Prosím o kontrolu logu

Zpráva

djperoxid · #1 Příspěvek od **djperoxid** » 24 říj 2013 23:22

Dobrý den přeji můžete mi prosím zkontrolovat Log? mam pocit ,že mi avast hlasí viry,ale nic s tím nedělá.děkuji

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-10-2013
Ran by Dj Peroxid (administrator) on DJPEROXID-PC on 25-10-2013 00:11:18
Running from C:\Users\Dj Peroxid\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Wsys Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AutoIt Team) C:\Users\Dj Peroxid\fxiuy\jqjj.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Cm112Sound] - C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm112.dll,CMICtrlWnd
HKLM\...\Run: [Cm112GX] - C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cm112GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)
HKCU\...\RunOnce: [fxiuy] - C:\Users\DJPERO~1\fxiuy\start.vbs [191 2013-10-23] ()
HKCU\...\Policies\Explorer\Run: [BitTorrent] - C:\Users\Dj Peroxid\AppData\Roaming\8C1830\8C1830.exe [32768 2013-08-29] ( ())
MountPoints2: {2a40dcdb-8893-11e2-b619-047d7ba916cf} - "F:\WD SmartWare.exe" autoplay=true
MountPoints2: {70a15149-6a34-11e2-9c09-9c4e3615eea8} - G:\SETUP.EXE
MountPoints2: {e0c41715-6d59-11e2-8cd7-047d7ba916cf} - F:\LaunchU3.exe -a
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-27] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-10-24] (AVAST Software)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [266448 2013-06-21] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1377342503
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1377342503
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1377342503
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1377342503
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1377342503
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1377342503
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1373482226
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1373482226
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1373482226
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1373482226
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1373482226
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_ ... earchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-search.com/?q={search ... B&tsp=4972
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_ ... earchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 07 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 02 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 03 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 04 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 05 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 06 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 07 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 08 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 09 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 10 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 07 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9-x64 01 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 02 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 03 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 04 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 05 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 06 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 07 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 08 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 09 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 10 mswsock.dll File Not found (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Extension: hdvc - C:\Users\Dj Peroxid\AppData\Roaming\Mozilla\Firefox\profiles\extensions\hdvc@hdvc.com.xpi

Chrome:
=======
CHR HomePage: hxxp://www.delta-homes.com/?utm_source=b&utm_m ... 1380303077
CHR RestoreOnStartup: "hxxp://www.delta-homes.com/?utm_source=b&utm_m ... 1380303077"
CHR DefaultSearchURL: (delta-homes) - http://search.delta-homes.com/web/?utm_ ... earchTerms}
CHR DefaultSuggestURL: (delta-homes) - "suggest_url": "",
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0
CHR Extension: (Google Search) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (HDvid Codec) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli\2.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Bungalow) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogkdmggpdfpodahejeckklcncacambmo\1_0
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp\5.0.94.1_0
CHR Extension: (Gmail) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Dj Peroxid\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM-x32\...\Chrome\Extension: [kpkbnefaikfaeadgidhpoanckoiaheli] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-24] (AVAST Software)
S3 COMSysApp; C:\Windows\SysWow64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWow64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-01-30] ()
R2 WSearch; C:\Windows\SysWow64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation)
R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [303680 2013-08-22] (Wsys Co., Ltd.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\ \...\???\{08194442-a0b6-9654-5762-8ede22cf7eb6}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)

==================== Drivers (Whitelisted) ====================

S3 ASUSU1; C:\Windows\System32\drivers\cm11264.sys [1312256 2010-12-15] (C-Media Electronics Inc)
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-24] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-10-24] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-10-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-24] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-29] (DT Soft Ltd)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-10-25 00:10 - 2013-10-25 00:10 - 00000000 ____D C:\FRST
2013-10-25 00:10 - 2013-10-25 00:09 - 00112128 _____ (forum.viry.cz) C:\Users\Dj Peroxid\Desktop\FRSTLauncher.exe
2013-10-25 00:09 - 2013-10-25 00:09 - 01955412 _____ (Farbar) C:\Users\Dj Peroxid\Desktop\FRST64.exe
2013-10-25 00:09 - 2013-10-25 00:09 - 00112128 _____ (forum.viry.cz) C:\Users\Dj Peroxid\Downloads\FRSTLauncher.exe
2013-10-25 00:08 - 2013-10-25 00:09 - 01955412 _____ (Farbar) C:\Users\Dj Peroxid\Downloads\FRST64.exe
2013-10-24 23:52 - 2013-10-24 23:52 - 00000000 ____D C:\Users\Dj Peroxid\AppData\Roaming\AVAST Software
2013-10-24 23:51 - 2013-10-24 23:51 - 00023866 _____ C:\Windows\PFRO.log
2013-10-24 22:49 - 2013-10-24 23:52 - 00000112 _____ C:\Windows\setupact.log
2013-10-24 22:49 - 2013-10-24 22:49 - 00000000 _____ C:\Windows\setuperr.log
2013-10-23 16:32 - 2013-10-24 23:17 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-23 16:32 - 2013-10-23 16:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-23 16:32 - 2013-10-23 16:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-23 16:32 - 2013-10-23 16:32 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-23 16:32 - 2013-10-23 16:32 - 00000000 ____D C:\Windows\system32\Macromed
2013-10-23 16:07 - 2013-10-23 16:16 - 00000000 __SHD C:\Users\Dj Peroxid\fxiuy
2013-10-22 12:04 - 2013-10-22 16:59 - 00000000 ____D C:\Users\Dj Peroxid\Desktop\Školení Excel
2013-10-14 22:52 - 2013-10-14 22:52 - 00020502 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] VA-DJ_Selection_387_-_Dance_Invasion_Vol._109-2013-ONe.torrent
2013-10-12 17:38 - 2013-10-12 18:02 - 108207757 _____ C:\Users\Dj Peroxid\Downloads\knihy.zip
2013-10-11 21:34 - 2013-10-11 21:34 - 00022911 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] 4912343.torrent
2013-10-11 21:34 - 2013-10-11 21:34 - 00022911 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] 4912343 (1).torrent
2013-10-09 19:04 - 2013-10-09 19:04 - 00062676 _____ C:\Users\Dj Peroxid\Downloads\Oblivion(0000221278).srt
2013-10-09 18:39 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-09 18:39 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-09 18:39 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 18:39 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 18:39 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-09 18:39 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-09 18:39 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-09 18:39 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-09 18:39 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 18:39 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 18:28 - 2013-10-09 18:28 - 00009904 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] Oblivion (2013).torrent
2013-10-08 23:11 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-08 23:11 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-08 23:10 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-08 23:10 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-08 23:10 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-08 23:10 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-08 23:10 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-08 23:10 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-08 23:10 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-08 23:10 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-08 23:10 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-08 23:10 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-08 23:10 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-08 23:10 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-08 23:10 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-08 23:10 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-08 23:10 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-08 23:10 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-08 23:09 - 2013-10-24 23:53 - 00000000 __SHD C:\Users\Dj Peroxid\AppData\Roaming\8C1830
2013-10-08 23:09 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-08 23:09 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-08 23:09 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-08 23:09 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-08 23:09 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-08 23:09 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-08 23:09 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-08 23:09 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-08 23:09 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-08 23:09 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-08 23:09 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-08 23:09 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-08 23:09 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-08 23:09 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-08 23:09 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-08 23:09 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-08 23:09 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-08 23:09 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-08 23:09 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-08 23:09 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-08 23:09 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-08 23:09 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-08 23:09 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-08 23:09 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-08 23:09 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-08 23:09 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-08 23:09 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-08 23:09 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-08 23:09 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-08 23:09 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-08 23:09 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-08 23:09 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-08 23:09 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-08 23:09 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-08 23:09 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-08 23:09 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-02 23:01 - 2013-10-02 23:01 - 00000000 ____D C:\Users\Dj Peroxid\Desktop\Sub_Focus-Torus-2013-NOiR
2013-10-02 21:37 - 2013-10-02 21:37 - 00017894 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] Nrj Hits 2013 Volume 2.torrent
2013-10-02 21:24 - 2013-10-02 21:24 - 00017598 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] VA - NRJ Party Hits 2013 (2CD)(2013).torrent
2013-10-02 21:23 - 2013-10-02 21:23 - 00018703 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] VA-NRJ_200_percent_Hits_2013_Vol.2-(534_497-2)-2CD-2013-1nDD.torrent
2013-10-02 21:09 - 2013-10-02 21:09 - 00017618 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] C31CB87D24AA23BDD579D7618225869670CAEA9C.torrent
2013-10-01 20:10 - 2013-10-01 20:10 - 00024618 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] pes 2014-RELOADED.torrent
2013-09-28 16:00 - 2013-09-28 16:00 - 00000000 ____D C:\Users\Dj Peroxid\AppData\Roaming\eUpdate

==================== One Month Modified Files and Folders =======

2013-10-25 00:10 - 2013-10-25 00:10 - 00000000 ____D C:\FRST
2013-10-25 00:09 - 2013-10-25 00:10 - 00112128 _____ (forum.viry.cz) C:\Users\Dj Peroxid\Desktop\FRSTLauncher.exe
2013-10-25 00:09 - 2013-10-25 00:09 - 01955412 _____ (Farbar) C:\Users\Dj Peroxid\Desktop\FRST64.exe
2013-10-25 00:09 - 2013-10-25 00:09 - 00112128 _____ (forum.viry.cz) C:\Users\Dj Peroxid\Downloads\FRSTLauncher.exe
2013-10-25 00:09 - 2013-10-25 00:08 - 01955412 _____ (Farbar) C:\Users\Dj Peroxid\Downloads\FRST64.exe
2013-10-25 00:02 - 2009-07-14 06:45 - 00015504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-25 00:02 - 2009-07-14 06:45 - 00015504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-24 23:58 - 2013-07-10 20:50 - 00000000 ____D C:\ProgramData\eSafe
2013-10-24 23:53 - 2013-10-08 23:09 - 00000000 __SHD C:\Users\Dj Peroxid\AppData\Roaming\8C1830
2013-10-24 23:52 - 2013-10-24 23:52 - 00000000 ____D C:\Users\Dj Peroxid\AppData\Roaming\AVAST Software
2013-10-24 23:52 - 2013-10-24 22:49 - 00000112 _____ C:\Windows\setupact.log
2013-10-24 23:52 - 2013-07-10 20:49 - 00000376 _____ C:\Windows\Tasks\AmiUpdXp.job
2013-10-24 23:52 - 2013-01-20 23:57 - 00000956 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-24 23:52 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-24 23:51 - 2013-10-24 23:51 - 00023866 _____ C:\Windows\PFRO.log
2013-10-24 23:45 - 2013-01-20 23:57 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-24 23:30 - 2013-01-20 23:57 - 00000960 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-24 23:17 - 2013-10-23 16:32 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-24 23:15 - 2013-01-20 23:57 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-24 23:14 - 2013-03-19 08:40 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-24 23:14 - 2013-03-19 08:40 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-24 23:14 - 2013-01-20 23:57 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-24 23:14 - 2013-01-20 23:57 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-24 23:14 - 2013-01-20 23:57 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-24 23:14 - 2013-01-20 23:57 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-24 23:14 - 2013-01-20 23:57 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-24 23:14 - 2013-01-20 23:57 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-24 23:14 - 2013-01-20 23:57 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-24 23:14 - 2013-01-20 23:56 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-24 23:07 - 2013-01-20 23:57 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-24 23:07 - 2013-01-20 23:56 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-24 22:49 - 2013-10-24 22:49 - 00000000 _____ C:\Windows\setuperr.log
2013-10-24 19:19 - 2009-07-14 17:18 - 00666656 _____ C:\Windows\system32\perfh005.dat
2013-10-24 19:19 - 2009-07-14 17:18 - 00140320 _____ C:\Windows\system32\perfc005.dat
2013-10-24 19:19 - 2009-07-14 07:13 - 01577046 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-23 23:21 - 2013-01-26 18:50 - 00000000 ____D C:\Users\Dj Peroxid\AppData\Roaming\uTorrent
2013-10-23 23:18 - 2013-01-19 19:55 - 00000000 ____D C:\Windows\Panther
2013-10-23 23:04 - 2013-05-19 22:50 - 00000000 ____D C:\Program Files (x86)\hdvidcodec.com
2013-10-23 23:00 - 2013-06-22 13:43 - 00000000 ____D C:\Users\Dj Peroxid\AppData\Roaming\File Scout
2013-10-23 16:32 - 2013-10-23 16:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-23 16:32 - 2013-10-23 16:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-23 16:32 - 2013-10-23 16:32 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-23 16:32 - 2013-10-23 16:32 - 00000000 ____D C:\Windows\system32\Macromed
2013-10-23 16:19 - 2013-01-21 20:31 - 00000000 ____D C:\Program Files (x86)\The KMPlayer
2013-10-23 16:16 - 2013-10-23 16:07 - 00000000 __SHD C:\Users\Dj Peroxid\fxiuy
2013-10-23 16:11 - 2013-01-20 23:57 - 00000000 ____D C:\Users\Dj Peroxid\AppData\Local\Google
2013-10-23 16:11 - 2013-01-20 23:57 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-23 16:07 - 2013-01-19 20:04 - 00000000 ____D C:\Users\Dj Peroxid
2013-10-22 16:59 - 2013-10-22 12:04 - 00000000 ____D C:\Users\Dj Peroxid\Desktop\Školení Excel
2013-10-22 14:34 - 2013-07-23 17:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-22 12:08 - 2013-06-08 14:54 - 00000000 ____D C:\Users\Dj Peroxid\Desktop\foto
2013-10-22 12:02 - 2013-09-08 10:36 - 00000000 ____D C:\Users\Dj Peroxid\Desktop\florbal
2013-10-20 19:25 - 2013-01-20 23:57 - 00003956 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-20 19:25 - 2013-01-20 23:57 - 00003704 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-14 22:52 - 2013-10-14 22:52 - 00020502 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] VA-DJ_Selection_387_-_Dance_Invasion_Vol._109-2013-ONe.torrent
2013-10-12 18:02 - 2013-10-12 17:38 - 108207757 _____ C:\Users\Dj Peroxid\Downloads\knihy.zip
2013-10-11 21:34 - 2013-10-11 21:34 - 00022911 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] 4912343.torrent
2013-10-11 21:34 - 2013-10-11 21:34 - 00022911 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] 4912343 (1).torrent
2013-10-09 20:20 - 2013-06-22 15:30 - 00000000 ____D C:\Windows\rescache
2013-10-09 19:04 - 2013-10-09 19:04 - 00062676 _____ C:\Users\Dj Peroxid\Downloads\Oblivion(0000221278).srt
2013-10-09 18:58 - 2013-03-14 01:47 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-09 18:58 - 2013-03-14 01:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-09 18:58 - 2009-07-14 06:45 - 00298536 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-09 18:37 - 2013-08-02 22:21 - 01556632 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-09 18:33 - 2013-07-26 00:32 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 18:32 - 2013-01-21 20:25 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 18:28 - 2013-10-09 18:28 - 00009904 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] Oblivion (2013).torrent
2013-10-06 15:51 - 2013-01-26 19:06 - 00000000 ____D C:\Users\Dj Peroxid\Documents\VirtualDJ
2013-10-02 23:01 - 2013-10-02 23:01 - 00000000 ____D C:\Users\Dj Peroxid\Desktop\Sub_Focus-Torus-2013-NOiR
2013-10-02 21:37 - 2013-10-02 21:37 - 00017894 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] Nrj Hits 2013 Volume 2.torrent
2013-10-02 21:24 - 2013-10-02 21:24 - 00017598 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] VA - NRJ Party Hits 2013 (2CD)(2013).torrent
2013-10-02 21:23 - 2013-10-02 21:23 - 00018703 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] VA-NRJ_200_percent_Hits_2013_Vol.2-(534_497-2)-2CD-2013-1nDD.torrent
2013-10-02 21:09 - 2013-10-02 21:09 - 00017618 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] C31CB87D24AA23BDD579D7618225869670CAEA9C.torrent
2013-10-01 22:11 - 2013-09-09 23:44 - 00000000 ____D C:\Program Files (x86)\MyHeritage
2013-10-01 20:10 - 2013-10-01 20:10 - 00024618 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] pes 2014-RELOADED.torrent
2013-09-28 16:00 - 2013-09-28 16:00 - 00000000 ____D C:\Users\Dj Peroxid\AppData\Roaming\eUpdate

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

Files to move or delete:
====================
ZeroAccess:
C:\Users\Dj Peroxid\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files (x86)\Google\Desktop\Install

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender

LastRegBack: 2013-10-22 20:34

==================== End Of Log ============================

#2 Příspěvek od **vyosek** » 24 říj 2013 23:47

Zdravim

Tam toho je

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

djperoxid · #3 Příspěvek od **djperoxid** » 25 říj 2013 18:02

Dobrý den,

vím je to hrozný

Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/25/2013 06:55:57 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* WsysSvc Stopped. [Adware/Soft365]

1 service stopped!

Checking for processes to terminate:

* C:\Windows\SysWOW64\HsMgr.exe (PID: 1644) [WD-HEUR]
* C:\Windows\system\HsMgr64.exe (PID: 1804) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Dj Peroxid\Desktop\rkill\rkill-10-25-2013-06-56-09.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* ALERT: ZEROACCESS rootkit symptoms found!

* C:\Program Files (x86)\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\ [ZA Dir]
* C:\Program Files (x86)\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\ \ [ZA Dir]
* C:\Program Files (x86)\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\ \...\ [ZA Dir]
* C:\Program Files (x86)\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\ \...\ﯹ๛\ [ZA Dir]
* C:\Program Files (x86)\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\ \...\ﯹ๛\{08194442-a0b6-9654-5762-8ede22cf7eb6}\ [ZA Dir]
* C:\Users\Dj Peroxid\AppData\Local\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\ [ZA Dir]
* C:\Users\Dj Peroxid\AppData\Local\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\❤≸⋙\ [ZA Dir]
* C:\Users\Dj Peroxid\AppData\Local\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\❤≸⋙\Ⱒ☠⍨\ [ZA Dir]
* C:\Users\Dj Peroxid\AppData\Local\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\ [ZA Dir]
* C:\Users\Dj Peroxid\AppData\Local\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{08194442-a0b6-9654-5762-8ede22cf7eb6}\ [ZA Dir]
* C:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
* C:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

* ALERT: ZEROACCESS Reparse Point/Junction found!

* C:\Program Files\Windows Defender\cs-CZ => c:\windows\system32\config\ [Dir]
* C:\Program Files\Windows Defender\MpAsDesc.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MpClient.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MpCmdRun.exe => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MpCommu.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MpEvMsg.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MpOAV.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MpRTP.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MpSvc.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MSASCui.exe => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MsMpCom.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MsMpLics.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MsMpRes.dll => c:\windows\system32\config [File]

Checking Windows Service Integrity:

* Ovladač ověření brány Windows Firewall (mpsdrv) is not Running.
Startup Type set to: Manual

* BFE [Missing Service]
* BITS [Missing Service]
* iphlpsvc [Missing Service]
* PcaSvc [Missing Service]
* PolicyAgent [Missing Service]
* RemoteAccess [Missing Service]
* WinDefend [Missing Service]
* wscsvc [Missing Service]
* wuauserv [Missing Service]

* MpsSvc [Missing ImagePath]
* SharedAccess [Missing ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/25/2013 06:57:22 PM
Execution time: 0 hours(s), 1 minute(s), and 25 seconds(s)

djperoxid · #4 Příspěvek od **djperoxid** » 25 říj 2013 20:35

jinak díky za rady :*)

#5 Příspěvek od **vyosek** » 25 říj 2013 21:31

Log z Combofixu by byl??

djperoxid · #6 Příspěvek od **djperoxid** » 25 říj 2013 22:06

zde:-)

ComboFix 13-10-24.01 - Dj Peroxid 25.10.2013 22:53:57.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8056.5801 [GMT 2:00]
Spuštěný z: c:\users\Dj Peroxid\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Desktop\Install
c:\program files (x86)\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\9519~1\A535~1\E628~1\{08194442-a0b6-9654-5762-8ede22cf7eb6}\@
c:\program files (x86)\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\9519~1\A535~1\E628~1\{08194442-a0b6-9654-5762-8ede22cf7eb6}\L\00000004.@
c:\program files (x86)\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\9519~1\A535~1\E628~1\{08194442-a0b6-9654-5762-8ede22cf7eb6}\L\76603ac3
c:\program files (x86)\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\9519~1\A535~1\E628~1\{08194442-a0b6-9654-5762-8ede22cf7eb6}\trzF096.tmp
c:\program files (x86)\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\9519~1\A535~1\E628~1\{08194442-a0b6-9654-5762-8ede22cf7eb6}\U\00000008.@
c:\programdata\Roaming
c:\users\Dj Peroxid\AppData\Local\Google\Desktop\Install
c:\users\Dj Peroxid\AppData\Local\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\2E2F~1\28F0~1\E628~1\{08194442-a0b6-9654-5762-8ede22cf7eb6}\@
c:\users\Dj Peroxid\AppData\Local\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\2E2F~1\28F0~1\E628~1\{08194442-a0b6-9654-5762-8ede22cf7eb6}\U\00000008.@
c:\users\Dj Peroxid\AppData\Local\MSGBOX.EXE
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\SysWow64\lsprst7.dll
c:\windows\SysWow64\ssprs.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WsysSvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-25 do 2013-10-25 )))))))))))))))))))))))))))))))
.
.
2013-10-25 20:58 . 2013-10-25 20:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-24 22:10 . 2013-10-24 22:10 -------- d-----w- C:\FRST
2013-10-24 21:52 . 2013-10-24 21:52 -------- d-----w- c:\users\Dj Peroxid\AppData\Roaming\AVAST Software
2013-10-23 14:32 . 2013-10-23 14:32 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-23 14:32 . 2013-10-23 14:32 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-23 14:32 . 2013-10-23 14:32 -------- d-----w- c:\windows\system32\Macromed
2013-10-23 14:07 . 2013-10-23 14:16 -------- d-sh--w- c:\users\Dj Peroxid\fxiuy
2013-10-22 10:06 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9A14335C-8EC4-42D6-B97E-B693F2BC928F}\mpengine.dll
2013-10-08 21:11 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2013-10-08 21:11 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2013-10-08 21:09 . 2013-07-04 12:57 259584 ----a-w- c:\windows\system32\WebClnt.dll
2013-09-28 14:00 . 2013-09-28 14:00 -------- d-----w- c:\users\Dj Peroxid\AppData\Roaming\eUpdate
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-24 21:14 . 2013-03-19 06:40 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-24 21:14 . 2013-03-19 06:40 205320 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-24 21:14 . 2013-01-20 21:57 409832 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-10-24 21:14 . 2013-01-20 21:57 38984 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-10-24 21:14 . 2013-01-20 21:57 65264 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-10-24 21:14 . 2013-01-20 21:57 1032416 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-24 21:14 . 2013-01-20 21:57 84328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-24 21:14 . 2013-01-20 21:57 334648 ----a-w- c:\windows\system32\aswBoot.exe
2013-10-24 21:14 . 2013-01-20 21:57 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-10-24 21:14 . 2013-01-20 21:56 43152 ----a-w- c:\windows\avastSS.scr
2013-10-09 16:32 . 2013-01-21 18:25 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-09-03 12:35 . 2013-01-20 21:43 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-10-08 21:09 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-24 14:05 . 2013-08-24 14:06 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-24 14:05 . 2013-08-24 14:06 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-24 14:05 . 2013-08-24 14:06 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-08-24 11:08 . 2011-06-11 00:58 773800 ----a-w- c:\windows\SysWow64\msvcr100.dll
2013-08-24 11:08 . 2011-06-11 00:58 421032 ----a-w- c:\windows\SysWow64\msvcp100.dll
2013-08-05 02:25 . 2013-09-12 20:56 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 02:14 . 2013-09-12 20:56 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 02:13 . 2013-09-12 20:56 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 02:13 . 2013-09-12 20:56 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-08-02 02:12 . 2013-09-12 20:56 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-08-02 02:12 . 2013-09-12 20:56 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 6656 ----a-w- c:\windows\system32\apisetschema.dll
2013-08-02 02:12 . 2013-09-12 20:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:50 . 2013-09-12 20:56 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2013-08-02 01:48 . 2013-09-12 20:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-08-02 01:48 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:09 . 2013-09-12 20:56 338432 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:59 . 2013-09-12 20:56 112640 ----a-w- c:\windows\system32\smss.exe
2013-08-02 00:43 . 2013-09-12 20:56 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 20:56 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 20:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 20:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-01-30 14:49 281760 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-27 291608]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-10-24 3567800]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 ASUSU1;ASUS Xonar U3 Audio Interface;c:\windows\system32\drivers\cm11264.sys;c:\windows\SYSNATIVE\drivers\cm11264.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-20 17:31 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-23 14:32]
.
2013-10-25 c:\windows\Tasks\AmiUpdXp.job
- c:\users\Dj Peroxid\AppData\Local\SwvUpdater\Updater.exe [2013-07-10 15:25]
.
2013-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20 21:57]
.
2013-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20 21:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-01-30 14:49 342176 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-10-24 21:14 326944 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-28 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-28 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-28 440600]
"Cm112Sound"="c:\windows\Syswow64\cm112.dll" [2009-12-08 8146944]
"Cm112GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cm112GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.delta-homes.com/?utm_source=b&utm_m ... 1377342503
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_m ... 1377342503
mStart Page = hxxp://www.delta-homes.com/?utm_source=b&utm_m ... 1377342503
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Celkový čas: 2013-10-25 23:05:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-25 21:05
.
Před spuštěním: 5 734 932 480
Po spuštění: 5 766 455 296
.
- - End Of File - - 195B0DE94DAE3A2D26A9DDF364B50F29
A36C5E4F47E84449FF07ED3517B43A31

djperoxid · #7 Příspěvek od **djperoxid** » 26 říj 2013 19:17

Prosim o radu dekuji

#8 Příspěvek od **vyosek** » 26 říj 2013 21:14

Omlouvam se, pracovni povinnosti

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

Ulozte nejlepe na Plochu a rozbalte
Spustte kliknutim na mbar
Nyni postupne kliknete na Next a Update
Po dokonceni update (aktualizace) databaze kliknete opet na Next
Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
PC bude restartovan
Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

Stahnete Service Repair http://kb.eset.com/library/ESET/KB%20Te ... Repair.exe

Ulozte nejlepe na Plochu
Spustte a potvrdte Yes abyste potvrdil reinstalaci sluzeb
Nasledne kliknutim na Yes potvrdte restart PC
Na Plose vznikne slozka CC Support, najdete tam log SvcRepair.txt - mel by byt CC Support\Logs\SvcRepair.txt - vlozte mi jej sem

djperoxid · #9 Příspěvek od **djperoxid** » 26 říj 2013 21:35

tak prvni prpgram mailware nenašel.z druhého přikládám log:

Log Opened: 2013-10-26 @ 22:31:54
22:31:54 - -----------------
22:31:54 - | Begin Logging |
22:31:54 - -----------------
22:31:54 - Fix started on a WIN_7 X64 computer
22:31:54 - Prep in progress. Please Wait.
22:31:55 - Prep complete
22:31:55 - Repairing Services Now. Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>

SetACL finished successfully.
22:31:56 - Services Repair Complete.
22:32:21 - Reboot Initiated

#10 Příspěvek od **vyosek** » 26 říj 2013 21:50

Poprosim o novy log z FRSTLauncheru

djperoxid · #11 Příspěvek od **djperoxid** » 26 říj 2013 22:05

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2013 01
Ran by Dj Peroxid (administrator) on DJPEROXID-PC on 26-10-2013 23:04:09
Running from C:\Users\Dj Peroxid\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Dj Peroxid\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Users\DJPERO~1\AppData\Local\MSGBOX.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Cm112Sound] - C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm112.dll,CMICtrlWnd
HKLM\...\Run: [Cm112GX] - C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cm112GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-27] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3567800 2013-10-25] (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1377342503
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1377342503
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1377342503
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1377342503
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1373482226
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1373482226
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1373482226
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1373482226
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-search.com/?q={search ... B&tsp=4972
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_ ... earchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Extension: hdvc - C:\Users\Dj Peroxid\AppData\Roaming\Mozilla\Firefox\profiles\extensions\hdvc@hdvc.com.xpi

Chrome:
=======
CHR HomePage: hxxp://www.delta-homes.com/?utm_source=b&utm_m ... 1380303077
CHR RestoreOnStartup: "hxxp://www.delta-homes.com/?utm_source=b&utm_m ... 1380303077"
CHR DefaultSearchURL: (delta-homes) - http://search.delta-homes.com/web/?utm_ ... earchTerms}
CHR DefaultSuggestURL: (delta-homes) - "suggest_url": "",
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0
CHR Extension: (Google Search) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (HDvid Codec) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli\2.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Bungalow) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogkdmggpdfpodahejeckklcncacambmo\1_0
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp\5.0.94.1_0
CHR Extension: (Gmail) - C:\Users\DJPERO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Dj Peroxid\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM-x32\...\Chrome\Extension: [kpkbnefaikfaeadgidhpoanckoiaheli] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-24] (AVAST Software)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-01-30] ()
S4 RemoteAccess; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S3 ASUSU1; C:\Windows\System32\drivers\cm11264.sys [1312256 2010-12-15] (C-Media Electronics Inc)
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-24] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-10-24] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-10-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-24] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-29] (DT Soft Ltd)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-10-26 23:04 - 2013-10-26 23:04 - 00015327 _____ C:\Users\Dj Peroxid\Desktop\LM.bat
2013-10-26 23:03 - 2013-10-26 23:02 - 01956160 _____ (Farbar) C:\Users\Dj Peroxid\Desktop\FRST64.exe
2013-10-26 23:02 - 2013-10-26 23:02 - 01956160 _____ (Farbar) C:\Users\Dj Peroxid\Downloads\FRST64 (2).exe
2013-10-26 23:01 - 2013-10-26 23:01 - 01956160 _____ (Farbar) C:\Users\Dj Peroxid\Downloads\FRST64 (1).exe
2013-10-26 22:57 - 2013-10-26 23:04 - 00029696 _____ C:\Users\Dj Peroxid\AppData\Local\MSGBOX.EXE
2013-10-26 22:31 - 2013-10-26 22:31 - 00000000 ____D C:\Users\Public\Desktop\CC Support
2013-10-26 22:31 - 2013-10-26 22:20 - 04009167 _____ C:\Users\Dj Peroxid\Desktop\ServicesRepair.exe
2013-10-26 22:20 - 2013-10-26 22:31 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-26 22:20 - 2013-10-26 22:20 - 04009167 _____ C:\Users\Dj Peroxid\Downloads\ServicesRepair.exe
2013-10-26 22:20 - 2013-10-26 22:20 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-10-26 22:20 - 2013-10-26 22:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-26 22:19 - 2013-10-26 22:19 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-26 22:18 - 2013-10-26 22:31 - 00000000 ____D C:\Users\Dj Peroxid\Desktop\mbar
2013-10-26 22:18 - 2013-10-26 22:16 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Dj Peroxid\Desktop\mbar-1.07.0.1007.exe
2013-10-26 22:16 - 2013-10-26 22:16 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Dj Peroxid\Downloads\mbar-1.07.0.1007.exe
2013-10-26 01:08 - 2013-10-26 01:08 - 00000000 ____D C:\Users\Dj Peroxid\AppData\Roaming\Macromedia
2013-10-25 23:05 - 2013-10-25 23:05 - 00027509 _____ C:\ComboFix.txt
2013-10-25 22:53 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-10-25 22:53 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-10-25 22:53 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-10-25 22:53 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-10-25 22:53 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-10-25 22:53 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-10-25 22:53 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-10-25 22:53 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-10-25 22:52 - 2013-10-25 23:05 - 00000000 ____D C:\Qoobox
2013-10-25 22:52 - 2013-10-25 23:04 - 00000000 ____D C:\Windows\erdnt
2013-10-25 22:52 - 2013-10-25 22:52 - 05136677 ____R (Swearware) C:\Users\Dj Peroxid\Desktop\ComboFix.exe
2013-10-25 22:52 - 2013-10-25 22:52 - 05136677 _____ (Swearware) C:\Users\Dj Peroxid\Downloads\ComboFix.exe
2013-10-25 19:37 - 2013-10-26 22:32 - 00016003 _____ C:\Windows\WindowsUpdate.log
2013-10-25 18:56 - 2013-10-25 18:56 - 00000000 ____D C:\Users\Dj Peroxid\Desktop\rkill
2013-10-25 18:55 - 2013-10-25 19:01 - 00008588 _____ C:\Users\Dj Peroxid\Desktop\Rkill.txt
2013-10-25 18:55 - 2013-10-25 18:55 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Dj Peroxid\Downloads\rkill.com
2013-10-25 18:55 - 2013-10-25 18:55 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Dj Peroxid\Desktop\rkill.com
2013-10-25 00:21 - 2013-10-25 00:21 - 00005178 _____ C:\Users\Dj Peroxid\Desktop\Addition.zip
2013-10-25 00:10 - 2013-10-25 00:10 - 00000000 ____D C:\FRST
2013-10-25 00:10 - 2013-10-25 00:09 - 00112128 _____ (forum.viry.cz) C:\Users\Dj Peroxid\Desktop\FRSTLauncher.exe
2013-10-25 00:09 - 2013-10-25 00:09 - 00112128 _____ (forum.viry.cz) C:\Users\Dj Peroxid\Downloads\FRSTLauncher.exe
2013-10-25 00:08 - 2013-10-25 00:09 - 01955412 _____ (Farbar) C:\Users\Dj Peroxid\Downloads\FRST64.exe
2013-10-24 23:52 - 2013-10-24 23:52 - 00000000 ____D C:\Users\Dj Peroxid\AppData\Roaming\AVAST Software
2013-10-24 23:51 - 2013-10-25 22:59 - 00024418 _____ C:\Windows\PFRO.log
2013-10-24 22:49 - 2013-10-26 22:32 - 00000504 _____ C:\Windows\setupact.log
2013-10-24 22:49 - 2013-10-24 22:49 - 00000000 _____ C:\Windows\setuperr.log
2013-10-23 16:32 - 2013-10-26 22:17 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-23 16:32 - 2013-10-23 16:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-23 16:32 - 2013-10-23 16:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-23 16:32 - 2013-10-23 16:32 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-23 16:32 - 2013-10-23 16:32 - 00000000 ____D C:\Windows\system32\Macromed
2013-10-23 16:07 - 2013-10-23 16:16 - 00000000 __SHD C:\Users\Dj Peroxid\fxiuy
2013-10-22 12:04 - 2013-10-22 16:59 - 00000000 ____D C:\Users\Dj Peroxid\Desktop\Školení Excel
2013-10-14 22:52 - 2013-10-14 22:52 - 00020502 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] VA-DJ_Selection_387_-_Dance_Invasion_Vol._109-2013-ONe.torrent
2013-10-12 17:38 - 2013-10-12 18:02 - 108207757 _____ C:\Users\Dj Peroxid\Downloads\knihy.zip
2013-10-11 21:34 - 2013-10-11 21:34 - 00022911 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] 4912343.torrent
2013-10-11 21:34 - 2013-10-11 21:34 - 00022911 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] 4912343 (1).torrent
2013-10-09 19:04 - 2013-10-09 19:04 - 00062676 _____ C:\Users\Dj Peroxid\Downloads\Oblivion(0000221278).srt
2013-10-09 18:39 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-09 18:39 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-09 18:39 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-09 18:39 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 18:39 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 18:39 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-09 18:39 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 18:39 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-09 18:39 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-09 18:39 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-09 18:39 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 18:39 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 18:28 - 2013-10-09 18:28 - 00009904 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] Oblivion (2013).torrent
2013-10-08 23:11 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-08 23:11 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-08 23:10 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-08 23:10 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-08 23:10 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-08 23:10 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-08 23:10 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-08 23:10 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-08 23:10 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-08 23:10 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-08 23:10 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-08 23:10 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-08 23:10 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-08 23:10 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-08 23:10 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-08 23:10 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-08 23:10 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-08 23:10 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-08 23:09 - 2013-10-25 18:52 - 00000000 __SHD C:\Users\Dj Peroxid\AppData\Roaming\8C1830
2013-10-08 23:09 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-08 23:09 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-08 23:09 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-08 23:09 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-08 23:09 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-08 23:09 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-08 23:09 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-08 23:09 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-08 23:09 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-08 23:09 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-08 23:09 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-08 23:09 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-08 23:09 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-08 23:09 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-08 23:09 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-08 23:09 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-08 23:09 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-08 23:09 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-08 23:09 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-08 23:09 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-08 23:09 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-08 23:09 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-08 23:09 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-08 23:09 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-08 23:09 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-08 23:09 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-08 23:09 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-08 23:09 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-08 23:09 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-08 23:09 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-08 23:09 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-08 23:09 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-08 23:09 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-08 23:09 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-08 23:09 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-08 23:09 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-02 23:01 - 2013-10-02 23:01 - 00000000 ____D C:\Users\Dj Peroxid\Desktop\Sub_Focus-Torus-2013-NOiR
2013-10-02 21:37 - 2013-10-02 21:37 - 00017894 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] Nrj Hits 2013 Volume 2.torrent
2013-10-02 21:24 - 2013-10-02 21:24 - 00017598 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] VA - NRJ Party Hits 2013 (2CD)(2013).torrent
2013-10-02 21:23 - 2013-10-02 21:23 - 00018703 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] VA-NRJ_200_percent_Hits_2013_Vol.2-(534_497-2)-2CD-2013-1nDD.torrent
2013-10-02 21:09 - 2013-10-02 21:09 - 00017618 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] C31CB87D24AA23BDD579D7618225869670CAEA9C.torrent
2013-10-01 20:10 - 2013-10-01 20:10 - 00024618 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] pes 2014-RELOADED.torrent
2013-09-28 16:00 - 2013-09-28 16:00 - 00000000 ____D C:\Users\Dj Peroxid\AppData\Roaming\eUpdate

==================== One Month Modified Files and Folders =======

2013-10-26 23:04 - 2013-10-26 23:04 - 00015327 _____ C:\Users\Dj Peroxid\Desktop\LM.bat
2013-10-26 23:04 - 2013-10-26 22:57 - 00029696 _____ C:\Users\Dj Peroxid\AppData\Local\MSGBOX.EXE
2013-10-26 23:03 - 2013-10-25 19:37 - 00016003 _____ C:\Windows\WindowsUpdate.log
2013-10-26 23:02 - 2013-10-26 23:03 - 01956160 _____ (Farbar) C:\Users\Dj Peroxid\Desktop\FRST64.exe
2013-10-26 23:02 - 2013-10-26 23:02 - 01956160 _____ (Farbar) C:\Users\Dj Peroxid\Downloads\FRST64 (2).exe
2013-10-26 23:01 - 2013-10-26 23:01 - 01956160 _____ (Farbar) C:\Users\Dj Peroxid\Downloads\FRST64 (1).exe
2013-10-26 22:40 - 2009-07-14 06:45 - 00015504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-26 22:40 - 2009-07-14 06:45 - 00015504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-26 22:33 - 2013-07-10 20:49 - 00000376 _____ C:\Windows\Tasks\AmiUpdXp.job
2013-10-26 22:33 - 2013-01-20 23:57 - 00000956 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-26 22:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-26 22:32 - 2013-10-24 22:49 - 00000504 _____ C:\Windows\setupact.log
2013-10-26 22:31 - 2013-10-26 22:31 - 00000000 ____D C:\Users\Public\Desktop\CC Support
2013-10-26 22:31 - 2013-10-26 22:20 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-26 22:31 - 2013-10-26 22:18 - 00000000 ____D C:\Users\Dj Peroxid\Desktop\mbar
2013-10-26 22:30 - 2013-01-20 23:57 - 00000960 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-26 22:20 - 2013-10-26 22:31 - 04009167 _____ C:\Users\Dj Peroxid\Desktop\ServicesRepair.exe
2013-10-26 22:20 - 2013-10-26 22:20 - 04009167 _____ C:\Users\Dj Peroxid\Downloads\ServicesRepair.exe
2013-10-26 22:20 - 2013-10-26 22:20 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-10-26 22:20 - 2013-10-26 22:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-26 22:19 - 2013-10-26 22:19 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-26 22:17 - 2013-10-23 16:32 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-26 22:16 - 2013-10-26 22:18 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Dj Peroxid\Desktop\mbar-1.07.0.1007.exe
2013-10-26 22:16 - 2013-10-26 22:16 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Dj Peroxid\Downloads\mbar-1.07.0.1007.exe
2013-10-26 10:33 - 2009-07-14 17:18 - 00666656 _____ C:\Windows\system32\perfh005.dat
2013-10-26 10:33 - 2009-07-14 17:18 - 00140320 _____ C:\Windows\system32\perfc005.dat
2013-10-26 10:33 - 2009-07-14 07:13 - 01577046 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-26 02:49 - 2013-01-21 20:31 - 00000000 ____D C:\Program Files (x86)\The KMPlayer
2013-10-26 01:08 - 2013-10-26 01:08 - 00000000 ____D C:\Users\Dj Peroxid\AppData\Roaming\Macromedia
2013-10-25 23:05 - 2013-10-25 23:05 - 00027509 _____ C:\ComboFix.txt
2013-10-25 23:05 - 2013-10-25 22:52 - 00000000 ____D C:\Qoobox
2013-10-25 23:05 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-10-25 23:04 - 2013-10-25 22:52 - 00000000 ____D C:\Windows\erdnt
2013-10-25 23:00 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-10-25 22:59 - 2013-10-24 23:51 - 00024418 _____ C:\Windows\PFRO.log
2013-10-25 22:58 - 2009-07-14 04:34 - 63700992 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-10-25 22:58 - 2009-07-14 04:34 - 19398656 _____ C:\Windows\system32\config\SYSTEM.bak
2013-10-25 22:58 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2013-10-25 22:58 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-10-25 22:58 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2013-10-25 22:52 - 2013-10-25 22:52 - 05136677 ____R (Swearware) C:\Users\Dj Peroxid\Desktop\ComboFix.exe
2013-10-25 22:52 - 2013-10-25 22:52 - 05136677 _____ (Swearware) C:\Users\Dj Peroxid\Downloads\ComboFix.exe
2013-10-25 22:52 - 2009-07-14 07:08 - 00032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-25 19:01 - 2013-10-25 18:55 - 00008588 _____ C:\Users\Dj Peroxid\Desktop\Rkill.txt
2013-10-25 18:56 - 2013-10-25 18:56 - 00000000 ____D C:\Users\Dj Peroxid\Desktop\rkill
2013-10-25 18:55 - 2013-10-25 18:55 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Dj Peroxid\Downloads\rkill.com
2013-10-25 18:55 - 2013-10-25 18:55 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Dj Peroxid\Desktop\rkill.com
2013-10-25 18:52 - 2013-10-08 23:09 - 00000000 __SHD C:\Users\Dj Peroxid\AppData\Roaming\8C1830
2013-10-25 18:52 - 2013-07-10 20:50 - 00000000 ____D C:\ProgramData\eSafe
2013-10-25 00:21 - 2013-10-25 00:21 - 00005178 _____ C:\Users\Dj Peroxid\Desktop\Addition.zip
2013-10-25 00:10 - 2013-10-25 00:10 - 00000000 ____D C:\FRST
2013-10-25 00:09 - 2013-10-25 00:10 - 00112128 _____ (forum.viry.cz) C:\Users\Dj Peroxid\Desktop\FRSTLauncher.exe
2013-10-25 00:09 - 2013-10-25 00:09 - 00112128 _____ (forum.viry.cz) C:\Users\Dj Peroxid\Downloads\FRSTLauncher.exe
2013-10-25 00:09 - 2013-10-25 00:08 - 01955412 _____ (Farbar) C:\Users\Dj Peroxid\Downloads\FRST64.exe
2013-10-24 23:52 - 2013-10-24 23:52 - 00000000 ____D C:\Users\Dj Peroxid\AppData\Roaming\AVAST Software
2013-10-24 23:45 - 2013-01-20 23:57 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-24 23:15 - 2013-01-20 23:57 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-24 23:14 - 2013-03-19 08:40 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-24 23:14 - 2013-03-19 08:40 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-24 23:14 - 2013-01-20 23:57 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-24 23:14 - 2013-01-20 23:57 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-24 23:14 - 2013-01-20 23:57 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-24 23:14 - 2013-01-20 23:57 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-24 23:14 - 2013-01-20 23:57 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-24 23:14 - 2013-01-20 23:57 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-24 23:14 - 2013-01-20 23:57 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-24 23:14 - 2013-01-20 23:56 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-24 23:07 - 2013-01-20 23:57 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-24 23:07 - 2013-01-20 23:56 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-24 22:49 - 2013-10-24 22:49 - 00000000 _____ C:\Windows\setuperr.log
2013-10-23 23:21 - 2013-01-26 18:50 - 00000000 ____D C:\Users\Dj Peroxid\AppData\Roaming\uTorrent
2013-10-23 23:18 - 2013-01-19 19:55 - 00000000 ____D C:\Windows\Panther
2013-10-23 23:04 - 2013-05-19 22:50 - 00000000 ____D C:\Program Files (x86)\hdvidcodec.com
2013-10-23 23:00 - 2013-06-22 13:43 - 00000000 ____D C:\Users\Dj Peroxid\AppData\Roaming\File Scout
2013-10-23 16:32 - 2013-10-23 16:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-23 16:32 - 2013-10-23 16:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-23 16:32 - 2013-10-23 16:32 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-23 16:32 - 2013-10-23 16:32 - 00000000 ____D C:\Windows\system32\Macromed
2013-10-23 16:16 - 2013-10-23 16:07 - 00000000 __SHD C:\Users\Dj Peroxid\fxiuy
2013-10-23 16:11 - 2013-01-20 23:57 - 00000000 ____D C:\Users\Dj Peroxid\AppData\Local\Google
2013-10-23 16:11 - 2013-01-20 23:57 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-23 16:07 - 2013-01-19 20:04 - 00000000 ____D C:\Users\Dj Peroxid
2013-10-22 16:59 - 2013-10-22 12:04 - 00000000 ____D C:\Users\Dj Peroxid\Desktop\Školení Excel
2013-10-22 14:34 - 2013-07-23 17:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-22 12:08 - 2013-06-08 14:54 - 00000000 ____D C:\Users\Dj Peroxid\Desktop\foto
2013-10-22 12:02 - 2013-09-08 10:36 - 00000000 ____D C:\Users\Dj Peroxid\Desktop\florbal
2013-10-20 19:25 - 2013-01-20 23:57 - 00003956 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-20 19:25 - 2013-01-20 23:57 - 00003704 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-14 22:52 - 2013-10-14 22:52 - 00020502 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] VA-DJ_Selection_387_-_Dance_Invasion_Vol._109-2013-ONe.torrent
2013-10-12 18:02 - 2013-10-12 17:38 - 108207757 _____ C:\Users\Dj Peroxid\Downloads\knihy.zip
2013-10-11 21:34 - 2013-10-11 21:34 - 00022911 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] 4912343.torrent
2013-10-11 21:34 - 2013-10-11 21:34 - 00022911 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] 4912343 (1).torrent
2013-10-09 20:20 - 2013-06-22 15:30 - 00000000 ____D C:\Windows\rescache
2013-10-09 19:04 - 2013-10-09 19:04 - 00062676 _____ C:\Users\Dj Peroxid\Downloads\Oblivion(0000221278).srt
2013-10-09 18:58 - 2013-03-14 01:47 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-09 18:58 - 2013-03-14 01:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-09 18:58 - 2009-07-14 06:45 - 00298536 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-09 18:37 - 2013-08-02 22:21 - 01556632 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-09 18:33 - 2013-07-26 00:32 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 18:32 - 2013-01-21 20:25 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 18:28 - 2013-10-09 18:28 - 00009904 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] Oblivion (2013).torrent
2013-10-06 15:51 - 2013-01-26 19:06 - 00000000 ____D C:\Users\Dj Peroxid\Documents\VirtualDJ
2013-10-02 23:01 - 2013-10-02 23:01 - 00000000 ____D C:\Users\Dj Peroxid\Desktop\Sub_Focus-Torus-2013-NOiR
2013-10-02 21:37 - 2013-10-02 21:37 - 00017894 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] Nrj Hits 2013 Volume 2.torrent
2013-10-02 21:24 - 2013-10-02 21:24 - 00017598 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] VA - NRJ Party Hits 2013 (2CD)(2013).torrent
2013-10-02 21:23 - 2013-10-02 21:23 - 00018703 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] VA-NRJ_200_percent_Hits_2013_Vol.2-(534_497-2)-2CD-2013-1nDD.torrent
2013-10-02 21:09 - 2013-10-02 21:09 - 00017618 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] C31CB87D24AA23BDD579D7618225869670CAEA9C.torrent
2013-10-01 22:11 - 2013-09-09 23:44 - 00000000 ____D C:\Program Files (x86)\MyHeritage
2013-10-01 20:10 - 2013-10-01 20:10 - 00024618 _____ C:\Users\Dj Peroxid\Downloads\[isoHunt] pes 2014-RELOADED.torrent
2013-09-28 16:00 - 2013-09-28 16:00 - 00000000 ____D C:\Users\Dj Peroxid\AppData\Roaming\eUpdate

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-10-22 20:34

==================== End Of Log ============================

#12 Příspěvek od **vyosek** » 26 říj 2013 22:24

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1377342503
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1377342503
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1377342503
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1377342503
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1373482226
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1373482226
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1373482226
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1373482226
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=148C9C4E3615EEA9&affID=120007&tt=110813_YTB&tsp=4972
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_ ... default&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear

FF Extension: hdvc - C:\Users\Dj Peroxid\AppData\Roaming\Mozilla\Firefox\profiles\extensions\hdvc@hdvc.com.xpi

CHR HomePage: hxxp://www.delta-homes.com/?utm_source= ... 1380303077
CHR RestoreOnStartup: "hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=ST1000LM024XHN-M101MBB_S2U5J9HC400376&ts=1380303077"
CHR DefaultSearchURL: (delta-homes) - http://search.delta-homes.com/web/?utm_ ... default&q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Dj Peroxid\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM-x32\...\Chrome\Extension: [kpkbnefaikfaeadgidhpoanckoiaheli] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx

2013-10-26 23:04 - 2013-10-26 23:04 - 00015327 _____ C:\Users\Dj Peroxid\Desktop\LM.bat
2013-10-26 23:02 - 2013-10-26 23:02 - 01956160 _____ (Farbar) C:\Users\Dj Peroxid\Downloads\FRST64 (2).exe
2013-10-26 23:01 - 2013-10-26 23:01 - 01956160 _____ (Farbar) C:\Users\Dj Peroxid\Downloads\FRST64 (1).exe
2013-10-26 22:57 - 2013-10-26 23:04 - 00029696 _____ C:\Users\Dj Peroxid\AppData\Local\MSGBOX.EXE
2013-10-26 22:31 - 2013-10-26 22:31 - 00000000 ____D C:\Users\Public\Desktop\CC Support
2013-10-26 22:31 - 2013-10-26 22:20 - 04009167 _____ C:\Users\Dj Peroxid\Desktop\ServicesRepair.exe

U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\ \...\???\{08194442-a0b6-9654-5762-8ede22cf7eb6}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Dj Peroxid\AppData\Local\SwvUpdater\Updater.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

djperoxid · #13 Příspěvek od **djperoxid** » 26 říj 2013 22:35

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-10-2013 01
Ran by Dj Peroxid at 2013-10-26 23:32:23 Run:1
Running from C:\Users\Dj Peroxid\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1377342503
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1377342503
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1377342503
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1377342503
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1373482226
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1373482226
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1373482226
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1373482226
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-search.com/?q={search ... B&tsp=4972
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_ ... default&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear

FF Extension: hdvc - C:\Users\Dj Peroxid\AppData\Roaming\Mozilla\Firefox\profiles\extensions\hdvc@hdvc.com.xpi

CHR HomePage: hxxp://www.delta-homes.com/?utm_source= ... 1380303077
CHR RestoreOnStartup: "hxxp://www.delta-homes.com/?utm_source=b&utm_m ... 1380303077"
CHR DefaultSearchURL: (delta-homes) - http://search.delta-homes.com/web/?utm_ ... default&q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Dj Peroxid\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM-x32\...\Chrome\Extension: [kpkbnefaikfaeadgidhpoanckoiaheli] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx

2013-10-26 23:04 - 2013-10-26 23:04 - 00015327 _____ C:\Users\Dj Peroxid\Desktop\LM.bat
2013-10-26 23:02 - 2013-10-26 23:02 - 01956160 _____ (Farbar) C:\Users\Dj Peroxid\Downloads\FRST64 (2).exe
2013-10-26 23:01 - 2013-10-26 23:01 - 01956160 _____ (Farbar) C:\Users\Dj Peroxid\Downloads\FRST64 (1).exe
2013-10-26 22:57 - 2013-10-26 23:04 - 00029696 _____ C:\Users\Dj Peroxid\AppData\Local\MSGBOX.EXE
2013-10-26 22:31 - 2013-10-26 22:31 - 00000000 ____D C:\Users\Public\Desktop\CC Support
2013-10-26 22:31 - 2013-10-26 22:20 - 04009167 _____ C:\Users\Dj Peroxid\Desktop\ServicesRepair.exe

U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{08194442-a0b6-9654-5762-8ede22cf7eb6}\ \...\???\{08194442-a0b6-9654-5762-8ede22cf7eb6}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Dj Peroxid\AppData\Local\SwvUpdater\Updater.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:

End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
C:\Users\Dj Peroxid\AppData\Roaming\Mozilla\Firefox\profiles\extensions\hdvc@hdvc.com.xpi => Moved successfully.
CHR HomePage: hxxp://www.delta-homes.com/?utm_source= ... 1380303077 ==> The Chrome "Settings" can be used to fix the entry.
CHR RestoreOnStartup: "hxxp://www.delta-homes.com/?utm_source=b&utm_m ... 1380303077" ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: (delta-homes) - http://search.delta-homes.com/web/?utm_ ... default&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo => Key deleted successfully.
C:\Users\Dj Peroxid\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli => Key deleted successfully.
C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx => Moved successfully.
C:\Users\Dj Peroxid\Desktop\LM.bat => Moved successfully.
C:\Users\Dj Peroxid\Downloads\FRST64 (2).exe => Moved successfully.
C:\Users\Dj Peroxid\Downloads\FRST64 (1).exe => Moved successfully.
C:\Users\Dj Peroxid\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Users\Public\Desktop\CC Support => Moved successfully.
C:\Users\Dj Peroxid\Desktop\ServicesRepair.exe => Moved successfully.
*etadpug => Service not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\AmiUpdXp.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

#14 Příspěvek od **vyosek** » 27 říj 2013 07:36

Jak se chova PC

djperoxid · #15 Příspěvek od **djperoxid** » 27 říj 2013 11:23

zatím velmi dobře.nic nevyskakuje...velmi děkuji za pomoc jste borec

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu