VIRY.CZ

Prosím o kontrolu logu, dítě si stáhlo nějakýho hajzlíka do booku a bloklo jí to složku. Děkuji moc.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Máma at 2013-04-11 20:47:24
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 64 GB (62%) free of 102 GB
Total RAM: 749 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:47:43, on 11.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\wininit.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Common Files\InstantOn\InsOnSrv.exe
C:\windows\system32\AsusService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\windows\system32\svchost.exe
C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
C:\ExpressGateUtil\VAWinService.exe
C:\windows\system32\conhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\taskhost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ASUS\HotkeyService\HotkeyService.exe
C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe
C:\Program Files\ASUS\SHE\SuperHybridEngine.exe
C:\Program Files\ASUS\CapsHook\CapsHook.exe
C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\windows\explorer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Asus\Eee Docking\Eee Docking.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe
C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\svchost.exe
C:\windows\System32\WUDFHost.exe
C:\windows\system32\taskeng.exe
E:\RSIT.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Máma.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Martin\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Windows 7 Starter Helper - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\ASUS\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [LiveUpdate] AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\ASUS\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.102.211\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
O4 - HKLM\..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files\Asus\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\Common Files\InstantOn\InsOnSrv.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\windows\system32\AsusService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe

--
End of file - 12400 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\Martin\AppData\Roaming\Complitly\Complitly.dll [2013-01-13 144456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17 185680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
uTorrentControl_v2 Toolbar - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-03-19 4529272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17 234832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D381FF29-7CFB-4D4E-B92A-C4EDDC696614}]
Windows 7 Starter Helper - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll [2009-12-09 137904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288]
{7473b6bd-4691-4744-a82b-7854eb3d70b6} - uTorrentControl_v2 Toolbar - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-07-21 336384]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
"HotkeyMon"=AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe []
"HotkeyService"=AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe []
"SuperHybridEngine"=AsusSender.exe C:\Program Files\ASUS\SHE\SuperHybridEngine.exe []
"LiveUpdate"=AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto []
"CapsHook"=AsusSender.exe C:\Program Files\ASUS\CapsHook\CapsHook.exe []
"Eee Docking"=C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2011-04-14 419504]
"ASUSWebStorage"=C:\Program Files\ASUS\ASUS WebStorage\3.0.102.211\AsusWSPanel.exe [2011-06-08 737104]
"VizorHtmlDialog.exe"=C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [2010-10-08 1123664]
"Trend Micro Client Framework"=C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [2010-10-12 112632]
"Trend Micro Titanium"=C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [2010-10-20 218448]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-01-18 10025576]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 548744]
"VAWinAgent"=C:\ExpressGateUtil\VAWinAgent.exe [2011-07-12 45448]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files\Asus\AsusVibe\AsusVibeLauncher.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-04-11 20:47:24 ----D---- C:\rsit
2013-04-11 20:32:15 ----SHD---- C:\$RECYCLE.BIN
2013-04-11 20:28:08 ----SD---- C:\Users\Máma\AppData\Roaming\Microsoft
2013-04-11 20:28:08 ----D---- C:\Users\Máma\AppData\Roaming\Macromedia
2013-04-11 20:28:08 ----D---- C:\Users\Máma\AppData\Roaming\InstallShield
2013-04-11 20:28:08 ----D---- C:\Users\Máma\AppData\Roaming\Identities
2013-04-11 20:28:08 ----D---- C:\Users\Máma\AppData\Roaming\E-Cam
2013-04-11 20:28:08 ----D---- C:\Users\Máma\AppData\Roaming\ATI
2013-04-11 20:28:08 ----D---- C:\Users\Máma\AppData\Roaming\ASUS WebStorage
2013-04-11 20:28:08 ----D---- C:\Users\Máma\AppData\Roaming\Adobe
2013-04-11 19:36:47 ----A---- C:\ProgramData\f8oa.js
2013-04-11 19:36:38 ----A---- C:\ProgramData\rundll32.exe
2013-04-11 19:36:38 ----A---- C:\ProgramData\ao8f.dat
2013-03-18 15:44:13 ----A---- C:\windows\system32\drivers\usb8023.sys
2013-03-15 20:54:42 ----A---- C:\windows\system32\mshtmled.dll
2013-03-15 20:54:41 ----A---- C:\windows\system32\vbscript.dll
2013-03-15 20:54:40 ----A---- C:\windows\system32\jsproxy.dll
2013-03-15 20:54:39 ----A---- C:\windows\system32\ieUnatt.exe
2013-03-15 20:54:39 ----A---- C:\windows\system32\ieui.dll
2013-03-15 20:54:38 ----A---- C:\windows\system32\msfeeds.dll
2013-03-15 20:54:37 ----A---- C:\windows\system32\wininet.dll
2013-03-15 20:54:37 ----A---- C:\windows\system32\jscript.dll
2013-03-15 20:54:35 ----A---- C:\windows\system32\jscript9.dll
2013-03-15 20:54:34 ----A---- C:\windows\system32\url.dll
2013-03-15 20:54:34 ----A---- C:\windows\system32\iertutil.dll
2013-03-15 20:54:31 ----A---- C:\windows\system32\urlmon.dll
2013-03-15 20:54:28 ----A---- C:\windows\system32\mshtml.dll
2013-03-15 20:54:21 ----A---- C:\windows\system32\ieframe.dll

======List of files/folders modified in the last 1 month======

2013-04-11 20:47:43 ----D---- C:\Program Files\Trend Micro
2013-04-11 20:47:41 ----D---- C:\windows\Temp
2013-04-11 20:42:32 ----D---- C:\windows\system32\config
2013-04-11 20:29:43 ----D---- C:\ProgramData\Trend Micro
2013-04-11 20:29:41 ----D---- C:\windows\System32
2013-04-11 20:28:07 ----RD---- C:\Users
2013-04-11 20:26:39 ----HD---- C:\ProgramData
2013-04-10 16:48:51 ----D---- C:\windows\system32\catroot
2013-04-10 16:46:33 ----D---- C:\windows\system32\catroot2
2013-04-10 16:46:30 ----D---- C:\windows\winsxs
2013-04-09 17:49:27 ----SHD---- C:\windows\Installer
2013-04-09 14:34:29 ----SHD---- C:\System Volume Information
2013-04-04 13:20:11 ----D---- C:\windows\inf
2013-04-04 13:20:11 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-04-03 20:20:05 ----D---- C:\windows\system32\NDF
2013-04-02 17:23:12 ----D---- C:\ProgramData\Skype
2013-04-02 17:23:02 ----RD---- C:\Program Files\Skype
2013-03-19 04:19:13 ----D---- C:\windows\system32\DriverStore
2013-03-19 04:19:13 ----D---- C:\windows\system32\drivers
2013-03-15 22:50:23 ----D---- C:\windows\system32\migration
2013-03-15 22:50:23 ----D---- C:\Program Files\Internet Explorer
2013-03-15 22:50:22 ----D---- C:\windows\AppPatch
2013-03-15 22:50:16 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-15 21:04:11 ----A---- C:\windows\system32\MRT.exe
2013-03-13 18:17:54 ----A---- C:\windows\system32\FlashPlayerApp.exe
2013-03-12 01:10:56 ----N---- C:\windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2010-11-04 64128]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2010-11-04 32384]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R1 AsIO;AsIO; C:\windows\system32\drivers\AsIO.sys [2010-06-28 11456]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2010-08-03 11832]
R1 tmactmon;tmactmon; C:\windows\system32\DRIVERS\tmactmon.sys [2010-09-17 80464]
R1 tmcomm;tmcomm; C:\windows\system32\DRIVERS\tmcomm.sys [2010-09-17 189520]
R1 tmevtmgr;tmevtmgr; C:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 64080]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 tmtdi;Trend Micro TDI Driver; C:\windows\system32\DRIVERS\tmtdi.sys [2010-09-17 92112]
R3 amdiox86;AMD IO Driver; C:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-07-20 7811072]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-07-20 245760]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW73.sys [2010-11-16 101392]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2010-11-24 4247616]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-05-21 293928]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-05-21 88104]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-05-21 111144]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-05-21 33320]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-05-21 18728]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-16 242240]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2010-07-21 102912]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2011-01-18 3378984]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x86.sys [2010-09-27 68208]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 579944]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 194408]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 21864]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 19304]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\windows\System32\drivers\sfvfs02.sys [2005-11-03 63488]
S2 Parvdm;Parvdm; C:\windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-07-14 1096704]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 EagleXNt;EagleXNt; \??\C:\windows\system32\drivers\EagleXNt.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2011-05-14 39272]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\drivers\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-07-20 176128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-21 294400]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\Common Files\InstantOn\InsOnSrv.exe [2011-06-03 64128]
R2 AsusService;Asus Launcher Service; C:\windows\system32\AsusService.exe [2011-08-09 224680]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-05-21 652576]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-03-19 3289208]
R2 TiMiniService;TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 161104]
R2 VideAceWindowsService;VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [2011-03-25 91464]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 1713536]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-28 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2010-09-17 196320]
S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2011-05-14 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-28 116648]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-12-20 541760]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]

-----------------EOF-----------------

Zdravim

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Log z RKillu:

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/11/2013 09:21:08 PM in x86 mode.
Windows Version: Windows 7 Starter Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* SensrSvc [Missing Service]

* FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 04/11/2013 09:21:46 PM
Execution time: 0 hours(s), 0 minute(s), and 38 seconds(s)

OK, pokracujte ComboFixem

Combo fix ještě pořád pracuje

No pokud je to nejak dlouho, vice jak pul hodiny a nenaskakuji postupne Faze (melo by jich byt cca 50), tak restart PC, mackat F8, zvolit Stav nouze s praci v siti a zopakujte ComboFix

Jsme u fáze 32

Pokud postupne naskakuji a nezasekne se u jedne treba na pul hodky, tak jej nechte...

Nechávám, už jsme u fáze 50

a už mažeme cosi

OK, pockam si na log

Už se generuje

Tak tady je:

ComboFix 13-04-11.01 - Máma 11.04.2013 21:35:22.1.2 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.749.257 [GMT 2:00]
Spuštěný z: c:\users\Mßma\Desktop\ComboFix.exe
AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Complitly
c:\program files\Complitly\chrome\ComplitlyChrome.crx
c:\program files\Complitly\InstallHelper.dll
c:\program files\Complitly\InstallHelperNet4.dll
c:\program files\Complitly\support@Complitly.com\,MaheshmadhukardhondAcPro.xpi
c:\program files\Complitly\support@Complitly.com\defaults\preferences\predictad.js
c:\program files\Complitly\support@Complitly.com\chrome.manifest
c:\program files\Complitly\support@Complitly.com\chrome\content\appIcon.png
c:\program files\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul
c:\program files\Complitly\support@Complitly.com\chrome\content\options.js
c:\program files\Complitly\support@Complitly.com\chrome\content\options.xul
c:\program files\Complitly\support@Complitly.com\chrome\content\utils.js
c:\program files\Complitly\support@Complitly.com\install.rdf
c:\program files\Complitly\System.Data.SQLite.dll
c:\program files\Complitly\ToolbarUninstall.exe
c:\program files\Complitly\unins000.dat
c:\program files\Complitly\unins000.exe
c:\programdata\ao8f.dat
c:\programdata\f8oa.pad
c:\programdata\FullRemove.exe
c:\programdata\rundll32.exe
c:\users\Týna\4878784.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-11 do 2013-04-11 )))))))))))))))))))))))))))))))
.
.
2013-04-11 20:12 . 2013-04-11 20:12 -------- d-----w- c:\users\Týna\AppData\Local\temp
2013-04-11 20:12 . 2013-04-11 20:12 -------- d-----w- c:\users\Martin\AppData\Local\temp
2013-04-11 20:10 . 2013-04-11 20:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-11 18:47 . 2013-04-11 18:47 -------- d-----w- C:\rsit
2013-04-11 18:28 . 2013-04-11 18:28 -------- d-----w- c:\users\Máma
2013-04-11 17:36 . 2013-04-11 17:36 2584 ----a-w- c:\programdata\f8oa.js
2013-04-09 15:48 . 2013-04-09 15:48 -------- d-----w- c:\users\Týna\AppData\Local\{B69EB34A-91EB-4FF3-B741-664179483319}
2013-04-09 15:48 . 2013-04-09 15:48 -------- d-----w- c:\users\Týna\AppData\Local\PackageAware
2013-04-09 12:35 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73944F9E-02EC-48D3-AD37-EF0693A202D7}\mpengine.dll
2013-04-05 20:00 . 2013-04-05 20:01 -------- d-----w- c:\users\Týna\AppData\Local\{3EB4B2CE-08AA-46CA-9D5B-963D4D523E56}
2013-03-18 21:02 . 2013-03-18 21:03 -------- d-----w- c:\users\Týna\AppData\Local\{9735E5D2-3679-4B9C-84CD-6C2429822390}
2013-03-18 13:44 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-13 19:01 . 2013-03-13 19:01 -------- d-----w- c:\users\Týna\AppData\Local\{C1B9F13A-BD38-4F69-B3F1-3F45935A0DD0}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-13 16:17 . 2012-12-06 10:32 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-13 16:17 . 2011-11-16 19:26 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-11 23:10 . 2012-09-05 18:24 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-02-12 04:48 . 2013-03-13 15:39 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 15:39 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-13 21:17 . 2013-02-28 08:42 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-28 08:42 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-28 08:42 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-28 08:42 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-28 08:42 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-28 08:42 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-28 08:42 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11 . 2013-02-28 08:42 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-28 08:42 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-28 08:41 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 20:30 . 2013-02-28 08:41 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 20:22 . 2013-02-28 08:41 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 20:20 . 2013-02-28 08:41 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 20:09 . 2013-02-28 08:41 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-28 08:41 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 20:08 . 2013-02-28 08:41 1504768 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:54 . 2013-02-28 08:41 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:53 . 2013-02-28 08:41 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-28 08:42 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:48 . 2013-02-28 08:41 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:46 . 2013-02-28 08:41 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:43 . 2013-02-28 08:41 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:37 . 2013-02-28 08:41 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-28 08:42 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-01-13 18:34 . 2013-02-28 08:42 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26 . 2013-02-28 08:41 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentControl_v2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7473b6bd-4691-4744-a82b-7854eb3d70b6}"= "c:\program files\uTorrentControl_v2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-03-07 15:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-03-07 15:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-03-07 15:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-03-07 15:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-21 336384]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"HotkeyMon"="AsusSender.exe" [2011-07-13 34728]
"HotkeyService"="AsusSender.exe" [2011-07-13 34728]
"SuperHybridEngine"="AsusSender.exe" [2011-07-13 34728]
"LiveUpdate"="AsusSender.exe" [2011-07-13 34728]
"CapsHook"="AsusSender.exe" [2011-07-13 34728]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2011-04-14 419504]
"ASUSWebStorage"="c:\program files\ASUS\ASUS WebStorage\3.0.102.211\AsusWSPanel.exe" [2011-06-08 737104]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 112632]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-10-20 218448]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-01-18 10025576]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2010-06-10 548744]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2011-07-12 45448]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files\Asus\AsusVibe\AsusVibeLauncher.exe [2012-9-23 549040]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-5-21 828704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]
S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files\Common Files\InstantOn\InsOnSrv.exe [x]
S2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [x]
S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [x]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-11 14:14 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-06 16:18]
.
2013-04-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-28 11:23]
.
2013-04-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-28 11:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://asus.msn.com
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-1ClickDownload - c:\program files\TornTV.com\uninst.exe
AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files\Complitly\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-04-11 22:20:46
ComboFix-quarantined-files.txt 2013-04-11 20:20
.
Před spuštěním: Volných bajtů: 66 886 860 800
Po spuštění: Volných bajtů: 68 200 509 440
.
- - End Of File - - D50F1C79B9B4C79F1221B9E9727EFBDA

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

10-15 minut? Už zas skenuje přes hodinu...Bože, co to mám za comp??

Tak po 2 hodinách a 10 minutách konečně vykoukl log

:

OTL logfile created on: 12.4.2013 20:49:38 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Máma\Desktop
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

749,46 Mb Total Physical Memory | 164,08 Mb Available Physical Memory | 21,89% Memory free
1,73 Gb Paging File | 0,70 Gb Available in Paging File | 40,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 63,59 Gb Free Space | 63,59% Space Free | Partition Type: NTFS
Drive D: | 183,07 Gb Total Space | 23,19 Gb Free Space | 12,67% Space Free | Partition Type: NTFS
Drive E: | 3,77 Gb Total Space | 3,46 Gb Free Space | 91,86% Space Free | Partition Type: FAT32

Computer Name: TYNA-PC | User Name: Máma | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.04.12 20:39:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Máma\Desktop\OTL.exe
PRC - [2013.04.03 20:48:02 | 004,379,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SoftwareDistribution\Download\Install\Windows-KB890830-V4.19-delta.exe
PRC - [2013.04.01 19:48:00 | 000,091,232 | ---- | M] (Microsoft Corporation) -- c:\58104a8dd5ccdb2230\mrtstub.exe
PRC - [2012.11.30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.10.01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.08.09 01:49:08 | 001,263,024 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\Asus\HotkeyService\HotkeyService.exe
PRC - [2011.08.09 01:49:00 | 000,101,800 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\Asus\HotkeyService\HotKeyMon.exe
PRC - [2011.08.09 01:48:20 | 000,224,680 | ---- | M] () -- C:\Windows\System32\AsusService.exe
PRC - [2011.07.21 09:46:32 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011.07.20 14:10:10 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011.07.20 14:09:40 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011.07.13 09:38:14 | 001,095,080 | ---- | M] (AsusTek Computer Inc.) -- C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
PRC - [2011.07.12 22:06:24 | 000,045,448 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
PRC - [2011.06.16 03:37:58 | 000,100,992 | ---- | M] (ASUS) -- C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
PRC - [2011.06.03 00:11:06 | 000,064,128 | ---- | M] (ASUS) -- C:\Program Files\Common Files\InstantOn\InsOnSrv.exe
PRC - [2011.04.14 20:23:12 | 000,419,504 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\Asus\Eee Docking\Eee Docking.exe
PRC - [2011.03.25 17:55:16 | 000,091,464 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
PRC - [2011.02.25 20:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.27 03:15:08 | 000,413,112 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\Asus\SHE\SuperHybridEngine.exe
PRC - [2010.09.17 10:32:44 | 000,197,968 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
PRC - [2010.09.17 10:32:44 | 000,161,104 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
PRC - [2010.05.21 13:42:48 | 002,839,840 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2010.05.21 13:42:48 | 000,828,704 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2010.05.21 13:42:48 | 000,652,576 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

========== Modules (No Company Name) ==========

MOD - [2013.02.17 18:09:48 | 000,240,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll
MOD - [2013.02.17 18:07:37 | 001,670,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll
MOD - [2013.02.17 10:16:54 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013.02.17 10:16:23 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.01.13 13:18:32 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
MOD - [2013.01.11 19:00:07 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013.01.11 18:56:34 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.11 18:54:16 | 014,340,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5f3769db958cc666dc98cb7748a84ac9\PresentationFramework.ni.dll
MOD - [2013.01.11 18:52:51 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.11 18:52:44 | 012,237,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\45e239d35a2c14b841dd4ef2c186ff2f\PresentationCore.ni.dll
MOD - [2013.01.11 18:52:12 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.01.11 18:51:56 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.11 18:51:45 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.11 18:51:43 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.11 18:51:26 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2011.07.21 09:46:40 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2011.07.21 09:35:56 | 000,243,712 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011.07.12 22:06:24 | 000,045,448 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
MOD - [2011.03.15 00:21:10 | 000,016,384 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2011.02.16 19:01:29 | 000,237,568 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2011.02.16 19:01:29 | 000,106,496 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2011.02.16 19:01:28 | 000,204,800 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2010.11.13 03:54:29 | 000,425,984 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.11.13 03:54:19 | 000,303,104 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.09.02 13:08:00 | 000,118,784 | ---- | M] () -- C:\Program Files\Asus\ASUS WebStorage\3.0.102.211\AsusWSShellExt.dll
MOD - [2010.05.21 13:42:58 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV - [2013.03.19 22:26:44 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.03.13 18:18:06 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.20 23:54:11 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.10.01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.08.09 01:48:20 | 000,224,680 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService)
SRV - [2011.07.21 09:46:32 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011.07.20 14:09:40 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.06.03 00:11:06 | 000,064,128 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\Common Files\InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011.03.25 17:55:16 | 000,091,464 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
SRV - [2011.03.02 07:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.25 20:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010.09.17 10:32:44 | 000,161,104 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV - [2010.05.21 13:42:48 | 000,652,576 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Unknown] -- C:\ComboFix\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\MMA~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012.09.16 13:09:19 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.08.23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 16:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012.08.23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011.10.01 08:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011.10.01 08:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011.10.01 08:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011.10.01 08:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2011.07.20 16:39:22 | 007,811,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011.07.20 13:33:12 | 000,245,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.11.16 20:34:24 | 000,101,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010.11.04 12:52:50 | 000,064,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
DRV - [2010.11.04 12:52:50 | 000,032,384 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
DRV - [2010.09.27 09:23:58 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010.09.17 10:32:48 | 000,189,520 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2010.09.17 10:32:48 | 000,092,112 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2010.09.17 10:32:48 | 000,080,464 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2010.09.17 10:32:48 | 000,064,080 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2010.08.03 07:20:56 | 000,011,832 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2010.06.28 07:24:00 | 000,011,456 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2010.02.18 19:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009.07.20 11:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2005.11.03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-976265568-3136085713-4227130884-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com [binary data]
IE - HKU\S-1-5-21-976265568-3136085713-4227130884-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-976265568-3136085713-4227130884-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-976265568-3136085713-4227130884-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-976265568-3136085713-4227130884-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011.11.16 21:51:35 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://asus.msn.com/
CHR - Extension: Docs = C:\Users\Máma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Disk Google = C:\Users\Máma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\Máma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Máma\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Complitly plugin for chrome = C:\Users\Máma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\Máma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.13.20.29_0\
CHR - Extension: Skype Click to Call = C:\Users\Máma\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.7.0.12055_0\
CHR - Extension: Gmail = C:\Users\Máma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.04.11 22:14:31 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Martin\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Windows 7 Starter Helper) - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll (Oceanis)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.102.211\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [CapsHook] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()
O4 - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-976265568-3136085713-4227130884-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-976265568-3136085713-4227130884-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-976265568-3136085713-4227130884-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-976265568-3136085713-4227130884-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-976265568-3136085713-4227130884-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.20.60.18 62.240.171.139
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E30471E0-4FBE-4BDF-96E3-52BED66EA1BC}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9A4CDDE-023F-4DBA-A8EB-9AE7737843B0}: DhcpNameServer = 10.20.60.18 62.240.171.139
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\windows\System32\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.04.12 20:45:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Máma\Desktop\OTL.exe
[2013.04.11 22:21:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.04.11 22:20:53 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Local\temp
[2013.04.11 21:28:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013.04.11 21:28:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013.04.11 21:28:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013.04.11 21:27:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.04.11 21:27:00 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013.04.11 21:26:11 | 005,052,052 | R--- | C] (Swearware) -- C:\Users\Máma\Desktop\ComboFix.exe
[2013.04.11 21:20:58 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Máma\Desktop\WiNlOgOn.exe
[2013.04.11 21:20:58 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Máma\Desktop\uSeRiNiT.exe
[2013.04.11 21:20:58 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Máma\Desktop\rkill.exe
[2013.04.11 21:20:58 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Máma\Desktop\rkill.com
[2013.04.11 21:20:58 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Máma\Desktop\iExplore.exe
[2013.04.11 20:47:24 | 000,000,000 | ---D | C] -- C:\rsit
[2013.04.11 20:29:55 | 000,000,000 | ---D | C] -- C:\Users\Máma\Documents\Složka Bluetooth Exchange
[2013.04.11 20:29:55 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Local\Broadcom
[2013.04.11 20:29:36 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium
[2013.04.11 20:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Máma\AppData\Local\Temporary Internet Files
[2013.04.11 20:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Máma\Šablony
[2013.04.11 20:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Máma\Soubory cookie
[2013.04.11 20:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Máma\SendTo
[2013.04.11 20:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Máma\Poslední
[2013.04.11 20:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Máma\Okolní tiskárny
[2013.04.11 20:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Máma\Okolní síť
[2013.04.11 20:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Máma\Documents\Obrázky
[2013.04.11 20:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Máma\Nabídka Start
[2013.04.11 20:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Máma\Local Settings
[2013.04.11 20:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Máma\Documents\Hudba
[2013.04.11 20:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Máma\AppData\Local\History
[2013.04.11 20:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Máma\Documents\Filmy
[2013.04.11 20:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Máma\Dokumenty
[2013.04.11 20:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Máma\Data aplikací
[2013.04.11 20:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Máma\AppData\Local\Data aplikací
[2013.04.11 20:28:09 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Local\Google
[2013.04.11 20:28:09 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Local\ATI
[2013.04.11 20:28:09 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Local\ASUS
[2013.04.11 20:28:09 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Local\AMD
[2013.04.11 20:28:09 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Local\Adobe
[2013.04.11 20:28:08 | 000,000,000 | --SD | C] -- C:\Users\Máma\AppData\Roaming\Microsoft
[2013.04.11 20:28:08 | 000,000,000 | R--D | C] -- C:\Users\Máma\Videos
[2013.04.11 20:28:08 | 000,000,000 | R--D | C] -- C:\Users\Máma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.04.11 20:28:08 | 000,000,000 | R--D | C] -- C:\Users\Máma\Searches
[2013.04.11 20:28:08 | 000,000,000 | R--D | C] -- C:\Users\Máma\Saved Games
[2013.04.11 20:28:08 | 000,000,000 | R--D | C] -- C:\Users\Máma\Pictures
[2013.04.11 20:28:08 | 000,000,000 | R--D | C] -- C:\Users\Máma\Music
[2013.04.11 20:28:08 | 000,000,000 | R--D | C] -- C:\Users\Máma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.04.11 20:28:08 | 000,000,000 | R--D | C] -- C:\Users\Máma\Links
[2013.04.11 20:28:08 | 000,000,000 | R--D | C] -- C:\Users\Máma\Favorites
[2013.04.11 20:28:08 | 000,000,000 | R--D | C] -- C:\Users\Máma\Downloads
[2013.04.11 20:28:08 | 000,000,000 | R--D | C] -- C:\Users\Máma\Documents
[2013.04.11 20:28:08 | 000,000,000 | R--D | C] -- C:\Users\Máma\Desktop
[2013.04.11 20:28:08 | 000,000,000 | R--D | C] -- C:\Users\Máma\Contacts
[2013.04.11 20:28:08 | 000,000,000 | R--D | C] -- C:\Users\Máma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.04.11 20:28:08 | 000,000,000 | R--D | C] -- C:\Users\Máma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.04.11 20:28:08 | 000,000,000 | -H-D | C] -- C:\Users\Máma\AppData
[2013.04.11 20:28:08 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Local\Windows Live
[2013.04.11 20:28:08 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Local\Microsoft
[2013.04.11 20:28:08 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Roaming\Macromedia
[2013.04.11 20:28:08 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Roaming\InstallShield
[2013.04.11 20:28:08 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Roaming\Identities
[2013.04.11 20:28:08 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Game Park
[2013.04.11 20:28:08 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Roaming\E-Cam
[2013.04.11 20:28:08 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Roaming\ATI
[2013.04.11 20:28:08 | 000,000,000 | ---D | C] -- C:\Users\Máma\Documents\Asus WebStorage
[2013.04.11 20:28:08 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Roaming\ASUS WebStorage
[2013.04.11 20:28:08 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013.04.11 20:28:08 | 000,000,000 | ---D | C] -- C:\Users\Máma\AppData\Roaming\Adobe

========== Files - Modified Within 7 Days ==========

[2013.04.12 20:59:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.04.12 20:49:21 | 000,000,936 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.12 20:42:34 | 000,000,940 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.12 20:41:56 | 000,000,914 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.04.12 20:41:47 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.04.12 20:39:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Máma\Desktop\OTL.exe
[2013.04.11 22:14:31 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2013.04.11 21:23:48 | 005,052,052 | R--- | M] (Swearware) -- C:\Users\Máma\Desktop\ComboFix.exe
[2013.04.11 21:17:56 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Máma\Desktop\WiNlOgOn.exe
[2013.04.11 21:16:28 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Máma\Desktop\uSeRiNiT.exe
[2013.04.11 21:16:22 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Máma\Desktop\iExplore.exe
[2013.04.11 21:16:16 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Máma\Desktop\rkill.exe
[2013.04.11 21:15:42 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Máma\Desktop\rkill.com
[2013.04.11 20:49:16 | 000,650,886 | ---- | M] () -- C:\windows\System32\perfh005.dat
[2013.04.11 20:49:16 | 000,627,470 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013.04.11 20:49:16 | 000,129,024 | ---- | M] () -- C:\windows\System32\perfc005.dat
[2013.04.11 20:49:16 | 000,113,540 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013.04.11 20:41:10 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.11 20:41:10 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.11 20:33:53 | 000,002,201 | ---- | M] () -- C:\Users\Máma\Desktop\Google Chrome.lnk
[2013.04.11 20:31:41 | 589,393,920 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.11 20:29:36 | 000,001,441 | ---- | M] () -- C:\Users\Máma\Desktop\Trend Micro Titanium.lnk
[2013.04.11 20:28:16 | 000,000,644 | RHS- | M] () -- C:\Users\Máma\ntuser.pol
[2013.04.11 19:36:47 | 000,002,584 | ---- | M] () -- C:\ProgramData\f8oa.js

========== Files Created - No Company Name ==========

[2013.04.12 20:59:29 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.04.11 21:28:15 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013.04.11 21:28:15 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013.04.11 21:28:15 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013.04.11 21:28:15 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013.04.11 21:28:15 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013.04.11 20:29:35 | 000,001,441 | ---- | C] () -- C:\Users\Máma\Desktop\Trend Micro Titanium.lnk
[2013.04.11 20:29:22 | 000,001,393 | ---- | C] () -- C:\Users\Máma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.04.11 20:29:10 | 000,002,201 | ---- | C] () -- C:\Users\Máma\Desktop\Google Chrome.lnk
[2013.04.11 20:28:16 | 000,000,644 | RHS- | C] () -- C:\Users\Máma\ntuser.pol
[2013.04.11 19:36:47 | 000,002,584 | ---- | C] () -- C:\ProgramData\f8oa.js
[2012.12.19 23:29:14 | 000,675,879 | ---- | C] () -- C:\windows\Counter-Strike 1.6 Standalone Uninstaller.exe
[2012.10.08 12:48:35 | 000,000,287 | ---- | C] () -- C:\windows\game.ini
[2012.09.18 08:08:19 | 000,000,507 | ---- | C] () -- C:\windows\eReg.dat
[2012.09.05 13:03:17 | 000,005,576 | ---- | C] () -- C:\windows\Language.ini
[2011.11.16 21:26:46 | 000,224,680 | ---- | C] () -- C:\windows\System32\AsusService.exe
[2011.11.16 21:26:45 | 000,025,616 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini
[2011.11.16 21:23:07 | 000,011,832 | ---- | C] () -- C:\windows\System32\drivers\AsUpIO.sys
[2011.11.16 21:23:02 | 000,011,456 | ---- | C] () -- C:\windows\System32\drivers\AsIO.sys
[2011.11.16 21:22:40 | 000,000,873 | ---- | C] () -- C:\windows\Reboot.ini
[2011.11.16 21:21:46 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011.11.16 21:17:02 | 000,004,692 | ---- | C] () -- C:\windows\System32\drivers\SamSfPa.dat
[2011.11.16 21:17:02 | 000,000,008 | ---- | C] () -- C:\windows\System32\drivers\rtkhdaud.dat
[2011.11.07 11:05:16 | 000,003,929 | ---- | C] () -- C:\windows\System32\atipblag.dat
[2011.11.07 11:05:14 | 000,233,765 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2011.11.07 10:39:57 | 000,013,880 | ---- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys
[2011.07.21 10:21:00 | 000,059,904 | ---- | C] () -- C:\windows\System32\OVDecode.dll

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.11.16 21:47:59 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\ASUS WebStorage
[2011.11.16 21:24:49 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\E-Cam
[2011.11.16 21:47:59 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\ASUS WebStorage
[2011.11.16 21:24:49 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\E-Cam
[2012.12.13 00:41:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\.minecraft
[2012.09.05 19:37:17 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\.techniclauncher
[2011.09.22 13:03:41 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\1.8.1
[2011.11.16 21:47:59 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ASUS WebStorage
[2013.01.22 12:35:17 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Complitly
[2013.02.19 10:19:57 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
[2011.11.16 21:24:49 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\E-Cam
[2013.01.22 14:50:13 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ExpressFiles
[2012.09.27 10:01:50 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Kalydo
[2012.09.16 13:09:03 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\OpenCandy
[2012.12.06 11:16:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Opera
[2012.12.28 18:41:45 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Rovio
[2013.03.20 11:05:10 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\SoftGrid Client
[2012.10.13 14:00:46 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Spore
[2013.02.06 16:46:46 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\uTorrent
[2012.11.20 16:47:12 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Windows Live Writer
[2011.11.16 21:47:59 | 000,000,000 | ---D | M] -- C:\Users\Máma\AppData\Roaming\ASUS WebStorage
[2011.11.16 21:24:49 | 000,000,000 | ---D | M] -- C:\Users\Máma\AppData\Roaming\E-Cam
[2011.11.16 21:47:59 | 000,000,000 | ---D | M] -- C:\Users\Týna\AppData\Roaming\ASUS WebStorage
[2012.09.05 17:49:57 | 000,000,000 | ---D | M] -- C:\Users\Týna\AppData\Roaming\Babylon
[2011.11.16 21:24:49 | 000,000,000 | ---D | M] -- C:\Users\Týna\AppData\Roaming\E-Cam
[2013.03.08 00:11:29 | 000,000,000 | ---D | M] -- C:\Users\Týna\AppData\Roaming\Opera
[2012.10.06 21:21:19 | 000,000,000 | ---D | M] -- C:\Users\Týna\AppData\Roaming\PhotoFiltre 7
[2013.01.05 13:06:11 | 000,000,000 | ---D | M] -- C:\Users\Týna\AppData\Roaming\SoftGrid Client
[2012.09.18 19:30:55 | 000,000,000 | ---D | M] -- C:\Users\Týna\AppData\Roaming\TP
[2012.09.12 17:37:27 | 000,000,000 | ---D | M] -- C:\Users\Týna\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,566 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2012.11.28 13:23:36 | 000,000,936 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.11.28 13:23:40 | 000,000,940 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.12.06 12:32:51 | 000,000,914 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\erdnt\cache\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:12 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:12 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:12 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\erdnt\cache\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:29:54 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:54 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache\scecli.dll
[2010.11.20 14:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\erdnt\cache\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2012.08.22 19:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 07:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 14:30:14 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.01.04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\erdnt\cache\tcpip.sys
[2013.01.03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\System32\drivers\tcpip.sys
[2013.01.03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2012.08.22 19:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013.01.04 06:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011.06.21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2012.10.03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011.06.21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache\userinit.exe
[2010.11.20 14:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2013.04.11 21:16:28 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) MD5=ED0F04D5DE32FEC14E91D7DD9571580D -- C:\Users\Máma\Desktop\uSeRiNiT.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:17:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\erdnt\cache\winlogon.exe
[2010.11.20 14:17:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2013.04.11 21:17:56 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) MD5=ED0F04D5DE32FEC14E91D7DD9571580D -- C:\Users\Máma\Desktop\WiNlOgOn.exe

< >

< %systemroot%*.* /U /s >
[11 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\windows\System32\config\systemprofile\AppData\Local\SoftGrid Client\140066.CSY-90140011-66-405\*.tmp files -> C:\windows\System32\config\systemprofile\AppData\Local\SoftGrid Client\140066.CSY-90140011-66-405\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.11.16 21:53:25 | 000,000,000 | ---D | M] -- C:\Users\Máma\AppData\Roaming\Adobe
[2011.11.16 21:47:59 | 000,000,000 | ---D | M] -- C:\Users\Máma\AppData\Roaming\ASUS WebStorage
[2011.11.16 21:22:26 | 000,000,000 | ---D | M] -- C:\Users\Máma\AppData\Roaming\ATI
[2011.11.16 21:24:49 | 000,000,000 | ---D | M] -- C:\Users\Máma\AppData\Roaming\E-Cam
[2009.07.14 06:54:12 | 000,000,000 | ---D | M] -- C:\Users\Máma\AppData\Roaming\Identities
[2011.11.16 21:24:42 | 000,000,000 | ---D | M] -- C:\Users\Máma\AppData\Roaming\InstallShield
[2011.11.16 21:26:20 | 000,000,000 | ---D | M] -- C:\Users\Máma\AppData\Roaming\Macromedia
[2011.11.16 21:13:34 | 000,000,000 | --SD | M] -- C:\Users\Máma\AppData\Roaming\Microsoft

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.04.12 22:16:02 | 000,000,914 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013.04.12 20:49:21 | 000,000,936 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.04.12 22:34:06 | 000,000,940 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.04.11 20:41:10 | 000,009,696 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.11 20:41:10 | 000,009,696 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.12 20:45:03 | 070,490,256 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\MRT.exe
[2013.04.11 20:49:16 | 000,129,024 | ---- | M] () -- C:\windows\system32\perfc005.dat
[2013.04.11 20:49:16 | 000,113,540 | ---- | M] () -- C:\windows\system32\perfc009.dat
[2013.04.11 20:49:16 | 000,650,886 | ---- | M] () -- C:\windows\system32\perfh005.dat
[2013.04.11 20:49:16 | 000,627,470 | ---- | M] () -- C:\windows\system32\perfh009.dat
[2013.04.11 20:49:16 | 001,516,656 | ---- | M] () -- C:\windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:17:42 | 001,174,016 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.02.02 06:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=DDE5A0DFAF7C6370FB36402D7A746ED3 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012.12.06 11:16:30 | 000,878,480 | ---- | M] (Opera Software) MD5=E96462DD021F65D61D3F97056C3EF236 -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.04.09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) MD5=4E9592BB2C100E571F82640E59E9ECD5 -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.04.12 20:59:29 | 000,000,512 | ---- | M] () MD5=43C53BDF07764B1F4B44794CCF6F4A16 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.08.12 14:21:56 | 000,617,969 | ---- | M] () -- \Users\Martin\AppData\Roaming\.techniclauncher\tekkit_launcher_cracked.exe
[2012.06.24 06:01:48 | 000,568,305 | ---- | M] () -- \Users\Martin\AppData\Roaming\.techniclauncher\tekkit_launcher_cracked.jar
[2013.01.16 14:37:18 | 000,000,776 | ---- | M] () -- \Users\Martin\AppData\Roaming\Microsoft\Windows\Recent\Crack.lnk
[2012.10.07 10:19:57 | 011,291,838 | ---- | M] () -- \Users\Martin\Desktop\Flux Pavilion Remixes SSCh DUBSTEP 320 (1012, v1)\04 Flux Pavilion - Cracks.mp3
[2012.10.07 10:19:57 | 011,291,838 | ---- | M] () -- \Users\Týna\Music\dubstep\04 Flux Pavilion - Cracks.mp3

< *keygen* /s >
[2013.01.22 12:30:38 | 000,003,072 | ---- | M] () -- \Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_freekeygens2011.blogspot.cz_0.localstorage
[2013.01.22 12:30:38 | 000,003,608 | ---- | M] () -- \Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_freekeygens2011.blogspot.cz_0.localstorage-journal
[2013.01.22 15:10:16 | 000,003,072 | ---- | M] () -- \Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_keygen-0day.ws_0.localstorage
[2013.01.22 15:10:16 | 000,003,608 | ---- | M] () -- \Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_keygen-0day.ws_0.localstorage-journal
[2012.12.31 11:11:06 | 000,000,693 | ---- | M] () -- \Users\Martin\AppData\Roaming\Microsoft\Windows\Recent\Angry Birds Star Wars Keygen.lnk
[2012.12.31 11:11:26 | 000,293,449 | ---- | M] () -- \Users\Martin\Desktop\other\Angry Birds Star Wars Keygen.rar

< *loader* /s >
[2010.09.01 10:49:08 | 000,014,666 | ---- | M] () -- \Program Files\Asus\ASUS WebStorage\3.0.102.211\panel\assets\images\uploader_photo.png
[2010.09.14 09:15:20 | 000,000,946 | ---- | M] () -- \Program Files\Asus\ASUS WebStorage\3.0.102.211\panel\assets\images\uploader_title.png
[2011.02.25 20:46:24 | 000,005,987 | ---- | M] () -- \Program Files\Microsoft\BingBar\scripts\io\downloader.js
[2010.09.17 10:32:50 | 000,024,160 | ---- | M] () -- \Program Files\Trend Micro\AMSP\utilGenericLoader.dll
[2010.09.30 18:56:42 | 000,003,671 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\DA-DK\loader.html
[2010.09.30 18:56:44 | 000,003,709 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\DE-DE\loader.html
[2010.09.30 18:56:42 | 000,003,664 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\EN-US\loader.html
[2010.09.30 18:56:44 | 000,003,657 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\ES-ES\loader.html
[2010.09.30 18:56:46 | 000,003,673 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\FR-CA\loader.html
[2010.09.30 18:56:46 | 000,003,673 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\FR-FR\loader.html
[2010.09.30 18:56:46 | 000,003,692 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\IT-IT\loader.html
[2010.09.30 18:56:48 | 000,003,730 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\JA-JP\loader.html
[2010.09.30 18:56:48 | 000,003,711 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\KO-KR\loader.html
[2010.09.30 18:56:50 | 000,003,677 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\NB-NO\loader.html
[2010.09.30 18:56:50 | 000,003,670 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\NL-NL\loader.html
[2010.09.30 18:56:50 | 000,003,679 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\PT-BR\loader.html
[2010.09.30 18:56:52 | 000,003,762 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\RU-RU\loader.html
[2010.09.30 18:56:52 | 000,003,670 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\SV-SE\loader.html
[2010.09.30 18:56:52 | 000,003,682 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\TR-TR\loader.html
[2010.09.30 18:56:54 | 000,003,650 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\ZH-CN\loader.html
[2010.09.30 18:56:54 | 000,003,650 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\ZH-TW\loader.html

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu