Policejní vir - nový

Zpráva

mikkie · #1 Příspěvek od **mikkie** » 01 lis 2013 15:46

Dobrý den,

chtěl bych Vás poprosit o radu, ohledně odstranění "viru policie ČR". Chytil jsem asi nějakou poslední verzi, kdy se mi nedaří jej nikterak odstranit z NB. Odpojil jsem disk z NB, připojil k pevnému PC a snažil se projet disk AVASTem, a take Kaspersky Rescue Disk 10.. pokaždé to našlo několik infikovaných souborů, ale vložení disku do NB a naběhnutí WINDOWS (vista), se mi stále zobrazuej hlášení "Policie ČR"..

Funguje nějaký způsob, jak jej odstranit?

mikkie · #2 Příspěvek od **mikkie** » 02 lis 2013 19:50

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by cpeck (administrator) on ROMAN-PC on 02-11-2013 19:47:20
Running from F:\
Windows Vista (TM) Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Safe Mode (minimal)

==================== Could not list processes ===============

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [159744 2007-03-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [174616 2007-07-25] (Intel Corporation)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [hpWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [480560 2007-09-13] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WAWifiMessage] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [311296 2007-01-09] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2007-08-17] (CyberLink Corp.)
HKLM\...\Run: [QPService] - C:\Program Files\HP\QuickPlay\QPService.exe [468264 2007-12-20] (CyberLink Corp.)
HKLM\...\Run: [QlbCtrl] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [202032 2007-09-19] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [OnScreenDisplay] - C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554320 2007-09-04] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe [80896 2007-08-23] (Hewlett-Packard)
HKLM\...\Run: [HP Health Check Scheduler] - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - "C:\Program Files\Java\jre7\bin\jusched.exe"
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\avastui.exe [3567800 2013-10-25] (AVAST Software)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [HP Deskjet 3520 series (NET)] - C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [1818984 2012-01-31] (Hewlett-Packard Co.)
MountPoints2: {18c4fca9-bb25-11de-9862-001d725f58a5} - I:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {18c4fcaf-bb25-11de-9862-001d725f58a5} - I:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {8acc608d-978c-11dd-9591-001d725f58a5} - G:\SETUP.EXE
MountPoints2: {b22b3fae-4d2f-11e2-960a-bb0f8f99b8e0} - H:\HTC_Sync_Manager_PC.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2007-10-02] (Hewlett-Packard)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2007-10-02] (Hewlett-Packard)
Startup: C:\Users\cpeck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\cpeck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\cpeck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\od7o04wl.lnk
ShortcutTarget: od7o04wl.lnk -> C:\PROGRA~2\lw40o7do.dss (Sekizenkan Company)
Startup: C:\Users\cpeck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rjf1rf3.lnk
ShortcutTarget: rjf1rf3.lnk -> C:\PROGRA~2\3fr1fjr.dss (Sekizenkan Company)
Startup: C:\Users\cpeck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\todlfqlcv.lnk
ShortcutTarget: todlfqlcv.lnk -> C:\PROGRA~2\vclqfldot.dss ()
Startup: C:\Users\cpeck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/skinit/icq/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
SearchScopes: HKLM - DefaultScope {BDC84F4A-C50D-4ABC-98DF-9AFAC4E99DC5} URL = http://search.yahoo.com/search?p={searc ... fr=hp-pvdt
SearchScopes: HKLM - {BDC84F4A-C50D-4ABC-98DF-9AFAC4E99DC5} URL = http://search.yahoo.com/search?p={searc ... fr=hp-pvdt
SearchScopes: HKLM - {C689ACFE-7C90-430D-A48E-EC886E13220B} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKCU - DefaultScope {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9} URL = http://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKCU - {BDC84F4A-C50D-4ABC-98DF-9AFAC4E99DC5} URL = http://search.yahoo.com/search?p={searc ... fr=hp-pvdt
SearchScopes: HKCU - {C689ACFE-7C90-430D-A48E-EC886E13220B} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: No Name - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 31.192.72.13 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Users\cpeck\AppData\Roaming\Mozilla\Firefox\Profiles\nfy0yuq4.default
FF Homepage: hxxp://www.centrum.cz/skinit/icq/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @viewpoint.com/VMP - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: BlogRovR - C:\Users\cpeck\AppData\Roaming\Mozilla\Firefox\Profiles\nfy0yuq4.default\Extensions\stickis@activeweave.com
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (avast! Online Security) - C:\Users\cpeck\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0
CHR Extension: (Skype Click to Call) - C:\Users\cpeck\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\cpeck\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

========================== Services (Whitelisted) =================

S4 Automatic LiveUpdate Scheduler; c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [243064 2007-08-23] (Symantec Corporation)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-25] (AVAST Software)
S4 ccEvtMgr; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149864 2008-02-14] (Symantec Corporation)
S4 ccSetMgr; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149864 2008-02-14] (Symantec Corporation)
S4 CLTNetCnService; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149864 2008-02-14] (Symantec Corporation)
S3 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-03-05] (Hewlett-Packard Development Company, L.P.)
S3 comHost; c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [55640 2007-08-22] (Symantec Corporation)
S2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [65536 2007-09-20] (Hewlett-Packard)
S2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-10-26] (Nero AG)
S4 LiveUpdate; c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [3192184 2007-08-23] (Symantec Corporation)
S4 LiveUpdate Notice; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149864 2008-02-14] (Symantec Corporation)
S2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] ()
S2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [271760 2007-12-20] ()
S2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [112016 2007-12-20] ()
S2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [1245064 2008-02-23] ()
S2 SZASSIST; C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe [90112 2010-08-30] (Clarus, Inc.)

