Prosim o kontrolu

Zpráva

superjano · #1 Příspěvek od **superjano** » 13 zář 2015 18:30

Logfile of random's system information tool 1.10 (written by random/random)
Run by Milan at 2015-09-13 19:27:36
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 62 GB (21%) free of 297 GB
Total RAM: 3006 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:27:50, on 13. 9. 2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16684)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Milan\Desktop\RSIT.exe
C:\Program Files\trend micro\Milan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://google.sk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.56.101:8213
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - (no file)
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

--
End of file - 6659 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-620889938-3404297717-3700568068-1000Core.job - C:\Users\Milan\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-620889938-3404297717-3700568068-1000UA.job - C:\Users\Milan\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-06-19 752960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-22 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-25 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Surfing Protection - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2015-04-01 672032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-22 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-25 6109776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-07-31 2296600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2013-09-17 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMonitorVMUVC]
C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe [2007-12-20 135168]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-09-13 19:27:36 ----D---- C:\rsit
2015-09-13 19:19:28 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-08-16 17:19:29 ----D---- C:\Program Files\Mozilla Thunderbird
2015-08-15 16:08:48 ----A---- C:\Windows\system32\ntdll.dll
2015-08-15 16:08:48 ----A---- C:\Windows\system32\msmmsp.dll
2015-08-15 16:08:48 ----A---- C:\Windows\system32\emdmgmt.dll
2015-08-15 16:08:48 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-15 16:08:48 ----A---- C:\Windows\system32\drivers\ecache.sys
2015-08-15 16:08:48 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-15 16:08:47 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-15 16:08:47 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-08-15 16:08:02 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-15 16:07:33 ----A---- C:\Windows\system32\drivers\srv.sys
2015-08-15 16:06:33 ----A---- C:\Windows\system32\mstscax.dll
2015-08-15 16:05:26 ----A---- C:\Windows\system32\shell32.dll
2015-08-15 15:51:16 ----A---- C:\Windows\system32\basesrv.dll
2015-08-15 15:50:23 ----A---- C:\Windows\system32\msxml6.dll
2015-08-15 15:50:22 ----A---- C:\Windows\system32\msxml3.dll
2015-08-15 15:49:40 ----A---- C:\Windows\system32\win32k.sys
2015-08-15 15:49:40 ----A---- C:\Windows\system32\d3d10warp.dll
2015-08-15 15:49:40 ----A---- C:\Windows\system32\d3d10level9.dll
2015-08-15 15:49:40 ----A---- C:\Windows\system32\d3d10core.dll
2015-08-15 15:49:40 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-08-15 15:49:40 ----A---- C:\Windows\system32\d3d10_1.dll
2015-08-15 15:49:40 ----A---- C:\Windows\system32\d3d10.dll
2015-08-15 15:49:40 ----A---- C:\Windows\system32\d2d1.dll
2015-08-15 15:49:40 ----A---- C:\Windows\system32\atmlib.dll
2015-08-15 15:49:40 ----A---- C:\Windows\system32\atmfd.dll
2015-08-15 15:49:39 ----A---- C:\Windows\system32\FntCache.dll
2015-08-15 15:49:39 ----A---- C:\Windows\system32\DWrite.dll
2015-08-15 15:49:01 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-15 15:48:36 ----A---- C:\Windows\system32\notepad.exe
2015-08-15 15:48:36 ----A---- C:\Windows\notepad.exe
2015-08-15 11:57:26 ----A---- C:\Windows\system32\vbscript.dll
2015-08-15 11:57:26 ----A---- C:\Windows\system32\urlmon.dll
2015-08-15 11:57:26 ----A---- C:\Windows\system32\mshta.exe
2015-08-15 11:57:26 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-08-15 11:57:26 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-15 11:57:26 ----A---- C:\Windows\system32\ieUnatt.exe
2015-08-15 11:57:26 ----A---- C:\Windows\system32\iertutil.dll
2015-08-15 11:57:26 ----A---- C:\Windows\system32\dxtmsft.dll
2015-08-15 11:57:25 ----A---- C:\Windows\system32\url.dll
2015-08-15 11:57:25 ----A---- C:\Windows\system32\jsproxy.dll
2015-08-15 11:57:25 ----A---- C:\Windows\system32\jscript.dll
2015-08-15 11:57:24 ----A---- C:\Windows\system32\msfeedssync.exe
2015-08-15 11:57:23 ----A---- C:\Windows\system32\wininet.dll
2015-08-15 11:57:23 ----A---- C:\Windows\system32\mshtmled.dll
2015-08-15 11:57:23 ----A---- C:\Windows\system32\jscript9.dll
2015-08-15 11:57:22 ----A---- C:\Windows\system32\ieui.dll
2015-08-15 11:57:22 ----A---- C:\Windows\system32\ieframe.dll
2015-08-15 11:57:22 ----A---- C:\Windows\system32\dxtrans.dll
2015-08-15 11:57:19 ----A---- C:\Windows\system32\mshtml.dll

======List of files/folders modified in the last 1 month======

2015-09-13 19:27:47 ----D---- C:\Windows\Prefetch
2015-09-13 19:27:37 ----D---- C:\Program Files\trend micro
2015-09-13 19:27:34 ----D---- C:\Windows\temp
2015-09-13 19:19:28 ----D---- C:\Windows\System32
2015-09-13 19:14:59 ----D---- C:\Windows\system32\LogFiles
2015-09-13 19:14:47 ----D---- C:\Windows\inf
2015-09-13 19:14:47 ----D---- C:\Windows
2015-09-13 16:26:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-13 15:15:11 ----A---- C:\Windows\win.ini
2015-09-13 15:14:36 ----D---- C:\Windows\twain_32
2015-09-12 10:18:40 ----SHD---- C:\System Volume Information
2015-09-08 21:03:26 ----D---- C:\ProgramData\ProductData
2015-09-07 06:20:21 ----D---- C:\ProgramData\NVIDIA
2015-09-05 15:29:24 ----D---- C:\Windows\system32\catroot2
2015-08-28 07:45:02 ----SHD---- C:\Windows\Installer
2015-08-28 07:40:49 ----RD---- C:\Program Files
2015-08-28 07:40:45 ----D---- C:\Windows\Tasks
2015-08-20 17:25:13 ----D---- C:\Windows\system32\config
2015-08-20 17:25:08 ----D---- C:\Windows\VMUVC
2015-08-20 17:25:08 ----D---- C:\Windows\system32\Msdtc
2015-08-20 17:25:07 ----D---- C:\Windows\system32\wbem
2015-08-20 17:25:07 ----D---- C:\Windows\registration
2015-08-20 16:33:21 ----D---- C:\Windows\system32\Tasks
2015-08-20 16:32:58 ----D---- C:\Program Files\IObit
2015-08-20 16:02:18 ----D---- C:\Windows\winsxs
2015-08-20 16:02:09 ----D---- C:\Windows\system32\catroot
2015-08-19 16:27:32 ----D---- C:\Program Files\Opera
2015-08-18 07:05:24 ----D---- C:\Windows\SoftwareDistribution
2015-08-18 07:03:11 ----D---- C:\Windows\Debug
2015-08-17 20:16:25 ----D---- C:\Windows\Minidump
2015-08-17 15:02:36 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-08-16 17:54:17 ----D---- C:\Windows\Microsoft.NET
2015-08-15 16:59:16 ----RSD---- C:\Windows\assembly
2015-08-15 16:42:19 ----D---- C:\Windows\system32\XPSViewer
2015-08-15 16:42:19 ----D---- C:\Windows\system32\drivers
2015-08-15 16:42:18 ----D---- C:\Windows\system32\migration
2015-08-15 16:42:17 ----D---- C:\Program Files\Internet Explorer
2015-08-15 15:52:23 ----D---- C:\Windows\system32\MRT
2015-08-15 15:52:16 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-25 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-25 208664]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-07-25 95112]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-07-25 55200]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-25 788784]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-25 433264]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2014-09-04 42784]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-09-09 741488]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-09-09 105472]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-25 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-25 76000]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-25 220752]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2015-07-25 161472]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-05-23 43800]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2013-05-23 28312]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-03-17 23256]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-05-15 11354944]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-06-23 259176]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-09-09 117272]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-09-09 127584]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208]
R3 VMUVC;Vimicro Camera Service VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [2010-01-12 252928]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC; C:\Windows\system32\drivers\vvftUVC.sys [2008-07-01 398720]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 andnetadb;ADB Interface DriverNet; C:\Windows\System32\Drivers\lgandnetadb.sys [2012-07-03 25856]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag.sys [2012-07-03 23040]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem.sys [2012-07-03 27776]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter; C:\Windows\system32\DRIVERS\lgandnetndis.sys [2012-07-04 70400]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-07-25 57888]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2010-01-05 1387008]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-18 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-18 131584]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-18 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-18 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 23040]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2012-09-18 39608]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-03-17 51928]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-01 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-01 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-01 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-01 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-01 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-01 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-01 123504]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-25 146600]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [2013-11-18 87368]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-05-15 645440]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-25 3218624]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2015-07-30 2909472]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 553288]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-06-13 293144]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-16 149672]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2012-08-29 79360]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-12 772296]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 14 zář 2015 08:03

Krasny den Vam preju

Pozorujete nejake konkretni problemy, ci jde pouze o preventivku?

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Cleaning
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

superjano · #3 Příspěvek od **superjano** » 14 zář 2015 15:52

# AdwCleaner v5.007 - Logfile created 14/09/2015 at 16:45:44
# Updated 08/09/2015 by Xplode
# Database : 2015-09-10.1 [Server]
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Username : Milan - DOMA-PC
# Running from : C:\Users\Milan\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\Avg_Update_0215tb
[-] Folder Deleted : C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
[-] Folder Deleted : C:\Users\Milan\AppData\LocalLow\HPAppData
[-] Folder Deleted : C:\Users\Milan\AppData\Roaming\HPAppData

***** [ Files ] *****

[-] File Deleted : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
[-] File Deleted : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\elicpjhcidhpjomhibiffojpinpmmpil

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}]
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C00235CB-211C-4FC3-9750-C350E530DE8A}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-620889938-3404297717-3700568068-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[!] Key Not Deleted : HKU\S-1-5-21-620889938-3404297717-3700568068-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C00235CB-211C-4FC3-9750-C350E530DE8A}
[-] Data Restored : HKU\S-1-5-21-620889938-3404297717-3700568068-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

***** [ Web browsers ] *****

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [4180 bytes] ##########

#4 Příspěvek od **altrok** » 14 zář 2015 15:54

Pozorujete nejake konkretni problemy, ci jde pouze o preventivku?

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

superjano · #5 Příspěvek od **superjano** » 14 zář 2015 16:02

jde pouze o preventivku

superjano · #6 Příspěvek od **superjano** » 14 zář 2015 16:02

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-09-2015
Ran by Milan (administrator) on DOMA-PC (14-09-2015 16:59:24)
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-25] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-25] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-06-24]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-620889938-3404297717-3700568068-1000] => 192.168.56.101:8213
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{07E6F07F-7516-443F-ABEF-DE66A7408B66}: [DhcpNameServer] 146.185.220.85 8.8.8.8
Tcpip\..\Interfaces\{930F0233-0741-4C29-8D8C-EAA7A3B6E9A7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E42D1369-DDBD-4D0C-9C79-5E3CE01801F8}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-620889938-3404297717-3700568068-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={AB3CF57F-18CB-4F89-AFEB-D9BCFB9D4C92}&mid=5cd5fd96f0e147d08424d152bafa7bb0-1cbcb01185aea9d9667f27038f8e5a8d2fcc9fb5&lang=sk&ds=AVG&coid=avgtbavg&cmpid=0415tb&pr=fr&d=2014-09-04 19:09:44&v=4.1.0.411&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-620889938-3404297717-3700568068-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-620889938-3404297717-3700568068-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://google.sk
BHO: HP Print Clips -> {053F9267-DC04-4294-A72C-58F732D338C0} -> C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02] (Hewlett-Packard Co.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-22] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-25] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-22] (Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2013-09-09] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-10-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-10-22] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-620889938-3404297717-3700568068-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Milan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-09-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-19]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2013-11-17]

Chrome:
=======
CHR HomePage: Default -> hxxps://mysearch.avg.com?cid={AB3CF57F-18CB-4F89-AFEB-D9BCFB9D4C92}&mid=5cd5fd96f0e147d08424d152bafa7bb0-1cbcb01185aea9d9667f27038f8e5a8d2fcc9fb5&lang=sk&ds=AVG&coid=avgtbavg&pr=fr&d=2014-09-04 19:09:44&v=3.2.0.15&pid=wtu&sg=&sap=hp
CHR StartupUrls: Default -> "hxxps://mysearch.avg.com?cid={AB3CF57F-18CB-4F89-AFEB-D9BCFB9D4C92}&mid=5cd5fd96f0e147d08424d152bafa7bb0-1cbcb01185aea9d9667f27038f8e5a8d2fcc9fb5&lang=sk&ds=AVG&coid=avgtbavg&pr=fr&d=2014-09-04 19:09:44&v=3.2.0.15&pid=wtu&sg=&sap=hp"
CHR Profile: C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-02]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-19]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-19]

Opera:
=======
OPR Extension: (LastPass) - C:\Users\Milan\AppData\Roaming\Opera Software\Opera Stable\Extensions\hnjalnkldgigidggphhmacmimbdlafdo [2014-11-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-25] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-07-25] (Avast Software)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-06-04] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-06-04] (Hewlett-Packard Co.) [File not signed]
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2012-08-29] (SolidWorks) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-18] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2012-07-03] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23040 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis.sys [70400 2012-07-04] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-07-25] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788784 2015-07-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433264 2015-07-25] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [161472 2015-07-25] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-07-25] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-25] (AVAST Software)
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1387008 2010-01-05] (Atheros Communications, Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-09-04] (AVG Technologies)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG)
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28312 2013-05-23] (Logitech, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-07-25] (AVAST Software)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-01] (MCCI Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-25] (Avast Software)
R3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [252928 2010-01-12] (Vimicro Corporation)
R3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [398720 2008-07-01] (Vimicro Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-18] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-14 16:59 - 2015-09-14 16:59 - 00014538 _____ C:\Users\Milan\Desktop\FRST.txt
2015-09-14 16:59 - 2015-09-14 16:59 - 00000000 ____D C:\FRST
2015-09-14 16:57 - 2015-09-14 16:57 - 01694208 _____ (Farbar) C:\Users\Milan\Desktop\FRST.exe
2015-09-14 16:43 - 2015-09-14 16:54 - 00000000 ____D C:\AdwCleaner
2015-09-14 07:39 - 2015-09-14 07:39 - 00121856 _____ C:\Users\Milan\Downloads\Telefonny_zoznam_Presov (1).xls
2015-09-14 06:54 - 2015-09-14 07:00 - 233864197 _____ C:\Users\Milan\Downloads\Miriam_1._sv._prijímanie-2015-09-13.zip
2015-09-13 20:39 - 2015-09-13 21:08 - 00001590 _____ C:\Windows\setupact.log
2015-09-13 20:39 - 2015-09-13 20:39 - 00000000 _____ C:\Windows\setuperr.log
2015-09-13 19:43 - 2015-08-30 11:26 - 00000000 ____D C:\Users\Milan\Desktop\Kryštof - Srdcebeat 2015
2015-09-13 19:36 - 2015-09-13 19:42 - 99994763 _____ C:\Users\Milan\Downloads\Kryštof---Srdcebeat-2015.rar
2015-09-13 19:31 - 2015-09-13 19:31 - 00100760 _____ C:\Users\Milan\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-13 19:27 - 2015-09-13 19:27 - 00000000 ____D C:\rsit
2015-09-13 19:19 - 2015-09-13 19:19 - 00376912 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-13 15:08 - 2015-09-14 07:15 - 00000000 ____D C:\Users\Milan\Downloads\PeterL
2015-09-12 20:14 - 2015-09-12 20:14 - 00104448 _____ C:\Users\Milan\Downloads\Telefonny_zoznam_Presov.xls
2015-09-10 07:36 - 2015-09-10 07:48 - 170810704 _____ C:\Users\Milan\Downloads\DJ_AIO_NonNetwork_ENU_NB.exe
2015-08-29 16:47 - 2015-09-05 20:14 - 00000000 ____D C:\Users\Milan\Desktop\SA veža+Drienica+V.Š
2015-08-25 20:36 - 2015-08-25 20:37 - 00000000 ____D C:\Users\Milan\Desktop\FILIPOVA LENKA - Best of (2CD 2005)
2015-08-25 20:22 - 2015-08-25 20:35 - 228824688 _____ C:\Users\Milan\Downloads\FILIPOVA-LENKA---Best-of-(2CD-2005).rar
2015-08-21 09:24 - 2015-08-21 09:24 - 00000240 _____ C:\Users\Milan\Downloads\objednavky.vcf
2015-08-16 17:19 - 2015-08-16 17:20 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2015-08-15 16:08 - 2015-07-31 21:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-15 16:08 - 2015-07-21 22:55 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-15 16:08 - 2015-07-21 18:07 - 03605440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-08-15 16:08 - 2015-07-21 18:07 - 03553216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-15 16:08 - 2015-07-21 18:07 - 00140224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-08-15 16:08 - 2015-07-21 18:07 - 00056256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-15 16:08 - 2015-07-21 18:03 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-08-15 16:08 - 2015-07-21 18:03 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-15 16:08 - 2015-07-21 18:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-15 16:07 - 2015-07-09 16:20 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-08-15 16:06 - 2015-07-10 21:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-15 16:05 - 2015-07-11 17:56 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-15 15:51 - 2015-07-18 18:03 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-15 15:50 - 2015-07-10 21:37 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-15 15:50 - 2015-07-10 21:37 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-15 15:49 - 2015-08-01 00:08 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-15 15:49 - 2015-07-31 23:46 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-08-15 15:49 - 2015-07-31 23:46 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-08-15 15:49 - 2015-07-31 23:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-08-15 15:49 - 2015-07-31 23:46 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-08-15 15:49 - 2015-07-31 22:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-15 15:49 - 2015-07-31 22:40 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-08-15 15:49 - 2015-07-31 22:35 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-08-15 15:49 - 2015-07-31 22:33 - 02066944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-15 15:49 - 2015-07-31 22:33 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-15 15:49 - 2015-07-31 22:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-15 15:49 - 2015-07-31 22:33 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-15 15:49 - 2015-07-01 17:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-15 15:48 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-15 15:48 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-15 11:57 - 2015-07-22 22:54 - 12386816 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-15 11:57 - 2015-07-22 22:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-15 11:57 - 2015-07-22 22:51 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-15 11:57 - 2015-07-22 22:47 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-15 11:57 - 2015-07-22 22:46 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-15 11:57 - 2015-07-22 22:46 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-15 11:57 - 2015-07-22 22:45 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-15 11:57 - 2015-07-22 22:45 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-08-15 11:57 - 2015-07-22 22:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-15 11:57 - 2015-07-22 22:44 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-15 11:57 - 2015-07-22 22:44 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-15 11:57 - 2015-07-22 22:44 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-15 11:57 - 2015-07-22 22:44 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-15 11:57 - 2015-07-22 22:44 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-15 11:57 - 2015-07-22 22:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-15 11:57 - 2015-07-22 22:43 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-15 11:57 - 2015-07-22 22:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-15 11:57 - 2015-07-22 22:43 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-15 11:57 - 2015-07-22 22:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-08-15 11:57 - 2015-07-22 22:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-08-15 11:57 - 2015-07-22 22:43 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-08-15 11:57 - 2015-07-22 22:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-14 16:52 - 2015-07-28 15:16 - 00606335 _____ C:\Windows\WindowsUpdate.log
2015-09-14 16:49 - 2014-05-11 10:21 - 00000000 ____D C:\Users\Milan\AppData\Local\HTC MediaHub
2015-09-14 16:47 - 2012-09-16 19:19 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-14 16:47 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-14 16:47 - 2006-11-02 14:47 - 00003664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-14 16:47 - 2006-11-02 14:47 - 00003664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-14 16:46 - 2012-06-29 14:22 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-09-14 16:46 - 2006-11-02 15:01 - 00032606 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-14 16:45 - 2012-09-16 19:19 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-14 16:39 - 2013-04-21 12:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-14 15:08 - 2013-12-17 19:03 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-620889938-3404297717-3700568068-1000UA.job
2015-09-14 06:51 - 2014-09-02 22:00 - 00070530 _____ C:\Windows\system32\perfh01B.dat
2015-09-14 06:51 - 2014-09-02 22:00 - 00024876 _____ C:\Windows\system32\perfc01B.dat
2015-09-14 06:51 - 2006-11-02 12:33 - 00837852 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-13 20:30 - 2012-06-24 18:08 - 00061952 _____ C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-13 19:40 - 2014-08-06 12:06 - 00000000 ____D C:\Program Files\trend micro
2015-09-13 19:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\LogFiles
2015-09-13 18:08 - 2013-12-17 19:03 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-620889938-3404297717-3700568068-1000Core.job
2015-09-13 15:15 - 2006-11-02 12:23 - 00000254 _____ C:\Windows\win.ini
2015-09-13 15:14 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\twain_32
2015-09-12 21:22 - 2015-07-25 15:07 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-09-12 21:15 - 2012-06-24 15:50 - 00002677 _____ C:\Users\Milan\Desktop\Microsoft Office Word 2007.lnk
2015-09-11 20:34 - 2012-06-24 18:00 - 00000000 ____D C:\Users\Milan\Desktop\OCKO
2015-09-11 07:59 - 2012-06-25 21:08 - 00000000 ____D C:\Users\Milan\Documents\My Scans
2015-09-10 08:02 - 2012-06-24 14:32 - 00012873 _____ C:\ProgramData\hpzinstall.log
2015-09-10 07:52 - 2012-06-24 14:32 - 00140417 _____ C:\Windows\hpoins14.dat
2015-09-08 21:03 - 2015-06-19 15:47 - 00000000 ____D C:\ProgramData\ProductData
2015-09-07 17:47 - 2012-07-19 21:03 - 00000000 ____D C:\Users\Milan\Desktop\Kapišová
2015-09-07 06:20 - 2012-06-24 14:05 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-27 21:23 - 2015-07-12 13:26 - 00000000 ____D C:\Users\Milan\Desktop\Tomark - f.m
2015-08-27 21:10 - 2015-05-07 21:13 - 00000000 ____D C:\Users\Milan\Desktop\xxx
2015-08-20 17:25 - 2012-06-24 14:19 - 00000000 ____D C:\Windows\VMUVC
2015-08-20 17:25 - 2012-06-24 13:57 - 00000000 ____D C:\Users\Milan
2015-08-20 17:25 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\Msdtc
2015-08-20 17:25 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2015-08-20 17:25 - 2006-11-02 12:22 - 51904512 _____ C:\Windows\system32\config\software_previous
2015-08-20 17:25 - 2006-11-02 12:22 - 48234496 _____ C:\Windows\system32\config\system_previous
2015-08-20 17:22 - 2006-11-02 12:22 - 39845888 _____ C:\Windows\system32\config\components_previous
2015-08-20 17:22 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2015-08-20 16:32 - 2015-06-19 15:46 - 00000000 ____D C:\Program Files\IObit
2015-08-20 16:03 - 2006-11-02 12:22 - 00524288 _____ C:\Windows\system32\config\default_previous
2015-08-20 16:03 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2015-08-19 16:27 - 2014-03-25 14:56 - 00000000 ____D C:\Program Files\Opera
2015-08-17 20:16 - 2012-06-25 14:26 - 00000000 ____D C:\Windows\Minidump
2015-08-17 15:02 - 2012-06-24 14:10 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-16 17:54 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-15 16:42 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-08-15 16:03 - 2014-09-03 10:28 - 00000000 ____D C:\Windows\system32\MRT
2015-08-15 15:52 - 2006-11-02 12:24 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-08-15 11:25 - 2013-11-04 22:58 - 00000000 ____D C:\Users\Milan\Desktop\Andrejko a Davidko

==================== Files in the root of some directories =======

2012-06-24 13:57 - 2012-06-24 14:53 - 0000680 _____ () C:\Users\Milan\AppData\Local\d3d9caps.dat
2012-06-24 18:08 - 2015-09-13 20:30 - 0061952 _____ () C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-02 09:47 - 2015-07-11 10:13 - 0000600 _____ () C:\Users\Milan\AppData\Local\PUTTY.RND
2012-06-24 14:32 - 2015-09-10 08:02 - 0012873 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Milan\AppData\Local\temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-09-14 16:54

==================== End of FRST.txt ============================

superjano · #7 Příspěvek od **superjano** » 14 zář 2015 16:03

Additional scan result of Farbar Recovery Scan Tool (x86) Version:14-09-2015
Ran by Milan (2015-09-14 17:00:14)
Running from C:\Users\Milan\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2012-06-24 11:51:55)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-620889938-3404297717-3700568068-500 - Administrator - Disabled)
Guest (S-1-5-21-620889938-3404297717-3700568068-501 - Limited - Disabled)
Milan (S-1-5-21-620889938-3404297717-3700568068-1000 - Administrator - Enabled) => C:\Users\Milan

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.5.0.880 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
AIO_Scan (Version: 90.0.222.000 - Hewlett-Packard) Hidden
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2223 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.62.1068 - AB Team, d.o.o.)
BufferChm (Version: 90.0.146.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Copy (Version: 90.0.146.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Destination Component (Version: 090.000.091.086 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 90.0.205.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DJ_AIO_NS_LP_DocCD (Version: 90.0.222.000 - Hewlett-Packard) Hidden
DJ_AIO_ProductContext (Version: 90.0.236.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (Version: 90.0.222.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (Version: 90.0.222.000 - Hewlett-Packard) Hidden
eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
F4100 (Version: 90.0.222.000 - Hewlett-Packard) Hidden
F4100_doccd (Version: 90.0.222.000 - Hewlett-Packard) Hidden
F4100_Help (Version: 90.0.222.000 - Hewlett-Packard) Hidden
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.0.6.722 - Foxit Corporation)
Free DWG Viewer 7.1 (HKLM\...\{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}) (Version: 7.1 - IGC)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.13 - Google Inc.) Hidden
HP Customer Participation Program 9.0 (HKLM\...\HPExtendedCapabilities) (Version: 9.0 - HP)
HP Deskjet All-In-One Software 9.0 (HKLM\...\{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}) (Version: 9.0 - HP)
HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP)
HP Photosmart Essential 2.01 (HKLM\...\HP Photosmart Essential) (Version: 2.01 - HP)
HP Smart Web Printing (HKLM\...\{415CDA53-9100-476F-A7B2-476691E117C7}) (Version: 2.15.7.0 - Hewlett-Packard)
HP Solution Center 9.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 9.0 - HP)
HP Update (HKLM\...\{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}) (Version: 4.000.006.003 - Hewlett-Packard)
HPProductAssistant (Version: 90.0.146.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}) (Version: 2.2.0.0000 - Hewlett Packard Development Company L.P.)
HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.0.52.0 - HTC)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 4.3.0.5 - IObit)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{DF9C119C-7F26-45B9-93D4-7C372CBBBA11}) (Version: 11.1.0.126 - Apple Inc.)
Japanese Fonts Support For Adobe Reader X (HKLM\...\{AC76BA86-7AD7-5760-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Java 7 Update 9 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.9.1.129 - PandoraTV)
LG PC Suite (HKLM\...\LG PC Suite) (Version: 5.2.11.20121025 - LG Electronics)
LG United Mobile Drivers (HKLM\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware verze 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
MarketResearch (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.3.0 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 sk) (HKLM\...\Mozilla Thunderbird 38.2.0 (x86 sk)) (Version: 38.2.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Notepad++ (HKLM\...\Notepad++) (Version: 6.1.4 - )
NVIDIA Grafický ovládač 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 301.42 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
Opera Stable 31.0.1889.174 (HKLM\...\Opera 31.0.1889.174) (Version: 31.0.1889.174 - Opera Software)
Oracle VM VirtualBox 4.3.16 (HKLM\...\{346795FE-9B53-48C0-A8E7-CC54B7EF7C1F}) (Version: 4.3.16 - Oracle Corporation)
Ovládací panel NVIDIA 301.42 (Version: 301.42 - NVIDIA Corporation) Hidden
PSSWCORE (Version: 2.01.0000 - Hewlett-Packard) Hidden
QuickTime (HKLM\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Scan (Version: 9.0.0.0 - Hewlett-Packard) Hidden
Skype™ 6.18 (HKLM\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.18.105 - Skype Technologies S.A.)
SolutionCenter (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Sony PC Companion 2.10.079 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.079 - Sony)
Status (Version: 90.0.146.000 - Hewlett-Packard) Hidden
stunnel (HKLM\...\stunnel) (Version: - )
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Toolbox (Version: 90.0.146.000 - Hewlett-Packard) Hidden
TP-LINK Wireless Client Utility (HKLM\...\{7A2A107B-9695-423F-9462-8F17C178BD35}) (Version: 7.0 - TP-LINK)
TrayApp (Version: 90.0.146.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 9.0.0 - Hewlett-Packard) Hidden
VideoToolkit01 (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Vimicro USB2.0 UVC PC Camera (HKLM\...\{71A51A91-E7D3-11DB-A386-005056C00008}) (Version: 2009.03.18 - Vimicro Corporation)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Zoner Photo Studio 14 FREE (HKLM\...\ZonerPhotoStudio14_EN_is1) (Version: 14.0.1.4 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-620889938-3404297717-3700568068-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Milan\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-620889938-3404297717-3700568068-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Milan\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-620889938-3404297717-3700568068-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Milan\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-620889938-3404297717-3700568068-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Milan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

==================== Restore Points =========================

03-09-2015 11:34:00 Plánovaný kontrolný bod
04-09-2015 21:10:55 Plánovaný kontrolný bod
05-09-2015 16:11:36 Plánovaný kontrolný bod
07-09-2015 19:19:55 Plánovaný kontrolný bod
12-09-2015 10:18:21 Plánovaný kontrolný bod
14-09-2015 08:29:20 Plánovaný kontrolný bod

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2014-09-04 19:25 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {025CCDF6-211C-4114-BFEF-0636A82AF7C3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-620889938-3404297717-3700568068-1000Core => C:\Users\Milan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-17] (Facebook Inc.)
Task: {0A0C5133-F552-4E06-BF10-722C8907E271} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {11B9EA2A-CEEF-4990-98A6-8E7DCD419EF6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {2A7DC5AF-5D31-44A1-8233-A7E9A687D77F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {3E7E8EDC-1D6B-431F-AD96-DE7BF0619436} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-18] (Microsoft Corporation)
Task: {4F2C36B9-8767-4AF1-B2A9-0A6EC367930C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-620889938-3404297717-3700568068-1000UA => C:\Users\Milan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-17] (Facebook Inc.)
Task: {6D49C380-8ECD-43A9-BA2B-9A47268805EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {6F5A57B7-735D-40A5-A062-BC26037CF3AA} - System32\Tasks\Uninstaller_SkipUac_Milan => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-05-20] (IObit)
Task: {896B2E41-B8AD-4D21-9321-F6661C4BBF77} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {90C2956F-6EAA-46B5-8B89-6F60D9B5CFF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {BA609D34-C283-4976-B65D-93C21C35538B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-25] (AVAST Software)
Task: {F6CFB802-B75C-4E44-AD12-C3EA06FAB4E0} - System32\Tasks\Opera scheduled Autoupdate 1395752212 => C:\Program Files\Opera\launcher.exe [2015-08-17] (Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-620889938-3404297717-3700568068-1000Core.job => C:\Users\Milan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-620889938-3404297717-3700568068-1000UA.job => C:\Users\Milan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-06-19 15:38 - 2015-07-25 17:38 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-19 15:38 - 2015-07-25 17:38 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-14 10:50 - 2015-09-14 10:50 - 02962944 _____ () C:\Program Files\AVAST Software\Avast\defs\15091400\algo.dll
2012-06-24 18:36 - 2012-02-17 20:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00260096 _____ () C:\Program Files\Notepad++\NppShell_05.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-24 11:31 - 2014-03-24 11:31 - 00031080 _____ () C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll
2014-03-24 11:32 - 2014-03-24 11:32 - 00607376 _____ () C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll
2014-03-24 11:32 - 2014-03-24 11:32 - 00059752 _____ () C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll
2014-03-24 11:32 - 2014-03-24 11:32 - 00036216 _____ () C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-03-24 11:32 - 2014-03-24 11:32 - 00080248 _____ () C:\Program Files\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-03-24 11:34 - 2014-03-24 11:34 - 00129376 _____ () C:\Program Files\HTC\HTC Sync Manager\zlib1.dll
2014-03-24 11:36 - 2014-03-24 11:36 - 00223592 _____ () C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll
2013-01-08 17:34 - 2012-12-07 18:26 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2014-03-24 11:32 - 2014-03-24 11:32 - 00821600 _____ () C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
2015-06-19 15:38 - 2015-06-19 15:38 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-06-19 15:47 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2015-06-19 15:47 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2015-06-19 15:47 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl
2014-04-13 11:43 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Milan\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-13 11:43 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Milan\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Milan\Desktop\Edge-of-Tomorrow--(2014)--CZ-Dabing....avi:TOC.WMV
AlternateDataStreams: C:\Users\Milan\Downloads\ForwardedMessage (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\Milan\Downloads\ForwardedMessage.eml:OECustomProperty
AlternateDataStreams: C:\Users\Milan\Downloads\terypo1.avi:TOC.WMV

