Prosím o pomoc

Zpráva

Embr · #1 Příspěvek od **Embr** » 08 srp 2015 21:40

Dobrý den,
Včera sem si omylem stáhl špatný soubor, který se mi začal instalovat a v tu chvíli co se začal instalovat zahoukal avast a vypsal mi 20x malware, že ho zablokoval. Ale program i po vypnutí, dále instaloval nesmyslné soubory, vytvářel procesy, které každých 5 sekund žralo více ram a i po restartech atp.. Stále vytvářel soubory, avast houkal a nějako mi zlobí pc teď

Děkuji a předem se omlouvám ale nevím, z jakého programu sem dát Log.

#2 Příspěvek od **Márty84** » 09 srp 2015 06:45

Zdravim

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

Embr · #3 Příspěvek od **Embr** » 09 srp 2015 13:36

Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-08-2015 01
Ran by Lubošek (administrator) on ARNY-PC (09-08-2015 14:34:05)
Running from C:\Users\Lubošek\Desktop
Loaded Profiles: Lubošek (Available Profiles: Lubošek & Mamka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DTools LIMITED) C:\ProgramData\ZWinManProZ\ProtectWindowsManager.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\A8F40380-1438981170-81E1-2D0D-5404A63EAE08\knss223F.tmpfs
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ASUS) C:\Windows\AsScrPro.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\SfgameBot\sfBot.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(forum.viry.cz) C:\Users\Lubošek\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2712360 2011-03-04] (Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-03-04] (Synaptics Incorporated)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [926880 2011-05-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [792736 2011-05-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2015-08-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-05] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKU\S-1-5-21-90642585-2529362141-3803046766-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6462744 2014-08-21] (Piriform Ltd)
HKU\S-1-5-21-90642585-2529362141-3803046766-1000\...\Run: [GoogleChromeAutoLaunch_80B0F58FF2A8A4BF43CCB6FF4F6AA545] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [637440 2015-05-12] (Crossbrowse)
HKU\S-1-5-21-90642585-2529362141-3803046766-1000\...\RunOnce: [BeginInteractiveOSUpgrade] => C:\Windows\system32\wuauclt.exe [139776 2015-07-09] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2011-04-01]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2014-09-20]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe ()
Startup: C:\Users\Lubošek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [2015-08-08]
ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (Crossbrowse)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-05] (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... JYMD2JYMD2
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... JYMD2JYMD2
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... JYMD2JYMD2
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... JYMD2JYMD2
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKU\S-1-5-21-90642585-2529362141-3803046766-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKU\S-1-5-21-90642585-2529362141-3803046766-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... JYMD2JYMD2
HKU\S-1-5-21-90642585-2529362141-3803046766-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... JYMD2JYMD2
HKU\S-1-5-21-90642585-2529362141-3803046766-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
SearchScopes: HKU\S-1-5-21-90642585-2529362141-3803046766-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKU\S-1-5-21-90642585-2529362141-3803046766-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-05] (AVAST Software)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-05-31] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-05] (AVAST Software)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1026E70E-BBC8-44C7-82A3-1096AADF7382}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{946E2A51-286E-4C50-B796-964CD105C78A}: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&t ... JYMD2JYMD2

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-90642585-2529362141-3803046766-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lubošek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-20]

Chrome:
=======
CHR Profile: C:\Users\Lubošek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Lubošek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-30]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&t ... JYMD2JYMD2

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe http://www.mystartsearch.com/?type=sc&t ... JYMD2JYMD2

