strata miesta na disku

Zpráva

luissuares77 · #1 Příspěvek od **luissuares77** » 23 pro 2014 18:15

Zdravím.Poprosím o pomoc, zrazu sa začalo stracat miesto na disku dost rýchlo bez môjho prispenia. Dakujem

Logfile of random's system information tool 1.10 (written by random/random)
Run by marian at 2014-12-23 18:06:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 11 GB (11%) free of 100 GB
Total RAM: 2013 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:06:37, on 23. 12. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Users\marian\Desktop\RSIT.exe
C:\Program Files\trend micro\marian.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 4554 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\marian\AppData\Roaming\Mozilla\Firefox\Profiles\9khlvxo0.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@oberon-media.com/ONCAdapter]
"Description"=Oberon com adapter plugin
"Path"=C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Users\marian\AppData\Roaming\Mozilla\Firefox\Profiles\9khlvxo0.default\extensions\
battlefieldplay4free@ea.com
gamesbar@oberon-media.com

C:\Users\marian\AppData\Roaming\Mozilla\Firefox\Profiles\9khlvxo0.default\searchplugins\
safeguard-secure-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-22 586968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-12-23 5225064]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-05-07 256896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-08-01 3673696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-23 18:06:01 ----D---- C:\rsit
2014-12-23 17:39:58 ----A---- C:\Windows\system32\aswBoot.exe
2014-12-23 16:36:04 ----ASH---- C:\pagefile.sys
2014-12-18 12:03:04 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-11 18:30:30 ----D---- C:\Windows\system32\appraiser
2014-12-11 18:28:24 ----A---- C:\Windows\system32\mf.dll
2014-12-11 15:58:47 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 15:58:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-11 15:58:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-11 15:58:46 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 15:58:46 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-11 15:58:45 ----A---- C:\Windows\system32\vbscript.dll
2014-12-11 15:58:45 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-11 15:58:45 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 15:58:45 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-11 15:58:44 ----N---- C:\Windows\system32\wininet.dll
2014-12-11 15:58:44 ----A---- C:\Windows\system32\wininet(54).dll
2014-12-11 15:58:43 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-11 15:58:42 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-11 15:58:42 ----A---- C:\Windows\system32\ieui.dll
2014-12-11 15:58:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-11 15:58:40 ----N---- C:\Windows\system32\iertutil.dll
2014-12-11 15:58:40 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-11 15:58:40 ----A---- C:\Windows\system32\iertutil(50).dll
2014-12-11 15:58:38 ----A---- C:\Windows\system32\jscript9.dll
2014-12-11 15:58:37 ----A---- C:\Windows\system32\mshtml.dll
2014-12-11 15:58:36 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-11 15:58:35 ----N---- C:\Windows\system32\urlmon.dll
2014-12-11 15:58:35 ----A---- C:\Windows\system32\urlmon(51).dll
2014-12-11 15:58:35 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-11 15:58:35 ----A---- C:\Windows\system32\iernonce.dll
2014-12-11 15:58:35 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-11 15:58:35 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-11 15:58:33 ----A---- C:\Windows\system32\msrating.dll
2014-12-11 15:58:33 ----A---- C:\Windows\system32\iesetup.dll
2014-12-11 15:58:32 ----A---- C:\Windows\system32\ieframe.dll
2014-12-11 15:57:48 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-11 15:57:46 ----N---- C:\Windows\system32\WindowsCodecs.dll
2014-12-11 15:57:46 ----A---- C:\Windows\system32\WindowsCodecs(53).dll
2014-12-11 15:57:43 ----A---- C:\Windows\system32\appraiser.dll
2014-12-11 15:57:43 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-11 15:57:43 ----A---- C:\Windows\system32\aepic.dll
2014-12-11 15:57:43 ----A---- C:\Windows\system32\aepic(49).dll
2014-12-11 15:57:42 ----A---- C:\Windows\system32\invagent.dll
2014-12-11 15:57:42 ----A---- C:\Windows\system32\aeinv.dll
2014-12-11 15:57:39 ----A---- C:\Windows\system32\generaltel.dll
2014-12-11 15:57:39 ----A---- C:\Windows\system32\devinv.dll
2014-12-11 15:57:38 ----A---- C:\Windows\system32\aepdu.dll
2014-12-11 15:57:31 ----A---- C:\Windows\system32\tzres.dll
2014-12-11 15:57:12 ----A---- C:\Windows\system32\charmap.exe
2014-12-11 15:56:10 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-11 15:56:09 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-11 15:56:09 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 15:56:09 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 15:56:08 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-02 18:16:18 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-12-23 18:06:37 ----D---- C:\Program Files\trend micro
2014-12-23 18:06:16 ----D---- C:\Windows\Prefetch
2014-12-23 18:06:07 ----D---- C:\Windows\Temp
2014-12-23 18:05:41 ----D---- C:\Windows\System32
2014-12-23 17:56:06 ----D---- C:\Windows\system32\config
2014-12-23 17:45:05 ----SHD---- C:\System Volume Information
2014-12-23 17:40:14 ----D---- C:\Windows\system32\Tasks
2014-12-23 17:39:57 ----D---- C:\Windows
2014-12-23 17:38:22 ----D---- C:\Windows\system32\wbem
2014-12-23 17:37:38 ----SD---- C:\Windows\system32\CompatTel
2014-12-23 17:37:38 ----D---- C:\Windows\winsxs
2014-12-23 17:37:38 ----D---- C:\Windows\Tasks
2014-12-23 17:37:38 ----D---- C:\Windows\system32\wfp
2014-12-23 17:37:38 ----D---- C:\Windows\system32\sk-SK
2014-12-23 17:37:38 ----D---- C:\Windows\system32\en-US
2014-12-23 17:37:38 ----D---- C:\Windows\system32\DriverStore
2014-12-23 17:37:38 ----D---- C:\Windows\system32\drivers
2014-12-23 17:37:38 ----D---- C:\Windows\system32\catroot2
2014-12-23 17:37:38 ----D---- C:\Windows\rescache
2014-12-23 17:37:38 ----D---- C:\Windows\PolicyDefinitions
2014-12-23 17:37:38 ----D---- C:\Windows\inf
2014-12-23 17:37:38 ----D---- C:\Program Files\Internet Explorer
2014-12-23 17:37:35 ----SHD---- C:\Windows\Installer
2014-12-23 17:37:35 ----D---- C:\Windows\system32\drivers\UMDF
2014-12-23 17:37:35 ----D---- C:\Windows\system32\CodeIntegrity
2014-12-23 17:37:35 ----D---- C:\Windows\servicing
2014-12-23 17:37:34 ----D---- C:\Windows\AppCompat
2014-12-23 17:37:34 ----D---- C:\Users\marian\AppData\Roaming\Skype
2014-12-23 17:37:27 ----D---- C:\ProgramData\Skype
2014-12-23 17:37:26 ----RD---- C:\Program Files\Skype
2014-12-23 17:37:25 ----D---- C:\Program Files\Common Files\Skype
2014-12-23 17:37:25 ----D---- C:\Program Files\Common Files\microsoft shared
2014-12-23 17:37:25 ----D---- C:\Program Files\Common Files
2014-12-23 17:37:04 ----D---- C:\Windows\registration
2014-12-23 17:36:19 ----D---- C:\Windows\system32\catroot
2014-12-23 17:35:51 ----SD---- C:\ProgramData\Microsoft
2014-12-23 17:28:28 ----SHD---- C:\Config.Msi
2014-12-22 13:42:23 ----D---- C:\Program Files\Counter-Strike 1.6
2014-12-14 09:21:13 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-12-12 17:39:07 ----D---- C:\Windows\debug
2014-12-11 18:27:04 ----D---- C:\Windows\system32\MRT
2014-12-11 18:15:37 ----A---- C:\Windows\system32\MRT.exe
2014-12-10 18:45:29 ----D---- C:\Users\marian\AppData\Roaming\vlc
2014-12-09 18:29:12 ----D---- C:\Users\marian\AppData\Roaming\DAEMON Tools Lite
2014-12-07 20:16:22 ----D---- C:\Program Files\Electronic Arts
2014-12-07 20:13:47 ----HD---- C:\Program Files\InstallShield Installation Information
2014-12-07 18:55:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-06 21:57:02 ----HD---- C:\Program Files\Common Files\EAInstaller
2014-12-06 21:53:15 ----D---- C:\Program Files
2014-12-06 21:50:35 ----D---- C:\ProgramData\Origin
2014-12-03 17:02:45 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-11-24 14:04:58 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-22 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-22 206248]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-22 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-22 787800]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-22 423784]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-29 243128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-22 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-22 70384]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-22 91496]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-22 218192]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
R3 LVUVC;QuickCam Communicate Deluxe(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2008-07-26 4658584]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 KMWDFILTERx86;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2013-01-03 67072]
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2012-12-10 35840]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-22 50344]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-22 3192344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-14 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-02 114800]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-05-01 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 23 pro 2014 18:47

Zdravim

Jak rychle priblizne misto ubyva?

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

luissuares77 · #3 Příspěvek od **luissuares77** » 23 pro 2014 19:47

Zdravim.
Stale som mal na CECKU volne od 9 do 12 GB. asi pred dvoma mesiacmi mi to zacalo klesat, za mesiac na 5 GB. mal som tam hry, ktore som odinstaloval, skocilo mi to na 35 GB. potom to par dni klesalo asi o 0.3 GB na den. PO defragmentacii to spadlo na 14 GB. to bolo 19.12.o dalsie dva dni som mal na disku uz iba 2.5 GB do dnes. dnes som dal obnovu systemu k 11.12. skocilo mi to na 10.9 GB, ktore mam aj teraz.
# AdwCleaner v4.106 - Report created 23/12/2014 at 19:34:26
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : marian - MARIAN-PC
# Running from : C:\Users\marian\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\VideoDownloadConverter_4zEI
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\marian\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\marian\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\marian\AppData\Roaming\Mozilla\Firefox\Profiles\9khlvxo0.default\Extensions\gamesbar@oberon-media.com
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\marian\AppData\Roaming\Mozilla\Firefox\Profiles\9khlvxo0.default\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\oberontb.band
Key Deleted : HKLM\SOFTWARE\Classes\oberontb.band.1
Key Deleted : HKLM\SOFTWARE\Classes\oberontb.GamesBarBHO
Key Deleted : HKLM\SOFTWARE\Classes\oberontb.GamesBarBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKCU\Software\gamesbar
Key Deleted : HKLM\SOFTWARE\gamesbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\16FE85B52F587794795A481CF9295697
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\758F5690DAAD39F40845E0E23C8C5C0B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\16FE85B52F587794795A481CF9295697
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\758F5690DAAD39F40845E0E23C8C5C0B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\16FE85B52F587794795A481CF9295697
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\758F5690DAAD39F40845E0E23C8C5C0B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v34.0 (x86 sk)

-\\ Google Chrome v39.0.2171.95

[C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={DA1CCA2B-984A-11E1-8D62-8C89A5558681}

*************************

AdwCleaner[R1].txt - [10761 octets] - [23/12/2014 19:29:59]
AdwCleaner[S1].txt - [10849 octets] - [23/12/2014 19:34:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [10910 octets] ##########

#4 Příspěvek od **Márty84** » 23 pro 2014 22:12

To neni zas tak moc. Je normalni, ze system dycha a obcas sezere nejke to misto. Uvidime, jak to bude vypadat po vycisteni.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

luissuares77 · #5 Příspěvek od **luissuares77** » 23 pro 2014 23:52

# AdwCleaner v4.106 - Report created 23/12/2014 at 19:34:26
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : marian - MARIAN-PC
# Running from : C:\Users\marian\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\VideoDownloadConverter_4zEI
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\marian\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\marian\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\marian\AppData\Roaming\Mozilla\Firefox\Profiles\9khlvxo0.default\Extensions\gamesbar@oberon-media.com
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\marian\AppData\Roaming\Mozilla\Firefox\Profiles\9khlvxo0.default\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\oberontb.band
Key Deleted : HKLM\SOFTWARE\Classes\oberontb.band.1
Key Deleted : HKLM\SOFTWARE\Classes\oberontb.GamesBarBHO
Key Deleted : HKLM\SOFTWARE\Classes\oberontb.GamesBarBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKCU\Software\gamesbar
Key Deleted : HKLM\SOFTWARE\gamesbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\16FE85B52F587794795A481CF9295697
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\758F5690DAAD39F40845E0E23C8C5C0B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\16FE85B52F587794795A481CF9295697
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\758F5690DAAD39F40845E0E23C8C5C0B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\16FE85B52F587794795A481CF9295697
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\758F5690DAAD39F40845E0E23C8C5C0B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v34.0 (x86 sk)

-\\ Google Chrome v39.0.2171.95

[C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={DA1CCA2B-984A-11E1-8D62-8C89A5558681}

*************************

AdwCleaner[R1].txt - [10761 octets] - [23/12/2014 19:29:59]
AdwCleaner[S1].txt - [10849 octets] - [23/12/2014 19:34:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [10910 octets] ##########

#6 Příspěvek od **Márty84** » 24 pro 2014 08:40

To je opet log z ADWCleaneru. Ja chtel MBAM

luissuares77 · #7 Příspěvek od **luissuares77** » 24 pro 2014 11:51

Malwarebytes Anti-Malware
www.malwarebytes.org

Dátum skenovania: 24. 12. 2014
Scan čas: 9:52:12
Logfile: log1.txt
Správca: áno

Verzia: 2.00.4.1028
Malware databázy: v2014.12.24.03
Rootkit databázy: v2014.12.23.02
Licencia: ?????????
Ochrana pred škodlivým softvérom: Telesne
Škodlivých webových stránok Ochrana: Telesne
Sebaobrany: Telesne

OS: Windows 7 Service Pack 1
CPU: x86
Systém súborov: NTFS
Používateľ: marian

Typ skenu: Prispôsobená kontrola
Výsledok: Dokončené
Objekty naskenované: 504934
Uplynulý čas: 1 hr, 52 min 34 sekúnd

Pamäť: Povolené
Pri spustení: Povolené
Súborový systém: Povolené
Archív: Povolené
Rootkity: Telesne
Heuristiky: Povolené
ŠTEŇA: Povolené
VYKUROVAC: Povolené

Procesy: 0
(Žiadne zákernej položky neboli zistené)

Moduly: 0
(Žiadne zákernej položky neboli zistené)

Kľúče databázy Registry: 0
(Žiadne zákernej položky neboli zistené)

Hodnoty databázy Registry: 1
PUP.Optional.Incredibar, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}, C:\Program Files\IB Updater\Firefox, , [3f6487df8fed0f27af7a28964aba0ff1]

Údaje databázy Registry: 0
(Žiadne zákernej položky neboli zistené)

Priečinky: 0
(Žiadne zákernej položky neboli zistené)

Súbory: 0
(Žiadne zákernej položky neboli zistené)

Fyzický sektory: 0
(Žiadne zákernej položky neboli zistené)

(end)

#8 Příspěvek od **Márty84** » 24 pro 2014 11:57

Nalez hodte do karanteny, pak MBAM odinstalujte.

Dejte log podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

luissuares77 · #9 Příspěvek od **luissuares77** » 24 pro 2014 12:46

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-12-2014
Ran by marian (administrator) on MARIAN-PC on 24-12-2014 12:37:48
Running from C:\Users\marian\Desktop
Loaded Profile: marian (Available profiles: marian)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-23] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\S-1-5-21-1340413468-1491628633-588290400-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-1340413468-1491628633-588290400-1001\...\MountPoints2: {03966879-4dcc-11e2-8fe3-8c89a5558681} - F:\setup.exe
HKU\S-1-5-21-1340413468-1491628633-588290400-1001\...\MountPoints2: {88fb8ae3-0f0e-11e3-be2a-8c89a5558681} - F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-1340413468-1491628633-588290400-1001\...\MountPoints2: {ab3f046e-1098-11e3-be6f-8c89a5558681} - G:\setup.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [4SyncOverlay1] -> {2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} => No File
ShellIconOverlayIdentifiers: [4SyncOverlay2] -> {C72C6188-BEF2-46E5-A89A-52F0ED75219E} => No File
ShellIconOverlayIdentifiers: [4SyncOverlay3] -> {C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} => No File
ShellIconOverlayIdentifiers: [4SyncOverlay4] -> {CB1EFEF8-D5E0-49D1-B768-41B48B1D7803} => No File
CHR HKU\S-1-5-21-1340413468-1491628633-588290400-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1340413468-1491628633-588290400-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\marian\AppData\Roaming\Mozilla\Firefox\Profiles\9khlvxo0.default
FF DefaultSearchUrl:
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.sk/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @oberon-media.com/ONCAdapter -> C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Battlefield Play4Free - C:\Users\marian\AppData\Roaming\Mozilla\Firefox\Profiles\9khlvxo0.default\Extensions\battlefieldplay4free@ea.com [2013-12-26]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-02]

Chrome:
=======
CHR Profile: C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-25]
CHR Extension: (Avast Online Security) - C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-07]
CHR Extension: (Peňaženka Google) - C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-19]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-22]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-22] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2014-11-22] (Avast Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-11-22] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-11-22] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-22] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-08-29] (Disc Soft Ltd)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2014-11-22] (Avast Software)
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-24 12:37 - 2014-12-24 12:38 - 00009085 _____ () C:\Users\marian\Desktop\FRST.txt
2014-12-24 12:35 - 2014-12-24 12:37 - 00000000 ____D () C:\FRST
2014-12-24 12:35 - 2014-12-24 12:29 - 00112640 _____ (forum.viry.cz) C:\Users\marian\Desktop\FRSTLauncher(2).exe
2014-12-24 12:34 - 2014-12-24 12:36 - 00029696 _____ () C:\Users\marian\AppData\Local\MSGBOX.EXE
2014-12-24 12:34 - 2014-12-24 12:36 - 00015327 _____ () C:\Users\marian\Desktop\LM.bat
2014-12-24 12:13 - 2014-12-24 12:11 - 01114112 _____ (Farbar) C:\Users\marian\Desktop\FRST.exe
2014-12-24 12:07 - 2014-12-24 12:07 - 01114112 _____ (Farbar) C:\Users\marian\Downloads\FRST.exe
2014-12-24 09:45 - 2014-12-24 09:46 - 00000197 _____ () C:\Windows\system32\2014-12-24-08-45-41.039-AvastVBoxSVC.exe-2216.log
2014-12-23 22:54 - 2014-12-23 22:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\marian\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-23 19:37 - 2014-12-23 19:37 - 00000197 _____ () C:\Windows\system32\2014-12-23-18-37-54.088-AvastVBoxSVC.exe-2076.log
2014-12-23 19:29 - 2014-12-23 19:34 - 00000000 ____D () C:\AdwCleaner
2014-12-23 18:06 - 2014-12-23 18:06 - 00000000 ____D () C:\rsit
2014-12-23 18:05 - 2014-12-23 18:05 - 00000247 _____ () C:\Windows\system32\2014-12-23-17-05-41.089-aswFe.exe-2004.log
2014-12-23 17:52 - 2014-12-23 18:05 - 00000247 _____ () C:\Windows\system32\2014-12-23-16-52-12.080-aswFe.exe-3952.log
2014-12-23 17:52 - 2014-12-23 17:52 - 00000197 _____ () C:\Windows\system32\2014-12-23-16-52-08.033-AvastVBoxSVC.exe-3364.log
2014-12-23 17:39 - 2014-11-22 07:59 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-19 16:04 - 2014-12-19 16:04 - 00000197 _____ () C:\Windows\system32\2014-12-19-15-04-23.088-AvastVBoxSVC.exe-2288.log
2014-12-18 12:03 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 11:56 - 2014-12-18 11:56 - 00000197 _____ () C:\Windows\system32\2014-12-18-10-56-18.015-AvastVBoxSVC.exe-2264.log
2014-12-17 14:57 - 2014-12-17 14:58 - 00000197 _____ () C:\Windows\system32\2014-12-17-13-57-35.024-AvastVBoxSVC.exe-3028.log
2014-12-16 23:07 - 2014-12-16 23:08 - 00000197 _____ () C:\Windows\system32\2014-12-16-22-07-46.076-AvastVBoxSVC.exe-2988.log
2014-12-16 21:28 - 2014-12-16 21:28 - 00000197 _____ () C:\Windows\system32\2014-12-16-20-28-03.012-AvastVBoxSVC.exe-2916.log
2014-12-16 18:56 - 2014-12-16 18:56 - 00000197 _____ () C:\Windows\system32\2014-12-16-17-56-00.032-AvastVBoxSVC.exe-2916.log
2014-12-15 17:19 - 2014-12-15 17:20 - 00000197 _____ () C:\Windows\system32\2014-12-15-16-19-52.046-AvastVBoxSVC.exe-2676.log
2014-12-14 09:21 - 2014-12-14 09:21 - 00000197 _____ () C:\Windows\system32\2014-12-14-08-21-21.098-AvastVBoxSVC.exe-3068.log
2014-12-13 08:22 - 2014-12-13 08:22 - 00000197 _____ () C:\Windows\system32\2014-12-13-07-22-01.007-AvastVBoxSVC.exe-2524.log
2014-12-12 17:18 - 2014-12-12 17:18 - 00000247 _____ () C:\Windows\system32\2014-12-12-16-18-01.071-aswFe.exe-2972.log
2014-12-12 17:06 - 2014-12-12 17:17 - 00000247 _____ () C:\Windows\system32\2014-12-12-16-06-49.041-aswFe.exe-2528.log
2014-12-12 16:36 - 2014-12-12 16:36 - 00000197 _____ () C:\Windows\system32\2014-12-12-15-36-49.098-AvastVBoxSVC.exe-2496.log
2014-12-12 10:27 - 2014-12-12 10:27 - 00000197 _____ () C:\Windows\system32\2014-12-12-09-27-55.001-AvastVBoxSVC.exe-2428.log
2014-12-11 18:47 - 2014-12-11 18:47 - 00000247 _____ () C:\Windows\system32\2014-12-11-17-47-56.067-aswFe.exe-3624.log
2014-12-11 18:42 - 2014-12-11 18:47 - 00000247 _____ () C:\Windows\system32\2014-12-11-17-42-08.067-aswFe.exe-2092.log
2014-12-11 18:42 - 2014-12-11 18:42 - 00000197 _____ () C:\Windows\system32\2014-12-11-17-42-04.015-AvastVBoxSVC.exe-408.log
2014-12-11 18:30 - 2014-12-23 17:37 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 18:28 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 15:58 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 15:58 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 15:58 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 15:58 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 15:58 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 15:58 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 15:58 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 15:58 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 15:58 - 2014-11-22 03:01 - 02277888 ____N (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 15:58 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil(50).dll
2014-12-11 15:58 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 15:58 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 15:58 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 15:58 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 15:58 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 15:58 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 15:58 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 15:58 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 15:58 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 15:58 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 15:58 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 15:58 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 15:58 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 15:58 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 15:58 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 15:58 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 15:58 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 15:58 - 2014-11-22 02:00 - 01888256 ____N (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 15:58 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet(54).dll
2014-12-11 15:58 - 2014-11-22 01:56 - 01307136 ____N (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 15:58 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon(51).dll
2014-12-11 15:58 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 15:57 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 15:57 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 15:57 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 15:57 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 15:57 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 15:57 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 15:57 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic(49).dll
2014-12-11 15:57 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 15:57 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 15:57 - 2014-11-11 03:44 - 01230336 ____N (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 15:57 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs(53).dll
2014-12-11 15:57 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 15:57 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 15:57 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 15:56 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 15:56 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 15:56 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 15:56 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 15:56 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 15:37 - 2014-12-11 15:37 - 00000197 _____ () C:\Windows\system32\2014-12-11-14-37-11.094-AvastVBoxSVC.exe-1368.log
2014-12-10 16:42 - 2014-12-10 16:43 - 00000197 _____ () C:\Windows\system32\2014-12-10-15-42-30.037-AvastVBoxSVC.exe-3044.log
2014-12-09 17:16 - 2014-12-09 17:17 - 00000197 _____ () C:\Windows\system32\2014-12-09-16-16-43.065-AvastVBoxSVC.exe-2108.log
2014-12-08 17:30 - 2014-12-08 17:31 - 00000197 _____ () C:\Windows\system32\2014-12-08-16-30-47.099-AvastVBoxSVC.exe-2136.log
2014-12-07 20:22 - 2014-12-07 20:22 - 00000197 _____ () C:\Windows\system32\2014-12-07-19-22-49.003-AvastVBoxSVC.exe-2432.log
2014-12-07 18:08 - 2014-12-23 17:37 - 00000000 ____D () C:\Users\marian\Desktop\zmluva
2014-12-07 10:40 - 2014-12-07 10:41 - 00000197 _____ () C:\Windows\system32\2014-12-07-09-40-25.097-AvastVBoxSVC.exe-2276.log
2014-12-07 07:56 - 2014-12-07 07:56 - 00000197 _____ () C:\Windows\system32\2014-12-07-06-56-37.094-AvastVBoxSVC.exe-2376.log
2014-12-02 18:16 - 2014-12-02 18:16 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-02 17:08 - 2014-12-02 17:09 - 00000197 _____ () C:\Windows\system32\2014-12-02-16-08-33.022-AvastVBoxSVC.exe-2204.log
2014-12-01 17:19 - 2014-12-01 17:20 - 00000197 _____ () C:\Windows\system32\2014-12-01-16-19-56.004-AvastVBoxSVC.exe-3124.log
2014-11-30 13:36 - 2014-11-30 13:36 - 00000197 _____ () C:\Windows\system32\2014-11-30-12-36-05.015-AvastVBoxSVC.exe-2388.log
2014-11-30 08:23 - 2014-11-30 08:23 - 00000197 _____ () C:\Windows\system32\2014-11-30-07-23-13.081-AvastVBoxSVC.exe-2272.log
2014-11-29 14:06 - 2014-11-29 14:06 - 00000197 _____ () C:\Windows\system32\2014-11-29-13-06-45.076-AvastVBoxSVC.exe-2216.log
2014-11-29 10:38 - 2014-11-29 10:38 - 00000197 _____ () C:\Windows\system32\2014-11-29-09-38-37.040-AvastVBoxSVC.exe-3384.log
2014-11-28 16:37 - 2014-11-28 16:38 - 00000197 _____ () C:\Windows\system32\2014-11-28-15-37-58.049-AvastVBoxSVC.exe-2208.log
2014-11-27 16:37 - 2014-11-27 16:37 - 00000197 _____ () C:\Windows\system32\2014-11-27-15-37-26.087-AvastVBoxSVC.exe-2372.log
2014-11-27 15:35 - 2014-11-27 15:35 - 00000197 _____ () C:\Windows\system32\2014-11-27-14-35-27.097-AvastVBoxSVC.exe-2488.log
2014-11-25 17:01 - 2014-11-25 17:01 - 00000197 _____ () C:\Windows\system32\2014-11-25-16-01-12.089-AvastVBoxSVC.exe-3392.log
2014-11-24 17:46 - 2014-11-24 17:46 - 00000197 _____ () C:\Windows\system32\2014-11-24-16-46-18.037-AvastVBoxSVC.exe-2184.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-24 12:18 - 2013-09-23 21:35 - 00000000 ____D () C:\Users\marian\Desktop\viry cz
2014-12-24 12:12 - 2013-10-10 19:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-24 12:07 - 2013-10-16 07:23 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-24 11:48 - 2014-01-21 17:08 - 00000000 ____D () C:\Users\marian\Desktop\ikony - subory
2014-12-24 11:32 - 2014-01-18 21:33 - 01997297 ____N () C:\Windows\WindowsUpdate.log
2014-12-24 09:52 - 2009-07-14 05:34 - 00023376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-24 09:52 - 2009-07-14 05:34 - 00023376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-24 09:45 - 2013-10-16 07:23 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-24 09:45 - 2012-04-30 16:33 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-12-24 09:45 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-23 19:28 - 2012-04-30 16:21 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-23 18:06 - 2013-09-01 16:18 - 00000000 ____D () C:\Program Files\trend micro
2014-12-23 17:40 - 2014-11-22 08:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-23 17:40 - 2012-04-30 16:27 - 00000000 ____D () C:\Users\marian
2014-12-23 17:37 - 2014-11-03 17:11 - 00000000 ____D () C:\Users\marian\Desktop\sisi
2014-12-23 17:37 - 2014-09-16 17:15 - 00000000 ___RD () C:\Program Files\Skype
2014-12-23 17:37 - 2014-09-16 17:15 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-12-23 17:37 - 2014-05-06 20:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-23 17:37 - 2013-02-02 19:54 - 00000000 ____D () C:\Users\marian\Desktop\Silvulienka skola
2014-12-23 17:37 - 2012-04-30 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-23 17:37 - 2012-04-30 17:15 - 00000000 ____D () C:\Users\marian\AppData\Roaming\Skype
2014-12-23 17:37 - 2012-04-30 17:15 - 00000000 ____D () C:\ProgramData\Skype
2014-12-23 17:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-12-23 17:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-12-23 17:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-12-23 17:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-12-23 17:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-23 17:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-23 17:35 - 2012-04-30 16:36 - 00000000 ____D () C:\Users\marian\AppData\Local\Mozilla
2014-12-22 13:42 - 2012-08-24 07:29 - 00000000 ____D () C:\Program Files\Counter-Strike 1.6
2014-12-14 09:21 - 2014-06-14 16:06 - 00000000 ____D () C:\Users\marian\AppData\Local\Adobe
2014-12-14 09:21 - 2012-07-21 19:04 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-14 09:21 - 2012-07-21 19:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-12 17:16 - 2012-04-30 19:51 - 00002101 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-11 18:27 - 2013-08-14 14:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 18:15 - 2012-05-03 16:22 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 18:45 - 2012-04-30 20:52 - 00000000 ____D () C:\Users\marian\AppData\Roaming\vlc
2014-12-10 16:45 - 2013-02-11 14:25 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-09 18:29 - 2012-12-24 14:27 - 00000000 ____D () C:\Users\marian\AppData\Roaming\DAEMON Tools Lite
2014-12-07 20:16 - 2013-09-12 16:05 - 00000000 ____D () C:\Program Files\Electronic Arts
2014-12-07 20:15 - 2009-07-14 05:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-07 20:13 - 2012-09-13 14:47 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-12-06 21:50 - 2012-08-31 14:04 - 00000000 ____D () C:\ProgramData\Origin
2014-12-03 17:02 - 2012-04-30 16:36 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-27 18:32 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2014-11-24 14:04 - 2012-04-30 17:00 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\marian\AppData\Local\Temp\Quarantine.exe
C:\Users\marian\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-15 18:33

==================== End Of Log ============================

#10 Příspěvek od **Márty84** » 24 pro 2014 13:41

Sice to nebylo uplne podle navodu, ale nevadi

Vypnete trvale Windows Defender

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\S-1-5-21-1340413468-1491628633-588290400-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
CHR HKU\S-1-5-21-1340413468-1491628633-588290400-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-14 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28 107912]

2014-12-23 22:54 - 2014-12-23 22:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\marian\Downloads\mbam-setup-2.0.4.1028.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

luissuares77 · #11 Příspěvek od **luissuares77** » 24 pro 2014 15:01

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-12-2014
Ran by marian at 2014-12-24 14:18:03 Run:1
Running from C:\Users\marian\Desktop
Loaded Profile: marian (Available profiles: marian)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\S-1-5-21-1340413468-1491628633-588290400-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
CHR HKU\S-1-5-21-1340413468-1491628633-588290400-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-14 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28 107912]

2014-12-23 22:54 - 2014-12-23 22:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\marian\Downloads\mbam-setup-2.0.4.1028.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-1340413468-1491628633-588290400-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
"HKU\S-1-5-21-1340413468-1491628633-588290400-1001\SOFTWARE\Policies\Google" => Key deleted successfully.
MBAMSwissArmy => Service stopped successfully.
MBAMSwissArmy => Service deleted successfully.
AdobeARMservice => Service deleted successfully.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
gupdatem => Service deleted successfully.
C:\Users\marian\Downloads\mbam-setup-2.0.4.1028.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 373.6 MB temporary data.

The system needed a reboot.

==== End of Fixlog 14:19:25 ====

#12 Příspěvek od **Márty84** » 24 pro 2014 16:38

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

luissuares77 · #13 Příspěvek od **luissuares77** » 24 pro 2014 20:08

ComboFix 14-12-23.01 - marian . 12. 2014 19:52:11.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.2013.1109 [GMT 1:00]
Running from: c:\users\marian\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\marian\AppData\Local\MSGBOX.EXE
.
.
((((((((((((((((((((((((( Files Created from 2014-11-24 to 2014-12-24 )))))))))))))))))))))))))))))))
.
.
2014-12-24 19:00 . 2014-12-24 19:00 -------- d-----w- c:\users\marian\AppData\Local\temp
2014-12-24 19:00 . 2014-12-24 19:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-24 11:35 . 2014-12-24 13:19 -------- d-----w- C:\FRST
2014-12-23 18:29 . 2014-12-23 18:34 -------- d-----w- C:\AdwCleaner
2014-12-23 17:06 . 2014-12-23 17:06 -------- d-----w- C:\rsit
2014-12-23 16:45 . 2014-12-02 11:01 9054624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EAEB0297-1026-4855-A7FB-66B639A1EF3C}\mpengine.dll
2014-12-23 16:39 . 2014-11-22 06:59 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-12-18 11:03 . 2014-12-13 03:33 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-11 17:30 . 2014-12-23 16:37 -------- d-----w- c:\windows\system32\appraiser
2014-12-11 17:28 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\system32\mf.dll
2014-12-11 14:57 . 2014-11-11 01:32 74752 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-12-11 14:57 . 2014-11-11 02:44 1230336 ----a-w- c:\windows\system32\WindowsCodecs(53).dll
2014-12-11 14:57 . 2014-11-11 02:44 1230336 ------w- c:\windows\system32\WindowsCodecs.dll
2014-12-11 14:57 . 2014-12-04 04:38 159744 ----a-w- c:\windows\system32\aepic.dll
2014-12-11 14:57 . 2014-12-04 04:38 159744 ----a-w- c:\windows\system32\aepic(49).dll
2014-12-11 14:57 . 2014-12-01 23:28 1160872 ----a-w- c:\windows\system32\aitstatic.exe
2014-12-11 14:57 . 2014-12-04 04:38 610304 ----a-w- c:\windows\system32\invagent.dll
2014-12-11 14:57 . 2014-12-04 04:34 873984 ----a-w- c:\windows\system32\aeinv.dll
2014-12-11 14:57 . 2014-12-04 04:38 337920 ----a-w- c:\windows\system32\generaltel.dll
2014-12-11 14:57 . 2014-12-04 04:38 315392 ----a-w- c:\windows\system32\devinv.dll
2014-12-11 14:57 . 2014-12-04 04:38 202752 ----a-w- c:\windows\system32\aepdu.dll
2014-12-11 14:57 . 2014-11-08 02:45 2048 ----a-w- c:\windows\system32\tzres.dll
2014-12-11 14:57 . 2014-10-30 01:45 155136 ----a-w- c:\windows\system32\charmap.exe
2014-12-11 14:56 . 2014-10-03 01:45 1177088 ----a-w- c:\windows\system32\WsmSvc.dll
2014-12-11 14:56 . 2014-10-03 01:45 248832 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2014-12-11 14:56 . 2014-10-03 01:45 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2014-12-11 14:56 . 2014-10-03 01:44 198656 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2014-12-11 14:56 . 2014-10-03 01:45 145920 ----a-w- c:\windows\system32\WsmAuto.dll
2014-12-01 17:22 . 2014-12-01 17:22 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-11-27 14:10 . 2014-12-15 17:26 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-15 18:27 . 2013-05-27 14:56 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-12-14 18:30 . 2013-05-27 14:56 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-12-14 08:21 . 2012-07-21 18:04 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-12-14 08:21 . 2012-07-21 18:04 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-24 13:04 . 2012-04-30 16:00 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-11-22 06:59 . 2013-09-02 15:09 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-22 06:59 . 2013-09-02 15:09 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-22 06:59 . 2014-08-01 17:46 91496 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-11-22 06:59 . 2013-09-02 15:09 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-22 06:59 . 2014-11-22 06:59 43152 ----a-w- c:\windows\avastSS.scr
2014-11-22 06:59 . 2014-08-01 17:46 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-22 06:59 . 2013-09-02 15:09 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-22 06:59 . 2013-09-02 15:09 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-22 06:59 . 2013-09-02 15:08 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-11 02:44 . 2014-11-19 14:51 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 02:44 . 2014-11-19 14:51 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-10-25 01:32 . 2014-11-13 16:22 67584 ----a-w- c:\windows\system32\packager.dll
2014-10-18 01:33 . 2014-11-13 16:23 571904 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-14 01:56 . 2014-11-13 16:22 136632 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 01:50 . 2014-11-13 16:22 523776 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 01:50 . 2014-11-13 16:22 2363904 ----a-w- c:\windows\system32\msi.dll
2014-10-14 01:50 . 2014-11-13 16:22 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 01:47 . 2014-11-13 16:22 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 01:46 . 2014-11-13 16:22 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-10 00:45 . 2014-11-13 16:22 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 01:44 . 2014-11-13 16:22 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 01:44 . 2014-11-13 16:22 275968 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 01:44 . 2014-11-13 16:22 475136 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 01:44 . 2014-11-13 16:22 374784 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 01:44 . 2014-11-13 16:22 195584 ----a-w- c:\windows\system32\AudioSes.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-22 06:59 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-12-23 5226600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-22 3192344]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-11-22 102912]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-01 1343400]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-11-22 787800]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-11-22 423784]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-29 243128]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-11-22 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-11-22 70384]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-11-22 91496]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-22 218192]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 16:08 1087816 ----a-w- c:\program files\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\marian\AppData\Roaming\Mozilla\Firefox\Profiles\9khlvxo0.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} - (no file)
ShellIconOverlayIdentifiers-{C72C6188-BEF2-46E5-A89A-52F0ED75219E} - (no file)
ShellIconOverlayIdentifiers-{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} - (no file)
ShellIconOverlayIdentifiers-{CB1EFEF8-D5E0-49D1-B768-41B48B1D7803} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-12-24 20:02:27
ComboFix-quarantined-files.txt 2014-12-24 19:02
.
Pre-Run: 37 081 616 384 bytes free
Post-Run: 36 978 802 688 bytes free
.
- - End Of File - - 68F735F661E3D33302E4154CFC49A1C0
A36C5E4F47E84449FF07ED3517B43A31

#14 Příspěvek od **Márty84** » 25 pro 2014 08:52

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"=-
"SunJavaUpdateSched"=-

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

luissuares77 · #15 Příspěvek od **luissuares77** » 25 pro 2014 17:38

ComboFix 14-12-23.01 - marian . 12. 2014 17:21:43.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.2013.1173 [GMT 1:00]
Running from: c:\users\marian\Desktop\ComboFix.exe
Command switches used :: c:\users\marian\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((( Files Created from 2014-11-25 to 2014-12-25 )))))))))))))))))))))))))))))))
.
.
2014-12-25 16:30 . 2014-12-25 16:32 -------- d-----w- c:\users\marian\AppData\Local\temp
2014-12-24 11:35 . 2014-12-24 13:19 -------- d-----w- C:\FRST
2014-12-23 18:29 . 2014-12-23 18:34 -------- d-----w- C:\AdwCleaner
2014-12-23 17:06 . 2014-12-23 17:06 -------- d-----w- C:\rsit
2014-12-23 16:45 . 2014-12-02 11:01 9054624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EAEB0297-1026-4855-A7FB-66B639A1EF3C}\mpengine.dll
2014-12-23 16:39 . 2014-11-22 06:59 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-12-18 11:03 . 2014-12-13 03:33 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-11 17:30 . 2014-12-23 16:37 -------- d-----w- c:\windows\system32\appraiser
2014-12-11 17:28 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\system32\mf.dll
2014-12-11 14:57 . 2014-11-11 01:32 74752 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-12-11 14:57 . 2014-11-11 02:44 1230336 ----a-w- c:\windows\system32\WindowsCodecs(53).dll
2014-12-11 14:57 . 2014-11-11 02:44 1230336 ------w- c:\windows\system32\WindowsCodecs.dll
2014-12-11 14:57 . 2014-12-04 04:38 159744 ----a-w- c:\windows\system32\aepic.dll
2014-12-11 14:57 . 2014-12-04 04:38 159744 ----a-w- c:\windows\system32\aepic(49).dll
2014-12-11 14:57 . 2014-12-01 23:28 1160872 ----a-w- c:\windows\system32\aitstatic.exe
2014-12-11 14:57 . 2014-12-04 04:38 610304 ----a-w- c:\windows\system32\invagent.dll
2014-12-11 14:57 . 2014-12-04 04:34 873984 ----a-w- c:\windows\system32\aeinv.dll
2014-12-11 14:57 . 2014-12-04 04:38 337920 ----a-w- c:\windows\system32\generaltel.dll
2014-12-11 14:57 . 2014-12-04 04:38 315392 ----a-w- c:\windows\system32\devinv.dll
2014-12-11 14:57 . 2014-12-04 04:38 202752 ----a-w- c:\windows\system32\aepdu.dll
2014-12-11 14:57 . 2014-11-08 02:45 2048 ----a-w- c:\windows\system32\tzres.dll
2014-12-11 14:57 . 2014-10-30 01:45 155136 ----a-w- c:\windows\system32\charmap.exe
2014-12-11 14:56 . 2014-10-03 01:45 1177088 ----a-w- c:\windows\system32\WsmSvc.dll
2014-12-11 14:56 . 2014-10-03 01:45 248832 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2014-12-11 14:56 . 2014-10-03 01:45 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2014-12-11 14:56 . 2014-10-03 01:44 198656 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2014-12-11 14:56 . 2014-10-03 01:45 145920 ----a-w- c:\windows\system32\WsmAuto.dll
2014-12-01 17:22 . 2014-12-01 17:22 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-11-27 14:10 . 2014-12-15 17:26 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-15 18:27 . 2013-05-27 14:56 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-12-14 18:30 . 2013-05-27 14:56 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-12-14 08:21 . 2012-07-21 18:04 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-12-14 08:21 . 2012-07-21 18:04 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-24 13:04 . 2012-04-30 16:00 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-11-22 06:59 . 2013-09-02 15:09 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-22 06:59 . 2013-09-02 15:09 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-22 06:59 . 2014-08-01 17:46 91496 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-11-22 06:59 . 2013-09-02 15:09 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-22 06:59 . 2014-11-22 06:59 43152 ----a-w- c:\windows\avastSS.scr
2014-11-22 06:59 . 2014-08-01 17:46 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-22 06:59 . 2013-09-02 15:09 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-22 06:59 . 2013-09-02 15:09 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-22 06:59 . 2013-09-02 15:08 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-11 02:44 . 2014-11-19 14:51 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 02:44 . 2014-11-19 14:51 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-10-25 01:32 . 2014-11-13 16:22 67584 ----a-w- c:\windows\system32\packager.dll
2014-10-18 01:33 . 2014-11-13 16:23 571904 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-14 01:56 . 2014-11-13 16:22 136632 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 01:50 . 2014-11-13 16:22 523776 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 01:50 . 2014-11-13 16:22 2363904 ----a-w- c:\windows\system32\msi.dll
2014-10-14 01:50 . 2014-11-13 16:22 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 01:47 . 2014-11-13 16:22 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 01:46 . 2014-11-13 16:22 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-10 00:45 . 2014-11-13 16:22 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 01:44 . 2014-11-13 16:22 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 01:44 . 2014-11-13 16:22 275968 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 01:44 . 2014-11-13 16:22 475136 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 01:44 . 2014-11-13 16:22 374784 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 01:44 . 2014-11-13 16:22 195584 ----a-w- c:\windows\system32\AudioSes.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-22 06:59 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-12-23 5226600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-11-22 102912]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-01 1343400]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-11-22 787800]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-11-22 423784]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-29 243128]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-11-22 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-11-22 70384]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-11-22 91496]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-22 218192]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-22 3192344]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 16:08 1087816 ----a-w- c:\program files\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\marian\AppData\Roaming\Mozilla\Firefox\Profiles\9khlvxo0.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: network.proxy.type - 0
.
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\taskhost.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\vssvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2014-12-25 17:36:45 - machine was rebooted
ComboFix-quarantined-files.txt 2014-12-25 16:36
ComboFix2.txt 2014-12-24 19:02
.
Pre-Run: 34 079 576 064 bytes free
Post-Run: 34 115 780 608 bytes free
.
- - End Of File - - AE7328634AA06D70B650B2BB7C008C05
A36C5E4F47E84449FF07ED3517B43A31

VIRY.CZ

strata miesta na disku

strata miesta na disku

Re: strata miesta na disku

Re: strata miesta na disku

Re: strata miesta na disku

Re: strata miesta na disku

Re: strata miesta na disku

Re: strata miesta na disku

Re: strata miesta na disku

Re: strata miesta na disku

Re: strata miesta na disku

Re: strata miesta na disku

Re: strata miesta na disku

Re: strata miesta na disku

Re: strata miesta na disku

Re: strata miesta na disku