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-620889938-3404297717-3700568068-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: VMonitorVMUVC => "C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{E4B33DB3-877C-490A-AD68-26A8AE5CB868}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{CE4C1FA2-5435-4AFA-841C-0A50649C1752}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{B62596DC-0F40-431E-9086-C65B9E019492}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{A2D6BBB2-CC97-4381-BB14-B5C6A3F0475B}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{2965D29F-713B-430C-8456-22BC1C344ACB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{69FAA2EF-BEC7-459E-A813-0734F6DDE491}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6097A7C8-C4E5-4D68-8893-099A2EFA9BC1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7EAFE389-A1D0-441B-BD27-46986442342C}] => (Allow) C:\Users\Milan\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{3C1604DE-9BFF-4D70-B756-70DCCBC0C65D}] => (Allow) C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{6F859BE7-CC19-4065-BA93-4DAE8F2FE843}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{D22BDC01-F5DA-43EC-ADD7-53BE0E5A48F1}] => (Allow) LPort=80
FirewallRules: [{A1D43CBA-CA3F-4F1B-9090-48E3376D2181}] => (Allow) LPort=80
FirewallRules: [{D63B43B2-7B61-4B93-8B70-2E8799FC426A}] => (Allow) LPort=80
FirewallRules: [{064BD8E4-3853-4803-8985-C426583AE50B}] => (Allow) C:\Program Files\stunnel\stunnel.exe
FirewallRules: [{ABF7D2AF-668F-4EBC-8EFE-50CED94317AA}] => (Allow) C:\Program Files\stunnel\stunnel.exe
FirewallRules: [{13DB6017-7412-4EBF-9687-A26E06EA861C}] => (Allow) C:\Program Files\stunnel\tstunnel.exe
FirewallRules: [{18BB4D04-BD2A-49ED-A019-7E6898CA74EE}] => (Allow) C:\Program Files\stunnel\tstunnel.exe
FirewallRules: [{64ACDC12-BB6A-41E7-BA5F-AB289010381D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{164BF842-2050-421C-B6D7-36D1DFE06DE0}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{CDE71934-D79E-40C0-801C-A0B6ABDEE232}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (09/14/2015 02:38:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybová aplikácia WINWORD.EXE, verzia 12.0.4518.1014, časová značka 0x45428028, chybový modul hpz3r5ha.dll, verzia 61.71.246.0, časová značka 0x460a27bd, kód výnimky 0xc0000005, odstup chyby 0x000467e8,
identifikácia procesu 0x12a8, čas spustenia aplikácie 0xWINWORD.EXE0.

System errors:
=============
Error: (09/14/2015 04:45:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Media Player - služba zdieľania v sieti1300001Reštartovať službu

Error: (09/14/2015 04:45:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search1300001Reštartovať službu

Error: (09/14/2015 04:45:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Live ID Sign-in Assistant1100001Reštartovať službu

Error: (09/14/2015 04:45:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Internet Pass-Through Service110001Reštartovať službu

Error: (09/14/2015 04:45:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: HTCMonitorService1

Error: (09/14/2015 04:45:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Bonjour Service1

Error: (09/14/2015 04:45:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Apple Mobile Device1600001Reštartovať službu

Error: (09/14/2015 04:45:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Adobe Acrobat Update Service1

Error: (09/14/2015 04:45:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Print Spooler1600001Reštartovať službu

Error: (09/14/2015 04:45:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Software Licensing11200001Reštartovať službu

Microsoft Office:
=========================

CodeIntegrity:
===================================
Date: 2015-09-14 16:59:43.500
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-09-14 16:59:43.282
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-09-14 16:59:43.063
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-09-14 16:59:42.845
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-10 19:55:01.116
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-10 19:55:00.833
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-10 19:55:00.536
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-10 19:55:00.209
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-10 19:54:58.819
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-10 19:54:58.585
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 CPU 6320 @ 1.86GHz
Percentage of memory in use: 44%
Total physical RAM: 3006.43 MB
Available physical RAM: 1671.06 MB
Total Virtual: 6247.85 MB
Available Virtual: 4885.1 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:290.27 GB) (Free:58.92 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 1C194A3C)
Partition 1: (Active) - (Size=290.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7.8 GB) - (Type=27)

==================== End of Addition.txt ============================

#8 Příspěvek od **altrok** » 14 zář 2015 16:17

Odinstalujte starou a zranitelnou verzi javy. Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit. Verze Javy, ktere v PC mate nainstalovane:

Java 7 Update 9

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-620889938-3404297717-3700568068-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={AB3CF57F-18CB-4F89-AFEB-D9BCFB9D4C92}&mid=5cd5fd96f0e147d08424d152bafa7bb0-1cbcb01185aea9d9667f27038f8e5a8d2fcc9fb5&lang=sk&ds=AVG&coid=avgtbavg&cmpid=0415tb&pr=fr&d=2014-09-04 19:09:44&v=4.1.0.411&pid=wtu&sg=&sap=hp
CHR HomePage: Default -> hxxps://mysearch.avg.com?cid={AB3CF57F-18CB-4F89-AFEB-D9BCFB9D4C92}&mid=5cd5fd96f0e147d08424d152bafa7bb0-1cbcb01185aea9d9667f27038f8e5a8d2fcc9fb5&lang=sk&ds=AVG&coid=avgtbavg&pr=fr&d=2014-09-04 19:09:44&v=3.2.0.15&pid=wtu&sg=&sap=hp
CHR StartupUrls: Default -> "hxxps://mysearch.avg.com?cid={AB3CF57F-18CB-4F89-AFEB-D9BCFB9D4C92}&mid=5cd5fd96f0e147d08424d152bafa7bb0-1cbcb01185aea9d9667f27038f8e5a8d2fcc9fb5&lang=sk&ds=AVG&coid=avgtbavg&pr=fr&d=2014-09-04 19:09:44&v=3.2.0.15&pid=wtu&sg=&sap=hp"
2015-09-14 16:59 - 2015-09-14 16:59 - 00014538 _____ C:\Users\Milan\Desktop\FRST.txt
2015-09-14 16:43 - 2015-09-14 16:54 - 00000000 ____D C:\AdwCleaner
2015-09-13 19:27 - 2015-09-13 19:27 - 00000000 ____D C:\rsit
2015-09-13 19:40 - 2014-08-06 12:06 - 00000000 ____D C:\Program Files\trend micro
C:\Users\Milan\AppData\Local\temp
C:\Windows\Temp
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-620889938-3404297717-3700568068-1000Core.job => C:\Users\Milan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-620889938-3404297717-3700568068-1000UA.job => C:\Users\Milan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Users\Milan\Desktop\Edge-of-Tomorrow--(2014)--CZ-Dabing....avi:TOC.WMV
AlternateDataStreams: C:\Users\Milan\Downloads\terypo1.avi:TOC.WMV
Hosts:
End

superjano · #9 Příspěvek od **superjano** » 14 zář 2015 17:04

Fix result of Farbar Recovery Scan Tool (x86) Version:14-09-2015
Ran by Milan (2015-09-14 17:54:46) Run:1
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-620889938-3404297717-3700568068-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={AB3CF57F-18CB-4F89-AFEB-D9BCFB9D4C92}&mid=5cd5fd96f0e147d08424d152bafa7bb0-1cbcb01185aea9d9667f27038f8e5a8d2fcc9fb5&lang=sk&ds=AVG&coid=avgtbavg&cmpid=0415tb&pr=fr&d=2014-09-04 19:09:44&v=4.1.0.411&pid=wtu&sg=&sap=hp
CHR HomePage: Default -> hxxps://mysearch.avg.com?cid={AB3CF57F-18CB-4F89-AFEB-D9BCFB9D4C92}&mid=5cd5fd96f0e147d08424d152bafa7bb0-1cbcb01185aea9d9667f27038f8e5a8d2fcc9fb5&lang=sk&ds=AVG&coid=avgtbavg&pr=fr&d=2014-09-04 19:09:44&v=3.2.0.15&pid=wtu&sg=&sap=hp
CHR StartupUrls: Default -> "hxxps://mysearch.avg.com?cid={AB3CF57F-18CB-4F89-AFEB-D9BCFB9D4C92}&mid=5cd5fd96f0e147d08424d152bafa7bb0-1cbcb01185aea9d9667f27038f8e5a8d2fcc9fb5&lang=sk&ds=AVG&coid=avgtbavg&pr=fr&d=2014-09-04 19:09:44&v=3.2.0.15&pid=wtu&sg=&sap=hp"
2015-09-14 16:59 - 2015-09-14 16:59 - 00014538 _____ C:\Users\Milan\Desktop\FRST.txt
2015-09-14 16:43 - 2015-09-14 16:54 - 00000000 ____D C:\AdwCleaner
2015-09-13 19:27 - 2015-09-13 19:27 - 00000000 ____D C:\rsit
2015-09-13 19:40 - 2014-08-06 12:06 - 00000000 ____D C:\Program Files\trend micro
C:\Users\Milan\AppData\Local\temp
C:\Windows\Temp
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-620889938-3404297717-3700568068-1000Core.job => C:\Users\Milan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-620889938-3404297717-3700568068-1000UA.job => C:\Users\Milan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Users\Milan\Desktop\Edge-of-Tomorrow--(2014)--CZ-Dabing....avi:TOC.WMV
AlternateDataStreams: C:\Users\Milan\Downloads\terypo1.avi:TOC.WMV
Hosts:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-620889938-3404297717-3700568068-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
Chrome HomePage removed successfully.
Chrome StartupUrls removed successfully.
C:\Users\Milan\Desktop\FRST.txt => moved successfully
C:\AdwCleaner => moved successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully

"C:\Users\Milan\AppData\Local\temp" folder move:

Could not move "C:\Users\Milan\AppData\Local\temp" => Scheduled to move on reboot.

"C:\Windows\Temp" folder move:

Could not move "C:\Windows\Temp" => Scheduled to move on reboot.

C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => moved successfully
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-620889938-3404297717-3700568068-1000Core.job => moved successfully
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-620889938-3404297717-3700568068-1000UA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Users\Milan\Desktop\Edge-of-Tomorrow--(2014)--CZ-Dabing....avi => ":TOC.WMV" ADS removed successfully..
C:\Users\Milan\Downloads\terypo1.avi => ":TOC.WMV" ADS removed successfully..
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-09-14 17:59:05)<=

"C:\Users\Milan\AppData\Local\temp" => Could not move
"C:\Windows\Temp" => Could not move

==== End of Fixlog 17:59:06 ====

#10 Příspěvek od **altrok** » 14 zář 2015 17:10

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

superjano · #11 Příspěvek od **superjano** » 14 zář 2015 18:48

DAKUJEM.

#12 Příspěvek od **altrok** » 14 zář 2015 18:53

Nemate zac, rad jsem pomohl

Mejte se krasne a treba zase nekdy

VIRY.CZ

Prosim o kontrolu

Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu