VIRY.CZ

po dobehnuti combofixu mi naskocily tyto Hlasky:
1.
UNABLE TO CREATE BACKUP OF THE CURRENT REGISTRY FILE
c:\WINDOWS\SYSTEM32\CONFIG\SYSTEM!
CONTINUE RESTORATIONOF THIS FILE?
ANO -- NE

DAL JSEM ANO

A NASKOCILO TOTO:

ERROR RESTORING
c:\WINDOWS\ERDNT\SUBS\SZSTEM
TO
C>\WINDOWS\SYSTEM32\CONFIG\SYSTEM!

CONTINUE WITH THE NEXT FILE?

[REGREPLACEKEZ 5 - PRISTUP BYL ODEPREN]

ANO -- NE

SLO DAT JEN NE

nasledne byl restart a tady je log:

ComboFix 15-01-08.01 - Tepan 08.01.2015 16:56:29.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2383 [GMT 1:00]
Spuštěný z: c:\users\Tepan\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Outdated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Outdated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\yYD37xj8ML.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\C4d7m.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\A.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\yYD37xj8ML.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\C4d7m.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\A.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\C4d7m.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\manifest.json
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\manifest.json
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\yYD37xj8ML.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\C4d7m.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\manifest.json
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\A.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\yYD37xj8ML.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\C4d7m.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\A.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\C4d7m.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\yYD37xj8ML.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\C4d7m.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\A.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\yYD37xj8ML.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\C4d7m.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\A.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\C4d7m.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\manifest.json
c:\users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg
c:\users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\background.html
c:\users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\content.js
c:\users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\lsdb.js
c:\users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\manifest.json
c:\users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\yYD37xj8ML.js
c:\users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha
c:\users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc
c:\users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\A.js
c:\users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\background.html
c:\users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\content.js
c:\users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\lsdb.js
c:\users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\manifest.json
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\background.html
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\content.js
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\lsdb.js
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\manifest.json
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjhaajeidpjjfheegpelidmhfnamhbgg\2.0\yYD37xj8ML.js
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\background.html
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\C4d7m.js
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\content.js
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\lsdb.js
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipopodflddngcbmefgnnmfggjpknepha\197\manifest.json
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\A.js
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\background.html
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\content.js
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\lsdb.js
c:\users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obfjljdahkodhlahaklogpoilagmjflc\2.0\manifest.json
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NETHFDRV
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-08 do 2015-01-08 )))))))))))))))))))))))))))))))
.
.
2015-01-08 16:11 . 2015-01-08 16:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-06 23:56 . 2015-01-07 00:45 -------- d-----w- C:\divoke
2015-01-06 15:18 . 2015-01-08 04:15 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-06 15:18 . 2015-01-06 15:18 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-01-06 15:18 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-01-06 15:18 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-06 15:18 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-01-06 12:47 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FA536F55-D4F0-47EB-B2F5-E962FCCA1B36}\mpengine.dll
2015-01-05 21:42 . 2015-01-05 21:43 -------- d-----w- c:\program files\trend micro
2015-01-05 21:42 . 2015-01-05 21:43 -------- d-----w- C:\rsit
2015-01-01 11:52 . 2015-01-01 11:52 -------- d-----w- c:\windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2015-01-01 11:50 . 2015-01-01 11:50 -------- d-----w- c:\programdata\THQ
2014-12-30 11:03 . 2014-12-30 11:03 -------- d-----w- c:\windows\system32\vbox
2014-12-30 11:03 . 2014-12-30 11:03 -------- d-----w- c:\windows\SysWow64\vbox
2014-12-30 10:46 . 2015-01-06 15:03 -------- d-----w- C:\AdwCleaner
2014-12-29 10:03 . 2014-12-29 10:03 -------- d-----w- c:\program files (x86)\Winamax Poker
2014-12-28 19:40 . 2014-12-28 19:40 -------- d-----w- c:\program files\Defraggler
2014-12-28 13:05 . 2014-12-28 13:05 -------- d-----w- c:\windows\027B5748C40941FE949B7B81A8304EF4.TMP
2014-12-28 11:44 . 2014-12-28 20:27 -------- d-----w- C:\FRST
2014-12-26 10:01 . 2014-12-26 10:01 -------- d-----w- c:\windows\Hewlett-Packard
2014-12-20 09:56 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-20 09:56 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-17 08:38 . 2014-12-17 08:38 -------- d-----w- c:\users\Tepan\AppData\Local\Full Tilt Poker
2014-12-15 07:27 . 2014-12-19 06:45 -------- d-----w- c:\program files (x86)\Winstep
2014-12-15 07:27 . 2008-02-05 13:36 798208 ----a-w- c:\windows\SysWow64\NextControls.ocx
2014-12-15 07:27 . 2000-05-22 15:58 608448 ----a-w- c:\windows\SysWow64\comctl32.ocx
2014-12-15 07:27 . 1997-07-19 14:55 1347344 ----a-w- c:\windows\SysWow64\msvbvm50.dll
2014-12-15 00:12 . 2014-12-15 00:12 -------- d-----w- c:\users\Tepan\AppData\Local\Thunderbird
2014-12-15 00:12 . 2014-12-15 00:12 -------- d-----w- c:\users\Tepan\AppData\Roaming\Thunderbird
2014-12-15 00:12 . 2014-12-15 00:12 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2014-12-11 23:39 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
2014-12-11 23:39 . 2014-07-07 02:06 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-11 23:39 . 2014-07-07 02:06 24576 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-11 23:39 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-11 23:39 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2014-12-11 23:39 . 2014-07-07 01:39 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2014-12-11 23:39 . 2014-07-07 01:39 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2014-12-11 23:39 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2014-12-11 23:39 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-11 23:39 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-11 23:33 . 2014-11-27 01:43 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-12-11 23:31 . 2014-11-08 03:16 2048 ----a-w- c:\windows\system32\tzres.dll
2014-12-11 23:31 . 2014-11-08 02:45 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-12-10 20:00 . 2014-12-11 23:58 -------- d-----w- c:\users\Tepan\AppData\Local\Kesemoholdings_Limited
2014-12-10 19:59 . 2015-01-06 21:26 -------- d-----w- c:\programdata\NetBetCoach
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-15 06:52 . 2013-01-16 13:40 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-15 06:52 . 2013-01-16 13:40 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-11 23:45 . 2013-01-16 14:32 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-11-24 13:04 . 2013-01-16 13:02 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-21 23:06 . 2014-07-19 17:18 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-19 03:26 . 2014-11-19 03:26 1614504 ----a-w- c:\windows\system32\FM20.DLL
2014-11-13 23:04 . 2014-07-19 17:18 116728 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-13 23:04 . 2014-07-19 17:18 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-13 23:04 . 2014-07-19 17:18 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-13 23:04 . 2014-07-19 17:18 436624 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-13 23:04 . 2014-07-19 17:18 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-13 23:04 . 2014-11-13 23:04 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-13 23:04 . 2014-07-19 17:25 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-13 23:04 . 2014-07-19 17:18 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-13 23:04 . 2014-11-13 23:04 43152 ----a-w- c:\windows\avastSS.scr
2014-11-13 23:03 . 2014-07-19 17:18 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-11-13 23:03 . 2014-11-13 23:03 449936 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2014-11-11 03:08 . 2014-11-20 11:28 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-20 11:28 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-20 11:28 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-20 11:28 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-06 05:42 . 2014-11-06 05:42 341848 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
2014-10-30 02:03 . 2014-12-11 23:34 165888 ----a-w- c:\windows\system32\charmap.exe
2014-10-25 01:57 . 2014-11-17 18:50 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-17 18:50 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-17 18:46 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-17 18:46 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-17 18:50 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-17 18:50 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-17 18:47 3241984 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-17 18:50 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-17 18:50 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-17 18:50 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-17 18:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-17 18:47 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-17 18:50 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-17 18:50 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-17 18:50 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\Tepan\AppData\Roaming\uTorrent\uTorrent.exe" [2014-11-26 1385808]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"DelReg"="c:\program files (x86)\MSI\DualCoreCenter\DelReg.exe" [2008-05-13 196608]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-12-12 5227112]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"DivXMediaServer"=c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys;c:\windows\SYSNATIVE\DRIVERS\ENTECH64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\DRIVERS\LVUSBS64.sys;c:\windows\SYSNATIVE\DRIVERS\LVUSBS64.sys [x]
R3 LVUVC64;Logitech QuickCam S5500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 NTIOLib_1_0_6;NTIOLib_1_0_6;c:\program files (x86)\Setup Files\Ms7529v470\NTIOLib_X64.sys;c:\program files (x86)\Setup Files\Ms7529v470\NTIOLib_X64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-16 06:52]
.
2014-12-28 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\programdata\HP Photo Creations\Communicator.exe [2011-02-21 10:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-13 23:04 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-09-09 12856936]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://seznam.cz/
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = https://www.seznam.cz/?clid=22668
IE: Download all with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Stáhnout FDM - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Stáhnout video FDM - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané FDM - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Stáhnout vše FDM - file://c:\program files (x86)\Free Download Manager\dlall.htm
TCP: DhcpNameServer = 213.46.172.37 213.46.172.36
FF - ProfilePath - c:\users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-System-boot - c:\windows\inf\SYSTEM-x32.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Mafia Game - c:\windows\system32\MafiaSetup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2015-01-08 18:35:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-08 17:35
.
Před spuštěním: Volných bajtů: 11 347 300 352
Po spuštění: Volných bajtů: 10 771 656 704
.
- - End Of File - - 6554114AE697F8B16846791F4D7CA79F
A36C5E4F47E84449FF07ED3517B43A31

Vypnete trvale Windows Defender.


Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

ComboFix 15-01-08.01 - Tepan 08.01.2015 22:48:28.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2686 [GMT 1:00]
Spuštěný z: c:\users\Tepan\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tepan\Desktop\CFScript .txt
AV: avast! Antivirus *Disabled/Outdated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Outdated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\027B5748C40941FE949B7B81A8304EF4.TMP"
"c:\windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP"
"c:\windows\system32\drivers\avgtpx64.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AVGTP
-------\Service_avgtp
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-08 do 2015-01-08 )))))))))))))))))))))))))))))))
.
.
2015-01-08 22:02 . 2015-01-08 22:02 -------- d-----w- c:\users\HomeGroupUser$\AppData\Local\temp
2015-01-08 22:02 . 2015-01-08 22:02 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-01-08 22:02 . 2015-01-08 22:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-06 23:56 . 2015-01-07 00:45 -------- d-----w- C:\divoke
2015-01-06 15:18 . 2015-01-08 04:15 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-06 15:18 . 2015-01-06 15:18 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-01-06 15:18 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-01-06 15:18 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-06 15:18 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-01-06 12:47 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FA536F55-D4F0-47EB-B2F5-E962FCCA1B36}\mpengine.dll
2015-01-05 21:42 . 2015-01-05 21:43 -------- d-----w- c:\program files\trend micro
2015-01-05 21:42 . 2015-01-05 21:43 -------- d-----w- C:\rsit
2015-01-01 11:52 . 2015-01-01 11:52 -------- d-----w- c:\windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2015-01-01 11:50 . 2015-01-01 11:50 -------- d-----w- c:\programdata\THQ
2014-12-30 11:03 . 2014-12-30 11:03 -------- d-----w- c:\windows\system32\vbox
2014-12-30 11:03 . 2014-12-30 11:03 -------- d-----w- c:\windows\SysWow64\vbox
2014-12-30 10:46 . 2015-01-06 15:03 -------- d-----w- C:\AdwCleaner
2014-12-29 10:03 . 2014-12-29 10:03 -------- d-----w- c:\program files (x86)\Winamax Poker
2014-12-28 19:40 . 2014-12-28 19:40 -------- d-----w- c:\program files\Defraggler
2014-12-28 13:05 . 2014-12-28 13:05 -------- d-----w- c:\windows\027B5748C40941FE949B7B81A8304EF4.TMP
2014-12-28 11:44 . 2014-12-28 20:27 -------- d-----w- C:\FRST
2014-12-26 10:01 . 2014-12-26 10:01 -------- d-----w- c:\windows\Hewlett-Packard
2014-12-20 09:56 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-20 09:56 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-17 08:38 . 2014-12-17 08:38 -------- d-----w- c:\users\Tepan\AppData\Local\Full Tilt Poker
2014-12-15 07:27 . 2014-12-19 06:45 -------- d-----w- c:\program files (x86)\Winstep
2014-12-15 07:27 . 2008-02-05 13:36 798208 ----a-w- c:\windows\SysWow64\NextControls.ocx
2014-12-15 07:27 . 2000-05-22 15:58 608448 ----a-w- c:\windows\SysWow64\comctl32.ocx
2014-12-15 07:27 . 1997-07-19 14:55 1347344 ----a-w- c:\windows\SysWow64\msvbvm50.dll
2014-12-15 00:12 . 2014-12-15 00:12 -------- d-----w- c:\users\Tepan\AppData\Local\Thunderbird
2014-12-15 00:12 . 2014-12-15 00:12 -------- d-----w- c:\users\Tepan\AppData\Roaming\Thunderbird
2014-12-15 00:12 . 2014-12-15 00:12 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2014-12-11 23:39 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
2014-12-11 23:39 . 2014-07-07 02:06 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-11 23:39 . 2014-07-07 02:06 24576 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-11 23:39 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-11 23:39 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2014-12-11 23:39 . 2014-07-07 01:39 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2014-12-11 23:39 . 2014-07-07 01:39 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2014-12-11 23:39 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2014-12-11 23:39 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-11 23:39 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-11 23:33 . 2014-11-27 01:43 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-12-11 23:31 . 2014-11-08 03:16 2048 ----a-w- c:\windows\system32\tzres.dll
2014-12-11 23:31 . 2014-11-08 02:45 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-12-10 20:00 . 2014-12-11 23:58 -------- d-----w- c:\users\Tepan\AppData\Local\Kesemoholdings_Limited
2014-12-10 19:59 . 2015-01-06 21:26 -------- d-----w- c:\programdata\NetBetCoach
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-15 06:52 . 2013-01-16 13:40 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-15 06:52 . 2013-01-16 13:40 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-11 23:45 . 2013-01-16 14:32 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-11-24 13:04 . 2013-01-16 13:02 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-21 23:06 . 2014-07-19 17:18 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-19 03:26 . 2014-11-19 03:26 1614504 ----a-w- c:\windows\system32\FM20.DLL
2014-11-13 23:04 . 2014-07-19 17:18 116728 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-13 23:04 . 2014-07-19 17:18 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-13 23:04 . 2014-07-19 17:18 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-13 23:04 . 2014-07-19 17:18 436624 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-13 23:04 . 2014-07-19 17:18 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-13 23:04 . 2014-11-13 23:04 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-13 23:04 . 2014-07-19 17:25 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-13 23:04 . 2014-07-19 17:18 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-13 23:04 . 2014-11-13 23:04 43152 ----a-w- c:\windows\avastSS.scr
2014-11-13 23:03 . 2014-07-19 17:18 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-11-13 23:03 . 2014-11-13 23:03 449936 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2014-11-11 03:08 . 2014-11-20 11:28 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-20 11:28 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-20 11:28 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-20 11:28 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-06 05:42 . 2014-11-06 05:42 341848 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
2014-10-30 02:03 . 2014-12-11 23:34 165888 ----a-w- c:\windows\system32\charmap.exe
2014-10-25 01:57 . 2014-11-17 18:50 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-17 18:50 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-17 18:46 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-17 18:46 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-17 18:50 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-17 18:50 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-17 18:47 3241984 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-17 18:50 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-17 18:50 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-17 18:50 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-17 18:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-17 18:47 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-17 18:50 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-17 18:50 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-17 18:50 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"DelReg"="c:\program files (x86)\MSI\DualCoreCenter\DelReg.exe" [2008-05-13 196608]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-12-12 5227112]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"DivXMediaServer"=c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys;c:\windows\SYSNATIVE\DRIVERS\ENTECH64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\DRIVERS\LVUSBS64.sys;c:\windows\SYSNATIVE\DRIVERS\LVUSBS64.sys [x]
R3 LVUVC64;Logitech QuickCam S5500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 NTIOLib_1_0_6;NTIOLib_1_0_6;c:\program files (x86)\Setup Files\Ms7529v470\NTIOLib_X64.sys;c:\program files (x86)\Setup Files\Ms7529v470\NTIOLib_X64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-16 06:52]
.
2015-01-08 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\programdata\HP Photo Creations\Communicator.exe [2011-02-21 10:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-13 23:04 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-09-09 12856936]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://seznam.cz/
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = https://www.seznam.cz/?clid=22668
IE: Download all with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Stáhnout FDM - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Stáhnout video FDM - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané FDM - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Stáhnout vše FDM - file://c:\program files (x86)\Free Download Manager\dlall.htm
TCP: DhcpNameServer = 213.46.172.37 213.46.172.36
FF - ProfilePath - c:\users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Mafia Game - c:\windows\system32\MafiaSetup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2015-01-08 23:23:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-08 22:23
ComboFix2.txt 2015-01-08 17:35
.
Před spuštěním: 9 031 233 536
Po spuštění: 8 463 499 264
.
- - End Of File - - B430B7B7E727113D39FA30231B736739
A36C5E4F47E84449FF07ED3517B43A31

Zkontrolujte, zda je Avast aktualizovany. ComboFix pise, ze ne, tak to radeji overte.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

avast neni aktualizovanybudu ho aktualizovat az ho zapnu...kvuli combofix jsem ho vypnul

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Tepan (administrator) on TEPAN-PC on 09-01-2015 00:25:59
Running from C:\Users\Tepan\Desktop
Loaded Profile: Tepan (Available profiles: Tepan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Full Tilt Poker\FullTiltPoker.exe
() C:\Program Files (x86)\Full Tilt Poker\xc\xc.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
(forum.viry.cz) C:\Users\Tepan\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12856936 2011-09-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DelReg] => C:\Program Files (x86)\MSI\DualCoreCenter\DelReg.exe [196608 2008-05-13] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1029120089-3632672932-3177029402-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1029120089-3632672932-3177029402-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-1029120089-3632672932-3177029402-1001 -> {571C39B2-9A29-4CD2-AEC2-16080D27FC11} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1029120089-3632672932-3177029402-1001 -> {86EAA69F-40B1-41DD-BE17-071BD7007B13} URL = http://www.firmy.cz/phr/{searchTerms}?s ... arch_12454
SearchScopes: HKU\S-1-5-21-1029120089-3632672932-3177029402-1001 -> {B56E4805-7DB2-4C57-92ED-46422E39B760} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1029120089-3632672932-3177029402-1001 -> {BC19EC76-206B-4A9A-911C-1CF0DFA500F7} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12454
SearchScopes: HKU\S-1-5-21-1029120089-3632672932-3177029402-1001 -> {D7EF919B-153E-41DF-8990-28886A462074} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKU\S-1-5-21-1029120089-3632672932-3177029402-1001 -> {EA30FEDD-ED27-4392-B51D-BA331F1DE906} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36

FireFox:
========
FF ProfilePath: C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1029120089-3632672932-3177029402-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Adblock Plus - C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-19]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-07-28]
FF HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: Free Download Manager plugin - C:\ProgramData\Free Download Manager\Firefox\Extensions\1.6.0.8 [2014-10-05]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-14] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-14] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-14] (Avast Software)
S4 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-04-15] ()
S4 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S2 HPSLPSVC; C:\Users\Tepan\AppData\Local\Temp\7zS3FA8\hpslpsvc64.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-14] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-14] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-11-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-14] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-08-14] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-01] (Disc Soft Ltd)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-08-14] ()
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7529v470\NTIOLib_X64.sys [11888 2011-01-06] (MSI) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-10-01] (Duplex Secure Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-14] (Avast Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-09 00:25 - 2015-01-09 00:26 - 00014420 _____ () C:\Users\Tepan\Desktop\FRST.txt
2015-01-09 00:24 - 2015-01-09 00:22 - 00112640 _____ (forum.viry.cz) C:\Users\Tepan\Desktop\FRSTLauncher.exe
2015-01-09 00:22 - 2015-01-09 00:22 - 02124288 _____ (Farbar) C:\Users\Tepan\Desktop\FRST64.exe
2015-01-08 23:23 - 2015-01-08 23:23 - 00018385 _____ () C:\ComboFix.txt
2015-01-08 22:38 - 2015-01-08 22:38 - 00003658 _____ () C:\Users\Tepan\Documents\CFScript .txt
2015-01-08 16:52 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-08 16:52 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-08 16:52 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-08 16:52 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-08 16:52 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-08 16:52 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-08 16:52 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-08 16:52 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-08 16:51 - 2015-01-08 23:23 - 00000000 ____D () C:\Qoobox
2015-01-08 16:50 - 2015-01-08 23:02 - 00000000 ____D () C:\Windows\erdnt
2015-01-08 16:50 - 2015-01-08 16:50 - 05609736 ____R (Swearware) C:\Users\Tepan\Desktop\ComboFix.exe
2015-01-08 11:00 - 2015-01-08 11:00 - 00001131 _____ () C:\MBAM 2.txt
2015-01-07 00:56 - 2015-01-07 01:45 - 00000000 ____D () C:\divoke
2015-01-06 19:06 - 2015-01-06 19:06 - 00004665 _____ () C:\MBAM.txt
2015-01-06 16:18 - 2015-01-08 05:15 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-06 16:18 - 2015-01-06 16:18 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-06 16:18 - 2015-01-06 16:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-06 16:18 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-06 16:18 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-06 16:18 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-06 16:10 - 2015-01-06 16:10 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Tepan\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-06 15:51 - 2015-01-06 15:51 - 02173952 _____ () C:\Users\Tepan\Desktop\adwcleaner_4.106.exe
2015-01-05 22:42 - 2015-01-05 22:43 - 00000000 ____D () C:\rsit
2015-01-05 22:42 - 2015-01-05 22:43 - 00000000 ____D () C:\Program Files\trend micro
2015-01-02 12:30 - 2008-02-27 02:34 - 27481860 _____ (Kaos Studios) C:\Users\Tepan\Desktop\FFOW.exe
2015-01-01 12:52 - 2015-01-01 12:52 - 00041353 _____ () C:\Windows\DirectX.log
2015-01-01 12:52 - 2015-01-01 12:52 - 00000000 ____D () C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2015-01-01 12:50 - 2015-01-01 12:50 - 00000000 ____D () C:\ProgramData\THQ
2015-01-01 11:37 - 2015-01-01 11:37 - 00000197 _____ () C:\Windows\system32\2015-01-01-10-37-23.068-AvastVBoxSVC.exe-1672.log
2014-12-31 17:51 - 2014-12-31 17:51 - 00000197 _____ () C:\Windows\system32\2014-12-31-16-51-54.020-AvastVBoxSVC.exe-3008.log
2014-12-31 17:36 - 2014-12-31 17:36 - 00000197 _____ () C:\Windows\system32\2014-12-31-16-36-05.091-AvastVBoxSVC.exe-3044.log
2014-12-31 17:29 - 2014-12-31 17:29 - 00000197 _____ () C:\Windows\system32\2014-12-31-16-29-48.030-AvastVBoxSVC.exe-2600.log
2014-12-31 17:11 - 2014-12-31 17:11 - 00000197 _____ () C:\Windows\system32\2014-12-31-16-11-06.059-AvastVBoxSVC.exe-2932.log
2014-12-31 15:53 - 2014-12-31 15:53 - 00000197 _____ () C:\Windows\system32\2014-12-31-14-53-10.088-AvastVBoxSVC.exe-3008.log
2014-12-31 11:07 - 2014-12-31 11:07 - 00000197 _____ () C:\Windows\system32\2014-12-31-10-07-35.039-AvastVBoxSVC.exe-2836.log
2014-12-30 12:13 - 2014-12-30 12:13 - 00000247 _____ () C:\Windows\system32\2014-12-30-11-13-01.083-aswFe.exe-348.log
2014-12-30 12:08 - 2014-12-30 12:12 - 00000247 _____ () C:\Windows\system32\2014-12-30-11-08-52.098-aswFe.exe-1632.log
2014-12-30 12:08 - 2014-12-30 12:08 - 00000197 _____ () C:\Windows\system32\2014-12-30-11-08-49.098-AvastVBoxSVC.exe-3440.log
2014-12-30 12:03 - 2014-12-30 12:03 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-30 12:03 - 2014-12-30 12:03 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-30 11:59 - 2015-01-08 23:17 - 00000784 _____ () C:\Windows\setupact.log
2014-12-30 11:59 - 2015-01-08 23:16 - 00008958 _____ () C:\Windows\PFRO.log
2014-12-30 11:59 - 2014-12-30 11:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-30 11:46 - 2015-01-06 16:03 - 00000000 ____D () C:\AdwCleaner
2014-12-29 11:03 - 2014-12-29 11:03 - 00000000 ____D () C:\Program Files (x86)\Winamax Poker
2014-12-28 21:27 - 2014-12-28 21:27 - 00000409 _____ () C:\DelFix.txt
2014-12-28 20:40 - 2014-12-28 20:40 - 00000000 ____D () C:\Program Files\Defraggler
2014-12-28 16:52 - 2014-12-28 16:57 - 00000000 ____D () C:\Windows\pss
2014-12-28 14:05 - 2014-12-28 14:05 - 00000000 ____D () C:\Windows\027B5748C40941FE949B7B81A8304EF4.TMP
2014-12-28 12:44 - 2015-01-09 00:26 - 00000000 ____D () C:\FRST
2014-12-26 11:01 - 2014-12-26 11:01 - 00000000 ____D () C:\Windows\Hewlett-Packard
2014-12-26 10:46 - 2014-12-26 10:46 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-26 00:52 - 2014-12-26 00:52 - 00007664 _____ () C:\Users\Tepan\AppData\Local\Resmon.ResmonCfg
2014-12-20 10:56 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-20 10:56 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 09:38 - 2014-12-17 09:38 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Full Tilt Poker
2014-12-15 08:27 - 2014-12-19 07:45 - 00000000 ____D () C:\Program Files (x86)\Winstep
2014-12-15 08:27 - 2014-12-15 08:27 - 00001008 _____ () C:\Users\Tepan\Documents\Winstep.lnk
2014-12-15 08:27 - 2014-12-15 08:27 - 00000943 _____ () C:\Users\Tepan\Desktop\Nexus.lnk
2014-12-15 08:27 - 2014-12-15 08:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winstep
2014-12-15 08:27 - 2008-02-05 14:36 - 00798208 _____ (Winstep Software Technologies) C:\Windows\SysWOW64\NextControls.ocx
2014-12-15 08:27 - 2000-05-22 16:58 - 00608448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2014-12-15 08:27 - 1997-07-19 15:55 - 01347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2014-12-15 01:12 - 2014-12-15 01:12 - 00002062 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-12-15 01:12 - 2014-12-15 01:12 - 00002050 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-12-15 01:12 - 2014-12-15 01:12 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Thunderbird
2014-12-15 01:12 - 2014-12-15 01:12 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Thunderbird
2014-12-15 01:12 - 2014-12-15 01:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-12-14 00:36 - 2014-12-14 00:37 - 00000701 _____ () C:\Users\Tepan\Desktop\Nový textový dokument (2).txt
2014-12-12 00:39 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 00:39 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 00:39 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-12 00:39 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-12 00:39 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-12 00:39 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-12 00:39 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-12 00:39 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-12 00:39 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-12 00:39 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-12 00:34 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-12 00:34 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-12 00:34 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-12 00:34 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-12 00:34 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-12 00:34 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-12 00:34 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-12 00:34 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-12 00:34 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-12 00:34 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-12 00:34 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-12 00:34 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-12 00:34 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-12 00:34 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-12 00:34 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-12 00:34 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-12 00:34 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-12 00:34 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-12 00:33 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-12 00:33 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-12 00:33 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-12 00:33 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-12 00:33 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-12 00:33 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-12 00:33 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-12 00:33 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-12 00:33 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-12 00:33 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-12 00:33 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-12 00:33 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-12 00:33 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-12 00:33 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-12 00:33 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-12 00:33 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-12 00:33 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-12 00:33 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-12 00:33 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-12 00:33 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-12 00:33 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-12 00:33 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-12 00:33 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-12 00:33 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-12 00:33 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-12 00:33 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-12 00:33 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-12 00:33 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 00:33 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-12 00:33 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-12 00:33 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-12 00:33 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-12 00:33 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 00:33 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-12 00:33 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-12 00:33 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-12 00:33 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-12 00:33 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-12 00:33 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-12 00:33 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-12 00:33 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 00:33 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-12 00:33 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 00:33 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-12 00:33 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-12 00:33 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 00:33 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-12 00:33 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-12 00:33 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-12 00:33 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-12 00:33 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-12 00:31 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-12 00:31 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 04:35 - 2014-12-11 04:35 - 00000746 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dafa Poker.lnk
2014-12-10 21:00 - 2014-12-12 00:58 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Kesemoholdings_Limited
2014-12-10 21:00 - 2014-12-10 21:00 - 00000124 _____ () C:\Users\Tepan\AppData\Local\NetBetCoach_SettingsPath.txt
2014-12-10 20:59 - 2015-01-06 22:26 - 00000000 ____D () C:\ProgramData\NetBetCoach

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-09 00:23 - 2014-02-10 00:24 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Free Download Manager
2015-01-09 00:12 - 2013-03-12 03:07 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2A515284-680A-45EA-B4C4-72FAA57CC791}
2015-01-08 23:56 - 2014-07-28 11:51 - 00000338 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-01-08 23:40 - 2014-08-17 18:28 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-08 23:25 - 2009-07-14 05:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-08 23:25 - 2009-07-14 05:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-08 23:22 - 2013-01-16 13:36 - 02011086 _____ () C:\Windows\WindowsUpdate.log
2015-01-08 23:17 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-08 23:17 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-08 21:45 - 2013-12-07 15:30 - 00000000 ____D () C:\Users\Tepan\AppData\Local\FullTiltPoker
2015-01-08 21:45 - 2013-12-07 15:30 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker
2015-01-08 21:12 - 2013-06-30 11:18 - 00000000 ____D () C:\Users\Tepan\AppData\Local\PokerStars
2015-01-08 18:35 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-08 09:20 - 2013-01-16 19:32 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\vlc
2015-01-08 07:25 - 2013-01-16 16:21 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\uTorrent
2015-01-08 04:49 - 2013-01-16 21:44 - 00000000 ____D () C:\Windows\Minidump
2015-01-07 01:33 - 2014-05-13 03:22 - 00000102 _____ () C:\Users\Tepan\AppData\default.pls
2015-01-06 18:17 - 2014-01-26 10:59 - 00000000 ____D () C:\Users\Tepan\Documents\888poker
2015-01-06 16:14 - 2014-07-29 00:18 - 00000000 ____D () C:\Users\Tepan\Desktop\Ochrana pocitace
2015-01-05 21:34 - 2014-08-13 18:19 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Winner Poker
2015-01-03 12:26 - 2014-08-02 13:31 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\DivX
2015-01-02 12:13 - 2013-01-16 16:33 - 00000000 ____D () C:\Hry
2015-01-02 02:56 - 2014-12-02 23:17 - 00000000 ____D () C:\Program Files (x86)\Poker MIRA
2015-01-01 18:22 - 2014-07-07 22:00 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microgaming
2015-01-01 16:20 - 2014-02-25 11:58 - 00000000 ____D () C:\Users\Tepan\AppData\Local\CrashDumps
2015-01-01 13:10 - 2014-08-15 11:14 - 00000000 ____D () C:\Users\Tepan\Documents\My Games
2015-01-01 12:50 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-01 12:33 - 2013-01-16 14:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-01 12:27 - 2013-01-16 15:50 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\DAEMON Tools Lite
2014-12-31 17:02 - 2013-01-16 13:48 - 00000000 ____D () C:\Users\Tepan\AppData\Local\VirtualStore
2014-12-31 10:36 - 2014-09-25 03:47 - 00000000 ____D () C:\Users\Tepan\AppData\Local\NetBet Poker
2014-12-29 11:03 - 2014-07-21 09:35 - 00000893 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamax Poker.lnk
2014-12-28 23:31 - 2014-06-22 10:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-28 23:29 - 2014-07-29 00:17 - 00000000 ____D () C:\Users\Tepan\Desktop\Hry
2014-12-28 22:01 - 2014-07-29 00:20 - 00000000 ___RD () C:\Users\Tepan\Desktop\Poker
2014-12-28 21:03 - 2014-07-28 10:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-12-28 21:03 - 2014-07-28 10:33 - 00000000 ____D () C:\Program Files (x86)\HP
2014-12-28 21:03 - 2014-07-28 10:32 - 00002240 _____ () C:\ProgramData\hpzinstall.log
2014-12-28 20:04 - 2014-01-10 03:51 - 00000000 ____D () C:\Poker
2014-12-28 20:02 - 2014-08-02 16:12 - 00000000 ____D () C:\ProgramData\Freemake
2014-12-28 16:43 - 2014-11-14 00:06 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-28 16:25 - 2014-07-17 04:12 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-28 16:19 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-28 14:14 - 2014-08-16 03:18 - 00000000 ____D () C:\Users\Public\Documents\Winstep
2014-12-28 14:08 - 2014-07-28 10:36 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\HpUpdate
2014-12-26 18:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-26 01:36 - 2013-03-08 12:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-26 00:21 - 2013-06-25 00:56 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2013
2014-12-26 00:19 - 2014-07-29 09:01 - 00003676 _____ () C:\Windows\System32\Tasks\HP online update program
2014-12-26 00:19 - 2014-07-28 11:51 - 00003346 _____ () C:\Windows\System32\Tasks\HP Photo Creations Communicator
2014-12-26 00:15 - 2013-01-31 22:32 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-12-24 17:33 - 2009-07-14 16:18 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-12-24 17:33 - 2009-07-14 16:18 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-12-24 17:33 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-23 07:52 - 2013-06-30 11:18 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-12-23 07:40 - 2014-07-13 12:55 - 00000000 ____D () C:\Redbet
2014-12-15 10:18 - 2013-09-25 12:04 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-15 07:53 - 2014-08-17 18:56 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Adobe
2014-12-15 07:52 - 2013-01-16 14:40 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-15 07:52 - 2013-01-16 14:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-15 07:52 - 2013-01-16 14:40 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-15 07:07 - 2014-08-19 21:31 - 00000000 ____D () C:\ProgramData\ProductData
2014-12-15 07:05 - 2013-01-16 14:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-15 07:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-15 00:01 - 2014-02-07 13:23 - 00000000 ____D () C:\Users\Tepan\AppData\Local\AuxClient
2014-12-14 00:30 - 2014-09-12 17:30 - 00000644 _____ () C:\Users\Tepan\Desktop\Nový textový dokument.txt
2014-12-12 00:52 - 2013-08-16 02:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 00:45 - 2013-01-16 15:32 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 23:47 - 2014-12-02 23:06 - 00000000 ____D () C:\DuckPoker

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-08 19:12




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:170.9 GB) (Free:7.89 GB) NTFS
Drive d: () (Fixed) (Total:127 GB) (Free:30.3 GB) NTFS
Drive j: (LaCie) (Fixed) (Total:931.51 GB) (Free:11.27 GB) NTFS

Available physical RAM: 2228.79 MB
Total physical RAM: 4095.24 MB
Percentage of memory in use: 45%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 0F29FC2D)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=170.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=127 GB) - (Type=07 NTFS)
Disk: 2 (Size: 931.5 GB) (Disk ID: 454C01D9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tepan\Desktop" je 119 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer
C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Users\Tepan\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tepan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hpqtra08.exe
C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

a tady je ten adition.zip

Pozor na pouzivani TuneUp. Dokaze to nadelat peknou paseku.


Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by Tepan at 2015-01-09 11:37:32 Run:1
Running from C:\Users\Tepan\Desktop
Loaded Profile: Tepan (Available profiles: Tepan)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [DelReg] => C:\Program Files (x86)\MSI\DualCoreCenter\DelReg.exe [196608 2008-05-13] ()

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

CHR dev: Chrome dev build detected! <======= ATTENTION

S4 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG)
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-15 267440]

2015-01-06 16:10 - 2015-01-06 16:10 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Tepan\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-01 12:52 - 2015-01-01 12:52 - 00000000 ____D () C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2014-12-28 14:05 - 2014-12-28 14:05 - 00000000 ____D () C:\Windows\027B5748C40941FE949B7B81A8304EF4.TMP

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DelReg => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => Key deleted successfully.
"HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => Key deleted successfully.
"HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => Key deleted successfully.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
Nero BackItUp Scheduler 3 => Service deleted successfully.
AdobeARMservice => Service deleted successfully.
SkypeUpdate => Service not found.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
C:\Users\Tepan\Desktop\mbam-setup-2.0.4.1028.exe => Moved successfully.
C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP => Moved successfully.
C:\Windows\027B5748C40941FE949B7B81A8304EF4.TMP => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\HP Photo Creations Communicator.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 521.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog 11:38:31 ====

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

Vše jsem provedl,jak tu bylo popsano...pocitac se sam sice dokaze uspat,ale probudit jiz nejde.

Haveti to nebude.

V logu se pise toto

Error: (01/08/2015 11:16:55 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 34) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby při nečinnosti jsou u procesoru 1 skupiny 0 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Muze to byt pricina problemu. Je potreba aktualizovat.

omlouvam se,ale z toho moudry nejsem...nevim,co mam aktualizovat

Firmware http://cs.wikipedia.org/wiki/Firmware#O ... Dta.C4.8De

Podivejte se na stranky vyrobce notasu, jestli neni k dispozici nejaka aktualizace.

Téma prosím ještě nezamykejte.Až přijdu na to,kde byla chyba,tak se sem vrátím a chybu popíšu.Vám každopádně moc děkuji,protože když už nic,tak aspoň počítač jede o poznání rychleji..jen mám ještě dotaz:

Mohu Ccleanerem Adw cleanerem a MBAM si to projíždět sám?nezkazím tím něco?Nebo mám raději vždy přijít sem?Zatím s pozdravem a poděkováním Petr.