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-05-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [97952 2011-05-31] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-05] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-20] (Avast Software)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3472368 2014-12-01] (INCA Internet Co., Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\ZWinManProZ\ProtectWindowsManager.exe [708264 2015-08-07] (DTools LIMITED) <==== ATTENTION
S2 SKLProService; C:\Program Files (x86)\ProKAward\rsasws.exe [X]
R2 suqowyso; C:\Program Files (x86)\A8F40380-1438981170-81E1-2D0D-5404A63EAE08\knss223F.tmpfs [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2014-05-27] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2014-05-27] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2014-05-27] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-05] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-08-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-05] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-05] (AVAST Software)
S3 BTATH_VDP; C:\Windows\System32\drivers\btath_vdp.sys [420896 2011-05-31] (Atheros)
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-05] (AVAST Software)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-20] (Avast Software)
U3 Winsock; no ImagePath
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-09 14:34 - 2015-08-09 14:34 - 00019997 _____ C:\Users\Lubošek\Desktop\FRST.txt
2015-08-09 14:33 - 2015-08-09 14:34 - 00000000 ____D C:\FRST
2015-08-09 14:33 - 2015-08-09 14:33 - 00112640 _____ (forum.viry.cz) C:\Users\Lubošek\Desktop\FRSTLauncher.exe
2015-08-09 14:32 - 2015-08-09 14:33 - 02169856 _____ (Farbar) C:\Users\Lubošek\Desktop\FRST64.exe
2015-08-09 13:32 - 2015-08-09 13:32 - 00000000 ___HD C:\$Windows.~BT
2015-08-09 13:31 - 2015-08-09 13:31 - 00000000 ____D C:\Users\Lubošek\Documents\Bluetooth Folder
2015-08-09 00:48 - 2015-08-09 00:49 - 00000000 ____D C:\Users\Lubošek\Desktop\customizace
2015-08-08 12:12 - 2015-08-09 00:47 - 00000132 _____ C:\Users\Lubošek\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-08-08 11:41 - 2015-08-08 17:42 - 00000000 ____D C:\FOTKY na úpravu
2015-08-08 11:24 - 2015-08-08 11:24 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
2015-08-08 11:15 - 2015-08-08 11:15 - 00003504 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-ARNY-PC-Lubošek
2015-08-08 11:14 - 2015-08-08 11:14 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-08 11:12 - 2015-08-08 11:29 - 00001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
2015-08-08 11:12 - 2015-08-08 11:12 - 00000000 ____D C:\Program Files\Adobe
2015-08-08 11:10 - 2015-08-08 11:27 - 00001209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
2015-08-08 11:04 - 2015-08-08 11:12 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-08-08 11:03 - 2015-08-08 11:23 - 00001264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
2015-08-08 11:03 - 2015-08-08 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-08-08 11:03 - 2015-08-08 11:03 - 00000000 ____D C:\Program Files (x86)\Adobe Media Player
2015-08-08 11:02 - 2015-08-08 11:21 - 00001521 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
2015-08-08 11:02 - 2015-08-08 11:21 - 00001355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
2015-08-08 11:01 - 2015-08-08 11:24 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-08-08 11:01 - 2015-08-08 11:01 - 00000999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-08-08 11:01 - 2015-08-08 11:01 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-08-08 11:01 - 2015-08-08 11:01 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-08-08 10:57 - 2015-08-08 12:12 - 00000000 ____D C:\Users\Lubošek\AppData\Local\Adobe
2015-08-08 10:51 - 2015-08-09 02:00 - 00000000 ____D C:\ProgramData\Adobe
2015-08-08 00:12 - 2015-08-08 02:25 - 00000000 ____D C:\Program Files (x86)\CinemaPlus-3.2cV29.07
2015-08-08 00:12 - 2015-08-08 00:12 - 00000000 ____D C:\Program Files (x86)\2ca13b38-0996-461b-8076-e78d4d2854b0
2015-08-08 00:08 - 2015-08-09 13:31 - 00001060 _____ C:\Windows\Tasks\Crossbrowse.job
2015-08-08 00:08 - 2015-08-08 00:08 - 00004088 _____ C:\Windows\System32\Tasks\Crossbrowse
2015-08-08 00:08 - 2015-08-08 00:08 - 00000000 ____D C:\Users\Mamka\AppData\Local\Crossbrowse
2015-08-08 00:08 - 2015-08-08 00:08 - 00000000 ____D C:\Users\Lubošek\AppData\Local\Crossbrowse
2015-08-08 00:08 - 2015-08-08 00:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-08-08 00:08 - 2015-08-08 00:08 - 00000000 ____D C:\Program Files (x86)\Crossbrowse
2015-08-07 23:40 - 2015-08-08 23:40 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-07 23:40 - 2015-08-08 21:24 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-07 23:40 - 2015-08-08 00:00 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-07 23:40 - 2015-08-07 23:40 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-08-07 23:40 - 2015-08-07 23:40 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-08-07 23:40 - 2015-08-07 23:40 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-08-07 23:38 - 2015-08-07 23:37 - 00613255 _____ (CMI Limited) C:\Users\Lubošek\AppData\Local\nsy92C5.tmp
2015-08-07 23:37 - 2015-08-07 23:37 - 00000000 __SHD C:\Users\Lubošek\AppData\Roaming\AnyProtectEx
2015-08-07 23:36 - 2015-08-07 23:37 - 00000000 ____D C:\ProgramData\ZWinManProZ
2015-08-07 23:36 - 2015-08-07 23:36 - 00000000 _____ C:\Windows\prleth.sys
2015-08-07 23:36 - 2015-08-07 23:36 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-07 23:34 - 2015-08-07 23:34 - 00000000 ____D C:\Users\Lubošek\AppData\Roaming\mystartsearch
2015-08-07 23:34 - 2015-08-07 23:34 - 00000000 ____D C:\Users\Lubošek\AppData\Local\F57BFE20-C3B8-48CC-94D7-1D935594931
2015-08-07 23:18 - 2015-08-07 23:19 - 00000000 ____D C:\CS5
2015-08-07 22:59 - 2015-08-09 03:05 - 00000000 ____D C:\Users\Lubošek\AppData\Roaming\VOPackage
2015-08-07 22:59 - 2015-08-09 02:23 - 00000000 ____D C:\Program Files (x86)\A8F40380-1438981170-81E1-2D0D-5404A63EAE08
2015-08-07 22:59 - 2015-08-07 22:59 - 00000000 ____D C:\Users\Lubošek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2015-08-05 23:53 - 2015-08-05 23:53 - 00000000 ____D C:\Users\Lubošek\AppData\Roaming\SFBot
2015-08-05 23:52 - 2013-10-02 10:00 - 00000000 ____D C:\SfgameBot
2015-08-05 23:42 - 2015-08-05 23:42 - 00003014 _____ C:\Windows\System32\Tasks\{25C30EF7-FCCD-45C2-BDA9-16E078C70827}
2015-08-05 20:34 - 2015-08-06 10:35 - 00000000 ____D C:\WOWKO
2015-08-05 11:11 - 2015-08-09 13:39 - 00316673 _____ C:\Windows\WindowsUpdate.log
2015-08-05 00:05 - 2015-08-05 00:05 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-05 00:05 - 2015-08-05 00:05 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-01 10:20 - 2015-08-01 10:20 - 00000000 ____D C:\Users\Mamka\AppData\Local\GWX
2015-07-25 19:00 - 2015-07-25 19:00 - 00000000 ____D C:\Users\Lubošek\AppData\Local\CEF
2015-07-24 10:18 - 2014-08-27 14:28 - 00004621 _____ C:\SINAIOVÁ JANA.p12
2015-07-20 20:26 - 2015-08-05 00:05 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-07-18 17:55 - 2015-07-18 17:55 - 00000949 _____ C:\Users\Mamka\Desktop\Nový textový dokument.txt
2015-07-17 17:51 - 2015-07-17 17:51 - 00000197 _____ C:\Windows\system32\2015-07-17-15-51-56.002-AvastVBoxSVC.exe-4732.log
2015-07-16 14:45 - 2015-07-16 14:45 - 00000197 _____ C:\Windows\system32\2015-07-16-12-45-13.090-AvastVBoxSVC.exe-2200.log
2015-07-16 14:18 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-16 14:18 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-16 14:18 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-16 14:18 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-16 14:18 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-16 14:17 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-16 14:17 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-16 14:17 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-16 14:17 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-16 14:17 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-16 14:17 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-16 14:17 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-16 14:17 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-16 14:17 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-16 14:17 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-16 14:17 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-16 14:17 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-16 14:17 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-16 14:17 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-16 14:17 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-16 14:17 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-16 14:17 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-16 14:17 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-16 14:17 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-16 14:17 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-16 14:17 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-16 14:17 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-16 14:17 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-16 14:17 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-16 14:17 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-16 14:17 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-16 14:17 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-16 14:17 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-16 14:17 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-16 14:17 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-16 14:17 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-16 14:17 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-16 14:17 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-16 14:17 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-16 14:17 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-16 14:17 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-16 14:17 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-16 14:17 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-16 14:17 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-16 14:17 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-16 14:17 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-16 14:17 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-16 14:17 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-16 14:17 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-16 14:17 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-16 14:17 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-16 14:17 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-16 14:17 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-16 14:17 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-16 14:17 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-16 14:17 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-16 14:16 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-16 14:16 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-16 14:16 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-16 14:16 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-16 14:16 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-16 14:16 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-16 14:16 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-16 14:16 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-16 14:16 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-16 14:16 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-16 14:16 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-16 14:16 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-16 14:16 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-16 14:16 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-16 14:16 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-16 14:16 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-16 14:16 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-16 14:16 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-16 14:16 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-16 14:16 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-16 14:16 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-16 14:16 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-16 14:16 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-16 14:16 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-16 14:16 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-16 14:16 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-16 14:16 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-16 14:16 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-16 14:16 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-16 14:16 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-16 14:16 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-16 14:16 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-16 14:16 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-16 14:16 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-16 14:16 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-16 14:16 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-16 14:16 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-16 14:16 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-16 14:16 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-16 14:16 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-16 14:16 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-16 14:16 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-16 14:16 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-16 14:16 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-16 14:16 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-16 14:16 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-16 14:16 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-16 14:16 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-16 14:15 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-16 14:15 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-16 14:15 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-16 14:15 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-16 14:15 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 14:15 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-16 14:15 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-16 14:15 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-16 14:15 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-16 14:15 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-16 14:15 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-16 14:15 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-16 14:15 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-16 14:15 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-16 14:15 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-16 14:15 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-16 14:15 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-16 14:15 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-16 14:15 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-16 14:15 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-16 14:15 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-16 14:15 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-16 14:15 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-16 14:15 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-16 14:15 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-16 14:15 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-16 14:15 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-16 14:15 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-16 14:15 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-16 14:15 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-16 14:15 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-16 14:15 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-16 14:15 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-16 14:15 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-16 14:15 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-16 14:15 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-16 14:15 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-16 14:15 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-16 14:13 - 2015-07-03 20:05 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-16 14:13 - 2015-07-03 20:05 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-16 14:13 - 2015-07-03 20:05 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-16 14:13 - 2015-07-03 20:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-16 14:13 - 2015-07-03 19:56 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-16 14:13 - 2015-07-03 19:56 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-16 14:13 - 2015-07-03 19:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-16 14:13 - 2015-07-03 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-16 14:13 - 2015-07-03 18:52 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-16 14:13 - 2015-07-03 18:42 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-16 13:49 - 2015-07-16 13:50 - 00000197 _____ C:\Windows\system32\2015-07-16-11-49-43.034-AvastVBoxSVC.exe-3464.log
2015-07-14 13:11 - 2015-07-14 13:11 - 00000247 _____ C:\Windows\system32\2015-07-14-11-11-05.030-aswFe.exe-4192.log
2015-07-14 13:01 - 2015-07-14 13:10 - 00000247 _____ C:\Windows\system32\2015-07-14-11-01-14.049-aswFe.exe-3500.log
2015-07-14 13:01 - 2015-07-14 13:01 - 00000197 _____ C:\Windows\system32\2015-07-14-11-01-09.036-AvastVBoxSVC.exe-1452.log
2015-07-14 00:12 - 2015-07-14 00:12 - 00000197 _____ C:\Windows\system32\2015-07-13-22-12-03.003-AvastVBoxSVC.exe-2784.log
2015-07-14 00:06 - 2015-07-14 00:06 - 00000000 __SHD C:\found.000
2015-07-13 23:27 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-13 23:27 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-07-13 23:27 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-07-13 23:27 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-07-13 23:26 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-13 23:26 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-13 23:26 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-13 23:26 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-13 23:26 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-13 23:26 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-13 23:26 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-13 23:26 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-13 23:25 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-13 23:25 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-13 23:25 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-13 23:25 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-13 23:25 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-13 23:25 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-13 23:25 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-13 23:25 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-13 23:25 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-13 22:39 - 2015-07-13 22:39 - 00000197 _____ C:\Windows\system32\2015-07-13-20-39-38.069-AvastVBoxSVC.exe-2444.log
2015-07-13 21:30 - 2015-07-13 21:30 - 00000197 _____ C:\Windows\system32\2015-07-13-19-30-17.074-AvastVBoxSVC.exe-5648.log
2015-07-13 20:33 - 2015-07-13 20:33 - 00000197 _____ C:\Windows\system32\2015-07-13-18-33-49.099-AvastVBoxSVC.exe-4308.log
2015-07-13 20:18 - 2015-07-13 20:18 - 00000197 _____ C:\Windows\system32\2015-07-13-18-18-39.068-AvastVBoxSVC.exe-4892.log
2015-07-12 12:07 - 2015-07-14 05:55 - 00000000 ____D C:\Program Files (x86)\LOLReplay
2015-07-10 11:45 - 2015-07-10 11:45 - 00000197 _____ C:\Windows\system32\2015-07-10-09-45-06.076-AvastVBoxSVC.exe-3400.log

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-09 14:34 - 2014-09-20 15:32 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-09 14:30 - 2015-05-16 14:19 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-09 14:30 - 2015-05-16 14:19 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-09 13:37 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-09 13:37 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-09 13:34 - 2009-07-29 08:03 - 00000000 ____D C:\Windows\Panther
2015-08-09 13:32 - 2014-11-01 15:23 - 00000000 ____D C:\Users\Lubošek\AppData\Local\CrashDumps
2015-08-09 13:31 - 2014-09-20 20:45 - 00000000 ___HD C:\ASUS.DAT
2015-08-09 11:23 - 2011-02-19 07:36 - 00680204 _____ C:\Windows\system32\perfh005.dat
2015-08-09 11:23 - 2011-02-19 07:36 - 00145172 _____ C:\Windows\system32\perfc005.dat
2015-08-09 11:23 - 2009-07-14 07:13 - 01613986 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-09 11:18 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-09 01:49 - 2014-10-10 20:10 - 00000000 ____D C:\Users\Lubošek\AppData\Roaming\Skype
2015-08-09 01:36 - 2014-09-20 16:30 - 00000000 ____D C:\Users\Lubošek\AppData\Roaming\vlc
2015-08-08 21:29 - 2014-09-20 15:01 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-08 21:28 - 2014-09-20 20:12 - 00002400 _____ C:\Windows\system32\AutoRunFilter.ini
2015-08-08 21:28 - 2014-09-20 20:12 - 00001480 _____ C:\Windows\system32\ServiceFilter.ini
2015-08-08 21:25 - 2009-07-14 06:45 - 04848968 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-08 12:10 - 2014-09-20 14:57 - 00000000 ____D C:\Users\Lubošek\AppData\Roaming\Adobe
2015-08-08 11:14 - 2014-09-20 20:45 - 00064528 _____ C:\Users\Lubošek\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-08 11:12 - 2014-12-02 11:35 - 00000000 ____D C:\Users\Lubošek\AppData\Roaming\uTorrent
2015-08-08 11:09 - 2015-01-17 19:59 - 00000000 ____D C:\Program Files (x86)\USB Vibration
2015-08-08 11:09 - 2014-09-20 19:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-08 11:07 - 2014-10-02 20:55 - 00000049 _____ C:\Windows\SysWOW64\ScrRecX.log
2015-08-08 11:06 - 2015-02-12 19:57 - 00000000 ____D C:\Users\Lubošek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2015-08-08 02:24 - 2015-04-15 11:18 - 00000000 ____D C:\Program Files (x86)\Website and SEO Analysis
2015-08-08 02:20 - 2015-04-15 11:18 - 00000000 ____D C:\Program Files (x86)\bestadblocker
2015-08-08 02:17 - 2015-04-15 11:18 - 00000000 ____D C:\Program Files (x86)\SalePlus
2015-08-08 01:55 - 2015-04-15 11:18 - 00000000 ____D C:\Program Files (x86)\SaaLePluss
2015-08-07 23:42 - 2015-03-06 23:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-08-07 23:34 - 2014-09-20 20:46 - 00001283 _____ C:\Users\Lubošek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-07 23:34 - 2014-09-20 14:58 - 00001433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-07 23:04 - 2014-09-20 15:20 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-07 23:03 - 2014-09-20 20:45 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2015-08-07 16:53 - 2014-09-20 14:58 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-06 23:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-05 20:32 - 2014-09-20 15:15 - 00000000 ____D C:\Users\Lubošek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-05 19:03 - 2014-09-20 14:58 - 00003828 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411217897
2015-08-05 00:05 - 2014-09-20 15:20 - 01048856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-08-05 00:05 - 2014-09-20 15:20 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-05 00:05 - 2014-09-20 15:20 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-05 00:05 - 2014-09-20 15:20 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-05 00:05 - 2014-09-20 15:20 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-05 00:05 - 2014-09-20 15:20 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-05 00:05 - 2014-09-20 15:20 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-05 00:05 - 2014-09-20 15:20 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-04 18:22 - 2014-09-22 19:52 - 00000000 ____D C:\Users\Lubošek\AppData\Roaming\TS3Client
2015-07-25 12:09 - 2015-07-01 11:25 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-22 20:29 - 2015-01-07 08:54 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-07-22 20:29 - 2015-01-07 08:54 - 00000000 ____D C:\Windows\system32\vbox
2015-07-17 17:51 - 2014-09-27 11:11 - 00000000 ____D C:\Mamka
2015-07-16 20:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 14:39 - 2009-07-14 07:08 - 00032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-16 14:32 - 2014-09-22 01:17 - 01589636 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-16 14:27 - 2014-09-24 16:43 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 14:25 - 2015-01-29 15:09 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 14:25 - 2015-01-29 15:09 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-14 23:35 - 2014-09-20 15:32 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 23:35 - 2014-09-20 15:32 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 23:35 - 2014-09-20 15:32 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 05:56 - 2014-09-20 16:44 - 00000000 ____D C:\Users\Mamka
2015-07-14 05:55 - 2014-09-20 20:11 - 00000000 ____D C:\ProgramData\P4G
2015-07-14 05:55 - 2014-09-20 20:06 - 00000000 ____D C:\ProgramData\Atheros
2015-07-14 05:55 - 2014-09-20 16:15 - 00000000 ____D C:\Users\Lubošek\AppData\Roaming\Winamp
2015-07-14 05:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-07-13 23:59 - 2014-12-12 07:12 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-13 23:59 - 2014-09-22 06:35 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-13 23:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-13 23:00 - 2015-07-01 11:25 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-13 21:07 - 2009-07-14 06:45 - 00012288 _____ C:\Windows\system32\umstartup.etl
2015-07-13 20:27 - 2009-07-29 07:10 - 00000000 __SHD C:\Recovery
2015-07-13 20:11 - 2014-09-20 20:45 - 00000000 ____D C:\Users\Lubošek

==================== Files in the root of some directories =======

2015-08-08 12:12 - 2015-08-09 00:47 - 0000132 _____ () C:\Users\Lubošek\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-05-29 19:22 - 2015-05-29 19:22 - 0000058 _____ () C:\Users\Lubošek\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-08-07 23:38 - 2015-08-07 23:37 - 0613255 _____ (CMI Limited) C:\Users\Lubošek\AppData\Local\nsy92C5.tmp
2014-12-01 23:15 - 2014-12-01 23:21 - 0007600 _____ () C:\Users\Lubošek\AppData\Local\resmon.resmoncfg
2011-04-01 11:21 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2014-09-20 20:14 - 2014-09-20 20:15 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-09-20 20:14 - 2014-09-20 20:14 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-08-02 23:26

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS) (Fixed) (Total:571.17 GB) (Free:398.69 GB) NTFS ==>[drive with boot components (obtained from BCD)]

Available physical RAM: 2267.37 MB
Total physical RAM: 4072.13 MB
Percentage of memory in use: 44%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 496B9619)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=571.2 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Lubo�ek\Desktop" je 21 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector
C:\Windows\AsScrPro.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x1
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#4 Příspěvek od **Márty84** » 09 srp 2015 14:04

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Embr · #5 Příspěvek od **Embr** » 11 srp 2015 10:35

Zde přikládám ADW

# AdwCleaner v4.208 - Log vytvořen 11/08/2015 v 11:29:22
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-08-01.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Lubošek - ARNY-PC
# Spuštěno z : C:\Users\Lubošek\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****

Služba Smazáno : IHProtect Service

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\IHProtectUpDate
Složka Smazáno : C:\ProgramData\{96c8c124-21b5-e8ad-96c8-8c12421b0490}
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
Složka Smazáno : C:\Program Files (x86)\Crossbrowse
Složka Smazáno : C:\Program Files (x86)\Website and SEO Analysis
Složka Smazáno : C:\Program Files (x86)\bestadblocker
Složka Smazáno : C:\Program Files (x86)\miuitab
Složka Smazáno : C:\Program Files (x86)\FriendlyError
Složka Smazáno : C:\Program Files (x86)\SaaLePluss
Složka Smazáno : C:\Program Files (x86)\SalePlus
Složka Smazáno : C:\Users\Lubošek\AppData\Local\Crossbrowse
Složka Smazáno : C:\Users\Lubošek\AppData\Roaming\AnyProtectEx
Složka Smazáno : C:\Users\Lubošek\AppData\Roaming\VOPackage
Složka Smazáno : C:\Users\Lubošek\AppData\Roaming\mystartsearch
Složka Smazáno : C:\Users\Lubošek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Složka Smazáno : C:\Users\Mamka\AppData\Local\Crossbrowse
Složka Smazáno : C:\ProgramData\penjchoibeidgafbbfkbenbliefnhdgo
Soubor Smazáno : C:\Users\Lubošek\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_cmaiofennmphjldldcpphcechfnnohja_0.localstorage
Soubor Smazáno : C:\Users\Lubošek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\crossbrowse.lnk
Soubor Smazáno : C:\Users\Lubošek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk
Soubor Smazáno : C:\Users\Lubošek\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
Soubor Smazáno : C:\Users\Lubošek\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal
Soubor Smazáno : C:\Users\Mamka\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Users\Mamka\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal

***** [ Naplánované úlohy ] *****

Úloha Smazáno : APSnotifierPP1
Úloha Smazáno : APSnotifierPP2
Úloha Smazáno : APSnotifierPP3
Úloha Smazáno : Crossbrowse
Úloha Smazáno : amiupdaterExd
Úloha Smazáno : amiupdaterExi

***** [ Zástupci ] *****

Zástupce Vyléčeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Zástupce Vyléčeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Zástupce Vyléčeno : C:\Users\Lubošek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Zástupce Vyléčeno : C:\Users\Lubošek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Zástupce Vyléčeno : C:\Users\Lubošek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Zástupce Vyléčeno : C:\Users\Lubošek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Zástupce Vyléčeno : C:\Users\Lubošek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk

***** [ Registry ] *****

Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
Klíč Smazáno : HKLM\SOFTWARE\Classes\CRSBRWSHTML
Klíč Smazáno : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\crossbrowse.exe
Hodnota Smazáno : HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [CRSBRWSHTML]
Hodnota Smazáno : HKLM\SOFTWARE\Classes\.html\OpenWithProgids [CRSBRWSHTML]
Hodnota Smazáno : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]
Hodnota Smazáno : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
Hodnota Smazáno : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
Hodnota Smazáno : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{6040a42c}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{C1EC170E-C5ED-4100-9078-559C31AFDBF5}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\AnyProtect
Klíč Smazáno : HKCU\Software\APN PIP
Klíč Smazáno : HKCU\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\HomeTab
Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
Klíč Smazáno : HKCU\Software\simplytech
Klíč Smazáno : HKCU\Software\WajIEnhance
Klíč Smazáno : HKCU\Software\TNT2
Klíč Smazáno : HKCU\Software\WajIntEnhance
Klíč Smazáno : HKCU\Software\CrossBrowser
Klíč Smazáno : HKCU\Software\SearchProtectWS
Klíč Smazáno : HKCU\Software\Crossbrowse
Klíč Smazáno : HKCU\Software\Linkey
Klíč Smazáno : HKCU\Software\YorkNewCin
Klíč Smazáno : HKCU\Software\HighDefAction
Klíč Smazáno : HKCU\Software\Kromtech
Klíč Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Smazáno : HKLM\SOFTWARE\AskPartnerNetwork
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\Iminent
Klíč Smazáno : HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : HKLM\SOFTWARE\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : HKLM\SOFTWARE\SupTab
Klíč Smazáno : HKLM\SOFTWARE\supWindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\mystartsearchSoftware
Klíč Smazáno : HKLM\SOFTWARE\IHProtect
Klíč Smazáno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Smazáno : HKLM\SOFTWARE\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\Crossbrowse
Klíč Smazáno : HKLM\SOFTWARE\SpeedBit
Klíč Smazáno : HKLM\SOFTWARE\AIM Toolbar
Klíč Smazáno : HKLM\SOFTWARE\YorkNewCin
Klíč Smazáno : HKLM\SOFTWARE\HighDefAction
Klíč Smazáno : HKLM\SOFTWARE\searchult
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FriendlyError
Klíč Smazáno : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : [x64] HKLM\SOFTWARE\Speedchecker Limited
Klíč Smazáno : [x64] HKLM\SOFTWARE\YorkNewCin
Klíč Smazáno : [x64] HKLM\SOFTWARE\HighDefAction
Klíč Smazáno : [x64] HKLM\SOFTWARE\ArenaHD

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17909

Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v44.0.2403.130

[C:\Users\Lubošek\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Lubošek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : hxxp://www.mystartsearch.com/?type=hp&ts=14392 ... JYMD2JYMD2
[C:\Users\Lubošek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Startup_URLs] : hxxp://www.mystartsearch.com/?type=hp&ts=14392 ... JYMD2JYMD2

-\\ Chromium v

-\\ Comodo Dragon v

-\\ Opera v31.0.1889.99

*************************

AdwCleaner[R0].txt - [15941 bytů] - [11/08/2015 11:27:12]
AdwCleaner[S0].txt - [11250 bytů] - [11/08/2015 11:29:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11309 bytů] ##########

Embr · #6 Příspěvek od **Embr** » 11 srp 2015 13:12

MBAM

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 11.8.2015
Čas skenování: 11:45
Protokol: MBAM.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.11.04
Databáze rootkitů: v2015.08.06.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Lubošek

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 607881
Uplynulý čas: 2 hod, 11 min, 21 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 1
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\A8F40380-1438981170-81E1-2D0D-5404A63EAE08\knss223F.tmpfs, 2296, , [d7b961a6305ba4929118d4d7d52f44bc]

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 5
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\suqowyso, , [d7b961a6305ba4929118d4d7d52f44bc],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [c3cdf215cebd9a9cfa566f367e86916f],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-3.2cV29.07, , [eaa67196612a0531dec5062bc43f17e9],
PUP.Optional.VoPackage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, , [207050b7e5a65fd733c3bae1e420dc24],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [d9b7798e2f5c73c30f413a6b53b1b34d],

Hodnoty registru: 4
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [c3cdf215cebd9a9cfa566f367e86916f]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [d9b7798e2f5c73c30f413a6b53b1b34d]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\suqowyso|ImagePath, C:\Program Files (x86)\A8F40380-1438981170-81E1-2D0D-5404A63EAE08\knss223F.tmpfs, , [791797707219dd593150ff9c2cd8fc04]
PUP.Optional.CrossBrowse.A, HKU\S-1-5-21-90642585-2529362141-3803046766-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GoogleChromeAutoLaunch_80B0F58FF2A8A4BF43CCB6FF4F6AA545, "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window, , [365a5aadd3b83bfbdb8ea9ffba4a52ae]

Data registru: 4
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{1026E70E-BBC8-44C7-82A3-1096AADF7382}|NameServer, 52.18.92.32,8.8.8.8, Dobré: (), Špatné: (52.18.92.32,8.8.8.8),,[7020d3346e1dbe78ee133021c63f6997]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}|NameServer, 52.18.92.32,8.8.8.8, Dobré: (), Špatné: (52.18.92.32,8.8.8.8),,[533d4dba1f6c8da927da20314cb9a858]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{946E2A51-286E-4C50-B796-964CD105C78A}|NameServer, 52.18.92.32,8.8.8.8, Dobré: (), Špatné: (52.18.92.32,8.8.8.8),,[1b7594737219d16548b9c48db84df907]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{EFA8EC5D-1054-4A4C-B236-0F6EBB35E76E}|NameServer, 52.18.92.32,8.8.8.8, Dobré: (), Špatné: (52.18.92.32,8.8.8.8),,[157b59ae0d7e7bbb976a79d8d92c14ec]

Složky: 8
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaPlus-3.2cV29.07, , [3c54e81fd5b681b502b552c8748f8f71],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\A8F40380-1438981170-81E1-2D0D-5404A63EAE08, , [d7b961a6305ba4929118d4d7d52f44bc],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\17836280913405464813, , [7c1451b6b4d7999d82381c9031d338c8],
PUP.Optional.RegCleanerPro.A, C:\Users\Lubošek\AppData\Roaming\systweak\regclean pro, , [b6daf90e17742115ae772db5e51db24e],
PUP.Optional.AnyProtect.A, C:\Program Files (x86)\AnyProtectEx, , [9cf49374563546f07beda968f80b49b7],
PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\MWinManProM, , [731d3ccb2d5e68ce1cb2cb488b78cf31],
PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\ZWinManProZ, , [27699d6a494238fe4688b45fdd2643bd],
PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\ZWinManProZ\update, , [27699d6a494238fe4688b45fdd2643bd],

Soubory: 30
PUP.Optional.Crossbrowse.C, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe.vir, , [692739ce6d1ef442b8a1463a09fca45c],
PUP.Optional.CrossBrowse, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe.vir, , [9ff13bcc4f3c9d99c12dc4d7639eb14f],
PUP.Optional.Crossbrowse.C, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\chrome_elf.dll.vir, , [b3dd8582404b5fd79abfed93ed18cf31],
PUP.Optional.Crossbrowse.C, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\delegate_execute.exe.vir, , [216f2bdc800b1f17b8a1542c768f7a86],
PUP.Optional.Crossbrowse.C, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\metro_driver.dll.vir, , [97f99275167542f488d1d9a74abb8f71],
PUP.Optional.Crossbrowse.C, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\nacl64.exe.vir, , [f29ec443f4973402b2a78bf574918a76],
PUP.Optional.Crossbrowse.C, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\chrmstp.exe.vir, , [662a44c3afdc8da998f937499e67659b],
PUP.Optional.Crossbrowse.C, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\setup.exe.vir, , [c0d054b35b303105f1a0b8c8d72e2fd1],
PUP.Optional.XTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\ProtectService.exe.vir, , [038dce39a1ea152102e129326f92619f],
PUP.Optional.AnyProtect.A, C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe, , [2f6113f44a41ae88724df986e421867a],
PUP.Optional.WProtectManager.A, C:\ProgramData\MWinManProM\ProtectWindowsManager.exe, , [b2ded037464561d5827da2e0ee174ab6],
PUP.Optional.WProtectManager.A, C:\ProgramData\ZWinManProZ\ProtectWindowsManager.exe, , [b5dbc7401477c571a25df9890cf94eb2],
PUP.Optional.AnyProtect, C:\Users\Lubošek\AppData\Local\nsf9276.tmp, , [632d9176f5963cfaada7245fdf23728e],
PUP.Optional.AnyProtect, C:\Users\Lubošek\AppData\Local\nsy92C5.tmp, , [fa96b94e1d6e50e63024770c788ab749],
PUP.Optional.AnyProtect, C:\Users\Lubošek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I54HU574\AnyProtectSetup[1].exe, , [6a2624e390fbd95daea64c378f73ba46],
PUP.Optional.RegCleanPro, C:\Users\Lubošek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I54HU574\rcpsetup_17970[1].exe, , [810feb1c434869cdcc30094356aab34d],
PUP.Optional.PreInstaller.A, C:\Users\Lubošek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NOCE21WF\setup_362[1].exe, , [0c8471969fecb87e3f09ac06956c21df],
PUP.Optional.CheckOffer, C:\Users\Lubošek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NOCE21WF\VuuPC_VO2_8907[1].exe, , [048c9e6955360b2b9d3febba1de4ab55],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Lubošek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VTOS1CM3\cmi_mystartsearch[1].exe, , [abe5c83ff299f5419391fc840bfa5aa6],
PUP.Optional.AnyProtect, C:\Users\Lubošek\AppData\Local\Temp\nsf9276.tmp, , [bad69d6a1675ea4cbc981073a2602cd4],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Lubošek\AppData\Local\Temp\nstADBB.tmp, , [523e20e7b4d754e2b470fd8395703dc3],
PUP.Optional.OfferInstaller.C, C:\Users\Lubošek\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe, , [a8e86d9afe8d42f4f0de02808c75bb45],
PUP.Optional.CrossBrowse, C:\Users\Lubošek\AppData\Local\F57BFE20-C3B8-48CC-94D7-1D935594931\F57BFE20-C3B8-48CC-94D7-1D935594931.exe, , [345c9f6897f4a29467875f3cf50c08f8],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaPlus-3.2cV29.07\bgNova.html, , [3c54e81fd5b681b502b552c8748f8f71],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\A8F40380-1438981170-81E1-2D0D-5404A63EAE08\knss223F.tmpfs, , [d7b961a6305ba4929118d4d7d52f44bc],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\A8F40380-1438981170-81E1-2D0D-5404A63EAE08\Uninstall.exe, , [d7b961a6305ba4929118d4d7d52f44bc],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\17836280913405464813\cd5b15e575e1c3d0a158b8117c0cc544.ini, , [7c1451b6b4d7999d82381c9031d338c8],
PUP.Optional.RegCleanerPro.A, C:\Users\Lubošek\AppData\Roaming\systweak\regclean pro\dta.ini, , [b6daf90e17742115ae772db5e51db24e],
PUP.Optional.AnyProtect.A, C:\Program Files (x86)\AnyProtectEx\product.guid, , [9cf49374563546f07beda968f80b49b7],
PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\ZWinManProZ\updateconf, , [27699d6a494238fe4688b45fdd2643bd],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#7 Příspěvek od **Márty84** » 11 srp 2015 13:47

Vsechny nalezy MBAM nechte odstranit. Po odstraneni a restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

13.9. pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

Prosím o pomoc

Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc