VIRY.CZ

Dobrý deň, rád by som poprosil o kontrolu logu, počítač sa mi v posledných dňoch dosť spomalil.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by MaTuSh (administrator) on PC on 07-11-2013 16:55:02
Running from C:\Documents and Settings\MaTuSh\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ABBYY) C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTsvcCDA.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Hagel Technologies) C:\Program Files\DU Meter\DUMeter.exe
(Microsoft Corporation) C:\WINDOWS\vVX3000.exe
(Creative Technology Ltd) C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastUI.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\wcescomm.exe
(Microsoft Corporation) C:\PROGRA~1\MICROS~4\rapimgr.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Ghisler Software GmbH) C:\Program Files\Total Commander\TOTALCMD.EXE
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
() C:\Program Files\RegTweaker\unins000.exe
() C:\DOCUME~1\MaTuSh\LOCALS~1\Temp\_iu14D2N.tmp
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
() C:\Program Files\RegTweaker\unins000.exe
(forum.viry.cz) C:\Documents and Settings\MaTuSh\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Microsoft Corporation) C:\WINDOWS\system32\ping.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [DU Meter] - C:\Program Files\DU Meter\DUMeter.exe [1469952 2005-02-01] (Hagel Technologies)
HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [275800 2007-01-13] (Microsoft Corporation)
HKLM\...\Run: [VX3000] - C:\WINDOWS\vVX3000.exe [707360 2006-12-06] (Microsoft Corporation)
HKLM\...\Run: [CTCheck] - C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe [397312 2007-11-06] (Creative Technology Ltd)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Bonus.SSR.FR11] - C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [933640 2012-01-19] (ABBYY.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743136 2013-05-29] (Wondershare)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2012-07-03] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [20145368 2013-07-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [CDAServer] - C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [344064 2012-02-20] ()
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [H/PC Connection Agent] - C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKCU\...\Run: [icq] - C:\Documents and Settings\MaTuSh\Application Data\ICQM\icq.exe [28698984 2013-09-10] (ICQ)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\Default User\...\RunOnce: [tscuninstall] - %systemroot%\system32\tscupgrd.exe
HKU\Default User\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32
HKU\Mamka\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
HKU\Mamka\...\Run: [H/PC Connection Agent] - C:\Program Files\Microsoft ActiveSync\wcescomm.exe [ 2006-11-13] (Microsoft Corporation)
HKU\Mamka\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [ 2013-05-01] (Apple Inc.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: QuickNet BHO - {EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7} - C:\Program Files\RegTweaker\key.dll (QuickNet)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Winsock: Catalog5 01 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\..\Interfaces\{E20CF3B7-A9A6-4227-96C4-3074757262E8}: [NameServer]195.34.133.21,212.186.211.21

FireFox:
========
FF ProfilePath: C:\Documents and Settings\MaTuSh\Application Data\Mozilla\Firefox\Profiles\e4j6t4o1.MaTuSh
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\DOCUME~1\MaTuSh\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\DOCUME~1\MaTuSh\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\DOCUME~1\MaTuSh\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\MaTuSh\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\DOCUME~1\MaTuSh\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0
CHR Extension: (Chrome In-App Payments service) - C:\DOCUME~1\MaTuSh\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\DOCUME~1\MaTuSh\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

========================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe [818952 2011-12-22] (ABBYY)
R2 ADExchange; C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [39528 2011-09-08] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-12] (Creative Technology Ltd)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2013-07-17] (Creative)
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [34216 2013-10-04] (Google Inc)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-02] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-02] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-08-02] ()
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [299024 2012-04-09] (EldoS Corporation)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-11-04] (Disc Soft Ltd)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2013-07-17] (Creative Technology Ltd.)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [5120 2012-02-15] (Samsung Electronics)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 CFcatchme; \??\C:\DOCUME~1\MaTuSh\LOCALS~1\Temp\CFcatchme.sys [x]
S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [x]
S3 FXDrv32; \??\G:\FXDrv32.sys [x]
S3 GMSIPCI; \??\K:\INSTALL\GMSIPCI.SYS [x]
S3 USBAAPL; System32\Drivers\usbaapl.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-07 16:54 - 2013-11-07 16:54 - 00029696 _____ C:\Documents and Settings\MaTuSh\Local Settings\Application Data\MSGBOX.EXE
2013-11-07 16:54 - 2013-11-07 16:54 - 00015327 _____ C:\Documents and Settings\MaTuSh\Desktop\LM.bat
2013-11-07 16:54 - 2013-11-07 16:54 - 00000000 ____D C:\FRST
2013-11-07 16:53 - 2013-11-07 16:53 - 01089445 _____ (Farbar) C:\Documents and Settings\MaTuSh\Desktop\FRST.exe
2013-11-07 16:52 - 2013-11-07 16:52 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\MaTuSh\Desktop\FRSTLauncher.exe
2013-11-07 16:28 - 2013-11-07 16:28 - 00000000 ____D C:\Program Files\RegTweaker
2013-11-07 16:28 - 2013-11-07 16:28 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\RegTweaker
2013-11-07 16:06 - 2013-11-07 16:06 - 00000000 ____D C:\Documents and Settings\All Users\Documents\CrashDump
2013-11-05 21:04 - 2013-11-05 21:04 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
2013-11-04 14:53 - 2013-11-04 14:53 - 00000000 ____D C:\Documents and Settings\MaTuSh\Local Settings\Application Data\SKIDROW
2013-11-04 14:47 - 2013-11-04 14:47 - 00001085 _____ C:\Documents and Settings\MaTuSh\Desktop\The Stanley Parable (TPTB).lnk
2013-11-04 14:33 - 2013-11-04 14:33 - 00000000 ____D C:\Documents and Settings\MaTuSh\Application Data\sc68
2013-11-04 14:30 - 2013-11-04 14:30 - 00243128 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2013-11-04 14:30 - 2013-11-04 14:30 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-11-04 14:30 - 2013-11-04 14:30 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Lite
2013-10-25 17:38 - 2013-10-25 17:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallwinusb0100$
2013-10-25 17:38 - 2013-10-25 17:38 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2013-10-25 17:36 - 2013-10-25 17:36 - 00000000 ____D C:\Documents and Settings\MaTuSh\Local Settings\Application Data\Samsung
2013-10-25 17:36 - 2013-10-25 17:36 - 00000000 ____D C:\Documents and Settings\All Users\Documents\NativeFus_Log
2013-10-25 17:35 - 2013-10-25 17:35 - 00000000 ____D C:\Documents and Settings\MaTuSh\My Documents\samsung
2013-10-25 17:34 - 2013-06-21 01:07 - 00581192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller.dll
2013-10-25 17:34 - 2013-06-21 01:07 - 00181912 _____ (DEVGURU Co., LTD.(http://www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2013-10-25 17:32 - 2013-10-25 17:32 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Samsung
2013-10-25 17:32 - 2013-07-18 13:33 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\system32\Redemption.dll
2013-10-25 17:31 - 2013-07-18 13:32 - 00821824 _____ (Devguru Co., Ltd.) C:\WINDOWS\system32\dgderapi.dll
2013-10-25 17:31 - 2013-07-18 13:32 - 00319456 _____ (Microsoft Corporation) C:\WINDOWS\system32\DIFxAPI.dll
2013-10-25 17:31 - 2013-07-18 13:32 - 00020032 _____ (Devguru Co., Ltd) C:\WINDOWS\system32\Drivers\dgderdrv.sys
2013-10-25 15:49 - 2013-10-25 15:49 - 00000000 ____D C:\Documents and Settings\MaTuSh\Local Settings\Application Data\www.blagoev.com
2013-10-11 18:01 - 2013-10-11 18:01 - 00000000 ____D C:\Documents and Settings\Mamka\Desktop\New Folder

==================== One Month Modified Files and Folders =======

2013-11-07 16:54 - 2013-11-07 16:54 - 00029696 _____ C:\Documents and Settings\MaTuSh\Local Settings\Application Data\MSGBOX.EXE
2013-11-07 16:54 - 2013-11-07 16:54 - 00015327 _____ C:\Documents and Settings\MaTuSh\Desktop\LM.bat
2013-11-07 16:54 - 2013-11-07 16:54 - 00000000 ____D C:\FRST
2013-11-07 16:54 - 2013-02-20 23:15 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-07 16:53 - 2013-11-07 16:53 - 01089445 _____ (Farbar) C:\Documents and Settings\MaTuSh\Desktop\FRST.exe
2013-11-07 16:52 - 2013-11-07 16:52 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\MaTuSh\Desktop\FRSTLauncher.exe
2013-11-07 16:48 - 2013-07-18 17:08 - 00713254 _____ C:\WINDOWS\setupapi.log
2013-11-07 16:46 - 2011-12-21 13:22 - 00452096 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-07 16:38 - 2011-12-21 14:13 - 00588124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-07 16:36 - 2011-12-23 11:17 - 00000000 ____D C:\Program Files\PS3 Media Server
2013-11-07 16:35 - 2011-12-21 14:22 - 00006064 _____ C:\WINDOWS\wincmd.ini
2013-11-07 16:34 - 2013-08-02 09:56 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-11-07 16:34 - 2013-02-20 23:15 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-07 16:34 - 2011-12-21 14:16 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-07 16:34 - 2011-12-21 14:16 - 00000051 _____ C:\WINDOWS\wiaservc.log
2013-11-07 16:34 - 2011-12-21 13:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-07 16:33 - 2013-01-21 00:19 - 02121172 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1275210071-1897051121-1801674531-1003-0.dat
2013-11-07 16:33 - 2013-01-21 00:19 - 00277970 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2013-11-07 16:33 - 2011-12-24 00:27 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2013-11-07 16:33 - 2011-12-22 14:48 - 00000000 ____D C:\Documents and Settings\MaTuSh\Application Data\uTorrent
2013-11-07 16:33 - 2011-12-21 13:27 - 00000178 ___SH C:\Documents and Settings\MaTuSh\ntuser.ini
2013-11-07 16:33 - 2011-12-21 13:26 - 00032366 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-07 16:28 - 2013-11-07 16:28 - 00000000 ____D C:\Program Files\RegTweaker
2013-11-07 16:28 - 2013-11-07 16:28 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\RegTweaker
2013-11-07 16:12 - 2012-12-18 11:04 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-07 16:08 - 2013-04-04 22:12 - 00000000 ____D C:\Documents and Settings\MaTuSh\.android
2013-11-07 16:06 - 2013-11-07 16:06 - 00000000 ____D C:\Documents and Settings\All Users\Documents\CrashDump
2013-11-07 16:06 - 2013-07-09 09:13 - 00000000 ____D C:\Documents and Settings\MaTuSh\Application Data\Samsung
2013-11-07 12:55 - 2013-10-07 11:36 - 00000000 ____D C:\Documents and Settings\MaTuSh\Application Data\MediaMonkey
2013-11-07 09:56 - 2013-08-17 11:20 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-07 09:56 - 2012-04-26 08:25 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-06 23:54 - 2011-12-23 20:24 - 00000178 ___SH C:\Documents and Settings\Mamka\ntuser.ini
2013-11-06 14:00 - 2011-12-21 18:14 - 00000000 ____D C:\Program Files\JDownloader
2013-11-05 21:07 - 2011-12-22 13:30 - 00000000 ___RD C:\Documents and Settings\MaTuSh\Desktop\Multimedia
2013-11-05 21:04 - 2013-11-05 21:04 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
2013-11-04 14:53 - 2013-11-04 14:53 - 00000000 ____D C:\Documents and Settings\MaTuSh\Local Settings\Application Data\SKIDROW
2013-11-04 14:49 - 2011-12-21 13:22 - 00000000 ____D C:\WINDOWS\system32\DirectX
2013-11-04 14:47 - 2013-11-04 14:47 - 00001085 _____ C:\Documents and Settings\MaTuSh\Desktop\The Stanley Parable (TPTB).lnk
2013-11-04 14:34 - 2001-08-23 14:00 - 00000616 _____ C:\WINDOWS\win.ini
2013-11-04 14:33 - 2013-11-04 14:33 - 00000000 ____D C:\Documents and Settings\MaTuSh\Application Data\sc68
2013-11-04 14:30 - 2013-11-04 14:30 - 00243128 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2013-11-04 14:30 - 2013-11-04 14:30 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-11-04 14:30 - 2013-11-04 14:30 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Lite
2013-11-04 14:22 - 2011-12-21 18:26 - 00000000 ____D C:\Documents and Settings\MaTuSh\Application Data\DAEMON Tools Lite
2013-11-03 13:21 - 2001-08-23 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-10-28 16:27 - 2012-03-11 22:43 - 00016384 _____ C:\Documents and Settings\MaTuSh\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-25 17:45 - 2011-12-23 22:57 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-25 17:38 - 2013-10-25 17:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallwinusb0100$
2013-10-25 17:38 - 2013-10-25 17:38 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2013-10-25 17:38 - 2013-07-18 17:01 - 00198926 _____ C:\WINDOWS\setupact.log
2013-10-25 17:38 - 2013-07-18 09:34 - 00104375 _____ C:\WINDOWS\iis6.log
2013-10-25 17:38 - 2013-07-18 09:34 - 00049846 _____ C:\WINDOWS\FaxSetup.log
2013-10-25 17:38 - 2013-07-18 09:34 - 00042639 _____ C:\WINDOWS\ocgen.log
2013-10-25 17:38 - 2013-07-18 09:34 - 00034634 _____ C:\WINDOWS\comsetup.log
2013-10-25 17:38 - 2013-07-18 09:34 - 00032283 _____ C:\WINDOWS\tsoc.log
2013-10-25 17:38 - 2013-07-18 09:34 - 00021808 _____ C:\WINDOWS\msmqinst.log
2013-10-25 17:38 - 2013-07-18 09:34 - 00020087 _____ C:\WINDOWS\ntdtcsetup.log
2013-10-25 17:38 - 2013-07-18 09:34 - 00010306 _____ C:\WINDOWS\netfxocm.log
2013-10-25 17:38 - 2013-07-18 09:34 - 00004773 _____ C:\WINDOWS\MedCtrOC.log
2013-10-25 17:38 - 2013-07-18 09:34 - 00003191 _____ C:\WINDOWS\ocmsn.log
2013-10-25 17:38 - 2013-07-18 09:34 - 00003121 _____ C:\WINDOWS\msgsocm.log
2013-10-25 17:38 - 2013-07-18 09:34 - 00003118 _____ C:\WINDOWS\tabletoc.log
2013-10-25 17:38 - 2013-07-18 09:34 - 00001393 _____ C:\WINDOWS\imsins.log
2013-10-25 17:36 - 2013-10-25 17:36 - 00000000 ____D C:\Documents and Settings\MaTuSh\Local Settings\Application Data\Samsung
2013-10-25 17:36 - 2013-10-25 17:36 - 00000000 ____D C:\Documents and Settings\All Users\Documents\NativeFus_Log
2013-10-25 17:35 - 2013-10-25 17:35 - 00000000 ____D C:\Documents and Settings\MaTuSh\My Documents\samsung
2013-10-25 17:34 - 2013-07-09 09:08 - 00000000 ____D C:\Program Files\Samsung
2013-10-25 17:34 - 2013-07-09 09:02 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Samsung
2013-10-25 17:32 - 2013-10-25 17:32 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Samsung
2013-10-25 17:31 - 2011-12-21 13:38 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-10-25 17:21 - 2011-12-21 17:13 - 00000000 ____D C:\Documents and Settings\MaTuSh\Local Settings\Application Data\Downloaded Installations
2013-10-25 16:10 - 2013-03-16 12:48 - 00000000 ____D C:\Program Files\i-Funbox DevTeam
2013-10-25 16:08 - 2012-08-08 09:45 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Creative
2013-10-25 16:08 - 2012-08-08 09:44 - 00000000 ____D C:\Program Files\Creative
2013-10-25 16:07 - 2011-12-21 17:27 - 00000000 ____D C:\Program Files\Bonjour
2013-10-25 16:04 - 2013-04-04 22:27 - 00000000 ____D C:\Program Files\Wondershare
2013-10-25 15:49 - 2013-10-25 15:49 - 00000000 ____D C:\Documents and Settings\MaTuSh\Local Settings\Application Data\www.blagoev.com
2013-10-24 19:53 - 2012-01-24 20:38 - 00000000 ____D C:\Documents and Settings\Mamka\My Documents\Preberanie
2013-10-24 11:00 - 2013-06-25 09:56 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2013-10-24 11:00 - 2013-06-25 09:55 - 00000000 ____D C:\Program Files\QuickTime
2013-10-22 20:32 - 2011-12-23 20:24 - 00000000 ____D C:\Documents and Settings\Mamka
2013-10-16 19:32 - 2013-09-25 07:27 - 00000000 ____D C:\Documents and Settings\MaTuSh\My Documents\Scan
2013-10-11 18:01 - 2013-10-11 18:01 - 00000000 ____D C:\Documents and Settings\Mamka\Desktop\New Folder
2013-10-09 19:13 - 2012-03-30 08:42 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-09 19:13 - 2011-12-21 14:13 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

ZeroAccess:
C:\Windows\Installer\{8d0dba16-3118-b658-5c57-f308f85dfa43}

ZeroAccess:
C:\Documents and Settings\MaTuSh\Local Settings\Application Data\{8d0dba16-3118-b658-5c57-f308f85dfa43}
C:\Documents and Settings\MaTuSh\Local Settings\Application Data\{8d0dba16-3118-b658-5c57-f308f85dfa43}\@

Some content of TEMP:
====================
C:\Documents and Settings\MaTuSh\Local Settings\temp\DTLite4481-0347.exe
C:\Documents and Settings\MaTuSh\Local Settings\temp\FreemakeVideoConverter_4.0.4.4.exe
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna1292644595937370078.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna1402544750358233871.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna1638711651694317617.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna1687239535519069411.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna2069807300310963148.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna2122376874138773177.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna2453902490885260944.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna2471199123211828154.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna2593798564617188152.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna2725210511075551774.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna2800528953502876725.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna2810414504989644736.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna2827473519808620801.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna2844822729634258209.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna2914199551319457763.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna293940251766412721.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna294949212021400447.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna2998346947960237205.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna3108210178861331045.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna311073918069339854.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna3236657568248756050.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna3240473982499368811.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna3308474145595289139.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna331267861390583952.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna3850208680815237023.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna3904487779366700595.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna4114364404576755846.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna411445019764914978.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna4124504864693798161.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna4144191416390504081.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna4202892976825999726.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna4272477764192191219.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna4433564465724865569.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna4701851312558141350.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna4724232064523191143.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna5031268928710969322.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna5276348597734037996.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna5280950398619596887.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna5288247797327464621.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna5570528743954380513.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna5681303315829747864.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna5803733801596134560.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna590143838213595163.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna5910322813340125835.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna5943253577450665312.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna5952936135149806611.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna6028399387788496748.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna6100913366719360391.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna6119624241368603557.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna612156102100422008.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna61587336724955194.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna6241159339631368000.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna6409097363108660517.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna6487363818376174211.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna6494861322711698124.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna6557856782734193843.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna6655282219214450967.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna6719020042871286453.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna6770895050707050775.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna6877451624897265959.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna6907153244131872591.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna6975516734996212257.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna716598564064051477.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna7285760967457812576.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna764013839068893687.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna7670630719367611440.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna7731400760232113427.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna7735715446970210759.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna78790411837151982.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna7914359912251632642.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna7924619766318390016.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna800407191783735183.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna8061776613949735084.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna8103314134444542520.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna8198658974301281188.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna8202114626937668862.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna8312888595502757421.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna8383690959827384892.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna8446186464538433708.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna8600711967874860320.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna889161542486722725.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna8991509234631167500.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna9020112358585544543.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna9047582720800295148.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\jna939933618598780519.dll
C:\Documents and Settings\MaTuSh\Local Settings\temp\SkypeSetup.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2008-04-14 01:42] - [2008-04-14 01:42] - 0108544 ____A (Microsoft Corporation) 0e776ed5f7cc9f94299e70461b7b8185

C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

Zdravim

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

Ulozte nejlepe na Plochu a rozbalte
Spustte kliknutim na mbar
Nyni postupne kliknete na Next a Update
Po dokonceni update (aktualizace) databaze kliknete opet na Next
Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
PC bude restartovan
Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

Malwarebytes Anti-Rootkit BETA 1.07.0.1007
www.malwarebytes.org

Database version: v2013.11.07.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
MaTuSh :: PC [administrator]

7. 11. 2013 17:42:00
mbar-log-2013-11-07 (17-42-00).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 231935
Time elapsed: 13 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 2
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Replace on reboot.
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Replace on reboot.

Folders Detected: 2
C:\WINDOWS\Installer\{8d0dba16-3118-b658-5c57-f308f85dfa43}\L (Backdoor.0Access) -> Delete on reboot.
C:\WINDOWS\Installer\{8d0dba16-3118-b658-5c57-f308f85dfa43}\U (Backdoor.0Access) -> Delete on reboot.

Files Detected: 1
C:\Documents and Settings\MaTuSh\Local Settings\Application Data\{8d0dba16-3118-b658-5c57-f308f85dfa43}\@ (Backdoor.0Access) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

VIRY.CZ

Prosím o kontrolu logu, spomalený počítač

Prosím o kontrolu logu, spomalený počítač

Re: Prosím o kontrolu logu, spomalený počítač

Re: Prosím o kontrolu logu, spomalený počítač

Re: Prosím o kontrolu logu, spomalený počítač