==================== Drivers (Whitelisted) ====================

S2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [35656 2013-10-25] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2013-10-25] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2013-10-25] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-10-25] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774392 2013-10-25] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [403440 2013-10-25] (AVAST Software)
S1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2013-10-25] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178304 2013-10-25] ()
S2 CO_Mon; C:\Windows\system32\drivers\CO_Mon.sys [36056 2007-08-08] (Symantec Corporation)
S1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [371248 2008-09-17] (Symantec Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
S3 IDSvix86; C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20070823.002\IDSvix86.sys [180272 2007-08-15] (Symantec Corporation)
S3 mdf16; C:\Program Files\Clarus\Samsung SecretZone\mdf16.sys [18288 2010-08-11] ()
S3 mvd22; C:\Program Files\Clarus\Samsung SecretZone\mvd22.sys [70512 2010-08-11] ()
S3 NAVENG; C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20071105.016\NAVENG.SYS [81232 2007-11-05] (Symantec Corporation)
S3 NAVEX15; C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20071105.016\NAVEX15.SYS [865904 2007-11-05] (Symantec Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [446512 2007-08-17] (Symantec Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2008-10-11] ()
S3 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [278576 2007-07-31] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [317616 2007-07-31] (Symantec Corporation)
S1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43696 2007-07-31] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [123952 2008-02-23] (Symantec Corporation)
S3 SymIM; C:\Windows\System32\DRIVERS\SymIM.sys [31280 2007-08-10] (Symantec Corporation)
S3 SymIMMP; C:\Windows\System32\DRIVERS\SymIM.sys [31280 2007-08-10] (Symantec Corporation)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2008-09-04] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [19968 2008-09-04] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24832 2008-09-04] (LG Electronics Inc.)
U3 axvw9crl; C:\Windows\System32\Drivers\axvw9crl.sys [0 ] (Microsoft Corporation)
S1 aowrhiem; \??\C:\Windows\system32\drivers\aowrhiem.sys [x]
S1 bpbcrcvv; \??\C:\Windows\system32\drivers\bpbcrcvv.sys [x]
S1 cgksgjvu; \??\C:\Windows\system32\drivers\cgksgjvu.sys [x]
S1 cufzqqha; \??\C:\Windows\system32\drivers\cufzqqha.sys [x]
U1 eabfiltr;
S1 fgpykrpf; \??\C:\Windows\system32\drivers\fgpykrpf.sys [x]
S1 fizvqgti; \??\C:\Windows\system32\drivers\fizvqgti.sys [x]
S1 fqfxkhgl; \??\C:\Windows\system32\drivers\fqfxkhgl.sys [x]
S1 fxjnyxfs; \??\C:\Windows\system32\drivers\fxjnyxfs.sys [x]
S1 gknnfbjf; \??\C:\Windows\system32\drivers\gknnfbjf.sys [x]
S1 glzlewev; \??\C:\Windows\system32\drivers\glzlewev.sys [x]
S1 gquhkqqz; \??\C:\Windows\system32\drivers\gquhkqqz.sys [x]
S1 hpnesutx; \??\C:\Windows\system32\drivers\hpnesutx.sys [x]
S1 hzdrgqgh; \??\C:\Windows\system32\drivers\hzdrgqgh.sys [x]
S1 iewzbjpz; \??\C:\Windows\system32\drivers\iewzbjpz.sys [x]
S1 ikjokkyr; \??\C:\Windows\system32\drivers\ikjokkyr.sys [x]
S1 imflhpcn; \??\C:\Windows\system32\drivers\imflhpcn.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S1 jkuoiejp; \??\C:\Windows\system32\drivers\jkuoiejp.sys [x]
S1 knzhoguh; \??\C:\Windows\system32\drivers\knzhoguh.sys [x]
S1 mcaefcrs; \??\C:\Windows\system32\drivers\mcaefcrs.sys [x]
S1 mkgmchxf; \??\C:\Windows\system32\drivers\mkgmchxf.sys [x]
S1 mxajtxoj; \??\C:\Windows\system32\drivers\mxajtxoj.sys [x]
S1 mxozeayh; \??\C:\Windows\system32\drivers\mxozeayh.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S1 pncxcmlk; \??\C:\Windows\system32\drivers\pncxcmlk.sys [x]
S1 puacmbyq; \??\C:\Windows\system32\drivers\puacmbyq.sys [x]
S1 puqvshvq; \??\C:\Windows\system32\drivers\puqvshvq.sys [x]
S1 rmwezocn; \??\C:\Windows\system32\drivers\rmwezocn.sys [x]
U5 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.sys [188464 2007-08-13] (Symantec Corporation)
S1 urbuhlyd; \??\C:\Windows\system32\drivers\urbuhlyd.sys [x]
S1 vdhbmbtu; \??\C:\Windows\system32\drivers\vdhbmbtu.sys [x]
S3 WinRing0_1_2_0; \??\C:\Program Files\BatteryCare\WinRing0.sys [x]
S1 xuledslk; \??\C:\Windows\system32\drivers\xuledslk.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-02 19:46 - 2013-11-02 19:46 - 00000000 ____D C:\FRST
2013-11-02 19:42 - 2013-11-02 19:43 - 00000000 ____D C:\Windows\LastGood
2013-10-30 23:01 - 2013-10-31 02:08 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-10-29 19:41 - 2013-10-30 18:44 - 00000000 _____ C:\ProgramData\4lood7mq.fvv
2013-10-29 19:34 - 2013-11-01 15:12 - 95025368 ____T C:\ProgramData\od7o04wl.bxx
2013-10-29 19:34 - 2013-11-01 15:12 - 00000000 _____ C:\ProgramData\od7o04wl.fvv
2013-10-29 19:34 - 2013-10-29 19:34 - 00139264 _____ (Sekizenkan Company) C:\ProgramData\lw40o7do.dss
2013-10-28 17:42 - 2013-10-30 18:44 - 95025368 ____T C:\ProgramData\4lood7mq.bxx
2013-10-27 08:57 - 2013-11-01 15:12 - 95025368 ____T C:\ProgramData\rjf1rf3.bxx
2013-10-27 08:57 - 2013-11-01 15:12 - 00000000 _____ C:\ProgramData\rjf1rf3.fvv
2013-10-27 08:56 - 2013-10-27 08:56 - 00135168 _____ (Sekizenkan Company) C:\ProgramData\3fr1fjr.dss
2013-10-26 17:34 - 2013-11-01 15:12 - 95025368 ____T C:\ProgramData\todlfqlcv.bxx
2013-10-26 17:34 - 2013-11-01 15:12 - 00000000 _____ C:\ProgramData\todlfqlcv.fvv
2013-10-26 17:34 - 2013-10-26 17:34 - 00175104 _____ C:\ProgramData\vclqfldot.dss
2013-10-25 20:06 - 2013-10-25 20:06 - 00001873 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-25 20:06 - 2013-10-25 20:06 - 00000000 ____D C:\Users\cpeck\AppData\Roaming\AVAST Software
2013-10-25 20:05 - 2013-10-25 20:04 - 00774392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-25 20:05 - 2013-10-25 20:04 - 00403440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-25 20:05 - 2013-10-25 20:04 - 00269216 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-25 20:05 - 2013-10-25 20:04 - 00178304 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-25 20:05 - 2013-10-25 20:04 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-25 20:05 - 2013-10-25 20:04 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-25 20:05 - 2013-10-25 20:04 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-10-25 20:05 - 2013-10-25 20:04 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-25 20:05 - 2013-10-25 20:04 - 00035656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-25 20:04 - 2013-10-25 20:04 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-25 20:02 - 2013-10-25 20:02 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-25 20:01 - 2013-10-25 20:01 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-25 19:47 - 2013-10-25 19:48 - 85269544 _____ (AVAST Software) C:\Users\cpeck\Desktop\avast!_Free_Antivirus_9.0.2006.exe
2013-10-24 18:42 - 2013-10-24 18:42 - 00000000 _____ C:\ProgramData\ori033.fvv
2013-10-23 20:57 - 2013-10-23 20:57 - 00000000 _____ C:\ProgramData\dbl7wlh.fvv
2013-10-21 20:41 - 2013-10-23 19:13 - 00000000 _____ C:\ProgramData\g8r9el.fvv
2013-10-15 18:29 - 2013-10-16 15:46 - 00000000 _____ C:\ProgramData\wlj62w8z3.ctrl
2013-10-14 21:16 - 2013-10-14 21:51 - 00000000 ____D C:\Users\cpeck\Desktop\Nová hala mnd
2013-10-11 18:27 - 2013-10-12 08:19 - 95025368 _____ C:\ProgramData\lgdw77.pff
2013-10-11 18:27 - 2013-10-11 18:57 - 00000000 _____ C:\ProgramData\lgdw77.ctrl
2013-10-10 06:11 - 2013-09-23 13:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 06:11 - 2013-09-23 13:57 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 06:11 - 2013-09-23 13:57 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-10 06:11 - 2013-09-23 13:55 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-10-10 06:11 - 2013-09-23 13:53 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2013-10-10 06:11 - 2013-09-23 13:52 - 06017024 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 06:11 - 2013-09-23 13:52 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 06:11 - 2013-09-23 13:52 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-10 06:11 - 2013-09-23 13:52 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 11111936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-10 06:11 - 2013-09-23 13:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 06:11 - 2013-09-23 13:50 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-10-10 06:11 - 2013-09-23 13:49 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2013-10-10 06:11 - 2013-09-23 12:14 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-10-10 06:11 - 2013-09-23 10:29 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 06:11 - 2013-09-23 10:29 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-10 06:11 - 2013-09-23 10:27 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 06:11 - 2013-09-23 10:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-10-10 06:11 - 2013-08-29 08:36 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 06:11 - 2013-08-27 03:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-10-10 06:11 - 2013-08-27 03:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-10-10 06:11 - 2013-08-27 03:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-10-10 06:11 - 2013-08-27 03:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-10-10 06:11 - 2013-08-27 02:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-10-10 06:11 - 2013-08-27 02:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-10-10 06:11 - 2013-08-27 02:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-10-10 06:11 - 2013-08-27 02:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-10 06:11 - 2013-08-27 02:28 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-10-10 06:11 - 2013-08-01 04:16 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 06:11 - 2013-08-01 03:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-10-10 06:11 - 2013-07-20 11:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 06:10 - 2013-07-12 10:04 - 00134272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 06:10 - 2013-07-04 05:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 06:10 - 2013-07-03 03:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 06:10 - 2013-07-03 03:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 06:10 - 2013-06-29 03:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-10 06:10 - 2013-06-29 03:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-10 06:10 - 2013-06-29 03:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-10 06:10 - 2013-06-29 03:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-10 06:10 - 2013-06-27 00:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 06:10 - 2013-06-04 05:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 06:10 - 2013-06-04 02:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 06:10 - 2011-05-05 14:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-10 06:10 - 2011-05-05 14:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-07 20:55 - 2013-10-07 20:55 - 00033280 _____ C:\Users\cpeck\Desktop\Rozvrh+Hodonin+4.xls

==================== One Month Modified Files and Folders =======

2013-11-02 19:46 - 2013-11-02 19:46 - 00000000 ____D C:\FRST
2013-11-02 19:44 - 2008-06-20 20:57 - 01919643 _____ C:\Windows\WindowsUpdate.log
2013-11-02 19:43 - 2013-11-02 19:42 - 00000000 ____D C:\Windows\LastGood
2013-11-02 19:43 - 2006-11-02 13:52 - 00122124 _____ C:\Windows\setupact.log
2013-11-01 15:12 - 2013-10-29 19:34 - 95025368 ____T C:\ProgramData\od7o04wl.bxx
2013-11-01 15:12 - 2013-10-29 19:34 - 00000000 _____ C:\ProgramData\od7o04wl.fvv
2013-11-01 15:12 - 2013-10-27 08:57 - 95025368 ____T C:\ProgramData\rjf1rf3.bxx
2013-11-01 15:12 - 2013-10-27 08:57 - 00000000 _____ C:\ProgramData\rjf1rf3.fvv
2013-11-01 15:12 - 2013-10-26 17:34 - 95025368 ____T C:\ProgramData\todlfqlcv.bxx
2013-11-01 15:12 - 2013-10-26 17:34 - 00000000 _____ C:\ProgramData\todlfqlcv.fvv
2013-11-01 15:12 - 2013-01-08 18:49 - 00000880 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-01 15:12 - 2012-12-24 16:03 - 00000000 ____D C:\Users\cpeck\AppData\Local\HTC MediaHub
2013-11-01 15:12 - 2012-12-23 21:47 - 00000000 ____D C:\Users\cpeck\AppData\Roaming\Dropbox
2013-11-01 15:12 - 2008-06-20 21:15 - 00000220 _____ C:\Users\Public\Documents\hpqp.ini
2013-11-01 15:11 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-01 15:11 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-01 15:11 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-31 09:24 - 2013-01-08 18:49 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-31 09:16 - 2013-01-08 18:47 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-31 02:08 - 2013-10-30 23:01 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-10-30 21:36 - 2006-11-02 14:01 - 00032568 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-30 21:35 - 2012-12-23 21:51 - 00000000 ___RD C:\Users\cpeck\Dropbox
2013-10-30 18:44 - 2013-10-29 19:41 - 00000000 _____ C:\ProgramData\4lood7mq.fvv
2013-10-30 18:44 - 2013-10-28 17:42 - 95025368 ____T C:\ProgramData\4lood7mq.bxx
2013-10-29 19:49 - 2008-09-27 18:22 - 00000000 ____D C:\Users\cpeck\AppData\Roaming\Skype
2013-10-29 19:34 - 2013-10-29 19:34 - 00139264 _____ (Sekizenkan Company) C:\ProgramData\lw40o7do.dss
2013-10-27 08:56 - 2013-10-27 08:56 - 00135168 _____ (Sekizenkan Company) C:\ProgramData\3fr1fjr.dss
2013-10-26 17:34 - 2013-10-26 17:34 - 00175104 _____ C:\ProgramData\vclqfldot.dss
2013-10-26 16:44 - 2013-08-31 19:38 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-10-26 16:38 - 2010-08-29 19:58 - 00000000 ____D C:\ProgramData\EPSON
2013-10-25 20:06 - 2013-10-25 20:06 - 00001873 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-25 20:06 - 2013-10-25 20:06 - 00000000 ____D C:\Users\cpeck\AppData\Roaming\AVAST Software
2013-10-25 20:04 - 2013-10-25 20:05 - 00774392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-25 20:04 - 2013-10-25 20:05 - 00403440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-25 20:04 - 2013-10-25 20:05 - 00269216 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-25 20:04 - 2013-10-25 20:05 - 00178304 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-25 20:04 - 2013-10-25 20:05 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-25 20:04 - 2013-10-25 20:05 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-25 20:04 - 2013-10-25 20:05 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-10-25 20:04 - 2013-10-25 20:05 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-25 20:04 - 2013-10-25 20:05 - 00035656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-25 20:04 - 2013-10-25 20:04 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-25 20:02 - 2013-10-25 20:02 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-25 20:01 - 2013-10-25 20:01 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-25 20:00 - 2011-01-29 09:04 - 00001945 _____ C:\Windows\epplauncher.mif
2013-10-25 19:57 - 2006-11-02 12:18 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-10-25 19:48 - 2013-10-25 19:47 - 85269544 _____ (AVAST Software) C:\Users\cpeck\Desktop\avast!_Free_Antivirus_9.0.2006.exe
2013-10-24 18:42 - 2013-10-24 18:42 - 00000000 _____ C:\ProgramData\ori033.fvv
2013-10-23 20:57 - 2013-10-23 20:57 - 00000000 _____ C:\ProgramData\dbl7wlh.fvv
2013-10-23 19:13 - 2013-10-21 20:41 - 00000000 _____ C:\ProgramData\g8r9el.fvv
2013-10-21 17:27 - 2006-11-02 11:33 - 00725082 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-18 12:30 - 2013-01-08 18:50 - 00001971 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-18 06:58 - 2008-09-27 18:19 - 00000000 ___RD C:\Program Files\Skype
2013-10-18 06:58 - 2008-09-27 18:19 - 00000000 ____D C:\ProgramData\Skype
2013-10-17 21:11 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-16 15:46 - 2013-10-15 18:29 - 00000000 _____ C:\ProgramData\wlj62w8z3.ctrl
2013-10-14 21:51 - 2013-10-14 21:16 - 00000000 ____D C:\Users\cpeck\Desktop\Nová hala mnd
2013-10-14 21:10 - 2012-02-24 23:13 - 00000000 ____D C:\Users\cpeck\Desktop\roman
2013-10-14 02:35 - 2006-11-02 13:47 - 00398896 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-14 02:34 - 2009-07-31 19:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-14 02:13 - 2008-02-23 10:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-14 02:10 - 2013-08-19 02:12 - 00000000 ____D C:\Windows\system32\MRT
2013-10-14 02:07 - 2006-11-02 11:24 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-10-12 08:19 - 2013-10-11 18:27 - 95025368 _____ C:\ProgramData\lgdw77.pff
2013-10-11 18:57 - 2013-10-11 18:27 - 00000000 _____ C:\ProgramData\lgdw77.ctrl
2013-10-09 20:09 - 2013-01-08 18:47 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-09 20:09 - 2013-01-08 18:47 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-07 20:55 - 2013-10-07 20:55 - 00033280 _____ C:\Users\cpeck\Desktop\Rozvrh+Hodonin+4.xls

Files to move or delete:
====================
C:\Users\cpeck\AppData\Roaming\desktop.ini
C:\ProgramData\3fr1fjr.dss
C:\ProgramData\lgdw77.ctrl
C:\ProgramData\lgdw77.pff
C:\ProgramData\lw40o7do.dss
C:\ProgramData\vclqfldot.dss
C:\ProgramData\wlj62w8z3.ctrl
C:\Users\cpeck\lkpdetect.exe

Some content of TEMP:
====================
C:\Users\cpeck\AppData\Local\Temp\SkypeSetup.exe
C:\Users\cpeck\AppData\Local\Temp\~tmf1458326167908709501.dll
C:\Users\cpeck\AppData\Local\Temp\~tmf1607718402519754714.dll
C:\Users\cpeck\AppData\Local\Temp\~tmf2741566401718133396.dll
C:\Users\cpeck\AppData\Local\Temp\~tmf5454468121606902051.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-10-31 09:18

==================== End Of Log ============================

mikkie · #3 Příspěvek od **mikkie** » 03 lis 2013 13:00

Díky za reakci .. vkládám nový LOG

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by cpeck (administrator) on ROMAN-PC on 03-11-2013 12:51:52
Running from F:\
Windows Vista (TM) Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Could not list processes ===============

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [159744 2007-03-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [174616 2007-07-25] (Intel Corporation)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [hpWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [480560 2007-09-13] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WAWifiMessage] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [311296 2007-01-09] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2007-08-17] (CyberLink Corp.)
HKLM\...\Run: [QPService] - C:\Program Files\HP\QuickPlay\QPService.exe [468264 2007-12-20] (CyberLink Corp.)
HKLM\...\Run: [QlbCtrl] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [202032 2007-09-19] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [OnScreenDisplay] - C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554320 2007-09-04] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe [80896 2007-08-23] (Hewlett-Packard)
HKLM\...\Run: [HP Health Check Scheduler] - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - "C:\Program Files\Java\jre7\bin\jusched.exe"
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\avastui.exe [3567800 2013-10-25] (AVAST Software)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [HP Deskjet 3520 series (NET)] - C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [1818984 2012-01-31] (Hewlett-Packard Co.)
MountPoints2: {18c4fca9-bb25-11de-9862-001d725f58a5} - I:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {18c4fcaf-bb25-11de-9862-001d725f58a5} - I:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {8acc608d-978c-11dd-9591-001d725f58a5} - G:\SETUP.EXE
MountPoints2: {b22b3fae-4d2f-11e2-960a-bb0f8f99b8e0} - H:\HTC_Sync_Manager_PC.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2007-10-02] (Hewlett-Packard)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2007-10-02] (Hewlett-Packard)
Startup: C:\Users\cpeck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\cpeck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\cpeck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/skinit/icq/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
SearchScopes: HKLM - DefaultScope {BDC84F4A-C50D-4ABC-98DF-9AFAC4E99DC5} URL = http://search.yahoo.com/search?p={searc ... fr=hp-pvdt
SearchScopes: HKLM - {BDC84F4A-C50D-4ABC-98DF-9AFAC4E99DC5} URL = http://search.yahoo.com/search?p={searc ... fr=hp-pvdt
SearchScopes: HKLM - {C689ACFE-7C90-430D-A48E-EC886E13220B} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKCU - DefaultScope {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9} URL = http://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKCU - {BDC84F4A-C50D-4ABC-98DF-9AFAC4E99DC5} URL = http://search.yahoo.com/search?p={searc ... fr=hp-pvdt
SearchScopes: HKCU - {C689ACFE-7C90-430D-A48E-EC886E13220B} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
BHO: No Name - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 31.192.72.13 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Users\cpeck\AppData\Roaming\Mozilla\Firefox\Profiles\nfy0yuq4.default
FF Homepage: hxxp://www.centrum.cz/skinit/icq/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @viewpoint.com/VMP - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: BlogRovR - C:\Users\cpeck\AppData\Roaming\Mozilla\Firefox\Profiles\nfy0yuq4.default\Extensions\stickis@activeweave.com
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (avast! Online Security) - C:\Users\cpeck\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0
CHR Extension: (Skype Click to Call) - C:\Users\cpeck\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\cpeck\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

========================== Services (Whitelisted) =================

S4 Automatic LiveUpdate Scheduler; c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [243064 2007-08-23] (Symantec Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-25] (AVAST Software)
S4 ccEvtMgr; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149864 2008-02-14] (Symantec Corporation)
S4 ccSetMgr; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149864 2008-02-14] (Symantec Corporation)
S4 CLTNetCnService; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149864 2008-02-14] (Symantec Corporation)
S3 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-03-05] (Hewlett-Packard Development Company, L.P.)
S3 comHost; c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [55640 2007-08-22] (Symantec Corporation)
S2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [65536 2007-09-20] (Hewlett-Packard)
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-10-26] (Nero AG)
S4 LiveUpdate; c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [3192184 2007-08-23] (Symantec Corporation)
S4 LiveUpdate Notice; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149864 2008-02-14] (Symantec Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] ()
R2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [271760 2007-12-20] ()
R2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [112016 2007-12-20] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [1245064 2008-02-23] ()
R2 SZASSIST; C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe [90112 2010-08-30] (Clarus, Inc.)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [35656 2013-10-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2013-10-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2013-10-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-10-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774392 2013-10-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [403440 2013-10-25] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2013-10-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178304 2013-10-25] ()
R2 CO_Mon; C:\Windows\system32\drivers\CO_Mon.sys [36056 2007-08-08] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [371248 2008-09-17] (Symantec Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
S3 IDSvix86; C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20070823.002\IDSvix86.sys [180272 2007-08-15] (Symantec Corporation)
R3 mdf16; C:\Program Files\Clarus\Samsung SecretZone\mdf16.sys [18288 2010-08-11] ()
R3 mvd22; C:\Program Files\Clarus\Samsung SecretZone\mvd22.sys [70512 2010-08-11] ()
S3 NAVENG; C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20071105.016\NAVENG.SYS [81232 2007-11-05] (Symantec Corporation)
S3 NAVEX15; C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20071105.016\NAVEX15.SYS [865904 2007-11-05] (Symantec Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [446512 2007-08-17] (Symantec Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2008-10-11] ()
S3 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [278576 2007-07-31] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [317616 2007-07-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43696 2007-07-31] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [123952 2008-02-23] (Symantec Corporation)
S3 SymIM; C:\Windows\System32\DRIVERS\SymIM.sys [31280 2007-08-10] (Symantec Corporation)
R3 SymIMMP; C:\Windows\System32\DRIVERS\SymIM.sys [31280 2007-08-10] (Symantec Corporation)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2008-09-04] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [19968 2008-09-04] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24832 2008-09-04] (LG Electronics Inc.)
U3 a1yec24m; C:\Windows\System32\Drivers\a1yec24m.sys [0 ] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
U5 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.sys [188464 2007-08-13] (Symantec Corporation)
S3 WinRing0_1_2_0; \??\C:\Program Files\BatteryCare\WinRing0.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-02 19:46 - 2013-11-02 19:46 - 00000000 ____D C:\FRST
2013-10-30 23:01 - 2013-10-31 02:08 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-10-25 20:06 - 2013-10-25 20:06 - 00001873 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-25 20:06 - 2013-10-25 20:06 - 00000000 ____D C:\Users\cpeck\AppData\Roaming\AVAST Software
2013-10-25 20:05 - 2013-10-25 20:04 - 00774392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-25 20:05 - 2013-10-25 20:04 - 00403440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-25 20:05 - 2013-10-25 20:04 - 00269216 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-25 20:05 - 2013-10-25 20:04 - 00178304 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-25 20:05 - 2013-10-25 20:04 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-25 20:05 - 2013-10-25 20:04 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-25 20:05 - 2013-10-25 20:04 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-10-25 20:05 - 2013-10-25 20:04 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-25 20:05 - 2013-10-25 20:04 - 00035656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-25 20:04 - 2013-10-25 20:04 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-25 20:02 - 2013-10-25 20:02 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-25 20:01 - 2013-10-25 20:01 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-25 19:47 - 2013-10-25 19:48 - 85269544 _____ (AVAST Software) C:\Users\cpeck\Desktop\avast!_Free_Antivirus_9.0.2006.exe
2013-10-14 21:16 - 2013-10-14 21:51 - 00000000 ____D C:\Users\cpeck\Desktop\Nová hala mnd
2013-10-10 06:11 - 2013-09-23 13:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 06:11 - 2013-09-23 13:57 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 06:11 - 2013-09-23 13:57 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-10 06:11 - 2013-09-23 13:55 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-10-10 06:11 - 2013-09-23 13:53 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2013-10-10 06:11 - 2013-09-23 13:52 - 06017024 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 06:11 - 2013-09-23 13:52 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 06:11 - 2013-09-23 13:52 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-10 06:11 - 2013-09-23 13:52 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 11111936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-10 06:11 - 2013-09-23 13:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-10-10 06:11 - 2013-09-23 13:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 06:11 - 2013-09-23 13:50 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-10-10 06:11 - 2013-09-23 13:49 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2013-10-10 06:11 - 2013-09-23 12:14 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-10-10 06:11 - 2013-09-23 10:29 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 06:11 - 2013-09-23 10:29 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-10 06:11 - 2013-09-23 10:27 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 06:11 - 2013-09-23 10:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-10-10 06:11 - 2013-08-29 08:36 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 06:11 - 2013-08-27 03:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-10-10 06:11 - 2013-08-27 03:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-10-10 06:11 - 2013-08-27 03:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-10-10 06:11 - 2013-08-27 03:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-10-10 06:11 - 2013-08-27 02:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-10-10 06:11 - 2013-08-27 02:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-10-10 06:11 - 2013-08-27 02:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-10-10 06:11 - 2013-08-27 02:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-10 06:11 - 2013-08-27 02:28 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-10-10 06:11 - 2013-08-01 04:16 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 06:11 - 2013-08-01 03:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-10-10 06:11 - 2013-07-20 11:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 06:10 - 2013-07-12 10:04 - 00134272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 06:10 - 2013-07-04 05:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 06:10 - 2013-07-03 03:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 06:10 - 2013-07-03 03:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 06:10 - 2013-06-29 03:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-10 06:10 - 2013-06-29 03:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-10 06:10 - 2013-06-29 03:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-10 06:10 - 2013-06-29 03:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-10 06:10 - 2013-06-27 00:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 06:10 - 2013-06-04 05:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 06:10 - 2013-06-04 02:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 06:10 - 2011-05-05 14:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-10 06:10 - 2011-05-05 14:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-07 20:55 - 2013-10-07 20:55 - 00033280 _____ C:\Users\cpeck\Desktop\Rozvrh+Hodonin+4.xls

==================== One Month Modified Files and Folders =======

2013-11-03 12:54 - 2008-06-20 20:57 - 01921189 _____ C:\Windows\WindowsUpdate.log
2013-11-03 12:50 - 2009-10-31 20:43 - 00006648 _____ C:\Users\cpeck\AppData\Local\d3d9caps.dat
2013-11-03 12:50 - 2008-10-01 10:12 - 00024064 _____ C:\Users\cpeck\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-03 12:49 - 2012-12-23 21:47 - 00000000 ____D C:\Users\cpeck\AppData\Roaming\Dropbox
2013-11-03 12:49 - 2008-06-20 21:15 - 00000212 _____ C:\Users\Public\Documents\hpqp.ini
2013-11-03 12:48 - 2006-11-02 13:52 - 00122913 _____ C:\Windows\setupact.log
2013-11-03 12:46 - 2013-01-08 18:49 - 00000880 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-03 12:46 - 2012-12-24 16:03 - 00000000 ____D C:\Users\cpeck\AppData\Local\HTC MediaHub
2013-11-03 12:46 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-03 12:46 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-03 12:46 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-03 12:43 - 2008-09-12 22:53 - 00000000 ____D C:\Users\cpeck
2013-11-02 19:46 - 2013-11-02 19:46 - 00000000 ____D C:\FRST
2013-10-31 09:24 - 2013-01-08 18:49 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-31 09:16 - 2013-01-08 18:47 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-31 02:08 - 2013-10-30 23:01 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-10-30 21:36 - 2006-11-02 14:01 - 00032568 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-30 21:35 - 2012-12-23 21:51 - 00000000 ___RD C:\Users\cpeck\Dropbox
2013-10-29 19:49 - 2008-09-27 18:22 - 00000000 ____D C:\Users\cpeck\AppData\Roaming\Skype
2013-10-26 16:44 - 2013-08-31 19:38 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-10-26 16:38 - 2010-08-29 19:58 - 00000000 ____D C:\ProgramData\EPSON
2013-10-25 20:06 - 2013-10-25 20:06 - 00001873 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-25 20:06 - 2013-10-25 20:06 - 00000000 ____D C:\Users\cpeck\AppData\Roaming\AVAST Software
2013-10-25 20:04 - 2013-10-25 20:05 - 00774392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-25 20:04 - 2013-10-25 20:05 - 00403440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-25 20:04 - 2013-10-25 20:05 - 00269216 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-25 20:04 - 2013-10-25 20:05 - 00178304 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-25 20:04 - 2013-10-25 20:05 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-25 20:04 - 2013-10-25 20:05 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-25 20:04 - 2013-10-25 20:05 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-10-25 20:04 - 2013-10-25 20:05 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-25 20:04 - 2013-10-25 20:05 - 00035656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-25 20:04 - 2013-10-25 20:04 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-25 20:02 - 2013-10-25 20:02 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-25 20:01 - 2013-10-25 20:01 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-25 20:00 - 2011-01-29 09:04 - 00001945 _____ C:\Windows\epplauncher.mif
2013-10-25 19:57 - 2006-11-02 12:18 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-10-25 19:48 - 2013-10-25 19:47 - 85269544 _____ (AVAST Software) C:\Users\cpeck\Desktop\avast!_Free_Antivirus_9.0.2006.exe
2013-10-21 17:27 - 2006-11-02 11:33 - 00725082 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-18 12:30 - 2013-01-08 18:50 - 00001971 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-18 06:58 - 2008-09-27 18:19 - 00000000 ___RD C:\Program Files\Skype
2013-10-18 06:58 - 2008-09-27 18:19 - 00000000 ____D C:\ProgramData\Skype
2013-10-17 21:11 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-14 21:51 - 2013-10-14 21:16 - 00000000 ____D C:\Users\cpeck\Desktop\Nová hala mnd
2013-10-14 21:10 - 2012-02-24 23:13 - 00000000 ____D C:\Users\cpeck\Desktop\roman
2013-10-14 02:35 - 2006-11-02 13:47 - 00398896 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-14 02:34 - 2009-07-31 19:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-14 02:13 - 2008-02-23 10:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-14 02:10 - 2013-08-19 02:12 - 00000000 ____D C:\Windows\system32\MRT
2013-10-14 02:07 - 2006-11-02 11:24 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-10-09 20:09 - 2013-01-08 18:47 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-09 20:09 - 2013-01-08 18:47 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-07 20:55 - 2013-10-07 20:55 - 00033280 _____ C:\Users\cpeck\Desktop\Rozvrh+Hodonin+4.xls

Files to move or delete:
====================
C:\Users\cpeck\AppData\Roaming\desktop.ini

Some content of TEMP:
====================
C:\Users\cpeck\AppData\Local\Temp\SkypeSetup.exe
C:\Users\cpeck\AppData\Local\Temp\~tmf1458326167908709501.dll
C:\Users\cpeck\AppData\Local\Temp\~tmf1607718402519754714.dll
C:\Users\cpeck\AppData\Local\Temp\~tmf2741566401718133396.dll
C:\Users\cpeck\AppData\Local\Temp\~tmf5454468121606902051.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-11-03 12:52

==================== End Of Log ============================

VIRY.CZ

Policejní vir - nový

Policejní vir - nový

Re: Policejní vir - nový

Re: Policejní vir - nový