Zavirované PC - kontrola logu

Zpráva

tapír · #1 Příspěvek od **tapír** » 16 říj 2013 19:04

Dobrý večer, dostalo se mi do ruky pc mojí švagrové. Odstranil jsem viry avastem, pročistil cccleanerem a zaktualizoval. Ale určitě tam toho bude víc k dočištění. Prosím o kontrolu logu a předem děkuji za pomoc.

Log zde:

Logfile of random's system information tool 1.08 (written by random/random)
Run by PCNET at 2013-10-16 19:50:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 55 GB (46%) free of 119 GB
Total RAM: 4095 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:50:24, on 16.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\PCNET.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [EPSON SX125 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE /FU "C:\Windows\TEMP\E_S1850.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [SRS Premium Sound] "C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" /hideme
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MI068C~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MI068C~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1422F382-5C0D-4A99-BCAE-0964E1C5EBF4}: NameServer = 192.168.168.1,192.168.168.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{1422F382-5C0D-4A99-BCAE-0964E1C5EBF4}: NameServer = 192.168.168.1,192.168.168.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{1422F382-5C0D-4A99-BCAE-0964E1C5EBF4}: NameServer = 192.168.168.1,192.168.168.3
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveSystemServices.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11778 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE"
"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
atieclxx
"taskhost.exe"
taskeng.exe {110324FF-A187-40B5-9CC1-663EAA942AAA}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" /hideme
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5924 CREDAT:267521 /prefetch:2
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe -Embedding
taskeng.exe {A3FED3B8-CA57-4A47-8B85-65EFDA512647}
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\AUDIODG.EXE 0x2dc
"C:\Users\PCNET\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for PCNET.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED663}]
avast! Ad Blocker - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker64.dll [2013-02-18 1842544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-03-06 540328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-16 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-16 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED663}]
avast! Ad Blocker - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll [2013-02-18 1366720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON SX125 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [2009-09-14 224768]
"T-Mobile Communication Centre"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2011-10-27 1363984]
"SRS Premium Sound"=C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe [2009-07-10 3754232]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-06-26 98304]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
""= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-10-16 19:50:13 ----D---- C:\rsit
2013-10-16 19:50:13 ----D---- C:\Program Files\trend micro
2013-10-16 19:05:42 ----D---- C:\Program Files (x86)\AVAST Software
2013-10-16 18:55:53 ----D---- C:\Program Files (x86)\GUM1EB8.tmp
2013-10-16 18:55:53 ----A---- C:\Program Files (x86)\GUT1EB9.tmp
2013-10-16 03:28:17 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-10-16 03:28:17 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-10-16 03:28:17 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-10-16 03:28:17 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-10-16 03:28:17 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-10-16 03:28:17 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-10-16 03:28:16 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-10-16 03:03:22 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-16 03:03:21 ----A---- C:\Windows\system32\ieui.dll
2013-10-16 03:03:19 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-16 03:03:18 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-16 03:03:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-16 03:03:18 ----A---- C:\Windows\system32\iesetup.dll
2013-10-16 03:03:18 ----A---- C:\Windows\system32\iernonce.dll
2013-10-16 03:03:17 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-16 03:03:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-16 03:03:17 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-16 03:03:17 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-16 03:03:17 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-16 03:03:15 ----A---- C:\Windows\system32\iertutil.dll
2013-10-16 03:03:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-16 03:03:12 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-16 03:03:11 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-16 03:03:11 ----A---- C:\Windows\system32\jscript.dll
2013-10-16 03:03:09 ----A---- C:\Windows\system32\jscript9.dll
2013-10-16 03:03:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-16 03:03:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-16 03:03:05 ----A---- C:\Windows\system32\urlmon.dll
2013-10-16 03:03:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-16 03:03:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-16 03:03:02 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-16 03:03:00 ----A---- C:\Windows\system32\wininet.dll
2013-10-16 03:02:59 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-16 03:02:56 ----A---- C:\Windows\system32\ieframe.dll
2013-10-16 03:02:53 ----A---- C:\Windows\system32\mshtml.dll
2013-10-16 03:02:48 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-16 02:34:45 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-10-16 02:34:35 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-10-16 02:34:35 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-10-16 02:34:35 ----A---- C:\Windows\SYSWOW64\java.exe
2013-10-16 02:27:47 ----A---- C:\Windows\SYSWOW64\RENACA5.tmp
2013-10-16 02:27:47 ----A---- C:\Windows\SYSWOW64\RENACA4.tmp
2013-10-16 02:27:47 ----A---- C:\Windows\SYSWOW64\RENAC93.tmp
2013-10-16 02:04:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-16 02:00:34 ----D---- C:\ProgramData\Oracle
2013-10-16 02:00:22 ----A---- C:\Windows\SYSWOW64\REN7C93.tmp
2013-10-16 02:00:22 ----A---- C:\Windows\SYSWOW64\REN7C92.tmp
2013-10-15 22:34:54 ----A---- C:\Windows\system32\comctl32.dll
2013-10-15 22:34:53 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-15 22:33:27 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-15 22:33:27 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-15 22:33:27 ----A---- C:\Windows\system32\lpk.dll
2013-10-15 22:33:27 ----A---- C:\Windows\system32\dciman32.dll
2013-10-15 22:33:27 ----A---- C:\Windows\system32\atmfd.dll
2013-10-15 22:33:26 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-15 22:33:14 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-15 22:32:30 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-15 22:32:30 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-15 22:32:30 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2013-10-15 22:32:02 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-15 22:32:02 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-15 22:32:02 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-15 22:31:34 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-15 22:31:34 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-15 22:31:34 ----A---- C:\Windows\system32\davclnt.dll
2013-10-15 22:31:13 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-15 22:31:12 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-15 22:31:12 ----A---- C:\Windows\system32\mswsock.dll
2013-10-15 22:31:12 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-15 22:30:48 ----A---- C:\Windows\system32\win32k.sys
2013-10-15 22:29:57 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-15 22:29:56 ----A---- C:\Windows\system32\advapi32.dll
2013-10-15 22:29:54 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-15 22:29:53 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-15 22:29:53 ----A---- C:\Windows\system32\tdh.dll
2013-10-15 22:29:52 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-10-15 22:29:51 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-15 22:29:51 ----A---- C:\Windows\system32\wow64.dll
2013-10-15 22:29:51 ----A---- C:\Windows\system32\ntdll.dll
2013-10-15 22:29:48 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-15 22:29:48 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-15 22:29:48 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-15 22:29:48 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-15 22:29:48 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-15 22:29:48 ----A---- C:\Windows\system32\wow64win.dll
2013-10-15 22:29:48 ----A---- C:\Windows\system32\wow64cpu.dll
2013-10-15 22:29:48 ----A---- C:\Windows\system32\ntvdm64.dll
2013-10-15 22:27:11 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-15 22:27:11 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-15 22:26:33 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-15 22:25:57 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-15 19:43:22 ----D---- C:\Users\PCNET\AppData\Roaming\Apple Computer
2013-10-09 19:16:47 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-09 19:16:47 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-09 19:16:47 ----A---- C:\Windows\system32\fontsub.dll
2013-10-09 19:16:47 ----A---- C:\Windows\system32\atmlib.dll
2013-10-09 19:16:40 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-09 19:16:39 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-09 19:16:27 ----A---- C:\Windows\SYSWOW64\advapi32.dll

======List of files/folders modified in the last 1 months======

2013-10-16 19:50:18 ----D---- C:\Windows\Temp
2013-10-16 19:50:13 ----RD---- C:\Program Files
2013-10-16 19:36:32 ----D---- C:\Windows\system32\config
2013-10-16 19:27:23 ----SHD---- C:\Windows\Installer
2013-10-16 19:27:21 ----SHD---- C:\Config.Msi
2013-10-16 19:26:44 ----D---- C:\ProgramData\Microsoft Help
2013-10-16 19:25:00 ----D---- C:\Program Files (x86)\Microsoft Office
2013-10-16 19:16:27 ----D---- C:\Windows\ShellNew
2013-10-16 19:16:07 ----A---- C:\Windows\win.ini
2013-10-16 19:11:58 ----SHD---- C:\System Volume Information
2013-10-16 19:09:20 ----D---- C:\Windows\debug
2013-10-16 19:09:20 ----D---- C:\Windows
2013-10-16 19:05:42 ----RD---- C:\Program Files (x86)
2013-10-16 19:03:26 ----D---- C:\Windows\system32\Tasks
2013-10-16 19:01:52 ----D---- C:\Windows\winsxs
2013-10-16 18:56:42 ----D---- C:\Windows\system32\DriverStore
2013-10-16 18:56:40 ----D---- C:\Windows\system32\drivers
2013-10-16 07:32:47 ----D---- C:\Windows\system32\wfp
2013-10-16 07:32:47 ----D---- C:\Windows\system32\wbem
2013-10-16 07:32:43 ----D---- C:\ProgramData\P4G
2013-10-16 07:32:38 ----D---- C:\Windows\system32\drivers\NSSx64
2013-10-16 07:32:38 ----D---- C:\Windows\system32\CodeIntegrity
2013-10-16 07:32:28 ----D---- C:\Windows\AppCompat
2013-10-16 07:32:08 ----D---- C:\ProgramData\Norton
2013-10-16 07:32:08 ----D---- C:\ProgramData\IObit
2013-10-16 07:32:06 ----D---- C:\Program Files\Google
2013-10-16 07:32:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-10-16 07:32:05 ----D---- C:\Program Files (x86)\NortonInstaller
2013-10-16 07:32:05 ----D---- C:\Program Files (x86)\Norton Security Scan
2013-10-16 07:32:01 ----D---- C:\Program Files (x86)\IObit
2013-10-16 07:31:58 ----D---- C:\Program Files (x86)\Ask.com
2013-10-16 07:31:11 ----D---- C:\Windows\registration
2013-10-16 07:25:50 ----D---- C:\ProgramData\Real
2013-10-16 04:22:50 ----D---- C:\Windows\rescache
2013-10-16 03:50:53 ----D---- C:\Windows\Microsoft.NET
2013-10-16 03:50:52 ----RSD---- C:\Windows\assembly
2013-10-16 03:23:19 ----D---- C:\Windows\system32\catroot
2013-10-16 03:23:17 ----D---- C:\Windows\system32\catroot2
2013-10-16 03:22:18 ----D---- C:\Windows\System32
2013-10-16 03:22:18 ----D---- C:\Windows\inf
2013-10-16 03:22:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-16 03:13:34 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-16 03:13:30 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-16 03:09:58 ----D---- C:\Windows\SysWOW64
2013-10-16 03:09:53 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-16 03:09:49 ----D---- C:\Program Files\Internet Explorer
2013-10-16 03:09:37 ----D---- C:\Windows\AppPatch
2013-10-16 02:49:41 ----D---- C:\Windows\system32\MRT
2013-10-16 02:47:07 ----A---- C:\Windows\system32\MRT.exe
2013-10-16 02:38:18 ----D---- C:\Windows\system32\cs-CZ
2013-10-16 02:35:21 ----D---- C:\Program Files (x86)\Common Files
2013-10-16 02:28:16 ----D---- C:\Program Files (x86)\Java
2013-10-16 02:16:41 ----A---- C:\Windows\system32\ServiceFilter.ini
2013-10-16 02:14:05 ----D---- C:\Program Files (x86)\Google
2013-10-16 02:12:50 ----D---- C:\ProgramData\DivX
2013-10-16 02:12:47 ----D---- C:\Program Files\DivX
2013-10-16 02:12:46 ----D---- C:\Program Files (x86)\DivX
2013-10-16 02:04:34 ----D---- C:\Windows\Tasks
2013-10-16 02:02:49 ----D---- C:\Program Files (x86)\Adobe
2013-10-16 02:00:34 ----HD---- C:\ProgramData
2013-10-16 01:45:53 ----D---- C:\ProgramData\Google
2013-10-16 01:42:40 ----D---- C:\Windows\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-10-22 35384]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-28 189936]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-05-09 22600]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-28 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-28 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-06-26 6036480]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-23 215040]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\Windows\system32\drivers\srs_PremiumSound_amd64.sys [2009-05-18 343592]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-06-05 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 7168]
S3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2010-02-22 11776]
S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2012-07-05 33224]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-07-05 21904]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2010-03-02 121344]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2010-03-02 121344]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2010-03-02 121344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-06-26 203264]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-06-24 123120]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-03-06 39056]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 SRS_VolSync_Service;SRS Volume Sync Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-07-10 128224]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-01-15 465216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15 136176]
S2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-16 257416]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15 136176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-28 1255736]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 16 říj 2013 19:06

Zdravim

Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.

Utilitu spustte a prikazte ji, at skenuje - klik na Scan
Kliknutim na Save log ulozte log aswMBR na plochu
Obsah logu aswMBR mi sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

tapír · #3 Příspěvek od **tapír** » 16 říj 2013 19:43

log:

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-10-16 20:17:06
-----------------------------
20:17:06.330 OS Version: Windows x64 6.1.7601 Service Pack 1
20:17:06.330 Number of processors: 2 586 0x301
20:17:06.330 ComputerName: PCNET-PC UserName: PCNET
20:17:07.719 Initialize success
20:17:07.922 AVAST engine defs: 13101600
20:17:11.307 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000069
20:17:11.307 Disk 0 Vendor: ST950032 0002 Size: 476940MB BusType: 11
20:17:11.478 Disk 0 MBR read successfully
20:17:11.478 Disk 0 MBR scan
20:17:11.478 Disk 0 Windows VISTA default MBR code
20:17:11.494 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 14998 MB offset 2048
20:17:11.510 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119231 MB offset 30717952
20:17:11.525 Disk 0 Partition - 00 0F Extended LBA 342706 MB offset 274904280
20:17:11.556 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 342706 MB offset 274904343
20:17:11.681 Disk 0 scanning C:\Windows\system32\drivers
20:17:25.113 Service scanning
20:17:48.747 Modules scanning
20:17:48.747 Disk 0 trace - called modules:
20:17:48.809 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
20:17:48.825 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800408e330]
20:17:48.825 3 CLASSPNP.SYS[fffff8800190643f] -> nt!IofCallDriver -> [0xfffffa8004082b60]
20:17:48.840 5 amdxata.sys[fffff8800108e917] -> nt!IofCallDriver -> \Device\00000069[0xfffffa800407e060]
20:17:49.418 AVAST engine scan C:\Windows
20:17:51.180 AVAST engine scan C:\Windows\system32
20:21:15.853 AVAST engine scan C:\Windows\system32\drivers
20:21:31.703 AVAST engine scan C:\Users\PCNET
20:25:43.753 AVAST engine scan C:\ProgramData
20:25:56.170 File: C:\ProgramData\f6jigqmz8.plz **INFECTED** Win32:Rootkit-gen [Rtk]
20:27:16.464 Scan finished successfully
20:27:31.143 Disk 0 MBR has been saved successfully to "C:\Users\PCNET\Desktop\MBR.dat"
20:27:31.143 The log file has been saved successfully to "C:\Users\PCNET\Desktop\aswMBR.txt"

log:
# AdwCleaner v3.007 - Report created 16/10/2013 at 20:32:49
# Updated 09/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : PCNET - PCNET-PC
# Running from : C:\Users\PCNET\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Users\PCNET\AppData\Local\apn
Folder Deleted : C:\Users\PCNET\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\PCNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

-\\ Google Chrome v30.0.1599.69

[ File : C:\Users\PCNET\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [3289 octets] - [16/10/2013 20:30:32]
AdwCleaner[S0].txt - [3034 octets] - [16/10/2013 20:32:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3094 octets] ##########

#4 Příspěvek od **vyosek** » 16 říj 2013 19:52

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

Ulozte nejlepe na Plochu a rozbalte
Spustte kliknutim na mbanr
Nyni postupne kliknete na Next a Update
Po dokonceni update (aktualizace) databaze kliknete opet na Next
Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
PC bude restartovan
Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

tapír · #5 Příspěvek od **tapír** » 16 říj 2013 20:47

log:
Malwarebytes Anti-Rootkit BETA 1.07.0.1007
www.malwarebytes.org

Database version: v2013.10.16.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
PCNET :: PCNET-PC [administrator]

16.10.2013 21:03:45
mbar-log-2013-10-16 (21-03-45).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 223706
Time elapsed: 25 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\ProgramData\8zmqgij6f.pzz (Trojan.FakeMS) -> Delete on reboot.
C:\ProgramData\f6jigqmz8.plz (Trojan.Ransom.ED) -> Delete on reboot.
C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

#6 Příspěvek od **vyosek** » 17 říj 2013 06:12

Poprosim o FRSTL http://forum.viry.cz/viewtopic.php?f=13&t=133100

tapír · #7 Příspěvek od **tapír** » 17 říj 2013 18:55

LOG:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by PCNET (administrator) on PCNET-PC on 17-10-2013 19:47:23
Running from C:\Users\PCNET\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\PCNET\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [619392 2009-06-12] (ELAN Microelectronic Corp.)
HKCU\...\Run: [EPSON SX125 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE /FU "C:\Windows\TEMP\E_S1850.tmp" /EF "HKCU"
HKCU\...\Run: [T-Mobile Communication Centre] - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [1363984 2011-10-27] (Gemfor s.r.o.)
MountPoints2: F - F:\Autorun.exe
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-06-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2244096 2009-07-13] (VIA)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker64.dll (AVAST Software)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
BHO-x32: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll (AVAST Software)
Toolbar: HKLM-x32 - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 213.250.192.1 213.250.194.1
Tcpip\..\Interfaces\{1422F382-5C0D-4A99-BCAE-0964E1C5EBF4}: [NameServer]192.168.168.1,192.168.168.3

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (avast! Ad Blocker) - C:\Users\PCNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd\8.0_0
CHR Extension: (avast! Online Security) - C:\Users\PCNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_1
CHR Extension: (RealDownloader) - C:\Users\PCNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\PCNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [465216 2013-01-15] (IObit)
R2 ameisvc; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [123120 2011-06-24] (Gemfor s.r.o.)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [821592 2012-01-09] (IObit)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()
R2 SRS_VolSync_Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [128224 2009-07-10] (SRS Labs, Inc.)

==================== Drivers (Whitelisted) ====================

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-28] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-28] ()
S3 CRFILTER; C:\Windows\System32\DRIVERS\CRFILTER.sys [7168 2008-04-07] (Generic)
S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [21384 2012-01-05] (IObit)
S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [21384 2012-01-05] (IObit)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [33224 2012-07-05] (IObit.com)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [33224 2012-07-05] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
R3 SRS_PremiumSound_Service; C:\Windows\System32\drivers\srs_PremiumSound_amd64.sys [343592 2009-05-18] ()
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [21904 2012-07-05] (IObit.com)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [21904 2012-07-05] (IObit.com)
U3 tmlwf;
U3 tmwfp;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-10-17 19:47 - 2013-10-17 19:47 - 00000000 ____D C:\FRST
2013-10-17 19:46 - 2013-10-17 19:46 - 00029696 _____ C:\Users\PCNET\AppData\Local\MSGBOX.EXE
2013-10-17 19:46 - 2013-10-17 19:46 - 00015327 _____ C:\Users\PCNET\Desktop\LM.bat
2013-10-17 19:44 - 2013-10-17 19:44 - 00112128 _____ (forum.viry.cz) C:\Users\PCNET\Desktop\FRSTLauncher.exe
2013-10-17 19:42 - 2013-10-17 19:42 - 01954124 _____ (Farbar) C:\Users\PCNET\Desktop\FRST64.exe
2013-10-17 19:31 - 2013-10-17 19:31 - 00003340 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-697189380-1924570765-1686535721-1000
2013-10-17 19:27 - 2013-10-17 19:27 - 00000056 _____ C:\Windows\setupact.log
2013-10-17 19:27 - 2013-10-17 19:27 - 00000000 _____ C:\Windows\setuperr.log
2013-10-16 22:23 - 2013-10-16 22:23 - 00000000 ____D C:\Users\PCNET\AppData\Local\Seven Zip
2013-10-16 21:03 - 2013-10-16 21:03 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-10-16 21:03 - 2013-10-16 21:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-16 21:02 - 2013-10-16 21:31 - 00000000 ____D C:\Users\PCNET\Desktop\mbar
2013-10-16 21:02 - 2013-10-16 21:02 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-16 21:01 - 2013-10-16 21:02 - 12576792 _____ (Malwarebytes Corp.) C:\Users\PCNET\Desktop\mbar-1.07.0.1007.exe
2013-10-16 20:29 - 2013-10-16 20:32 - 00000000 ____D C:\AdwCleaner
2013-10-16 20:29 - 2013-10-16 20:29 - 01048960 _____ C:\Users\PCNET\Desktop\adwcleaner.exe
2013-10-16 20:27 - 2013-10-16 20:27 - 00002189 _____ C:\Users\PCNET\Desktop\aswMBR.txt
2013-10-16 20:27 - 2013-10-16 20:27 - 00000512 _____ C:\Users\PCNET\Desktop\MBR.dat
2013-10-16 20:16 - 2013-10-16 20:17 - 04745728 _____ (AVAST Software) C:\Users\PCNET\Desktop\aswMBR.exe
2013-10-16 19:50 - 2013-10-16 19:50 - 00000000 ____D C:\rsit
2013-10-16 19:50 - 2013-10-16 19:50 - 00000000 ____D C:\Program Files\trend micro
2013-10-16 19:49 - 2013-10-16 19:49 - 00832273 _____ C:\Users\PCNET\Downloads\RSITx64.exe
2013-10-16 19:05 - 2013-10-16 19:05 - 00000000 ____D C:\Program Files (x86)\AVAST Software
2013-10-16 18:55 - 2013-10-16 18:56 - 00000000 ____D C:\Program Files (x86)\GUM1EB8.tmp
2013-10-16 18:55 - 2013-10-16 18:55 - 50053120 _____ C:\Program Files (x86)\GUT1EB9.tmp
2013-10-16 03:28 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-16 03:28 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-16 03:28 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-16 03:28 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-16 03:28 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-16 03:28 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-16 03:28 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-16 03:03 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-16 03:03 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-16 03:03 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-16 03:03 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-16 03:03 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-16 03:03 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-16 03:03 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-16 03:03 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-16 03:03 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-16 03:03 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-16 03:03 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-16 03:03 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-16 03:03 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-16 03:03 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-16 03:03 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-16 03:03 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-16 03:03 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-16 03:03 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-16 03:03 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-16 03:03 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-16 03:03 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-16 03:03 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-16 03:03 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-16 03:03 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-16 03:03 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-16 03:03 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-16 03:03 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-16 03:02 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-16 03:02 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-16 03:02 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-16 03:02 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-16 02:54 - 2013-10-16 02:54 - 00000017 _____ C:\Users\PCNET\AppData\Local\resmon.resmoncfg
2013-10-16 02:34 - 2013-10-16 02:34 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-16 02:34 - 2013-10-16 02:34 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-16 02:34 - 2013-10-16 02:34 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-16 02:34 - 2013-10-16 02:34 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-16 02:27 - 2013-10-16 02:27 - 00000000 _____ C:\Windows\SysWOW64\RENACA5.tmp
2013-10-16 02:27 - 2013-10-16 02:27 - 00000000 _____ C:\Windows\SysWOW64\RENACA4.tmp
2013-10-16 02:27 - 2013-10-16 02:27 - 00000000 _____ C:\Windows\SysWOW64\RENAC93.tmp
2013-10-16 02:04 - 2013-10-17 19:48 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-16 02:04 - 2013-10-16 02:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-16 02:04 - 2013-10-16 02:04 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-16 02:02 - 2013-10-16 02:02 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-10-16 02:02 - 2013-10-16 02:02 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-10-16 02:00 - 2013-10-16 02:35 - 00000000 ____D C:\ProgramData\Oracle
2013-10-16 02:00 - 2013-10-16 02:00 - 00000139 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-16 02:00 - 2013-10-16 02:00 - 00000000 _____ C:\Windows\SysWOW64\REN7C93.tmp
2013-10-16 02:00 - 2013-10-16 02:00 - 00000000 _____ C:\Windows\SysWOW64\REN7C92.tmp
2013-10-15 22:34 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-15 22:34 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-15 22:33 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-15 22:33 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-15 22:33 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-15 22:33 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-15 22:33 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-15 22:33 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-15 22:33 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-15 22:32 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-15 22:32 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-15 22:32 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-15 22:32 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-15 22:32 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-15 22:32 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-15 22:31 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-15 22:31 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-15 22:31 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-15 22:31 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-15 22:31 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-15 22:31 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-15 22:31 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-15 22:30 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-15 22:29 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-15 22:29 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-15 22:29 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-15 22:29 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-15 22:29 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-15 22:29 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-15 22:29 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-15 22:29 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-15 22:29 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-15 22:29 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-15 22:29 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-15 22:29 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-15 22:29 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-15 22:29 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-15 22:29 - 2012-11-30 07:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-10-15 22:29 - 2012-11-30 07:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-10-15 22:29 - 2012-11-30 07:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-10-15 22:27 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-15 22:27 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-15 22:26 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-15 22:25 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-15 19:56 - 2013-10-16 02:40 - 00000000 ___RD C:\Users\PCNET\Desktop\stará plocha
2013-10-15 19:43 - 2013-10-15 19:43 - 00000000 ____D C:\Users\PCNET\AppData\Roaming\Apple Computer
2013-10-14 14:38 - 2013-10-15 20:39 - 95025368 ____T C:\ProgramData\8zmqgij6f.pff
2013-10-14 14:38 - 2013-10-15 20:39 - 00000000 _____ C:\ProgramData\8zmqgij6f.ctrl
2013-10-09 19:16 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-09 19:16 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-09 19:16 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-09 19:16 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 19:16 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 19:16 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-09 19:16 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-07 18:12 - 2013-10-17 19:32 - 00003206 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-697189380-1924570765-1686535721-1000

==================== One Month Modified Files and Folders =======

2013-10-17 19:48 - 2013-10-16 02:04 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-17 19:47 - 2013-10-17 19:47 - 00000000 ____D C:\FRST
2013-10-17 19:46 - 2013-10-17 19:46 - 00029696 _____ C:\Users\PCNET\AppData\Local\MSGBOX.EXE
2013-10-17 19:46 - 2013-10-17 19:46 - 00015327 _____ C:\Users\PCNET\Desktop\LM.bat
2013-10-17 19:44 - 2013-10-17 19:44 - 00112128 _____ (forum.viry.cz) C:\Users\PCNET\Desktop\FRSTLauncher.exe
2013-10-17 19:44 - 2011-02-15 19:21 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-17 19:42 - 2013-10-17 19:42 - 01954124 _____ (Farbar) C:\Users\PCNET\Desktop\FRST64.exe
2013-10-17 19:39 - 2009-10-22 22:32 - 01088000 _____ C:\Windows\WindowsUpdate.log
2013-10-17 19:37 - 2009-07-14 06:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-17 19:37 - 2009-07-14 06:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-17 19:33 - 2009-08-03 22:00 - 00631526 _____ C:\Windows\system32\perfh005.dat
2013-10-17 19:33 - 2009-08-03 22:00 - 00122148 _____ C:\Windows\system32\perfc005.dat
2013-10-17 19:33 - 2009-07-14 07:13 - 00760932 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-17 19:32 - 2013-10-07 18:12 - 00003206 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-697189380-1924570765-1686535721-1000
2013-10-17 19:31 - 2013-10-17 19:31 - 00003340 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-697189380-1924570765-1686535721-1000
2013-10-17 19:29 - 2011-02-15 19:21 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-17 19:27 - 2013-10-17 19:27 - 00000056 _____ C:\Windows\setupact.log
2013-10-17 19:27 - 2013-10-17 19:27 - 00000000 _____ C:\Windows\setuperr.log
2013-10-17 19:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-16 22:46 - 2009-12-08 12:42 - 00107264 _____ C:\Users\PCNET\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-16 22:43 - 2009-07-14 06:45 - 00411832 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-16 22:40 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-16 22:39 - 2010-09-24 07:04 - 00000000 ____D C:\Users\PCNET\AppData\Roaming\SoftGrid Client
2013-10-16 22:35 - 2009-10-22 22:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-16 22:34 - 2009-07-14 09:45 - 00000000 ____D C:\Windows\ShellNew
2013-10-16 22:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-10-16 22:30 - 2009-10-22 22:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-16 22:23 - 2013-10-16 22:23 - 00000000 ____D C:\Users\PCNET\AppData\Local\Seven Zip
2013-10-16 21:35 - 2013-02-18 17:14 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-16 21:31 - 2013-10-16 21:02 - 00000000 ____D C:\Users\PCNET\Desktop\mbar
2013-10-16 21:03 - 2013-10-16 21:03 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-10-16 21:03 - 2013-10-16 21:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-16 21:02 - 2013-10-16 21:02 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-16 21:02 - 2013-10-16 21:01 - 12576792 _____ (Malwarebytes Corp.) C:\Users\PCNET\Desktop\mbar-1.07.0.1007.exe
2013-10-16 20:32 - 2013-10-16 20:29 - 00000000 ____D C:\AdwCleaner
2013-10-16 20:29 - 2013-10-16 20:29 - 01048960 _____ C:\Users\PCNET\Desktop\adwcleaner.exe
2013-10-16 20:27 - 2013-10-16 20:27 - 00002189 _____ C:\Users\PCNET\Desktop\aswMBR.txt
2013-10-16 20:27 - 2013-10-16 20:27 - 00000512 _____ C:\Users\PCNET\Desktop\MBR.dat
2013-10-16 20:17 - 2013-10-16 20:16 - 04745728 _____ (AVAST Software) C:\Users\PCNET\Desktop\aswMBR.exe
2013-10-16 19:50 - 2013-10-16 19:50 - 00000000 ____D C:\rsit
2013-10-16 19:50 - 2013-10-16 19:50 - 00000000 ____D C:\Program Files\trend micro
2013-10-16 19:49 - 2013-10-16 19:49 - 00832273 _____ C:\Users\PCNET\Downloads\RSITx64.exe
2013-10-16 19:34 - 2009-12-25 15:17 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-10-16 19:16 - 2009-07-14 04:34 - 00000387 _____ C:\Windows\win.ini
2013-10-16 19:05 - 2013-10-16 19:05 - 00000000 ____D C:\Program Files (x86)\AVAST Software
2013-10-16 18:56 - 2013-10-16 18:55 - 00000000 ____D C:\Program Files (x86)\GUM1EB8.tmp
2013-10-16 18:55 - 2013-10-16 18:55 - 50053120 _____ C:\Program Files (x86)\GUT1EB9.tmp
2013-10-16 07:52 - 2012-03-31 19:05 - 00000406 ____H C:\Windows\Tasks\Norton Security Scan for PCNET.job
2013-10-16 07:32 - 2013-08-22 16:04 - 00000000 ____D C:\Users\PCNET\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jan Drozd software
2013-10-16 07:32 - 2013-02-18 16:47 - 00000000 ____D C:\ProgramData\IObit
2013-10-16 07:32 - 2013-02-18 16:46 - 00000000 ____D C:\Program Files (x86)\IObit
2013-10-16 07:32 - 2012-03-31 19:05 - 00000000 ____D C:\Windows\system32\Drivers\NSSx64
2013-10-16 07:32 - 2012-03-31 19:05 - 00000000 ____D C:\ProgramData\Norton
2013-10-16 07:32 - 2012-03-31 19:05 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2013-10-16 07:32 - 2009-10-22 23:16 - 00000000 ____D C:\ProgramData\P4G
2013-10-16 07:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2013-10-16 07:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-10-16 07:25 - 2013-08-22 16:03 - 00000000 ____D C:\Users\PCNET\AppData\Local\Apps\2.0
2013-10-16 07:25 - 2012-10-23 12:51 - 00000000 ____D C:\ProgramData\Real
2013-10-16 04:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-10-16 03:13 - 2012-05-16 14:26 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-16 03:13 - 2012-05-16 14:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-16 02:54 - 2013-10-16 02:54 - 00000017 _____ C:\Users\PCNET\AppData\Local\resmon.resmoncfg
2013-10-16 02:49 - 2013-07-22 07:48 - 00000000 ____D C:\Windows\system32\MRT
2013-10-16 02:47 - 2012-03-03 19:38 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-16 02:40 - 2013-10-15 19:56 - 00000000 ___RD C:\Users\PCNET\Desktop\stará plocha
2013-10-16 02:35 - 2013-10-16 02:00 - 00000000 ____D C:\ProgramData\Oracle
2013-10-16 02:34 - 2013-10-16 02:34 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-16 02:34 - 2013-10-16 02:34 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-16 02:34 - 2013-10-16 02:34 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-16 02:34 - 2013-10-16 02:34 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-16 02:28 - 2011-12-19 22:09 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-16 02:27 - 2013-10-16 02:27 - 00000000 _____ C:\Windows\SysWOW64\RENACA5.tmp
2013-10-16 02:27 - 2013-10-16 02:27 - 00000000 _____ C:\Windows\SysWOW64\RENACA4.tmp
2013-10-16 02:27 - 2013-10-16 02:27 - 00000000 _____ C:\Windows\SysWOW64\RENAC93.tmp
2013-10-16 02:16 - 2009-10-22 23:04 - 00001601 _____ C:\Windows\system32\ServiceFilter.ini
2013-10-16 02:14 - 2011-02-15 19:20 - 00000000 ____D C:\Program Files\Google
2013-10-16 02:14 - 2011-02-15 19:20 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-16 02:12 - 2012-03-31 16:09 - 00000000 ____D C:\Program Files\DivX
2013-10-16 02:12 - 2012-03-31 16:04 - 00000000 ____D C:\Program Files (x86)\DivX
2013-10-16 02:12 - 2011-07-04 12:55 - 00000000 ____D C:\ProgramData\DivX
2013-10-16 02:04 - 2013-10-16 02:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-16 02:04 - 2013-10-16 02:04 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-16 02:04 - 2011-10-16 21:07 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-16 02:04 - 2009-12-25 18:26 - 00000000 ____D C:\Users\PCNET\AppData\Local\Adobe
2013-10-16 02:02 - 2013-10-16 02:02 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-10-16 02:02 - 2013-10-16 02:02 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-10-16 02:02 - 2009-10-22 23:01 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-16 02:00 - 2013-10-16 02:00 - 00000139 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-16 02:00 - 2013-10-16 02:00 - 00000000 _____ C:\Windows\SysWOW64\REN7C93.tmp
2013-10-16 02:00 - 2013-10-16 02:00 - 00000000 _____ C:\Windows\SysWOW64\REN7C92.tmp
2013-10-16 01:45 - 2011-02-15 19:20 - 00000000 ____D C:\Users\PCNET\AppData\Local\Google
2013-10-16 01:45 - 2011-02-15 19:20 - 00000000 ____D C:\ProgramData\Google
2013-10-16 01:42 - 2010-02-01 20:05 - 00000000 ____D C:\Windows\Minidump
2013-10-15 22:52 - 2009-12-08 12:41 - 00000000 ____D C:\Users\PCNET
2013-10-15 22:07 - 2013-06-25 18:34 - 00001924 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-15 22:07 - 2013-02-18 17:14 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-15 20:39 - 2013-10-14 14:38 - 95025368 ____T C:\ProgramData\8zmqgij6f.pff
2013-10-15 20:39 - 2013-10-14 14:38 - 00000000 _____ C:\ProgramData\8zmqgij6f.ctrl
2013-10-15 19:43 - 2013-10-15 19:43 - 00000000 ____D C:\Users\PCNET\AppData\Roaming\Apple Computer
2013-10-15 19:41 - 2013-08-22 16:03 - 00000000 ____D C:\Users\PCNET\AppData\Local\Deployment
2013-10-08 09:51 - 2011-10-16 21:09 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-05 07:28 - 2013-01-18 18:53 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-09-23 01:28 - 2013-10-16 03:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-16 03:03 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-16 03:03 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-16 03:03 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-16 03:03 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-16 03:03 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-16 03:03 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-23 01:27 - 2013-10-16 03:03 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-23 01:27 - 2013-10-16 03:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-23 01:27 - 2013-10-16 03:03 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-23 01:27 - 2013-10-16 03:03 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-23 01:27 - 2013-10-16 03:02 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-16 03:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 00:55 - 2013-10-16 03:03 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-16 03:03 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-16 03:03 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-16 03:03 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-16 03:03 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-16 03:03 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-16 03:03 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-16 03:03 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-23 00:54 - 2013-10-16 03:03 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-23 00:54 - 2013-10-16 03:03 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-23 00:54 - 2013-10-16 03:03 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-23 00:54 - 2013-10-16 03:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-23 00:54 - 2013-10-16 03:02 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-16 03:02 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-21 05:38 - 2013-10-16 03:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-21 05:30 - 2013-10-16 03:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-21 04:48 - 2013-10-16 03:03 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-21 04:39 - 2013-10-16 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

Files to move or delete:
====================
C:\ProgramData\8zmqgij6f.ctrl
C:\ProgramData\8zmqgij6f.pff
C:\ProgramData\itoeq.pad

Some content of TEMP:
====================
C:\Users\PCNET\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-10-11 07:31

==================== End Of Log ============================

#8 Příspěvek od **vyosek** » 17 říj 2013 19:49

Odinstalujte Advanced SystemCare a IObit Malware Fighter a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
MountPoints2: F - F:\Autorun.exe
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

CHR Plugin: (Default Plug-in) - default_plugin No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

S2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [465216 2013-01-15] (IObit)
S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [821592 2012-01-09] (IObit)

S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [21904 2012-07-05] (IObit.com)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [21904 2012-07-05] (IObit.com)
U3 tmlwf;
U3 tmwfp; 
S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [21384 2012-01-05] (IObit)
S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [21384 2012-01-05] (IObit)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [33224 2012-07-05] (IObit.com)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [33224 2012-07-05] (IObit.com)

2013-10-17 19:46 - 2013-10-17 19:46 - 00029696 _____ C:\Users\PCNET\AppData\Local\MSGBOX.EXE
2013-10-17 19:46 - 2013-10-17 19:46 - 00015327 _____ C:\Users\PCNET\Desktop\LM.bat
2013-10-17 19:44 - 2013-10-17 19:44 - 00112128 _____ (forum.viry.cz) C:\Users\PCNET\Desktop\FRSTLauncher.exe
2013-10-16 20:27 - 2013-10-16 20:27 - 00002189 _____ C:\Users\PCNET\Desktop\aswMBR.txt
2013-10-16 20:27 - 2013-10-16 20:27 - 00000512 _____ C:\Users\PCNET\Desktop\MBR.dat
2013-10-16 20:17 - 2013-10-16 20:16 - 04745728 _____ (AVAST Software) C:\Users\PCNET\Desktop\aswMBR.exe
2013-10-16 07:32 - 2013-02-18 16:47 - 00000000 ____D C:\ProgramData\IObit
2013-10-16 07:32 - 2013-02-18 16:46 - 00000000 ____D C:\Program Files (x86)\IObit
2013-10-15 20:39 - 2013-10-14 14:38 - 95025368 ____T C:\ProgramData\8zmqgij6f.pff
2013-10-15 20:39 - 2013-10-14 14:38 - 00000000 _____ C:\ProgramData\8zmqgij6f.ctrl
C:\ProgramData\itoeq.pad

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for PCNET.job => C:\PROGRA~2\NORTON~2\Engine\361~1.11\Nss.exe

Hosts:
CMD: shutdown /r /f /t 2
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

tapír · #9 Příspěvek od **tapír** » 17 říj 2013 20:39

To byla další věc co jsem s Vámi chtěl řešit ty věci od IOBitu jsem odinstaloval hned jak se mi ten pc dostal do ruky + další antivir měla tam nainstalovaný dva norton a avast. Nechal jsem pouze Avast. Bohužel oddinstalace věcí od iobitu neproběhla asi korektně - v programech se nezobrazovali ale pokud jsem klikl pravým na soubor nabízela se mě možnost spustit tyto programy. Teď po tom fixu co jsme provedli je to už ok.

zde je log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013
Ran by PCNET at 2013-10-17 21:23:11 Run:1
Running from C:\Users\PCNET\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
MountPoints2: F - F:\Autorun.exe
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

CHR Plugin: (Default Plug-in) - default_plugin No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

S2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [465216 2013-01-15] (IObit)
S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [821592 2012-01-09] (IObit)

S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [21904 2012-07-05] (IObit.com)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [21904 2012-07-05] (IObit.com)
U3 tmlwf;
U3 tmwfp;
S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [21384 2012-01-05] (IObit)
S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [21384 2012-01-05] (IObit)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [33224 2012-07-05] (IObit.com)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [33224 2012-07-05] (IObit.com)

2013-10-17 19:46 - 2013-10-17 19:46 - 00029696 _____ C:\Users\PCNET\AppData\Local\MSGBOX.EXE
2013-10-17 19:46 - 2013-10-17 19:46 - 00015327 _____ C:\Users\PCNET\Desktop\LM.bat
2013-10-17 19:44 - 2013-10-17 19:44 - 00112128 _____ (forum.viry.cz) C:\Users\PCNET\Desktop\FRSTLauncher.exe
2013-10-16 20:27 - 2013-10-16 20:27 - 00002189 _____ C:\Users\PCNET\Desktop\aswMBR.txt
2013-10-16 20:27 - 2013-10-16 20:27 - 00000512 _____ C:\Users\PCNET\Desktop\MBR.dat
2013-10-16 20:17 - 2013-10-16 20:16 - 04745728 _____ (AVAST Software) C:\Users\PCNET\Desktop\aswMBR.exe
2013-10-16 07:32 - 2013-02-18 16:47 - 00000000 ____D C:\ProgramData\IObit
2013-10-16 07:32 - 2013-02-18 16:46 - 00000000 ____D C:\Program Files (x86)\IObit
2013-10-15 20:39 - 2013-10-14 14:38 - 95025368 ____T C:\ProgramData\8zmqgij6f.pff
2013-10-15 20:39 - 2013-10-14 14:38 - 00000000 _____ C:\ProgramData\8zmqgij6f.ctrl
C:\ProgramData\itoeq.pad

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for PCNET.job => C:\PROGRA~2\NORTON~2\Engine\361~1.11\Nss.exe

Hosts:
CMD: shutdown /r /f /t 2
End
*****************

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => Key deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
HKCU\SOFTWARE\Policies\Google => Key deleted successfully.
AdvancedSystemCareService6 => Service deleted successfully.
IMFservice => Service deleted successfully.
UrlFilter => Service deleted successfully.
UrlFilter => Service not found.
tmlwf => Service deleted successfully.
tmwfp => Service deleted successfully.
FileMonitor => Service deleted successfully.
FileMonitor => Service not found.
RegFilter => Service deleted successfully.
RegFilter => Service not found.
"C:\Users\PCNET\AppData\Local\MSGBOX.EXE" => File/Directory not found.
C:\Users\PCNET\Desktop\LM.bat => Moved successfully.
C:\Users\PCNET\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\PCNET\Desktop\aswMBR.txt => Moved successfully.
C:\Users\PCNET\Desktop\MBR.dat => Moved successfully.
C:\Users\PCNET\Desktop\aswMBR.exe => Moved successfully.
C:\ProgramData\IObit => Moved successfully.
C:\Program Files (x86)\IObit => Moved successfully.
C:\ProgramData\8zmqgij6f.pff => Moved successfully.
C:\ProgramData\8zmqgij6f.ctrl => Moved successfully.
C:\ProgramData\itoeq.pad => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\Norton Security Scan for PCNET.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

==== End of Fixlog ====

#10 Příspěvek od **vyosek** » 17 říj 2013 20:41

Stahnete SecurityCheck http://screen317.spywareinfoforum.org/SecurityCheck.exe

Ulozte nejlepe na Plochu
Spustte tradicne dvouklikem a postupujte dle pokynu utility
Po dokonceni skenu se vytvori a otevre log, ten mi sem vlozte

tapír · #11 Příspěvek od **tapír** » 17 říj 2013 20:49

Results of screen317's Security Check version 0.99.74
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 45
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Google Chrome 29.0.1547.76
Google Chrome 30.0.1599.69
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

#12 Příspěvek od **vyosek** » 17 říj 2013 20:50

Doporucuji aktualizaci programu - aktualizace Vam pohodlne pohlida programek FileHippo UpdateChecker - staci spustit cca jednou za 14 dni

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

Provedte aktualizaci
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

tapír · #13 Příspěvek od **tapír** » 17 říj 2013 21:23

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.17.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
PCNET :: PCNET-PC [administrátor]

Ochrana: Povolena

17.10.2013 22:18:00
mbam-log-2013-10-17 (22-18-00).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 198770
Uplynulý čas: 4 minut, 53 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

#14 Příspěvek od **vyosek** » 17 říj 2013 21:31

Tak a ten uplnou\kompletni kontrolu, jak jsem chtel...

tapír · #15 Příspěvek od **tapír** » 17 říj 2013 22:46

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.17.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
PCNET :: PCNET-PC [administrátor]

Ochrana: Povolena

17.10.2013 22:33:28
mbam-log-2013-10-17 (22-33-28).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 358631
Uplynulý čas: 1 hodin, 11 minut, 3 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

VIRY.CZ

Zavirované PC - kontrola logu

Zavirované PC - kontrola logu

Re: Zavirované PC - kontrola logu

Re: Zavirované PC - kontrola logu

Re: Zavirované PC - kontrola logu

Re: Zavirované PC - kontrola logu

Re: Zavirované PC - kontrola logu

Re: Zavirované PC - kontrola logu

Re: Zavirované PC - kontrola logu

Re: Zavirované PC - kontrola logu

Re: Zavirované PC - kontrola logu

Re: Zavirované PC - kontrola logu

Re: Zavirované PC - kontrola logu

Re: Zavirované PC - kontrola logu

Re: Zavirované PC - kontrola logu

Re: Zavirované PC - kontrola logu