VIRY.CZ

ComboFix 13-11-03.02 - Dell 05.11.2013 15:45:05.1.1 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1790.821 [GMT 1:00]
Spuštěný z: c:\users\Dell\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1358976145.bdinstall.bin
c:\programdata\PCDr\6308\AddOnDownloaded\2a6b5d0b-a2fc-4bdd-b3fe-6bbefb85b7e4.dll
c:\programdata\PCDr\6308\AddOnDownloaded\2c784c13-702f-431e-a492-e9dddd757b25.dll
c:\programdata\PCDr\6308\AddOnDownloaded\3cc3b539-b998-4728-8055-1201221a38d4.dll
c:\programdata\PCDr\6308\AddOnDownloaded\66858fdf-b35c-4b24-a074-915d56b3871b.dll
c:\programdata\PCDr\6308\AddOnDownloaded\6a18de82-0c56-4ede-8f2d-19778c96c985.dll
c:\programdata\PCDr\6308\AddOnDownloaded\704dfeb5-9129-4d88-8096-7f3bc80eb1ec.dll
c:\programdata\PCDr\6308\AddOnDownloaded\8d529c31-eeb1-4b4d-ab7e-98a38b1abf60.dll
c:\programdata\PCDr\6308\AddOnDownloaded\8fab1a01-d6b6-4640-ac86-c3ddd583c840.dll
c:\programdata\PCDr\6308\AddOnDownloaded\9d97f346-8efc-4e33-9c3b-3eef6c324e61.dll
c:\programdata\PCDr\6308\AddOnDownloaded\b96b7bbd-964e-47f1-9323-f48f460042bf.dll
c:\programdata\PCDr\6308\AddOnDownloaded\b99be28c-ffd7-4136-9706-38ff86c43537.dll
c:\programdata\PCDr\6308\AddOnDownloaded\cadaa395-f50b-45c6-81f6-b5aaa3c5efba.dll
c:\programdata\PCDr\6308\AddOnDownloaded\f12de547-df4d-4236-9129-baac054f90ab.dll
c:\programdata\PCDr\6308\AddOnDownloaded\fc470dbb-846d-42d3-bb0a-6363a559f3fb.dll
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-05 do 2013-11-05 )))))))))))))))))))))))))))))))
.
.
2013-11-05 14:55 . 2013-11-05 14:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-05 14:55 . 2013-11-05 14:55 -------- d-----w- c:\users\BALTAGY\AppData\Local\temp
2013-11-05 13:41 . 2013-10-14 06:39 7796464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3A3DFA17-DCDE-4034-97B4-0D3767A31CBE}\mpengine.dll
2013-11-04 20:44 . 2013-11-04 20:44 -------- d-----w- c:\users\Dell\AppData\Local\MPlayer
2013-11-04 20:43 . 2013-11-04 20:43 -------- d-----w- c:\programdata\OEM Links
2013-11-04 20:43 . 2013-11-05 14:30 -------- d-----w- c:\users\Dell\.umplayer
2013-11-04 20:43 . 2013-11-04 20:43 -------- d-----w- c:\program files\UMPlayer
2013-11-04 18:31 . 2013-11-04 18:31 -------- d-----w- c:\program files\ATI
2013-11-01 10:20 . 2013-11-01 10:20 181808 ----a-w- c:\windows\RegBootClean.exe
2013-11-01 09:12 . 2012-06-05 07:37 256904 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2013-10-30 11:13 . 2013-11-01 11:08 -------- d-----w- c:\users\Dell\AppData\Roaming\LavasoftStatistics
2013-10-30 10:44 . 2013-10-30 10:44 -------- d-----w- c:\programdata\Lavasoft
2013-10-29 10:43 . 2013-11-01 20:22 -------- d-----w- c:\users\Dell\AppData\Roaming\Smart PC Solutions
2013-10-24 17:22 . 2013-10-24 17:23 -------- d-----w- c:\users\Dell\AppData\Roaming\Virus Scan
2013-10-23 17:30 . 2013-10-23 17:30 -------- d-----w- c:\program files\Common Files\Java
2013-10-23 17:30 . 2013-10-08 05:50 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-20 13:42 . 2013-10-20 13:42 1060864 ----a-w- c:\windows\system32\mfc71.dll
2013-10-20 13:42 . 2013-10-20 13:42 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2013-10-09 12:49 . 2013-07-04 11:50 530432 ----a-w- c:\windows\system32\comctl32.dll
2013-10-09 12:48 . 2013-07-12 10:07 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-10-09 12:48 . 2013-06-25 22:56 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-10 17:17 . 2012-11-23 08:39 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-10 17:17 . 2012-11-23 08:39 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-22 18:00 . 2013-09-22 18:00 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-09-22 18:00 . 2013-09-22 18:00 194048 ----a-w- c:\windows\system32\elshyph.dll
2013-09-22 18:00 . 2013-09-22 18:00 86016 ----a-w- c:\windows\system32\iesysprep.dll
2013-09-22 18:00 . 2013-09-22 18:00 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-09-22 18:00 . 2013-09-22 18:00 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-09-22 18:00 . 2013-09-22 18:00 644608 ----a-w- c:\windows\system32\jsIntl.dll
2013-09-22 18:00 . 2013-09-22 18:00 62464 ----a-w- c:\windows\system32\tdc.ocx
2013-09-22 18:00 . 2013-09-22 18:00 61952 ----a-w- c:\windows\system32\iesetup.dll
2013-09-22 18:00 . 2013-09-22 18:00 61440 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-09-22 18:00 . 2013-09-22 18:00 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-09-22 18:00 . 2013-09-22 18:00 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-09-22 18:00 . 2013-09-22 18:00 454656 ----a-w- c:\windows\system32\vbscript.dll
2013-09-22 18:00 . 2013-09-22 18:00 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-09-22 18:00 . 2013-09-22 18:00 36352 ----a-w- c:\windows\system32\imgutil.dll
2013-09-22 18:00 . 2013-09-22 18:00 34816 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-09-22 18:00 . 2013-09-22 18:00 337408 ----a-w- c:\windows\system32\html.iec
2013-09-22 18:00 . 2013-09-22 18:00 24576 ----a-w- c:\windows\system32\licmgr10.dll
2013-09-22 18:00 . 2013-09-22 18:00 208384 ----a-w- c:\windows\system32\webcheck.dll
2013-09-22 18:00 . 2013-09-22 18:00 1926144 ----a-w- c:\windows\system32\inetcpl.cpl
2013-09-22 18:00 . 2013-09-22 18:00 182272 ----a-w- c:\windows\system32\msls31.dll
2013-09-22 18:00 . 2013-09-22 18:00 151552 ----a-w- c:\windows\system32\iexpress.exe
2013-09-22 18:00 . 2013-09-22 18:00 139264 ----a-w- c:\windows\system32\wextract.exe
2013-09-22 18:00 . 2013-09-22 18:00 13312 ----a-w- c:\windows\system32\mshta.exe
2013-09-22 18:00 . 2013-09-22 18:00 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2013-09-22 18:00 . 2013-09-22 18:00 111616 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-09-22 18:00 . 2013-09-22 18:00 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-09-22 18:00 . 2013-09-22 18:00 1050112 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-09-03 12:35 . 2012-11-23 07:30 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-08-31 13:43 . 2013-08-30 19:55 74752 ----a-w- c:\windows\cadkasdeinst01e.exe
2013-08-30 07:48 . 2013-03-19 06:20 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2012-11-23 14:39 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2012-11-23 14:38 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-03-19 06:21 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2013-03-19 06:20 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-03-19 06:20 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2012-11-23 14:39 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2012-11-23 14:38 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2012-11-23 14:37 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2012-11-23 14:37 229648 ----a-w- c:\windows\system32\aswBoot.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2013-02-03 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-11-06 11692688]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-07-15 1860904]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-08-30 4858968]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
R2 GeniusMouseService;GeniusMouseService;c:\genius\ioCentre\GMouseService.exe [2010-03-11 12288]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [2012-03-02 14336]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [2012-03-02 20736]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [2012-03-02 20096]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [2012-03-02 25088]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [2012-03-02 25728]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-02-23 86544]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-04-01 504360]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 33832]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-09-22 108032]
R3 PCDSRVC{5B8A2B68-04D6B966-06020200}_0;PCDSRVC{5B8A2B68-04D6B966-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\my dell\pcdsrvc.pkms [2013-07-10 22640]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2013-07-01 15576]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2013-07-01 10200]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2012-11-29 13024]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2013-04-12 104720]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2013-04-12 84752]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-23 1343400]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.exe [2009-11-18 87968]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-08-30 66336]
S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-09-07 1828496]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [2009-11-02 20480]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [2009-11-02 11520]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2012-09-24 100504]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2012-08-29 190976]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-16 05:52 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-23 17:17]
.
2013-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-23 14:39]
.
2013-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-23 14:39]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
mStart Page = hxxp://www.google.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{0a452a47-c5a8-4854-a237-4b9b06b376f0} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{5B8A2B68-04D6B966-06020200}_0]
"ImagePath"="\??\c:\program files\my dell\pcdsrvc.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-11-05 15:58:25
ComboFix-quarantined-files.txt 2013-11-05 14:58
.
Před spuštěním: 94643474432
Po spuštění: 94537592832
.
- - End Of File - - DD809302F3DE44AEE8B390E4CD43A3F9
A36C5E4F47E84449FF07ED3517B43A31

Zdravim

:arrow:Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)?

Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Obrázek

Nebezpeci CFka

Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
Maze stopy po haveti, takze v logu z RSIT neni nic videt
Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Tak to jsem si asi zavařil,s programem neumím ale podle návodu z:http://www.bleepingcomputer.com/combofi ... t-combofix
jsem to zkusil.Byl jsem přesvědčen že nemůžu nic zvorat.Můžete poradit jak dál.

Ten navod je dilem naseho fora, resp. clovicka jmenem Tempest, ktery u nas pusobi

Ale dle tohoto navodu jste nepostupoval, nebo ne zcela uplne

Nepoužívejte ComboFix, aniž by vás o to požádal zkušený rádce. Nesnažte se jednat na vlastní pěst, pečlivě postupujte podle pokynů v tomto návodu a respektujte rady osoby, která byla s možnostmi ComboFixu náležitě obeznámena a která vám s odvirováváním počítače pomáhá. ComboFix je mocný nástroj, jehož nesprávné užití může vést k problémům s fungováním vašeho počítače.

Pokud potřebujete asistenci při odvirovávání počítače, úplně nejdříve si založte vlastní téma na některém z internetových fór uvedených ke konci tohoto návodu a na něm požádejte o pomoc. Na každém z těchto fór platí rozdílná pravidla a skutečnosti, jimiž je třeba se řídit, proto si vždy pročtěte tamější důležité informace a oznámení, abyste věděli, jak přesně máte postupovat.

Upozornuji, ze pri dalsim svevolnem pouziti CF muze byt pomoc odmitnuta

Zvorat se toho s CF da hooodne a velmi jednoduse

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Omlouvám se že jsem správně nepostupoval příště se polepším.
# AdwCleaner v3.011 - Report created 05/11/2013 at 17:20:32
# Updated 03/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Dell - DELL-PC
# Running from : C:\Users\Dell\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [1045 octets] - [05/11/2013 17:19:32]
AdwCleaner[S0].txt - [718 octets] - [05/11/2013 17:20:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [777 octets] ##########

Je s PC nejaky problem

Okna Chrome,Firefox,Průzkumník často hlasí "neodpovídá" taky se kouše video při prehravani.Avast nasel viry ktery jsou ulozeny v
trezoru.

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x86
Ran by Dell on Łt 05.11.2013 at 18:54:33.55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\WebCakeUpdater

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\fighters"
Failed to delete: [Folder] "C:\Users\Dell\AppData\Roaming\fighters"
Successfully deleted: [Folder] "C:\Users\Dell\appdata\local\cre"

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Dell\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 05.11.2013 at 18:57:55.59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.011 - Report created 05/11/2013 at 19:01:03
# Updated 03/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Dell - DELL-PC
# Running from : C:\Users\Dell\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [1045 octets] - [05/11/2013 17:19:32]
AdwCleaner[R1].txt - [1165 octets] - [05/11/2013 19:00:17]
AdwCleaner[S0].txt - [856 octets] - [05/11/2013 17:20:32]
AdwCleaner[S1].txt - [837 octets] - [05/11/2013 19:01:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [896 octets] ##########

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

Provedte aktualizaci
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.06.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16411
Dell :: DELL-PC [administrátor]

Ochrana: Povolena

6.11.2013 15:07:42
MBAM-log-2013-11-06 (16-10-52).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 309889
Uplynulý čas: 1 hodin, 2 minut, 21 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\SOFTWARE\Speedchecker Limited\PC Speed Up (PUP.Optional.PCSpeedUp.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 6
C:\Users\Dell\Downloads\gom-player_2.1.50.EXE (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Dell\Portable App\Dr.Web 6 Portable (najde malware,viry)\Dr.Web 6 Portable Scanner by HA3APET\Scanner.exe (Trojan.StartPage.SMR) -> Nebyla provedena žádná instrukce.
C:\Users\Dell\Portable App\Dr.Web 6 Portable (najde malware,viry)\Dr.Web 6 Portable Scanner by HA3APET\Updater.exe (Trojan.StartPage.SMR) -> Nebyla provedena žádná instrukce.
C:\Users\Dell\Portable App\Dr.Web 6 Portable (najde malware,viry)\Dr.Web 6 Portable Scanner by HA3APET\DrWU\DrWU.exe (Trojan.Agent) -> Nebyla provedena žádná instrukce.
C:\Users\Dell\Nainstal App\Revo.Uninstaller.Pro.2.1.1.working\Revo.Uninstaller.Pro.2.1.1.working.zip (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\ntvdm.inf (Malware.Trace) -> Nebyla provedena žádná instrukce.

(konec)

Nalezy smazte

Dejte log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by Dell (administrator) on DELL-PC on 06-11-2013 19:02:39
Running from C:\Users\Dell\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Genius\ioCentre\GMouseService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(ZabKat) C:\Program Files\zabkat\xplorer2_lite\xplorer2_lite.exe
(forum.viry.cz) C:\Users\Dell\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11692688 2012-11-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1860904 2010-07-15] (Synaptics Incorporated)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [avast] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-03] (Google Inc.)
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKCU\...\Policies\Explorer: [NoResolveSearch] 1
HKCU\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome:
=======
CHR HomePage: hxxp://www.google.cz/
CHR RestoreOnStartup: "hxxp://home.sweetim.com/?barid={AC23CBB7-B7AB-11E1-91E0-5C260A2CB043}", "https://isearch.avg.com/?cid={5E26907F- ... 2012-07-04 16:12:01&v=11.1.1.7&sap=hp", "hxxp://isearch.babylon.com/?babsrc=HP_ss&mntrId=dc3f595e00000000000088252cc12783", "hxxp://search.conduit.com/?CUI=UN88301158029612135&ctid=CT1547340&SearchSource=48", "hxxp://websearch.searchmainia.info/?unqvl=15", "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Translate) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.5_0
CHR Extension: (Google Drive) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Google Search) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.11_0
CHR Extension: (Video Downloader) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.4.5_0
CHR Extension: (Google Mail Checker) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0
CHR Extension: (Chrome to Phone) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.2_0
CHR Extension: () - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 GeniusMouseService; C:\Genius\ioCentre\GMouseService.exe [12288 2010-03-11] ()
R2 IconMan_R; C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1828496 2012-09-07] (Realsil Microelectronics Inc.)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [108032 2013-09-22] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus.sys [14336 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag.sys [20736 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps.sys [20096 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem.sys [25088 2012-03-02] (LG Electronics Inc.)
S3 androidusb; C:\Windows\System32\Drivers\lgandadb.sys [25728 2012-03-02] (Google Inc)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-30] ()
S3 btwampfl; C:\Windows\system32\drivers\btwampfl.sys [504360 2012-04-01] (Broadcom Corporation.)
R3 gHidPnp; C:\Windows\System32\Drivers\gHidPnp.Sys [20480 2009-11-02] ()
R3 gMouUsb; C:\Windows\System32\DRIVERS\gMouUsb.sys [11520 2009-11-02] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [100504 2012-09-24] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15576 2013-07-01] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10200 2013-07-01] ()
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [204432 2012-06-05] (Realtek Semiconductor Corp.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13024 2012-11-29] ()
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2012-03-02] (LG Electronics Inc.)
S3 amdiox86; system32\DRIVERS\amdiox86.sys [x]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Dell\AppData\Local\Temp\catchme.sys [x]
S3 PCDSRVC{5B8A2B68-04D6B966-06020200}_0; \??\c:\program files\my dell\pcdsrvc.pkms [x]
U4 RDSessMgr;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-06 19:02 - 2013-11-06 19:02 - 00000000 ____D C:\FRST
2013-11-06 18:59 - 2013-11-06 18:59 - 00112128 _____ (forum.viry.cz) C:\Users\Dell\Desktop\FRSTLauncher.exe
2013-11-06 18:57 - 2013-11-06 18:58 - 01089445 _____ (Farbar) C:\Users\Dell\Desktop\FRST.exe
2013-11-06 15:04 - 2013-11-06 15:04 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-06 15:04 - 2013-11-06 15:04 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Malwarebytes
2013-11-06 15:04 - 2013-11-06 15:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-06 15:04 - 2013-11-06 15:04 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-06 15:04 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-06 15:00 - 2013-11-06 15:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dell\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-05 18:57 - 2013-11-05 18:57 - 00001306 _____ C:\Users\Dell\Desktop\JRT.txt
2013-11-05 18:54 - 2013-11-05 18:54 - 00000000 ____D C:\Windows\ERUNT
2013-11-05 18:52 - 2013-11-05 18:53 - 01033335 _____ (Thisisu) C:\Users\Dell\Desktop\JRT.exe
2013-11-05 18:24 - 2013-11-05 18:24 - 00000000 ____D C:\Users\Dell\AppData\Roaming\PotPlayerMini
2013-11-05 18:24 - 2013-11-05 18:24 - 00000000 ____D C:\Users\Dell\AppData\Local\Daum
2013-11-05 18:23 - 2013-11-05 18:23 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daum
2013-11-05 18:23 - 2013-11-05 18:23 - 00000000 ____D C:\Program Files\Daum
2013-11-05 18:17 - 2013-11-05 18:22 - 16014044 _____ C:\Users\Dell\Downloads\PotPlayer1.5.38562.EXE
2013-11-05 18:13 - 2013-11-05 18:14 - 06347315 _____ C:\Users\Dell\Downloads\potplayer_cesky.zip
2013-11-05 17:23 - 2013-11-06 18:54 - 00003012 _____ C:\Windows\PFRO.log
2013-11-05 17:19 - 2013-11-05 19:01 - 00000000 ____D C:\AdwCleaner
2013-11-05 17:16 - 2013-11-05 17:17 - 01073258 _____ C:\Users\Dell\Desktop\adwcleaner.exe
2013-11-05 15:58 - 2013-11-05 15:58 - 00016993 _____ C:\ComboFix.txt
2013-11-05 15:42 - 2013-11-05 15:58 - 00000000 ____D C:\Qoobox
2013-11-05 15:42 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-05 15:42 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-05 15:42 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-05 15:42 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-05 15:42 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-05 15:42 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-05 15:42 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-05 15:42 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-05 15:41 - 2013-11-05 15:56 - 00000000 ____D C:\Windows\erdnt
2013-11-05 15:12 - 2013-11-06 19:01 - 00005152 _____ C:\Windows\setupact.log
2013-11-05 15:12 - 2013-11-05 15:12 - 00000000 _____ C:\Windows\setuperr.log
2013-11-04 21:44 - 2013-11-04 21:44 - 00000000 ____D C:\Users\Dell\AppData\Local\MPlayer
2013-11-04 21:43 - 2013-11-05 20:32 - 00000000 ____D C:\Users\Dell\.umplayer
2013-11-04 21:43 - 2013-11-04 21:43 - 00000000 ____D C:\Program Files\UMPlayer
2013-11-04 19:33 - 2013-11-04 19:33 - 00042659 _____ C:\Users\Dell\Documents\Report_xml#errmsg AMD.mht
2013-11-03 19:28 - 2013-11-03 19:28 - 05143677 ____R (Swearware) C:\Users\Dell\Desktop\ComboFix.exe
2013-11-01 11:20 - 2013-11-01 11:20 - 00181808 _____ C:\Windows\RegBootClean.exe
2013-11-01 11:18 - 2013-11-01 11:18 - 00310019 _____ C:\Users\Dell\AppData\Local\census.cache
2013-11-01 11:17 - 2013-11-01 11:17 - 00125645 _____ C:\Users\Dell\AppData\Local\ars.cache
2013-11-01 10:12 - 2013-11-01 10:12 - 00000036 _____ C:\Users\Dell\AppData\Local\housecall.guid.cache
2013-11-01 10:12 - 2012-06-05 08:37 - 00256904 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2013-10-30 12:13 - 2013-11-01 12:08 - 00000000 ____D C:\Users\Dell\AppData\Roaming\LavasoftStatistics
2013-10-30 11:44 - 2013-10-30 11:44 - 00000000 ____D C:\ProgramData\Lavasoft
2013-10-29 12:11 - 2013-10-29 12:11 - 00003296 ____N C:\bootsqm.dat
2013-10-29 11:43 - 2013-11-01 21:22 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Smart PC Solutions
2013-10-24 18:22 - 2013-10-24 18:23 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Virus Scan
2013-10-23 18:30 - 2013-10-23 18:30 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-23 18:30 - 2013-10-08 06:50 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-10-23 18:30 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-23 18:30 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-23 18:30 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-23 18:29 - 2013-10-23 18:30 - 00004734 _____ C:\Windows\system32\jupdate-1.7.0_45-b18.log
2013-10-20 14:42 - 2013-10-20 14:42 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\gdiplus.dll
2013-10-20 14:42 - 2013-10-20 14:42 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
2013-10-09 21:52 - 2013-09-25 09:22 - 17142272 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 21:52 - 2013-09-25 08:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-09 21:52 - 2013-09-25 07:36 - 02166272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 21:52 - 2013-09-25 07:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 21:52 - 2013-09-25 07:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 21:52 - 2013-09-25 07:29 - 04240384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-09 21:52 - 2013-09-25 07:26 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-10-09 21:52 - 2013-09-25 06:45 - 11223552 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 21:52 - 2013-09-25 05:51 - 01818112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 21:52 - 2013-09-25 05:45 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 13:49 - 2013-09-14 01:48 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-09 13:49 - 2013-09-08 03:07 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-09 13:49 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-09 13:49 - 2013-09-04 02:15 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 13:49 - 2013-09-04 02:14 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 13:49 - 2013-09-04 02:14 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 13:49 - 2013-09-04 02:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 13:49 - 2013-09-04 02:14 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 13:49 - 2013-09-04 02:14 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-09 13:49 - 2013-09-04 02:14 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 13:49 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-10-09 13:49 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-09 13:49 - 2013-08-29 02:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-09 13:49 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-09 13:49 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-09 13:49 - 2013-08-28 02:04 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 13:49 - 2013-08-28 01:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-09 13:49 - 2013-08-01 12:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 13:49 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 13:49 - 2013-07-12 11:08 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-09 13:49 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-09 13:49 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-09 13:49 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 13:49 - 2013-07-04 10:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-09 13:49 - 2013-07-03 04:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 13:49 - 2013-07-03 04:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 13:49 - 2013-06-06 05:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 13:49 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 13:49 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 13:49 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 13:49 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 13:48 - 2013-07-12 11:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 13:48 - 2013-06-25 23:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys

==================== One Month Modified Files and Folders =======

2013-11-06 19:02 - 2013-11-06 19:02 - 00000000 ____D C:\FRST
2013-11-06 19:01 - 2013-11-05 15:12 - 00005152 _____ C:\Windows\setupact.log
2013-11-06 19:01 - 2009-07-14 05:34 - 00014816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-06 19:01 - 2009-07-14 05:34 - 00014816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-06 18:59 - 2013-11-06 18:59 - 00112128 _____ (forum.viry.cz) C:\Users\Dell\Desktop\FRSTLauncher.exe
2013-11-06 18:59 - 2012-11-22 15:30 - 01478586 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-06 18:58 - 2013-11-06 18:57 - 01089445 _____ (Farbar) C:\Users\Dell\Desktop\FRST.exe
2013-11-06 18:58 - 2012-11-22 15:18 - 01392157 _____ C:\Windows\WindowsUpdate.log
2013-11-06 18:54 - 2013-11-05 17:23 - 00003012 _____ C:\Windows\PFRO.log
2013-11-06 18:54 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-06 18:52 - 2012-11-23 16:03 - 00000000 ____D C:\Users\Dell\AppData\Roaming\AIMP3
2013-11-06 18:51 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Resources
2013-11-06 18:16 - 2012-11-23 09:39 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-06 18:07 - 2012-11-23 10:03 - 00000000 ____D C:\Users\Dell\Portable App
2013-11-06 18:05 - 2012-11-23 10:03 - 00000000 ____D C:\Users\Dell\Portable
2013-11-06 17:05 - 2012-11-23 10:00 - 00000000 ____D C:\Users\Dell\Moje zalozni soubory
2013-11-06 17:03 - 2013-06-19 13:46 - 18601107 _____ C:\Users\Dell\Documents\Sample.amc
2013-11-06 15:04 - 2013-11-06 15:04 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-06 15:04 - 2013-11-06 15:04 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Malwarebytes
2013-11-06 15:04 - 2013-11-06 15:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-06 15:04 - 2013-11-06 15:04 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-06 15:00 - 2013-11-06 15:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dell\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-05 20:32 - 2013-11-04 21:43 - 00000000 ____D C:\Users\Dell\.umplayer
2013-11-05 19:44 - 2012-11-23 22:24 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Media Player Classic
2013-11-05 19:21 - 2012-11-23 16:03 - 00000000 ____D C:\Program Files\AIMP3
2013-11-05 19:01 - 2013-11-05 17:19 - 00000000 ____D C:\AdwCleaner
2013-11-05 18:57 - 2013-11-05 18:57 - 00001306 _____ C:\Users\Dell\Desktop\JRT.txt
2013-11-05 18:55 - 2013-07-28 17:42 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Fighters
2013-11-05 18:54 - 2013-11-05 18:54 - 00000000 ____D C:\Windows\ERUNT
2013-11-05 18:53 - 2013-11-05 18:52 - 01033335 _____ (Thisisu) C:\Users\Dell\Desktop\JRT.exe
2013-11-05 18:30 - 2012-11-22 15:25 - 00000000 ____D C:\Users\Dell\AppData\Local\VirtualStore
2013-11-05 18:27 - 2012-11-23 10:57 - 00000000 ____D C:\Users\Dell\Zk
2013-11-05 18:24 - 2013-11-05 18:24 - 00000000 ____D C:\Users\Dell\AppData\Roaming\PotPlayerMini
2013-11-05 18:24 - 2013-11-05 18:24 - 00000000 ____D C:\Users\Dell\AppData\Local\Daum
2013-11-05 18:23 - 2013-11-05 18:23 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daum
2013-11-05 18:23 - 2013-11-05 18:23 - 00000000 ____D C:\Program Files\Daum
2013-11-05 18:22 - 2013-11-05 18:17 - 16014044 _____ C:\Users\Dell\Downloads\PotPlayer1.5.38562.EXE
2013-11-05 18:14 - 2013-11-05 18:13 - 06347315 _____ C:\Users\Dell\Downloads\potplayer_cesky.zip
2013-11-05 17:17 - 2013-11-05 17:16 - 01073258 _____ C:\Users\Dell\Desktop\adwcleaner.exe
2013-11-05 15:58 - 2013-11-05 15:58 - 00016993 _____ C:\ComboFix.txt
2013-11-05 15:58 - 2013-11-05 15:42 - 00000000 ____D C:\Qoobox
2013-11-05 15:58 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Default
2013-11-05 15:58 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2013-11-05 15:56 - 2013-11-05 15:41 - 00000000 ____D C:\Windows\erdnt
2013-11-05 15:55 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2013-11-05 15:12 - 2013-11-05 15:12 - 00000000 _____ C:\Windows\setuperr.log
2013-11-05 14:46 - 2012-11-24 16:24 - 00000000 ____D C:\Users\Dell\AppData\Roaming\uTorrent
2013-11-04 22:46 - 2013-08-09 23:02 - 00000000 ____D C:\Users\Dell\AppData\Roaming\vlc
2013-11-04 21:44 - 2013-11-04 21:44 - 00000000 ____D C:\Users\Dell\AppData\Local\MPlayer
2013-11-04 21:43 - 2013-11-04 21:43 - 00000000 ____D C:\Program Files\UMPlayer
2013-11-04 21:43 - 2012-11-22 15:25 - 00000000 ____D C:\Users\Dell
2013-11-04 20:46 - 2012-11-23 18:16 - 00000000 ____D C:\Users\Dell\AppData\Roaming\HaoZip
2013-11-04 19:33 - 2013-11-04 19:33 - 00042659 _____ C:\Users\Dell\Documents\Report_xml#errmsg AMD.mht
2013-11-04 19:31 - 2012-11-25 09:51 - 00000000 ____D C:\ProgramData\AMD
2013-11-03 19:28 - 2013-11-03 19:28 - 05143677 ____R (Swearware) C:\Users\Dell\Desktop\ComboFix.exe
2013-11-01 21:25 - 2013-08-03 17:39 - 00000000 ____D C:\Users\Dell\AppData\Roaming\ChemTable Software
2013-11-01 21:25 - 2013-08-03 17:38 - 00000000 ____D C:\Users\Dell\AppData\Local\ChemTable Software
2013-11-01 21:24 - 2012-11-23 10:02 - 00000000 ____D C:\Users\Dell\Nainstal App
2013-11-01 21:22 - 2013-10-29 11:43 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Smart PC Solutions
2013-11-01 12:36 - 2012-12-04 17:58 - 00000000 ____D C:\Windows\pss
2013-11-01 12:08 - 2013-10-30 12:13 - 00000000 ____D C:\Users\Dell\AppData\Roaming\LavasoftStatistics
2013-11-01 11:38 - 2013-01-23 12:30 - 00000000 ____D C:\Users\Dell\AppData\Roaming\QuickScan
2013-11-01 11:20 - 2013-11-01 11:20 - 00181808 _____ C:\Windows\RegBootClean.exe
2013-11-01 11:18 - 2013-11-01 11:18 - 00310019 _____ C:\Users\Dell\AppData\Local\census.cache
2013-11-01 11:17 - 2013-11-01 11:17 - 00125645 _____ C:\Users\Dell\AppData\Local\ars.cache
2013-11-01 10:12 - 2013-11-01 10:12 - 00000036 _____ C:\Users\Dell\AppData\Local\housecall.guid.cache
2013-10-30 11:44 - 2013-10-30 11:44 - 00000000 ____D C:\ProgramData\Lavasoft
2013-10-30 10:49 - 2013-03-14 19:21 - 00000000 _____ C:\Users\Dell\AppData\Local\history.txt
2013-10-29 12:11 - 2013-10-29 12:11 - 00003296 ____N C:\bootsqm.dat
2013-10-24 20:22 - 2012-11-23 18:40 - 00000000 ____D C:\Program Files\CCleaner
2013-10-24 18:23 - 2013-10-24 18:22 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Virus Scan
2013-10-23 18:30 - 2013-10-23 18:30 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-23 18:30 - 2013-10-23 18:29 - 00004734 _____ C:\Windows\system32\jupdate-1.7.0_45-b18.log
2013-10-23 18:30 - 2013-06-27 21:04 - 00000000 ____D C:\Program Files\Java
2013-10-22 18:01 - 2013-08-25 16:10 - 00000157 _____ C:\Users\Dell\Desktop\Tyna.txt
2013-10-20 14:42 - 2013-10-20 14:42 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\gdiplus.dll
2013-10-20 14:42 - 2013-10-20 14:42 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
2013-10-20 12:44 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2013-10-20 10:52 - 2012-11-23 09:59 - 00000000 ____D C:\Users\Dell\LG
2013-10-16 08:58 - 2013-06-19 13:46 - 18165538 _____ C:\Users\Dell\Documents\Sample.bak
2013-10-13 16:24 - 2012-11-23 15:39 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-13 16:24 - 2012-11-23 15:39 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-10 18:17 - 2012-11-23 09:39 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-10 18:17 - 2012-11-23 09:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-10 17:14 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-10 13:43 - 2009-07-14 05:33 - 00408520 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 13:40 - 2013-05-03 09:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-09 22:00 - 2013-05-02 11:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-09 21:58 - 2013-07-16 20:21 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 21:55 - 2012-11-23 09:04 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-08 06:50 - 2013-10-23 18:30 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-10-08 06:46 - 2013-10-23 18:30 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-08 06:46 - 2013-10-23 18:30 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-08 06:46 - 2013-10-23 18:30 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe

Some content of TEMP:
====================
C:\Users\Dell\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-09-16 18:44

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:232.79 GB) (Free:89.01 GB) NTFS

Available physical RAM: 790.5 MB
Total physical RAM: 1790.16 MB
Percentage of memory in use: 55%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 240E14C3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Dell\Desktop" je 8 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\Program Files\\Daum\\PotPlayer\\PotPlayerMini.exe"="C:\\Program Files\\Daum\\PotPlayer\\PotPlayerMini.exe:*:Enabled:PotPlayer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Daum\\PotPlayer\\PotPlayerMini.exe"="C:\\Program Files\\Daum\\PotPlayer\\PotPlayerMini.exe:*:Enabled:PotPlayer"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-03] (Google Inc.)
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKCU\...\Policies\Explorer: [NoResolveSearch] 1
HKCU\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKCU\...\Policies\Explorer: [NoInstrumentation] 1

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

S3 catchme; \??\C:\Users\Dell\AppData\Local\Temp\catchme.sys [x]
S3 PCDSRVC{5B8A2B68-04D6B966-06020200}_0; \??\c:\program files\my dell\pcdsrvc.pkms [x]
U4 RDSessMgr; 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Hosts:

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 31-10-2013
Ran by Dell at 2013-11-07 14:58:54 Run:1
Running from C:\Users\Dell\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-03] (Google Inc.)
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKCU\...\Policies\Explorer: [NoResolveSearch] 1
HKCU\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKCU\...\Policies\Explorer: [NoInstrumentation] 1

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... ORM=IE11SR

S3 catchme; \??\C:\Users\Dell\AppData\Local\Temp\catchme.sys [x]
S3 PCDSRVC{5B8A2B68-04D6B966-06020200}_0; \??\c:\program files\my dell\pcdsrvc.pkms [x]
U4 RDSessMgr;

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Hosts:

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInternetOpenWith => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\LinkResolveIgnoreLinkInfo => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInstrumentation => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
catchme => Service deleted successfully.
PCDSRVC{5B8A2B68-04D6B966-06020200}_0 => Service deleted successfully.
RDSessMgr => Service deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

VIRY.CZ

Prosím o kontrolo logu z ComboFix

Prosím o kontrolo logu z ComboFix

Re: Prosím o kontrolo logu z ComboFix

Re: Prosím o kontrolo logu z ComboFix

Re: Prosím o kontrolo logu z ComboFix

Re: Prosím o kontrolo logu z ComboFix

Re: Prosím o kontrolo logu z ComboFix

Re: Prosím o kontrolo logu z ComboFix

Re: Prosím o kontrolo logu z ComboFix

Re: Prosím o kontrolo logu z ComboFix

Re: Prosím o kontrolo logu z ComboFix

Re: Prosím o kontrolo logu z ComboFix

Re: Prosím o kontrolo logu z ComboFix

Re: Prosím o kontrolo logu z ComboFix

Re: Prosím o kontrolo logu z ComboFix

Re: Prosím o kontrolo logu z ComboFix