VIRY.CZ

Zdravím, dneska to na mě vybaflo v novém okně a nešlo to zavřít, tedy restartoval jsem PC, podle rad z internetu jsem obnovil systém v nouzovém režimu a zatím se nic neobjevilo, mám jistotu že se to znovu nebude opakovat, či je někde v PC usídlen pořád?

Zde mám log z RSIT a předem děkuji za každou radu.


Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2013-12-23 18:34:32
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 76 GB (32%) free of 238 GB
Total RAM: 3062 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:35:00, on 23.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Toshiba TEMPRO\TemproTray.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jirka\Desktop\RSIT.exe
C:\Program Files\trend micro\Jirka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [NCInstallQueue] rundll32 netman.dll,ProcessQueue
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

--
End of file - 5226 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\qieabtyh.default

prefs.js - "browser.startup.homepage" - "www.centrum.cz"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, bkmrksync@nokia.com:1.0.0.732, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"

"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nullsoft.com/winampDetector;version=1]
"Description"=Winamp Detector
"Path"=C:\Program Files\Winamp Detect\npwachk.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-11-01 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-10-18 606544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-11-01 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-10-18 606544]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Toshiba TEMPRO"=C:\Program Files\Toshiba TEMPRO\TemproTray.exe [2011-02-10 1546720]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-10-02 284696]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-10-21 7858720]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-11-18 3568312]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2013-11-18 3568312]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCInstallQueue"=rundll32 netman.dll,ProcessQueue []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-11-28 208384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.IV50"=Ir50_32.dll
"msacm.divxa32"=msaud32_divx.acm
"msacm.ac3filter"=ac3filter.acm
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-12-23 18:34:32 ----D---- C:\rsit
2013-12-23 16:51:54 ----D---- C:\sh4ldr
2013-12-23 16:51:54 ----D---- C:\Program Files\Enigma Software Group
2013-12-10 19:55:44 ----D---- C:\Program Files\Mozilla Firefox
2013-12-07 18:46:05 ----SHD---- C:\$RECYCLE.BIN
2013-12-06 20:17:47 ----D---- C:\Windows\temp
2013-12-01 09:07:03 ----D---- C:\Program Files\Defraggler
2013-11-29 21:37:08 ----D---- C:\Users\Jirka\AppData\Roaming\Malwarebytes
2013-11-28 18:23:07 ----A---- C:\Windows\system32\wininet.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\wextract.exe
2013-11-28 18:23:07 ----A---- C:\Windows\system32\webcheck.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\vbscript.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\urlmon.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\url.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-11-28 18:23:07 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-28 18:23:07 ----A---- C:\Windows\system32\pngfilt.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\occache.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-28 18:23:07 ----A---- C:\Windows\system32\msrating.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\msls31.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\mshtmler.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\mshtml.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\mshta.exe
2013-11-28 18:23:07 ----A---- C:\Windows\system32\msfeedssync.exe
2013-11-28 18:23:07 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\licmgr10.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\jsIntl.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\jscript9diag.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\jscript9.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\jscript.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\inseng.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\imgutil.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\iexpress.exe
2013-11-28 18:23:07 ----A---- C:\Windows\system32\ieUnatt.exe
2013-11-28 18:23:07 ----A---- C:\Windows\system32\ieui.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\iesetup.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\iertutil.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\iernonce.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\iepeers.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\ieframe.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-11-28 18:23:07 ----A---- C:\Windows\system32\iedkcs32.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\ieapfltr.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\ieapfltr.dat
2013-11-28 18:23:07 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\ie4uinit.exe
2013-11-28 18:23:07 ----A---- C:\Windows\system32\icardie.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\elshyph.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\dxtrans.dll
2013-11-28 18:23:07 ----A---- C:\Windows\system32\dxtmsft.dll

======List of files/folders modified in the last 1 month======

2013-12-23 18:35:00 ----D---- C:\Program Files\trend micro
2013-12-23 18:34:44 ----D---- C:\Windows\Prefetch
2013-12-23 18:32:00 ----D---- C:\Windows\system32\config
2013-12-23 18:28:17 ----A---- C:\Windows\system32\log.txt
2013-12-23 18:25:04 ----D---- C:\Windows\system32\Tasks
2013-12-23 18:24:29 ----D---- C:\Windows
2013-12-23 18:24:03 ----SHD---- C:\System Volume Information
2013-12-23 18:23:32 ----D---- C:\Windows\winsxs
2013-12-23 18:23:32 ----D---- C:\Windows\system32\wfp
2013-12-23 18:23:32 ----D---- C:\Windows\System32
2013-12-23 18:23:30 ----D---- C:\Windows\system32\wbem
2013-12-23 18:22:44 ----D---- C:\Windows\Tasks
2013-12-23 18:22:44 ----D---- C:\Windows\system32\DriverStore
2013-12-23 18:22:44 ----D---- C:\Windows\system32\cs-CZ
2013-12-23 18:22:44 ----D---- C:\Windows\system32\catroot2
2013-12-23 18:22:44 ----D---- C:\Windows\inf
2013-12-23 18:22:44 ----D---- C:\Program Files\Windows Media Player
2013-12-23 18:22:44 ----D---- C:\Program Files\Internet Explorer
2013-12-23 18:22:44 ----AD---- C:\Windows\system32\drivers
2013-12-23 18:22:39 ----D---- C:\Windows\system32\CodeIntegrity
2013-12-23 18:22:39 ----D---- C:\Windows\AppCompat
2013-12-23 18:22:39 ----D---- C:\Users\Jirka\AppData\Roaming\Winamp
2013-12-23 18:22:39 ----D---- C:\Users\Jirka\AppData\Roaming\vlc
2013-12-23 18:22:38 ----D---- C:\ProgramData\Microsoft Help
2013-12-23 18:22:38 ----D---- C:\Program Files\SUPERAntiSpyware
2013-12-23 18:22:38 ----D---- C:\Program Files\CCleaner
2013-12-23 18:22:32 ----D---- C:\Windows\registration
2013-12-23 18:22:02 ----D---- C:\Windows\system32\catroot
2013-12-23 18:21:59 ----SHD---- C:\Windows\Installer
2013-12-23 18:21:55 ----RD---- C:\Program Files
2013-12-15 15:42:12 ----D---- C:\vod-25.10,ge-11,uv-13.11
2013-12-11 23:32:19 ----D---- C:\Windows\system32\MRT
2013-12-11 23:29:49 ----D---- C:\Windows\debug
2013-12-11 16:22:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-11 13:19:02 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-07 12:41:31 ----D---- C:\FILM
2013-12-06 20:13:09 ----A---- C:\Windows\system.ini
2013-12-06 20:13:01 ----D---- C:\Windows\system32\drivers\etc
2013-12-06 20:07:47 ----D---- C:\Windows\AppPatch
2013-12-06 20:07:46 ----D---- C:\Program Files\Common Files
2013-12-02 15:15:19 ----D---- C:\new mp3
2013-12-01 10:03:23 ----D---- C:\Windows\Panther
2013-12-01 10:03:23 ----D---- C:\Windows\Logs
2013-12-01 09:11:50 ----D---- C:\Program Files\OO Software
2013-11-30 18:41:32 ----D---- C:\Školka
2013-11-30 09:13:18 ----D---- C:\Windows\rescache
2013-11-29 21:29:36 ----D---- C:\ProgramData
2013-11-29 07:59:47 ----D---- C:\Windows\system32\migration
2013-11-29 07:59:47 ----D---- C:\Windows\PolicyDefinitions
2013-11-29 07:59:46 ----D---- C:\Windows\system32\en-US

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-10-18 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-10-18 178304]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-02 432664]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 36208]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2010-12-18 21696]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-05 691696]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2009-07-24 275536]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 23512]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-10-18 79720]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-11-18 774392]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-11-08 403440]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-11-18 57672]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-11-18 35656]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-11-18 70384]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-09-09 5174272]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-26 125696]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-10-21 2782560]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 24064]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2009-05-20 157536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-11-05 230912]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2010-04-27 1011232]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-10-15 231856]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 22912]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 AF15BDA;AF9015 BDA Device; C:\Windows\system32\DRIVERS\AF15BDA.sys [2011-01-21 483200]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-22 174592]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-09-12 116608]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-09-08 172032]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-11-18 50344]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-10-27 185712]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 262144]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 128344]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 468320]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-28 185712]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-06-28 867080]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-28 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-10 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TMachInfo;TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-05 1343400]

-----------------EOF-----------------

Zdravím! Virus může být v záloze systému. Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

Zdravím, tak jsem to provedl a zde mě vyjel log:

ComboFix 13-12-23.01 - Jirka 23.12.2013 19:36:40.5.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3062.1657 [GMT 1:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Nakažená kopie c:\windows\system32\user32.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-23 do 2013-12-23 )))))))))))))))))))))))))))))))
.
.
2013-12-23 18:48 . 2013-12-23 18:48 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-12-23 18:48 . 2013-12-23 18:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-23 17:34 . 2013-12-23 17:35 -------- d-----w- C:\rsit
2013-12-23 15:51 . 2013-12-23 15:51 -------- d-----w- C:\sh4ldr
2013-12-23 15:51 . 2013-12-23 15:51 -------- d-----w- c:\program files\Enigma Software Group
2013-12-03 18:13 . 2013-12-23 19:09 -------- d-----w- c:\users\Jirka\AppData\Local\temp
2013-12-03 17:59 . 2013-11-08 01:15 7772552 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{01BA4ED2-41E4-4AAE-B94C-7E4FB909652C}\mpengine.dll
2013-12-01 08:07 . 2013-12-01 08:07 -------- d-----w- c:\program files\Defraggler
2013-11-29 20:37 . 2013-11-29 20:37 -------- d-----w- c:\users\Jirka\AppData\Roaming\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-24 06:47 . 2011-06-26 10:00 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-18 18:59 . 2011-04-10 17:21 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-11-18 18:59 . 2010-06-27 17:14 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-11-18 18:59 . 2010-06-27 17:14 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-11-18 18:59 . 2010-06-27 17:14 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-11-18 18:59 . 2010-07-02 18:17 43152 ----a-w- c:\windows\avastSS.scr
2013-11-18 18:59 . 2010-06-27 17:14 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-11-11 04:50 . 2010-06-04 18:40 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-11-08 21:37 . 2010-06-27 17:14 403440 ----a-w- c:\windows\system32\drivers\aswsp.sys
2013-11-01 20:57 . 2013-11-01 20:58 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-18 20:57 . 2013-03-02 07:40 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-18 20:57 . 2013-03-02 07:40 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-18 20:57 . 2012-03-24 19:28 79720 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-10-12 02:03 . 2013-11-15 08:27 656896 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:01 . 2013-11-15 08:27 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:01 . 2013-11-15 08:27 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-11 20:34 . 2013-10-11 20:34 17813896 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-10-05 19:57 . 2013-11-15 08:27 1168384 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 17:32 . 2013-10-05 17:32 19730922 ----a-w- c:\windows\system32\Fotoknihy online_Fotoknihy online_uninstaller.exe
2013-10-04 01:58 . 2013-11-15 08:28 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 01:56 . 2013-11-15 08:28 168960 ----a-w- c:\windows\system32\credui.dll
2013-10-04 01:56 . 2013-11-15 08:28 1796096 ----a-w- c:\windows\system32\authui.dll
2013-10-03 01:58 . 2013-11-15 08:27 305152 ----a-w- c:\windows\system32\gdi32.dll
2013-09-25 02:01 . 2013-11-15 08:28 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 02:01 . 2013-11-15 08:28 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-09-25 01:57 . 2013-11-15 08:27 99840 ----a-w- c:\windows\system32\sspicli.dll
2013-09-25 01:57 . 2013-11-15 08:27 22016 ----a-w- c:\windows\system32\secur32.dll
2013-09-25 01:57 . 2013-11-15 08:28 247808 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:56 . 2013-11-15 08:27 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-09-25 01:56 . 2013-11-15 08:28 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2013-09-25 00:49 . 2013-11-15 08:27 22016 ----a-w- c:\windows\system32\lsass.exe
2013-09-25 00:49 . 2013-11-15 08:27 15872 ----a-w- c:\windows\system32\sspisrv.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-18 18:59 321752 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Toshiba TEMPRO"="c:\program files\Toshiba TEMPRO\TemproTray.exe" [2011-02-10 1546720]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-10-21 7858720]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-11-18 3568312]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2013-11-18 3568312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCInstallQueue"="netman.dll" [2009-07-14 280576]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-28 108032]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-22 174592]
R3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-05 1343400]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-06-05 691696]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-11-18 774392]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-11-08 403440]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2012-09-12 116608]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-09-08 172032]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-11-18 35656]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-11-18 70384]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-10-27 185712]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-09-28 185712]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 125696]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 24064]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-11-05 230912]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-04-27 1011232]
.
.
.
------- Doplňkový sken -------
.
uStart Page =
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\qieabtyh.default\
FF - prefs.js: browser.startup.homepage - www.centrum.cz
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3136)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\TODDSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files\TOSHIBA\ConfigFree\CFSwMgr.exe
.
**************************************************************************
.
Celkový čas: 2013-12-23 20:12:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-23 19:12
.
Před spuštěním: Volných bajtů: 82 717 618 176
Po spuštění: Volných bajtů: 82 234 953 728
.
- - End Of File - - BB3E11ED616D08A266390A0107D086A3
A36C5E4F47E84449FF07ED3517B43A31

Nakažený soubor byl nahražen ze zálohy. Zbytek logu vypadá čistý.

Ufff tak to jste mě potěšil. Já sem si říkal jestli tady někde není. Tedy je to od vás vše?

Nemáte-li jiný problém, je to vše.

Vypadá to vše v pořádku, PC běží tak jak má. Tak je to poučení pro příště . Děkuji za váš čas a pěkný svátky přeju

Hezké svátky i vám a nemáte zač!