:41.775
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-11-30 15:07:41.682
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU B815 @ 1.60GHz
Percentage of memory in use: 33%
Total physical RAM: 3947.86 MB
Available physical RAM: 2644.16 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 6409.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:119.98 GB) NTFS
Drive d: (5Dimenze - Vymitani dabla) (CDROM) (Total:3.05 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 20B3CB6A)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#20 Příspěvek od **altrok** » 30 lis 2014 19:03

Fulgrim píše:Po prvním použití ComboFixu zrychlil a po adwcleaneru jede jako po másle

To rad slysim

Prejmenujte ComboFix na Uninstall a spustte jako spravce
ComboFix se odinstaluje.

Disk vykazuje chyby, takze treba pres noc pouzijte nasledujici postup.

Start -> Spustit -> cmd
vepiste chkdsk /r
enter a restartujte PC
tato kontrola a opravovani probihaji pred nactenim OS a trvaji az nekolik hodin

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
DisableService: BBSvc
DisableService: BBUpdate
HKU\S-1-5-21-3527025134-1619887513-3940662434-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3527025134-1619887513-3940662434-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: No Name -> {4B4D502D-5341-5400-76A7-7A786E7484D7} -> No File
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
2014-11-30 16:29 - 2014-11-30 16:01 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-30 16:02 - 2014-11-30 16:35 - 00009570 _____ () C:\zoek-results.log
2014-11-30 16:01 - 2014-11-30 16:20 - 00000000 ____D () C:\zoek_backup
2014-11-30 16:00 - 2014-11-30 16:00 - 01294848 _____ () C:\Users\Karol\Desktop\zoek.exe
2014-11-30 10:49 - 2014-11-30 10:55 - 00000000 ____D () C:\AdwCleaner
2014-11-30 10:49 - 2014-11-30 10:49 - 02148864 _____ () C:\Users\Karol\Desktop\adwcleaner_4.102.exe
2014-11-30 00:31 - 2014-11-30 01:16 - 00002692 _____ () C:\Users\Karol\Desktop\Rkill.txt
2014-11-30 00:31 - 2014-11-30 00:31 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Karol\Desktop\rkillex64.exe
2014-11-30 00:15 - 2014-11-30 00:15 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Karol\Desktop\rkillex.exe
2014-11-29 23:56 - 2014-11-29 23:56 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Karol\Downloads\rkill.com
2014-11-29 20:01 - 2014-11-29 20:01 - 00000000 ____D () C:\Users\Karol\Downloads\CrystalDiskInfo6_2_1
2014-11-29 19:59 - 2014-11-29 20:00 - 02817974 _____ () C:\Users\Karol\Downloads\CrystalDiskInfo6_2_1.zip
2014-11-29 11:04 - 2014-11-29 11:04 - 00000000 ____D () C:\rsit
2014-11-29 11:04 - 2014-11-29 11:04 - 00000000 ____D () C:\Program Files\trend micro
2014-11-29 11:03 - 2014-11-29 11:04 - 01222144 _____ () C:\Users\Karol\Downloads\RSITx64.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {B9E30104-9E45-43DD-819E-BAA60E5B830B} - System32\Tasks\{1027E5D5-10E1-4471-8646-EA92DE8497FA} => E:\Dungeon.EXE
Task: {BCE944BD-AD30-4388-B172-C26711B2C4F7} - System32\Tasks\{BB7E77AA-3265-4F31-A364-9AC0823BC04A} => E:\Dungeon.EXE
C:\Program Files (x86)\Microsoft\BingBar
Hosts:
EmptyTemp:
End

Fulgrim · #21 Příspěvek od **Fulgrim** » 30 lis 2014 23:40

Nemohu napsat příkaz do cmd, píše ti, že

řístup byl odepřen, protože nemáte dostatečná oprávnění. Tento nástroj je nutné zapnout v režimu zvýšených oprávnění.

Je tu pouze jediný profil, takže nevím, co tím Pan příkazový řádek myslí :/

#22 Příspěvek od **altrok** » 01 pro 2014 00:52

Napiste tento prikaz do prikazoveho radku v nouzovem rezimu.

fixlist aplikujte klidne pred opravou chyb HDD. V tomto pripade neni nutne postup mezi pouzitim jednotlivych utilit dodrzovat.

Fulgrim · #23 Příspěvek od **Fulgrim** » 01 pro 2014 21:38

Během týdne test provedu, pár dní teď u přítelkyně nebudu, a jí čištění určitě přenechat nemůžu

Takže prosím nezamykat

#24 Příspěvek od **altrok** » 01 pro 2014 21:41

Dobre. Diky, ze jste dal vedet

Fulgrim · #25 Příspěvek od **Fulgrim** » 17 led 2015 10:50

Dobrý den,
Velmi se omlouvám že tak pozdě, ale prosinec byl pracovně časově náročný a vůbec jsem se k tomu nedostal.
Minulý týden se přítelkyni stalo, že notebook zapnula a nešel ji nastartovat - dokola se restartovával a když jsem to zakázal, házel modrou smrt (číslo už nevím, ale bylo to selhání disku - to jsem si našel na internetu). Když jsem si notebook odvezl domů že se na něj mrknu, po zapnutí se normálně spustil a proběhlo něco jako oprava disku.

Navázal jsem tam, kde jsme skončili a provedl kontrolu disku chkdsk /r , která před načtením OS trvala zhruba 2 vteřiny a provedl jsem fix FRTS.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-01-2015 01
Ran by Karol at 2015-01-17 10:34:06 Run:1
Running from C:\Users\Karol\Desktop
Loaded Profiles: Karol (Available profiles: Karol)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
DisableService: BBSvc
DisableService: BBUpdate
HKU\S-1-5-21-3527025134-1619887513-3940662434-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3527025134-1619887513-3940662434-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: No Name -> {4B4D502D-5341-5400-76A7-7A786E7484D7} -> No File
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
2014-11-30 16:29 - 2014-11-30 16:01 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-30 16:02 - 2014-11-30 16:35 - 00009570 _____ () C:\zoek-results.log
2014-11-30 16:01 - 2014-11-30 16:20 - 00000000 ____D () C:\zoek_backup
2014-11-30 16:00 - 2014-11-30 16:00 - 01294848 _____ () C:\Users\Karol\Desktop\zoek.exe
2014-11-30 10:49 - 2014-11-30 10:55 - 00000000 ____D () C:\AdwCleaner
2014-11-30 10:49 - 2014-11-30 10:49 - 02148864 _____ () C:\Users\Karol\Desktop\adwcleaner_4.102.exe
2014-11-30 00:31 - 2014-11-30 01:16 - 00002692 _____ () C:\Users\Karol\Desktop\Rkill.txt
2014-11-30 00:31 - 2014-11-30 00:31 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Karol\Desktop\rkillex64.exe
2014-11-30 00:15 - 2014-11-30 00:15 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Karol\Desktop\rkillex.exe
2014-11-29 23:56 - 2014-11-29 23:56 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Karol\Downloads\rkill.com
2014-11-29 20:01 - 2014-11-29 20:01 - 00000000 ____D () C:\Users\Karol\Downloads\CrystalDiskInfo6_2_1
2014-11-29 19:59 - 2014-11-29 20:00 - 02817974 _____ () C:\Users\Karol\Downloads\CrystalDiskInfo6_2_1.zip
2014-11-29 11:04 - 2014-11-29 11:04 - 00000000 ____D () C:\rsit
2014-11-29 11:04 - 2014-11-29 11:04 - 00000000 ____D () C:\Program Files\trend micro
2014-11-29 11:03 - 2014-11-29 11:04 - 01222144 _____ () C:\Users\Karol\Downloads\RSITx64.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {B9E30104-9E45-43DD-819E-BAA60E5B830B} - System32\Tasks\{1027E5D5-10E1-4471-8646-EA92DE8497FA} => E:\Dungeon.EXE
Task: {BCE944BD-AD30-4388-B172-C26711B2C4F7} - System32\Tasks\{BB7E77AA-3265-4F31-A364-9AC0823BC04A} => E:\Dungeon.EXE
C:\Program Files (x86)\Microsoft\BingBar
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
BBSvc service was disabled
BBUpdate service was disabled
HKU\S-1-5-21-3527025134-1619887513-3940662434-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3527025134-1619887513-3940662434-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}" => Key deleted successfully.
"HKCR\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B4D502D-5341-5400-76A7-7A786E7484D7}" => Key deleted successfully.
HKCR\CLSID\{4B4D502D-5341-5400-76A7-7A786E7484D7} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{eec0f710-38b5-4aba-99bf-ec87564a4e13} => value deleted successfully.
"HKCR\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{eec0f710-38b5-4aba-99bf-ec87564a4e13} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Karol\Desktop\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
"C:\Users\Karol\Desktop\adwcleaner_4.102.exe" => File/Directory not found.
C:\Users\Karol\Desktop\Rkill.txt => Moved successfully.
C:\Users\Karol\Desktop\rkillex64.exe => Moved successfully.
C:\Users\Karol\Desktop\rkillex.exe => Moved successfully.
"C:\Users\Karol\Downloads\rkill.com" => File/Directory not found.
C:\Users\Karol\Downloads\CrystalDiskInfo6_2_1 => Moved successfully.
"C:\Users\Karol\Downloads\CrystalDiskInfo6_2_1.zip" => File/Directory not found.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
"C:\Users\Karol\Downloads\RSITx64.exe" => File/Directory not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9E30104-9E45-43DD-819E-BAA60E5B830B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9E30104-9E45-43DD-819E-BAA60E5B830B}" => Key deleted successfully.
C:\Windows\System32\Tasks\{1027E5D5-10E1-4471-8646-EA92DE8497FA} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1027E5D5-10E1-4471-8646-EA92DE8497FA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCE944BD-AD30-4388-B172-C26711B2C4F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCE944BD-AD30-4388-B172-C26711B2C4F7}" => Key deleted successfully.
C:\Windows\System32\Tasks\{BB7E77AA-3265-4F31-A364-9AC0823BC04A} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BB7E77AA-3265-4F31-A364-9AC0823BC04A}" => Key deleted successfully.
C:\Program Files (x86)\Microsoft\BingBar => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 21.2 GB temporary data.

The system needed a reboot.

==== End of Fixlog 10:35:50 ====

#26 Příspěvek od **altrok** » 17 led 2015 13:54

Dobry den,

Fulgrim píše:chkdsk /r , která před načtením OS trvala zhruba 2 vteřiny

takhle to opravdu probehnout nema... poprosim Vas znovu o chkdsk v normalnim rezimu - prikazovy radek musi byt spusten s pravy spravce

Start -> Vsechny programy -> Prislusenstvi -> pravej klik na Prikazovy radek a Spustit jako spravce

vepiste chkdsk /r
enter a restartujte PC
tato kontrola a opravovani probihaji pred nactenim OS a trvaji az nekolik hodin

Poprosim Vas take o aktualni log z CDI, zda se stav HDD zmenil.

Stahnete Crystal Disk Info (CDI) http://sourceforge.jp/frs/redir.php?m=j ... o6_2_2.zip
archiv extrahujte a spustte vyextrahovany soubor DiskInfo.exe
ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
log vlozte do dalsi odpovedi (Ctrl + V)

Dejte aktualni log FRST.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Zkopirujte slozku C:\Windows\Minidump (prvne zkontrolujte, ze tam jsou nejake soubory *.dmp) a nahrejte je na leteckou postu.

Start -> spustit -> eventvwr, vlevo rozkliknete Protokoly systemu Windows, pravej klik na System, vyberte Ulozit vsechny udalosti jako, vysledny soubor zabalte a upnete na leteckou postu - link (odkaz na stazeni) dejte do pristi odpovedi.

Fulgrim · #27 Příspěvek od **Fulgrim** » 17 led 2015 23:27

Log z Crystaldisku.
----------------------------------------------------------------------------
CrystalDiskInfo 6.2.2 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2015/01/17 23:27:24

-- Controller Map ----------------------------------------------------------
+ Intel(R) Mobile Express Chipset SATA AHCI Controller [ATA]
- WDC WD5000BPVT-22HXZT3
- MATSHITA DVD-RAM UJ8B0AW

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000BPVT-22HXZT3 : 500,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD5000BPVT-22HXZT3
----------------------------------------------------------------------------
Model : WDC WD5000BPVT-22HXZT3
Firmware : 01.01A01
Serial Number : WD-WXN1A9121229
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 2836 hod.
Power On Count : 2092 krát
Temperature : 32 C (89 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 198 198 _51 00000000496A Počet chyb čtení
03 180 173 _21 0000000007BF Čas na roztočení ploten
04 _92 _92 __0 0000000022A5 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _97 _97 __0 000000000B14 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 00000000082C Počet cyklů zapnutí zařízení
BF __1 __1 __0 0000000005C0 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000034 Počet vypnutí disku
C1 _92 _92 __0 00000004F301 Počet cyklů načítání/vymazání
C2 115 101 __0 000000000020 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000005 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4E31 4139 3132 3132 3239
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3530 3030 4250 5654 2D32 3248 585A 5433 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 004C
080: 01FE 0000 746B 7D09 6123 7469 BC09 6123 407F 003A
090: 003A 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5001 4EE6
110: 01CC 34BE 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 012D 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 ADA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C6 C6 6A 49 00 00 00 00 00 03 27
010: 00 B4 AD BF 07 00 00 00 00 00 04 32 00 5C 5C A5
020: 22 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 61 61 14 0B 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 2C 08 00 00 00 00 00 BF 32
070: 00 01 01 C0 05 00 00 00 00 00 C0 32 00 C8 C8 34
080: 00 00 00 00 00 00 C1 32 00 5C 5C 01 F3 04 00 00
090: 00 00 C2 22 00 73 65 20 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 05
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 C4 2C 01 7B
170: 03 00 01 00 02 72 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 03 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 96

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C6 C8 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50

Fulgrim · #28 Příspěvek od **Fulgrim** » 17 led 2015 23:38

Log FRST.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2015 01
Ran by Karol (administrator) on KAROL-PC on 17-01-2015 23:32:24
Running from C:\Users\Karol\Desktop
Loaded Profiles: Karol (Available profiles: Karol)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_257_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(forum.viry.cz) C:\Users\Karol\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [368728 2011-01-26] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392360 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3527025134-1619887513-3940662434-1000\...\Run: [Total CMA Pack] => C:\Program Files (x86)\Total CMA Pack\Total CMA Pack.exe [43255 2009-09-01] (CMA®)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3527025134-1619887513-3940662434-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3527025134-1619887513-3940662434-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\c7fgulhf.default-1417361977806
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-20]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSearchURL: Default -> https://www.bing.com/search?q={searchTerms}
CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={ ... ={language}
CHR Profile: C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-13]
CHR Extension: (Dokumenty Google) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-20]
CHR Extension: (Disk Google) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-13]
CHR Extension: (YouTube) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-13]
CHR Extension: (Tabulky Google) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-13]
CHR Extension: (Avast Online Security) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-01]
CHR Extension: (Peněženka Google) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-01]
CHR Extension: (Gmail) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-20] (AVAST Software)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 BBSvc; "C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe" [X]
S4 BBUpdate; "C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-20] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-20] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-07-04] (Disc Soft Ltd)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-17 23:32 - 2015-01-17 23:32 - 00014202 _____ () C:\Users\Karol\Desktop\FRST.txt
2015-01-17 23:30 - 2015-01-17 23:31 - 00112640 _____ (forum.viry.cz) C:\Users\Karol\Desktop\FRSTLauncher.exe
2015-01-17 23:26 - 2015-01-17 23:28 - 00000292 _____ () C:\Users\Karol\Desktop\DiskInfo.ini
2015-01-17 23:26 - 2015-01-17 23:26 - 02817875 _____ () C:\Users\Karol\Downloads\CrystalDiskInfo6_2_2.zip
2015-01-17 23:26 - 2015-01-17 23:26 - 00000000 ____D () C:\Users\Karol\Desktop\Smart
2015-01-17 23:26 - 2014-12-05 22:41 - 02385016 _____ (Crystal Dew World) C:\Users\Karol\Desktop\DiskInfo.exe
2015-01-17 23:26 - 2014-12-05 10:23 - 00000000 ____D () C:\Users\Karol\Desktop\CdiResource
2015-01-17 23:26 - 2014-01-27 21:18 - 00000000 ____D () C:\Users\Karol\Desktop\License
2015-01-17 23:24 - 2015-01-17 23:24 - 00000000 ____D () C:\Users\Karol\Desktopl
2015-01-17 18:32 - 2015-01-17 18:36 - 144226992 _____ () C:\Users\Karol\Downloads\Vesmirni kovbojove 2000 cz dabing.avi.eo76m2r.partial
2015-01-17 13:02 - 2015-01-17 13:11 - 00000000 ____D () C:\Users\Karol\Downloads\The Prodigy - Diskografie +Singly (1991-2009) (MP3 320kbps)
2015-01-17 12:01 - 2015-01-17 12:01 - 00061284 _____ () C:\Users\Karol\Downloads\Ink(0000143190).srt
2015-01-17 10:33 - 2015-01-17 10:33 - 00000000 ____D () C:\Users\Karol\Desktop\FRST-OlderVersion
2015-01-17 09:54 - 2015-01-17 09:54 - 02191360 _____ () C:\Users\Karol\Desktop\adwcleaner_4.107.exe
2015-01-14 21:40 - 2015-01-14 21:40 - 00000000 __SHD () C:\found.000
2015-01-03 13:13 - 2015-01-03 13:38 - 1041742382 _____ () C:\Users\Karol\Downloads\!Posledni den na marsu---The-Last-Days-On-Mars-(2013)-en.cz.sub..avi
2015-01-03 13:12 - 2015-01-03 14:07 - 1457529696 _____ () C:\Users\Karol\Downloads\Pole v Anglii 2013 novinka CZ titulky pribaleny vyborna kvalita Horor Mysteriozni Historicky Drama.zip
2015-01-03 09:57 - 2015-01-03 15:56 - 00000000 ____D () C:\Users\Karol\Downloads\Pekelná kuchyně - Hell's Kitchen (Season 8)
2015-01-03 09:57 - 2015-01-03 10:35 - 2065645568 ____R () C:\Users\Karol\Downloads\Blended (2014) CZ dabing.avi
2015-01-02 21:11 - 2015-01-02 21:16 - 241762304 _____ () C:\Users\Karol\Downloads\mala-velka-britanie-usa-LBU-S01E01-CZ.avi
2015-01-02 00:16 - 2015-01-02 00:20 - 244371456 _____ () C:\Users\Karol\Downloads\06 - Mala Velka Britanie v USA.avi
2015-01-01 22:56 - 2015-01-01 23:30 - 240465920 _____ () C:\Users\Karol\Downloads\05 - Mala Velka Britanie v USA.avi
2015-01-01 19:39 - 2014-12-24 06:59 - 1994678191 _____ () C:\Users\Karol\Desktop\Ink.2009.BRRIP.720P.H264-ZEKTORM.mkv
2014-12-29 19:09 - 2014-12-29 19:22 - 243822592 _____ () C:\Users\Karol\Downloads\mala-velka-britanie-usa-LBU-S01E04-CZ.avi
2014-12-29 15:17 - 2014-12-29 19:55 - 694701294 ____R () C:\Users\Karol\Downloads\Pompeje (2014).mkv
2014-12-29 15:14 - 2014-12-29 18:27 - 3342973345 ____R () C:\Users\Karol\Downloads\Gone.Girl.2014.720p.BluRay.x264.CZ.4play.mkv
2014-12-29 11:10 - 2014-12-29 11:15 - 241250304 _____ () C:\Users\Karol\Downloads\mala velka britanie v usa 03.avi
2014-12-27 15:57 - 2014-12-27 19:18 - 1543395328 ____R () C:\Users\Karol\Downloads\21 Jump Street.avi
2014-12-26 07:16 - 2014-12-26 20:16 - 2435073383 ____R () C:\Users\Karol\Downloads\Hercules.2014..mkv
2014-12-26 04:45 - 2014-12-26 12:05 - 00000000 ____D () C:\Users\Karol\Downloads\Edge.of.Tomorrow.2014.720p.BluRay.DTS.x264-HDAccess.CZ-FTU
2014-12-26 02:13 - 2014-12-26 07:16 - 382004576 ____R () C:\Users\Karol\Downloads\Zloba - Královna černé magie.mkv
2014-12-26 02:12 - 2014-12-27 01:51 - 352612641 ____R () C:\Users\Karol\Downloads\Dawn.of.the.Planet.of.the.Apes.2014.720p.x264.CZ-TX.mkv
2014-12-26 02:12 - 2014-12-26 04:32 - 00000000 ____D () C:\Users\Karol\Downloads\Guardians.of.the.Galaxy.2014.720p.BluRay.x264.CZ
2014-12-26 02:10 - 2014-12-27 02:51 - 2185649243 ____R () C:\Users\Karol\Downloads\22 Jump Street.mkv
2014-12-26 02:08 - 2014-12-27 00:57 - 3824651923 ____R () C:\Users\Karol\Downloads\The.Anomaly.2014.720p.BluRay.DTS.x264-HDAccess.CZ-FTU.mkv
2014-12-25 19:40 - 2014-12-25 22:51 - 666733865 ____R () C:\Users\Karol\Downloads\The.Maze.Runner.2014.720p.BluRay.x264.CZ.mkv
2014-12-23 21:46 - 2014-12-23 22:18 - 1331390140 _____ () C:\Users\Karol\Downloads\Jestřábí žena cz.avi

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-17 23:32 - 2014-11-30 17:20 - 00000000 ____D () C:\FRST
2015-01-17 23:30 - 2011-11-27 17:16 - 01270235 _____ () C:\Windows\WindowsUpdate.log
2015-01-17 23:24 - 2012-08-10 21:19 - 00000000 ____D () C:\Users\Karol
2015-01-17 22:45 - 2012-08-18 19:21 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-17 19:51 - 2009-07-14 05:51 - 00128124 _____ () C:\Windows\setupact.log
2015-01-17 16:53 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-17 16:53 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-17 16:46 - 2012-08-10 21:28 - 00000000 ____D () C:\ProgramData\clear.fi
2015-01-17 16:45 - 2009-07-14 06:08 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-17 16:45 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-17 14:24 - 2011-11-27 18:00 - 00669578 _____ () C:\Windows\system32\perfh005.dat
2015-01-17 14:24 - 2011-11-27 18:00 - 00141948 _____ () C:\Windows\system32\perfc005.dat
2015-01-17 14:24 - 2009-07-14 06:13 - 01586150 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-17 13:59 - 2013-12-26 15:27 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\BitTorrent
2015-01-17 11:08 - 2014-11-07 23:52 - 00000000 ____D () C:\pokemmo
2015-01-17 10:33 - 2014-11-30 17:13 - 02125824 _____ (Farbar) C:\Users\Karol\Desktop\FRST64.exe
2015-01-17 09:58 - 2010-11-21 04:47 - 00310264 _____ () C:\Windows\PFRO.log
2015-01-17 09:45 - 2012-08-18 19:21 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-17 09:45 - 2012-08-18 19:21 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-17 09:45 - 2011-10-13 14:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-17 09:26 - 2014-07-20 22:03 - 00002187 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-08 09:55 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-03 12:50 - 2014-11-16 20:43 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\vlc
2015-01-01 22:54 - 2014-07-20 22:03 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-30 23:50 - 2013-04-01 15:57 - 00000000 ____D () C:\Users\Karol\AppData\Local\CrashDumps

==================== Files in the root of some directories =======
2011-11-27 17:32 - 2011-11-27 17:35 - 0015222 _____ () C:\ProgramData\ArcadeDeluxe5.log

Files to move or delete:
====================
C:\Users\uTorrent\dht.dat
C:\Users\uTorrent\dht_feed.dat
C:\Users\uTorrent\resume.dat
C:\Users\uTorrent\rss.dat
C:\Users\uTorrent\settings.dat
C:\Users\uTorrent\updates.dat
C:\Users\uTorrent\utorrent.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-14 20:10

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:73.3 GB) NTFS
Drive d: (5Dimenze - Vymitani dabla) (CDROM) (Total:3.05 GB) (Free:0 GB) UDF

Available physical RAM: 2206.32 MB
Total physical RAM: 3947.86 MB
Percentage of memory in use: 44%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 20B3CB6A)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450.7 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Karol\Desktop" je 1947 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Fulgrim · #29 Příspěvek od **Fulgrim** » 17 led 2015 23:47

A tady ten link.
http://leteckaposta.cz/957886734

MiliNess · #30 Příspěvek od **MiliNess** » 18 led 2015 15:11

Je to způsobeno vadou disku. K BSOD došlo kvůli selhání obsluhy výpadku paměťové stránky (operace stránkování), vstupně/výstupní operace s diskem skončila
se stavovým kódem STATUS_IO_TIMEOUT. I/O diskovou operaci se tedy nepodařilo dokončit ve stanoveném limitu.
To Wédéčko bude vadné. Zkus ještě spustit Error Scan v HD Tune.
Bude nutná výměna disku.

Ve Správci zařízení rozbal uzel Řadiče IDE ATA/ATAPI, najdi kanál, ke kterému je připojený pevný disk, pak ve Vlastnosti udělej screen shot záložky Upřesnit nastavení.

VIRY.CZ

Notebook se ze dne na den začal sekat

Re: Notebook se ze dne na den začal sekat

Re: Notebook se ze dne na den začal sekat

Re: Notebook se ze dne na den začal sekat

Re: Notebook se ze dne na den začal sekat

Re: Notebook se ze dne na den začal sekat

Re: Notebook se ze dne na den začal sekat

Re: Notebook se ze dne na den začal sekat

Re: Notebook se ze dne na den začal sekat

Re: Notebook se ze dne na den začal sekat

Re: Notebook se ze dne na den začal sekat

Re: Notebook se ze dne na den začal sekat

Re: Notebook se ze dne na den začal sekat

Re: Notebook se ze dne na den začal sekat

Re: Notebook se ze dne na den začal sekat

Re: Notebook se ze dne na den začal sekat