Preventivka / Odstranění havěti

[Michi-san]

Dobrý večer, tak jsem znovu tady
Tentokrát bych požádala o zkontrolování logu na havěť, protože mi antivir našel nějakpu potvoru "malware-gen", tak bych se chtěla ujistit, zda je již z pc opravdu pryč.
Předem děkuji a omlouvám se za opětovné vyrušení

Logfile of random's system information tool 1.09 (written by random/random)
Run by Oliczech at 2013-03-07 22:10:13
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 27 GB (26%) free of 102 GB
Total RAM: 1014 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:10:43, on 7.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\windows\system32\taskhost.exe
C:\Users\Oliczech\Downloads\RSIT.exe
C:\Program Files\trend micro\Oliczech.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/?rlz=1W4CHBA_csCZ520
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{367D9EBA-EEC7-41D3-9CD7-90A75CC42F4C}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{A5787F6B-C3A0-4969-93CB-7A3E6BEE527A}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{367D9EBA-EEC7-41D3-9CD7-90A75CC42F4C}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 8471 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\3d163yrg.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.171 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@kingsfot.com/npkws]
"Description"=npkws
"Path"=C:\Program Files\kingsoft\kingsoft antivirus\npkws.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 77576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-06 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-02-28 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-23 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-06 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-02-28 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotkeyMon"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe []
"HotkeyService"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe []
"SuperHybridEngine"=AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe []
"CapsHook"=AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe []
"Eee Docking"=C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2010-06-10 414384]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-04-27 9177632]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-19 1594664]
"ASUSPRP"=C:\Program Files\ASUS\APRP\APRP.EXE [2010-12-22 2018032]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-11-19 83240]
"ASUSWebStorage"=C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [2011-07-29 737104]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-04-19 142104]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-04-19 174360]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-04-19 150808]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-02-28 4767304]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-01-24 1430736]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-12-19 41208]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\SYSTEM32\igfxdev.dll [2011-04-11 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-07 22:10:18 ----D---- C:\Program Files\trend micro
2013-03-07 22:10:13 ----D---- C:\rsit
2013-03-07 12:50:07 ----D---- C:\Users\Oliczech\AppData\Roaming\vlc
2013-03-07 12:48:49 ----D---- C:\Program Files\VideoLAN
2013-03-06 03:26:40 ----A---- C:\windows\system32\javaws.exe
2013-03-06 03:26:02 ----A---- C:\windows\system32\WindowsAccessBridge.dll
2013-03-06 03:26:02 ----A---- C:\windows\system32\javaw.exe
2013-03-06 03:26:01 ----A---- C:\windows\system32\java.exe
2013-03-06 03:25:02 ----D---- C:\Program Files\Java
2013-03-05 10:39:24 ----D---- C:\Program Files\Google
2013-02-28 14:54:09 ----A---- C:\windows\system32\drivers\aswVmm.sys
2013-02-28 14:54:09 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2013-02-28 14:17:04 ----SD---- C:\ProgramData\Shared Space
2013-02-28 14:13:39 ----D---- C:\ProgramData\Comodo
2013-02-28 14:13:35 ----D---- C:\ProgramData\Comodo Downloader
2013-02-28 14:13:32 ----D---- C:\Program Files\COMODO
2013-02-28 12:30:08 ----A---- C:\windows\system32\drivers\aswSP.sys
2013-02-28 12:30:08 ----A---- C:\windows\system32\drivers\aswFsBlk.sys
2013-02-28 12:30:05 ----A---- C:\windows\system32\drivers\aswTdi.sys
2013-02-28 12:30:05 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2013-02-28 12:30:04 ----A---- C:\windows\system32\drivers\aswSnx.sys
2013-02-28 12:30:04 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2013-02-28 12:29:18 ----A---- C:\windows\avastSS.scr
2013-02-28 12:29:17 ----A---- C:\windows\system32\aswBoot.exe
2013-02-27 16:59:30 ----D---- C:\Program Files\Metin2
2013-02-27 14:07:30 ----A---- C:\windows\system32\UIAnimation.dll
2013-02-27 14:07:18 ----A---- C:\windows\system32\WMPhoto.dll
2013-02-27 14:07:11 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 14:07:11 ----AH---- C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 14:07:11 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 14:07:05 ----A---- C:\windows\system32\XpsGdiConverter.dll
2013-02-27 14:07:02 ----AH---- C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 14:07:02 ----AH---- C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 14:07:01 ----AH---- C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 14:07:01 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 14:07:01 ----AH---- C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 14:07:01 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 14:07:00 ----A---- C:\windows\system32\d3d10warp.dll
2013-02-27 14:06:59 ----A---- C:\windows\system32\msmpeg2vdec.dll
2013-02-27 14:06:58 ----A---- C:\windows\system32\dxgi.dll
2013-02-27 14:06:58 ----A---- C:\windows\system32\d3d10level9.dll
2013-02-27 14:06:57 ----A---- C:\windows\system32\d3d11.dll
2013-02-27 14:06:57 ----A---- C:\windows\system32\d3d10core.dll
2013-02-27 14:06:57 ----A---- C:\windows\system32\d3d10_1core.dll
2013-02-27 14:06:56 ----A---- C:\windows\system32\d3d10_1.dll
2013-02-27 14:06:56 ----A---- C:\windows\system32\d3d10.dll
2013-02-27 14:06:55 ----A---- C:\windows\system32\XpsPrint.dll
2013-02-27 14:06:55 ----A---- C:\windows\system32\FntCache.dll
2013-02-27 14:06:54 ----A---- C:\windows\system32\DWrite.dll
2013-02-27 14:06:53 ----A---- C:\windows\system32\WindowsCodecsExt.dll
2013-02-27 14:06:53 ----A---- C:\windows\system32\WindowsCodecs.dll
2013-02-27 14:06:50 ----A---- C:\windows\system32\d2d1.dll
2013-02-14 13:10:19 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-02-14 13:10:11 ----D---- C:\Program Files\Mozilla Firefox
2013-02-13 09:57:35 ----A---- C:\windows\system32\mshtmled.dll
2013-02-13 09:57:32 ----A---- C:\windows\system32\vbscript.dll
2013-02-13 09:57:30 ----A---- C:\windows\system32\jsproxy.dll
2013-02-13 09:57:29 ----A---- C:\windows\system32\ieui.dll
2013-02-13 09:57:28 ----A---- C:\windows\system32\ieUnatt.exe
2013-02-13 09:57:27 ----A---- C:\windows\system32\msfeeds.dll
2013-02-13 09:57:25 ----A---- C:\windows\system32\wininet.dll
2013-02-13 09:57:24 ----A---- C:\windows\system32\jscript.dll
2013-02-13 09:57:20 ----A---- C:\windows\system32\jscript9.dll
2013-02-13 09:57:19 ----A---- C:\windows\system32\url.dll
2013-02-13 09:57:18 ----A---- C:\windows\system32\iertutil.dll
2013-02-13 09:57:14 ----A---- C:\windows\system32\urlmon.dll
2013-02-13 09:57:07 ----A---- C:\windows\system32\mshtml.dll
2013-02-13 09:57:02 ----A---- C:\windows\system32\ieframe.dll
2013-02-13 09:46:54 ----A---- C:\windows\system32\win32k.sys
2013-02-13 09:46:49 ----A---- C:\windows\system32\drivers\tcpip.sys
2013-02-13 09:46:48 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 09:46:09 ----A---- C:\windows\system32\ntkrnlpa.exe
2013-02-13 09:46:04 ----A---- C:\windows\system32\ntoskrnl.exe
2013-02-13 09:42:29 ----A---- C:\windows\system32\winsrv.dll

======List of files/folders modified in the last 1 month======

2013-03-07 22:10:33 ----D---- C:\windows\Temp
2013-03-07 22:10:18 ----RD---- C:\Program Files
2013-03-07 19:25:11 ----D---- C:\windows\system32\config
2013-03-07 17:56:21 ----D---- C:\windows\system32\drivers
2013-03-06 03:26:54 ----SHD---- C:\windows\Installer
2013-03-06 03:26:40 ----D---- C:\windows\System32
2013-03-06 03:25:16 ----A---- C:\windows\system32\npdeployJava1.dll
2013-03-06 03:25:16 ----A---- C:\windows\system32\deployJava1.dll
2013-03-06 03:22:24 ----D---- C:\windows\system32\catroot2
2013-03-06 03:22:08 ----SHD---- C:\System Volume Information
2013-03-05 10:52:53 ----D---- C:\Windows
2013-03-05 10:39:32 ----D---- C:\windows\Tasks
2013-03-05 10:39:32 ----D---- C:\windows\system32\Tasks
2013-02-28 14:18:41 ----D---- C:\windows\inf
2013-02-28 14:18:29 ----D---- C:\windows\system32\DriverStore
2013-02-28 14:17:04 ----HD---- C:\ProgramData
2013-02-28 14:12:16 ----D---- C:\windows\system32\wdi
2013-02-28 12:53:33 ----D---- C:\windows\system32\catroot
2013-02-28 12:28:42 ----D---- C:\ProgramData\AVAST Software
2013-02-28 12:28:42 ----D---- C:\Program Files\AVAST Software
2013-02-28 10:29:04 ----D---- C:\windows\rescache
2013-02-27 15:34:43 ----A---- C:\windows\system32\FlashPlayerApp.exe
2013-02-27 14:20:31 ----D---- C:\windows\winsxs
2013-02-27 14:18:32 ----D---- C:\windows\system32\pt-PT
2013-02-27 14:18:32 ----D---- C:\windows\system32\pt-BR
2013-02-27 14:18:32 ----D---- C:\windows\system32\pl-PL
2013-02-27 14:18:32 ----D---- C:\windows\system32\ko-KR
2013-02-27 14:18:32 ----D---- C:\windows\system32\it-IT
2013-02-27 14:18:32 ----D---- C:\windows\system32\hu-HU
2013-02-27 14:18:31 ----D---- C:\windows\system32\zh-TW
2013-02-27 14:18:31 ----D---- C:\windows\system32\zh-HK
2013-02-27 14:18:31 ----D---- C:\windows\system32\zh-CN
2013-02-27 14:18:31 ----D---- C:\windows\system32\tr-TR
2013-02-27 14:18:31 ----D---- C:\windows\system32\sv-SE
2013-02-27 14:18:31 ----D---- C:\windows\system32\ru-RU
2013-02-27 14:18:31 ----D---- C:\windows\system32\nl-NL
2013-02-27 14:18:31 ----D---- C:\windows\system32\nb-NO
2013-02-27 14:18:31 ----D---- C:\windows\system32\ja-JP
2013-02-27 14:18:31 ----D---- C:\windows\system32\fr-FR
2013-02-27 14:18:31 ----D---- C:\windows\system32\fi-FI
2013-02-27 14:18:31 ----D---- C:\windows\system32\es-ES
2013-02-27 14:18:31 ----D---- C:\windows\system32\el-GR
2013-02-27 14:18:31 ----D---- C:\windows\system32\de-DE
2013-02-27 14:18:31 ----D---- C:\windows\system32\cs-CZ
2013-02-27 14:18:30 ----D---- C:\windows\system32\en-US
2013-02-27 14:18:30 ----D---- C:\windows\system32\da-DK
2013-02-27 13:52:25 ----D---- C:\windows\system32\wfp
2013-02-27 13:52:23 ----D---- C:\windows\system32\wbem
2013-02-27 13:51:32 ----D---- C:\windows\registration
2013-02-18 00:23:23 ----D---- C:\Users\Oliczech\AppData\Roaming\Media Player Classic
2013-02-18 00:23:01 ----D---- C:\windows\debug
2013-02-17 10:06:27 ----D---- C:\ProgramData\Adobe
2013-02-14 21:55:13 ----SD---- C:\Users\Oliczech\AppData\Roaming\Microsoft
2013-02-14 13:10:52 ----D---- C:\Users\Oliczech\AppData\Roaming\Mozilla
2013-02-14 12:04:16 ----D---- C:\Program Files\Internet Explorer
2013-02-13 22:59:47 ----D---- C:\windows\Microsoft.NET
2013-02-13 22:59:46 ----RSD---- C:\windows\assembly
2013-02-13 10:08:28 ----D---- C:\windows\system32\migration
2013-02-13 10:01:35 ----A---- C:\windows\system32\MRT.exe
2013-02-13 09:52:49 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-02-11 17:32:38 ----D---- C:\Users\Oliczech\AppData\Roaming\Skype
2013-02-11 16:48:29 ----D---- C:\Users\Oliczech\AppData\Roaming\ICQ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2013-02-28 49320]
R0 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2013-02-28 163784]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-06-08 435736]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2010-03-31 11520]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2013-02-28 60728]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2013-02-28 765808]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2013-02-28 368248]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2013-02-28 62448]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\windows\System32\DRIVERS\cmderd.sys [2013-01-16 20072]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\windows\system32\DRIVERS\cmdguard.sys [2013-01-16 576768]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\windows\System32\DRIVERS\cmdhlp.sys [2013-01-16 43728]
R1 inspect;COMODO Internet Security Firewall Driver; C:\windows\system32\DRIVERS\inspect.sys [2013-01-16 84416]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2013-02-28 29880]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2013-02-28 66408]
R2 irda;IrDA Protocol; C:\windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2011-04-11 4815872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2010-04-27 3084256]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x86.sys [2010-08-24 68208]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\windows\system32\DRIVERS\rtl8192se.sys [2010-07-02 1015912]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-11-19 230448]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2009-07-01 43944]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys []
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys []
S3 EagleNT;EagleNT; \??\C:\windows\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\windows\system32\drivers\EagleXNt.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 MosIrUsb;MosIrUsb.sys; C:\windows\system32\DRIVERS\MosIrUsb.sys [2007-10-11 22016]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TOO;TOO; \??\C:\Program Files\ASUS\LiveUpdate\genport.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AsusService;Asus Launcher Service; C:\Windows\System32\AsusService.exe [2009-08-19 219136]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-02-28 45248]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-01-24 2319504]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-05 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-27 251248]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-01-24 127184]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-05 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-01 115608]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]

-----------------EOF-----------------

[Márty84]

Zdravim

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce


Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Search a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

[Michi-san]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.03.08.10

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Oliczech :: OLICZECH-PC [administrátor]

Ochrana: Povolena

8.3.2013 11:23:38
mbam-log-2013-03-08 (11-23-38).txt

Typ: Kompletní kontrola (C:\|D:\|G:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 294984
Uplynulý čas: 2 hodin, 9 minut, 27 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)


Teď jdu na ten AdwCleaner

[Michi-san]

# AdwCleaner v2.114 - Logfile created 03/08/2013 at 13:39:28
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Starter Service Pack 1 (32 bits)
# User : Oliczech - OLICZECH-PC
# Boot Mode : Normal
# Running from : C:\Users\Oliczech\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (cs)

File : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\3d163yrg.default\prefs.js

[OK] File is clean.

File : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\nnd5zt8o.default\prefs.js

Found : user_pref("icqtoolbar.skip_default_search", "yes");
Found : user_pref("icqtoolbar.installsource", "1");
Found : user_pref("icqtoolbar.installsource", "1");

-\\ Google Chrome v25.0.1364.152

File : C:\Users\Oliczech\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R2].txt - [1200 octets] - [08/03/2013 13:39:28]

########## EOF - C:\AdwCleaner[R2].txt - [1260 octets] ##########

[Márty84]

MBAM muzete odinstalovat.

Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Delete
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.




Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

[Michi-san]

# AdwCleaner v2.114 - Logfile created 03/08/2013 at 19:45:53
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Starter Service Pack 1 (32 bits)
# User : Oliczech - OLICZECH-PC
# Boot Mode : Normal
# Running from : C:\Users\Oliczech\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (cs)

File : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\3d163yrg.default\prefs.js

[OK] File is clean.

File : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\nnd5zt8o.default\prefs.js

Deleted : user_pref("icqtoolbar.skip_default_search", "yes");
Deleted : user_pref("icqtoolbar.installsource", "1");
Deleted : user_pref("icqtoolbar.installsource", "1");

-\\ Google Chrome v25.0.1364.152

File : C:\Users\Oliczech\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R2].txt - [1329 octets] - [08/03/2013 13:39:28]
AdwCleaner[S2].txt - [1270 octets] - [08/03/2013 19:45:54]

########## EOF - C:\AdwCleaner[S2].txt - [1330 octets] ##########


A teď jdu na ten RogueKiller, tak strpení

[Michi-san]

Jen jsem se chtěla zeptat na jeden hloupý dotaz - než se mi restartoval pc, naskočila mi u AdwCelaneru cedulka pravděpodobně o toolbarech a podobně (moje angličtina není moc dobrá). Je to v pořádku? Až poté mi naskočila cedulka s oznámením, že se mi restartuje počítač

[Michi-san]

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Oliczech [Práva správce]
Mód : Kontrola -- Datum : 03/08/2013 20:03:07
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{367D9EBA-EEC7-41D3-9CD7-90A75CC42F4C} : NameServer (8.26.56.26,156.154.70.22) -> NALEZENO
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{A5787F6B-C3A0-4969-93CB-7A3E6BEE527A} : NameServer (8.26.56.26,156.154.70.22) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS543225A7A384 +++++
--- User ---
[MBR] a4412676c577680b98d01fe51eb4a6bd
[BSP] b58abd32b784cfe0b3ff0a9465d19266 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 102400 Mo
1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 209717248 | Size: 15360 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 241174528 | Size: 120697 Mo
3 - [XXXXXX] UNKNOWN (0xef) [VISIBLE] Offset (sectors): 488361984 | Size: 16 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_03082013_02d2003.txt >>
RKreport[1]_S_03082013_02d2003.txt

[Márty84]

než se mi restartoval pc, naskočila mi u AdwCelaneru cedulka pravděpodobně o toolbarech a podobně (moje angličtina není moc dobrá). Je to v pořádku? Až poté mi naskočila cedulka s oznámením, že se mi restartuje počítač

Ano, je to v poradku


Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.



Jinak havet nikde nevidno. Je s pc nejaky problem? Pokud neni, dejte sem rovnou i novy log z RSIT a docistime to od zbytecnosti

[Michi-san]

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Oliczech [Práva správce]
Mód : Odebrat -- Datum : 03/08/2013 22:27:24
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{367D9EBA-EEC7-41D3-9CD7-90A75CC42F4C} : NameServer (8.26.56.26,156.154.70.22) -> NEBYLO ODSTRANĚNO, POUŽIJTE DNSFIX
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{A5787F6B-C3A0-4969-93CB-7A3E6BEE527A} : NameServer (8.26.56.26,156.154.70.22) -> NEBYLO ODSTRANĚNO, POUŽIJTE DNSFIX
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS543225A7A384 +++++
--- User ---
[MBR] a4412676c577680b98d01fe51eb4a6bd
[BSP] b58abd32b784cfe0b3ff0a9465d19266 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 102400 Mo
1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 209717248 | Size: 15360 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 241174528 | Size: 120697 Mo
3 - [XXXXXX] UNKNOWN (0xef) [VISIBLE] Offset (sectors): 488361984 | Size: 16 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[3]_D_03082013_02d2227.txt >>
RKreport[1]_S_03082013_02d2003.txt ; RKreport[2]_S_03082013_02d2225.txt ; RKreport[3]_D_03082013_02d2227.txt


Ne, nepozoruju žádné problémy s pc, běží jak má, jen mi avast stále hlásí aktualizace Adobe Readeru ale Adobe Reader mi hlásí, že je aktuální. Jinak nic
Hned dodám zbylé dva logy

[Michi-san]

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Oliczech [Práva správce]
Mód : Oprava HOSTS -- Datum : 03/08/2013 22:30:09
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4]_H_03082013_02d2230.txt >>
RKreport[1]_S_03082013_02d2003.txt ; RKreport[2]_S_03082013_02d2225.txt ; RKreport[3]_D_03082013_02d2227.txt ; RKreport[4]_H_03082013_02d2230.txt






Logfile of random's system information tool 1.09 (written by random/random)
Run by Oliczech at 2013-03-08 22:31:48
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 27 GB (26%) free of 102 GB
Total RAM: 1014 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:32:03, on 8.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Oliczech\Downloads\RSIT.exe
C:\Program Files\trend micro\Oliczech.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/?rlz=1W4CHBA_csCZ520
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{367D9EBA-EEC7-41D3-9CD7-90A75CC42F4C}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{A5787F6B-C3A0-4969-93CB-7A3E6BEE527A}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{367D9EBA-EEC7-41D3-9CD7-90A75CC42F4C}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 8650 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\3d163yrg.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.171 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@kingsfot.com/npkws]
"Description"=npkws
"Path"=C:\Program Files\kingsoft\kingsoft antivirus\npkws.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 77576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-06 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-23 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-06 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotkeyMon"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe []
"HotkeyService"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe []
"SuperHybridEngine"=AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe []
"CapsHook"=AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe []
"Eee Docking"=C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2010-06-10 414384]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-04-27 9177632]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-19 1594664]
"ASUSPRP"=C:\Program Files\ASUS\APRP\APRP.EXE [2010-12-22 2018032]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-11-19 83240]
"ASUSWebStorage"=C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [2011-07-29 737104]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-04-19 142104]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-04-19 174360]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-04-19 150808]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-01-24 1430736]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-12-19 41208]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\SYSTEM32\igfxdev.dll [2011-04-11 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-08 19:45:54 ----A---- C:\AdwCleaner[S2].txt
2013-03-08 13:39:28 ----A---- C:\AdwCleaner[R2].txt
2013-03-08 11:19:56 ----D---- C:\Users\Oliczech\AppData\Roaming\Malwarebytes
2013-03-08 11:19:15 ----D---- C:\ProgramData\Malwarebytes
2013-03-07 22:10:18 ----D---- C:\Program Files\trend micro
2013-03-07 22:10:13 ----D---- C:\rsit
2013-03-07 20:57:03 ----D---- C:\Program Files\Mozilla Firefox
2013-03-07 12:50:07 ----D---- C:\Users\Oliczech\AppData\Roaming\vlc
2013-03-07 12:48:49 ----D---- C:\Program Files\VideoLAN
2013-03-06 03:26:40 ----A---- C:\windows\system32\javaws.exe
2013-03-06 03:26:02 ----A---- C:\windows\system32\WindowsAccessBridge.dll
2013-03-06 03:26:02 ----A---- C:\windows\system32\javaw.exe
2013-03-06 03:26:01 ----A---- C:\windows\system32\java.exe
2013-03-06 03:25:02 ----D---- C:\Program Files\Java
2013-03-05 10:39:24 ----D---- C:\Program Files\Google
2013-02-28 14:54:09 ----A---- C:\windows\system32\drivers\aswVmm.sys
2013-02-28 14:54:09 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2013-02-28 14:17:04 ----SD---- C:\ProgramData\Shared Space
2013-02-28 14:13:39 ----D---- C:\ProgramData\Comodo
2013-02-28 14:13:35 ----D---- C:\ProgramData\Comodo Downloader
2013-02-28 14:13:32 ----D---- C:\Program Files\COMODO
2013-02-28 12:30:08 ----A---- C:\windows\system32\drivers\aswSP.sys
2013-02-28 12:30:08 ----A---- C:\windows\system32\drivers\aswFsBlk.sys
2013-02-28 12:30:05 ----A---- C:\windows\system32\drivers\aswTdi.sys
2013-02-28 12:30:05 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2013-02-28 12:30:04 ----A---- C:\windows\system32\drivers\aswSnx.sys
2013-02-28 12:30:04 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2013-02-28 12:29:18 ----A---- C:\windows\avastSS.scr
2013-02-28 12:29:17 ----A---- C:\windows\system32\aswBoot.exe
2013-02-27 16:59:30 ----D---- C:\Program Files\Metin2
2013-02-27 14:07:30 ----A---- C:\windows\system32\UIAnimation.dll
2013-02-27 14:07:18 ----A---- C:\windows\system32\WMPhoto.dll
2013-02-27 14:07:11 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 14:07:11 ----AH---- C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 14:07:11 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 14:07:05 ----A---- C:\windows\system32\XpsGdiConverter.dll
2013-02-27 14:07:02 ----AH---- C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 14:07:02 ----AH---- C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 14:07:01 ----AH---- C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 14:07:01 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 14:07:01 ----AH---- C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 14:07:01 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 14:07:00 ----A---- C:\windows\system32\d3d10warp.dll
2013-02-27 14:06:59 ----A---- C:\windows\system32\msmpeg2vdec.dll
2013-02-27 14:06:58 ----A---- C:\windows\system32\dxgi.dll
2013-02-27 14:06:58 ----A---- C:\windows\system32\d3d10level9.dll
2013-02-27 14:06:57 ----A---- C:\windows\system32\d3d11.dll
2013-02-27 14:06:57 ----A---- C:\windows\system32\d3d10core.dll
2013-02-27 14:06:57 ----A---- C:\windows\system32\d3d10_1core.dll
2013-02-27 14:06:56 ----A---- C:\windows\system32\d3d10_1.dll
2013-02-27 14:06:56 ----A---- C:\windows\system32\d3d10.dll
2013-02-27 14:06:55 ----A---- C:\windows\system32\XpsPrint.dll
2013-02-27 14:06:55 ----A---- C:\windows\system32\FntCache.dll
2013-02-27 14:06:54 ----A---- C:\windows\system32\DWrite.dll
2013-02-27 14:06:53 ----A---- C:\windows\system32\WindowsCodecsExt.dll
2013-02-27 14:06:53 ----A---- C:\windows\system32\WindowsCodecs.dll
2013-02-27 14:06:50 ----A---- C:\windows\system32\d2d1.dll
2013-02-14 13:10:19 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-02-13 09:57:35 ----A---- C:\windows\system32\mshtmled.dll
2013-02-13 09:57:32 ----A---- C:\windows\system32\vbscript.dll
2013-02-13 09:57:30 ----A---- C:\windows\system32\jsproxy.dll
2013-02-13 09:57:29 ----A---- C:\windows\system32\ieui.dll
2013-02-13 09:57:28 ----A---- C:\windows\system32\ieUnatt.exe
2013-02-13 09:57:27 ----A---- C:\windows\system32\msfeeds.dll
2013-02-13 09:57:25 ----A---- C:\windows\system32\wininet.dll
2013-02-13 09:57:24 ----A---- C:\windows\system32\jscript.dll
2013-02-13 09:57:20 ----A---- C:\windows\system32\jscript9.dll
2013-02-13 09:57:19 ----A---- C:\windows\system32\url.dll
2013-02-13 09:57:18 ----A---- C:\windows\system32\iertutil.dll
2013-02-13 09:57:14 ----A---- C:\windows\system32\urlmon.dll
2013-02-13 09:57:07 ----A---- C:\windows\system32\mshtml.dll
2013-02-13 09:57:02 ----A---- C:\windows\system32\ieframe.dll
2013-02-13 09:46:54 ----A---- C:\windows\system32\win32k.sys
2013-02-13 09:46:49 ----A---- C:\windows\system32\drivers\tcpip.sys
2013-02-13 09:46:48 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 09:46:09 ----A---- C:\windows\system32\ntkrnlpa.exe
2013-02-13 09:46:04 ----A---- C:\windows\system32\ntoskrnl.exe
2013-02-13 09:42:29 ----A---- C:\windows\system32\winsrv.dll

======List of files/folders modified in the last 1 month======

2013-03-08 22:31:40 ----D---- C:\windows\Temp
2013-03-08 22:30:53 ----D---- C:\windows\system32\drivers
2013-03-08 20:03:35 ----D---- C:\windows\system32\config
2013-03-08 19:42:23 ----RD---- C:\Program Files
2013-03-08 11:19:15 ----HD---- C:\ProgramData
2013-03-08 10:24:33 ----D---- C:\windows\system32\Tasks
2013-03-08 10:24:23 ----D---- C:\Windows
2013-03-06 03:26:54 ----SHD---- C:\windows\Installer
2013-03-06 03:26:40 ----D---- C:\windows\System32
2013-03-06 03:25:16 ----A---- C:\windows\system32\npdeployJava1.dll
2013-03-06 03:25:16 ----A---- C:\windows\system32\deployJava1.dll
2013-03-06 03:22:24 ----D---- C:\windows\system32\catroot2
2013-03-06 03:22:08 ----SHD---- C:\System Volume Information
2013-03-05 10:39:32 ----D---- C:\windows\Tasks
2013-02-28 14:18:41 ----D---- C:\windows\inf
2013-02-28 14:18:29 ----D---- C:\windows\system32\DriverStore
2013-02-28 14:12:16 ----D---- C:\windows\system32\wdi
2013-02-28 12:53:33 ----D---- C:\windows\system32\catroot
2013-02-28 12:28:42 ----D---- C:\ProgramData\AVAST Software
2013-02-28 12:28:42 ----D---- C:\Program Files\AVAST Software
2013-02-28 10:29:04 ----D---- C:\windows\rescache
2013-02-27 15:34:43 ----A---- C:\windows\system32\FlashPlayerApp.exe
2013-02-27 14:20:31 ----D---- C:\windows\winsxs
2013-02-27 14:18:32 ----D---- C:\windows\system32\pt-PT
2013-02-27 14:18:32 ----D---- C:\windows\system32\pt-BR
2013-02-27 14:18:32 ----D---- C:\windows\system32\pl-PL
2013-02-27 14:18:32 ----D---- C:\windows\system32\ko-KR
2013-02-27 14:18:32 ----D---- C:\windows\system32\it-IT
2013-02-27 14:18:32 ----D---- C:\windows\system32\hu-HU
2013-02-27 14:18:31 ----D---- C:\windows\system32\zh-TW
2013-02-27 14:18:31 ----D---- C:\windows\system32\zh-HK
2013-02-27 14:18:31 ----D---- C:\windows\system32\zh-CN
2013-02-27 14:18:31 ----D---- C:\windows\system32\tr-TR
2013-02-27 14:18:31 ----D---- C:\windows\system32\sv-SE
2013-02-27 14:18:31 ----D---- C:\windows\system32\ru-RU
2013-02-27 14:18:31 ----D---- C:\windows\system32\nl-NL
2013-02-27 14:18:31 ----D---- C:\windows\system32\nb-NO
2013-02-27 14:18:31 ----D---- C:\windows\system32\ja-JP
2013-02-27 14:18:31 ----D---- C:\windows\system32\fr-FR
2013-02-27 14:18:31 ----D---- C:\windows\system32\fi-FI
2013-02-27 14:18:31 ----D---- C:\windows\system32\es-ES
2013-02-27 14:18:31 ----D---- C:\windows\system32\el-GR
2013-02-27 14:18:31 ----D---- C:\windows\system32\de-DE
2013-02-27 14:18:31 ----D---- C:\windows\system32\cs-CZ
2013-02-27 14:18:30 ----D---- C:\windows\system32\en-US
2013-02-27 14:18:30 ----D---- C:\windows\system32\da-DK
2013-02-27 13:52:25 ----D---- C:\windows\system32\wfp
2013-02-27 13:52:23 ----D---- C:\windows\system32\wbem
2013-02-27 13:51:32 ----D---- C:\windows\registration
2013-02-18 00:23:23 ----D---- C:\Users\Oliczech\AppData\Roaming\Media Player Classic
2013-02-18 00:23:01 ----D---- C:\windows\debug
2013-02-17 10:06:27 ----D---- C:\ProgramData\Adobe
2013-02-14 21:55:13 ----SD---- C:\Users\Oliczech\AppData\Roaming\Microsoft
2013-02-14 13:10:52 ----D---- C:\Users\Oliczech\AppData\Roaming\Mozilla
2013-02-14 12:04:16 ----D---- C:\Program Files\Internet Explorer
2013-02-13 22:59:47 ----D---- C:\windows\Microsoft.NET
2013-02-13 22:59:46 ----RSD---- C:\windows\assembly
2013-02-13 10:08:28 ----D---- C:\windows\system32\migration
2013-02-13 10:01:35 ----A---- C:\windows\system32\MRT.exe
2013-02-13 09:52:49 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-02-11 17:32:38 ----D---- C:\Users\Oliczech\AppData\Roaming\Skype
2013-02-11 16:48:29 ----D---- C:\Users\Oliczech\AppData\Roaming\ICQ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2013-03-07 49248]
R0 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2013-03-07 164736]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-06-08 435736]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2010-03-31 11520]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2013-03-07 60656]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2013-03-07 765736]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2013-03-07 368176]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2013-03-07 62376]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\windows\System32\DRIVERS\cmderd.sys [2013-01-16 20072]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\windows\system32\DRIVERS\cmdguard.sys [2013-01-16 576768]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\windows\System32\DRIVERS\cmdhlp.sys [2013-01-16 43728]
R1 inspect;COMODO Internet Security Firewall Driver; C:\windows\system32\DRIVERS\inspect.sys [2013-01-16 84416]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2013-03-07 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2013-03-07 66336]
R2 irda;IrDA Protocol; C:\windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2011-04-11 4815872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2010-04-27 3084256]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x86.sys [2010-08-24 68208]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\windows\system32\DRIVERS\rtl8192se.sys [2010-07-02 1015912]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-11-19 230448]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2009-07-01 43944]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys []
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys []
S3 EagleNT;EagleNT; \??\C:\windows\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\windows\system32\drivers\EagleXNt.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 MosIrUsb;MosIrUsb.sys; C:\windows\system32\DRIVERS\MosIrUsb.sys [2007-10-11 22016]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TOO;TOO; \??\C:\Program Files\ASUS\LiveUpdate\genport.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AsusService;Asus Launcher Service; C:\Windows\System32\AsusService.exe [2009-08-19 219136]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-01-24 2319504]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-05 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-27 251248]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-01-24 127184]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-05 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-07 115608]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]

-----------------EOF-----------------

[Márty84]

A ted kdo ma pravdu. Avast, nebo Adobe?


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Najdete tento soubor C:\Program Files\trend micro\Oliczech.exe , kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Kliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

Kliknete na nápis Fix checked a potvrdte




Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:services
BBUpdate
BBSvc
gupdate
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

[Michi-san]

No, s HijackThis jsem udělala co jste mi říkal, ale OTM mi hlásí, že k dané složce nemám patřičná oprávnění a nechce se rozjet. Comodo firewall mi hlásil nějaký malware v OTM

[Márty84]

Je to falesny poplach. Bud COMODO na chvili vypnete, nebo OTM spustte v nouzovem rezimu

[Michi-san]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Oliczech
->Temp folder emptied: 4193704 bytes
->Temporary Internet Files folder emptied: 356340 bytes
->Java cache emptied: 27726 bytes
->FireFox cache emptied: 39396610 bytes
->Google Chrome cache emptied: 244583190 bytes
->Flash cache emptied: 1140 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3704228 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 279,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Oliczech
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service BBUpdate stopped successfully!
Service BBUpdate deleted successfully!
Service BBSvc stopped successfully!
Service BBSvc deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
C:\windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 03082013_230659

Files moved on Reboot...
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
C:\windows\temp\HS.log moved successfully.

Registry entries deleted on Reboot...