Prosím o preventivku PC

[Mr.Francesko]

Ahoj,prosim o kontorlu PC mam pocit ze mam neco v PC.......zatim jsem vypis z logu zadnej nedam pockam na vase instrukce posledne mne nadvaly ze to bylo spatne a z jineho programu








Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-01-2014 01
Ran by Matrix (administrator) on MATRIX-PC on 02-01-2014 14:04:17
Running from C:\Users\Matrix\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [507744 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 192.168.0.1

Chrome:
=======
CHR HomePage: hxxp://www.google.cz/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! Online Security) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0
CHR Extension: (Google Wallet) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-29] (AVAST Software)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-29] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-06-30] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-06-30] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-02 14:04 - 2014-01-02 14:04 - 00006315 _____ C:\Users\Matrix\Desktop\FRST.txt
2014-01-02 14:04 - 2014-01-02 14:04 - 00000000 ____D C:\FRST
2014-01-02 14:02 - 2014-01-02 14:02 - 01931426 _____ (Farbar) C:\Users\Matrix\Desktop\FRST64.exe
2014-01-02 13:27 - 2014-01-02 13:27 - 00000056 _____ C:\Windows\setupact.log
2014-01-02 13:27 - 2014-01-02 13:27 - 00000000 _____ C:\Windows\setuperr.log
2014-01-01 18:20 - 2013-12-10 22:25 - 00005453 ____S C:\Windows\SysWOW64\mswoqu.vbe
2014-01-01 18:20 - 2013-12-10 22:25 - 00001645 ____S C:\Windows\SysWOW64\msgufhtl.vbe
2014-01-01 18:20 - 2013-12-10 22:25 - 00000583 ____S C:\Windows\SysWOW64\msiyiwk.vbe
2014-01-01 18:20 - 2013-08-11 15:40 - 00043520 ____S (NirSoft) C:\Windows\SysWOW64\nircmdc.exe
2013-12-29 21:54 - 2013-12-29 21:54 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 21:54 - 2013-12-29 21:54 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 21:54 - 2013-12-29 21:54 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-29 21:54 - 2013-12-29 21:54 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\AVAST Software
2013-12-29 21:53 - 2013-12-29 21:53 - 00000000 ____D C:\Program Files\AVAST Software
2013-12-29 21:52 - 2013-12-29 21:53 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-29 06:44 - 2013-12-29 06:44 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\Fatshark
2013-12-28 13:41 - 2014-01-02 13:31 - 00161257 _____ C:\Windows\WindowsUpdate.log
2013-12-26 20:53 - 2013-12-26 20:53 - 00001335 _____ C:\Users\Public\Desktop\Virtual Families 2.lnk
2013-12-26 20:53 - 2013-12-26 20:53 - 00000000 ____D C:\Users\Matrix\Documents\LDW
2013-12-26 20:53 - 2013-12-26 20:53 - 00000000 ____D C:\Program Files (x86)\LeeGT-Games
2013-12-12 10:42 - 2013-12-12 10:42 - 00000000 ____D C:\Users\Matrix\Documents\SimCity
2013-12-11 12:20 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 12:20 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 12:20 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 12:20 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 12:20 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 12:20 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 12:15 - 2013-11-02 03:28 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 12:15 - 2013-11-02 03:28 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 12:15 - 2013-11-02 03:26 - 09073152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 12:15 - 2013-11-02 03:26 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 12:15 - 2013-11-02 03:25 - 12295168 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 12:15 - 2013-11-02 03:25 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 12:15 - 2013-11-02 03:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 12:15 - 2013-11-02 03:07 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 12:15 - 2013-11-02 03:04 - 06039552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 12:15 - 2013-11-02 03:04 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 12:15 - 2013-11-02 03:03 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 12:15 - 2013-11-02 03:03 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 12:14 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 12:14 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 12:14 - 2013-11-02 03:28 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 12:14 - 2013-11-02 03:26 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 12:14 - 2013-11-02 03:25 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 12:14 - 2013-11-02 03:25 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 12:14 - 2013-11-02 03:07 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-11 12:14 - 2013-11-02 03:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-11 12:14 - 2013-11-02 03:04 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 12:14 - 2013-11-02 03:03 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 12:14 - 2013-11-02 02:30 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 12:14 - 2013-11-02 02:13 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 12:14 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 12:14 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 12:14 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 12:14 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 12:14 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 12:14 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 12:14 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 12:14 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 12:14 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 12:14 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 12:14 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 12:14 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 12:14 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-09 17:35 - 2013-12-09 17:35 - 00000000 ____D C:\Users\Matrix\Documents\Diablo III
2013-12-09 17:13 - 2013-12-09 17:35 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-12-09 17:13 - 2013-12-09 17:13 - 00001144 _____ C:\Users\Public\Desktop\Diablo III.lnk
2013-12-09 17:13 - 2013-12-09 17:13 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-12-09 17:12 - 2013-12-09 17:13 - 00000000 ____D C:\ProgramData\Battle.net
2013-12-05 18:03 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll

==================== One Month Modified Files and Folders =======

2014-01-02 14:04 - 2014-01-02 14:04 - 00006315 _____ C:\Users\Matrix\Desktop\FRST.txt
2014-01-02 14:04 - 2014-01-02 14:04 - 00000000 ____D C:\FRST
2014-01-02 14:02 - 2014-01-02 14:02 - 01931426 _____ (Farbar) C:\Users\Matrix\Desktop\FRST64.exe
2014-01-02 13:57 - 2013-11-07 10:47 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-02 13:56 - 2013-05-27 19:30 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-02 13:46 - 2013-05-27 17:39 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-02 13:35 - 2009-07-14 05:45 - 00021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-02 13:35 - 2009-07-14 05:45 - 00021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-02 13:34 - 2010-11-21 10:27 - 00668866 _____ C:\Windows\system32\perfh005.dat
2014-01-02 13:34 - 2010-11-21 10:27 - 00141526 _____ C:\Windows\system32\perfc005.dat
2014-01-02 13:34 - 2009-07-14 06:13 - 01584554 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-02 13:31 - 2013-12-28 13:41 - 00161257 _____ C:\Windows\WindowsUpdate.log
2014-01-02 13:28 - 2013-11-07 10:47 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-02 13:27 - 2014-01-02 13:27 - 00000056 _____ C:\Windows\setupact.log
2014-01-02 13:27 - 2014-01-02 13:27 - 00000000 _____ C:\Windows\setuperr.log
2014-01-02 13:27 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-01 21:03 - 2013-05-28 00:48 - 00000000 ____D C:\Users\Matrix\Documents\my games
2013-12-29 21:54 - 2013-12-29 21:54 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 21:54 - 2013-12-29 21:54 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 21:54 - 2013-12-29 21:54 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-29 21:54 - 2013-12-29 21:54 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\AVAST Software
2013-12-29 21:54 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-12-29 21:53 - 2013-12-29 21:53 - 00000000 ____D C:\Program Files\AVAST Software
2013-12-29 21:53 - 2013-12-29 21:52 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-29 06:44 - 2013-12-29 06:44 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\Fatshark
2013-12-28 23:23 - 2013-06-01 21:51 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-27 18:45 - 2013-05-27 15:43 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-12-27 15:30 - 2013-05-27 15:56 - 00000000 ____D C:\Program Files\CCleaner
2013-12-26 20:53 - 2013-12-26 20:53 - 00001335 _____ C:\Users\Public\Desktop\Virtual Families 2.lnk
2013-12-26 20:53 - 2013-12-26 20:53 - 00000000 ____D C:\Users\Matrix\Documents\LDW
2013-12-26 20:53 - 2013-12-26 20:53 - 00000000 ____D C:\Program Files (x86)\LeeGT-Games
2013-12-17 13:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-15 22:25 - 2013-07-14 15:50 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\Might & Magic Heroes VI
2013-12-12 10:42 - 2013-12-12 10:42 - 00000000 ____D C:\Users\Matrix\Documents\SimCity
2013-12-12 10:41 - 2013-06-01 21:52 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-12-11 22:46 - 2013-05-27 17:39 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 22:46 - 2013-05-27 17:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 22:46 - 2013-05-27 17:39 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 12:18 - 2009-07-14 05:45 - 00276128 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-10 22:25 - 2014-01-01 18:20 - 00005453 ____S C:\Windows\SysWOW64\mswoqu.vbe
2013-12-10 22:25 - 2014-01-01 18:20 - 00001645 ____S C:\Windows\SysWOW64\msgufhtl.vbe
2013-12-10 22:25 - 2014-01-01 18:20 - 00000583 ____S C:\Windows\SysWOW64\msiyiwk.vbe
2013-12-09 17:35 - 2013-12-09 17:35 - 00000000 ____D C:\Users\Matrix\Documents\Diablo III
2013-12-09 17:35 - 2013-12-09 17:13 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-12-09 17:13 - 2013-12-09 17:13 - 00001144 _____ C:\Users\Public\Desktop\Diablo III.lnk
2013-12-09 17:13 - 2013-12-09 17:13 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-12-09 17:13 - 2013-12-09 17:12 - 00000000 ____D C:\ProgramData\Battle.net
2013-12-08 12:58 - 2013-05-27 15:14 - 01559268 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-07 18:52 - 2013-11-07 10:47 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-07 18:52 - 2013-11-07 10:47 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-05 12:05 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-30 22:48

==================== End Of Log ============================






Logfile of random's system information tool 1.09 (written by random/random)
Run by Matrix at 2014-01-02 14:09:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 447 GB (47%) free of 954 GB
Total RAM: 8189 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:10:02, on 2.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Matrix.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6127 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 1972
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2608.0.684395653\301288714" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22,26 --gpu-vendor-id=0x10de --gpu-device-id=0x1201 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1422 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --channel="2608.1.959635398\1978053589" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="2608.2.1349888689\1640876789" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="2608.12.1989849031\718438007" /prefetch:673131151
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="2608.18.1566555986\250981761" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="2608.19.1005953507\1842866491" /prefetch:673131151
"C:\Users\Matrix\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-06-13 1212560]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"=C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-04-23 507744]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-29 3764024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-02 14:09:58 ----D---- C:\rsit
2014-01-02 14:09:58 ----D---- C:\Program Files\trend micro
2014-01-02 14:04:03 ----D---- C:\FRST
2014-01-01 18:20:00 ----AS---- C:\Windows\SYSWOW64\nircmdc.exe
2013-12-29 21:54:34 ----D---- C:\Users\Matrix\AppData\Roaming\AVAST Software
2013-12-29 21:54:08 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-12-29 21:54:08 ----A---- C:\Windows\system32\drivers\aswstm.sys
2013-12-29 21:54:08 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-12-29 21:54:08 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-12-29 21:54:07 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-12-29 21:54:07 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-12-29 21:54:07 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-12-29 21:54:06 ----A---- C:\Windows\system32\aswBoot.exe
2013-12-29 21:54:05 ----A---- C:\Windows\avastSS.scr
2013-12-29 21:53:55 ----D---- C:\Program Files\AVAST Software
2013-12-29 21:52:59 ----D---- C:\ProgramData\AVAST Software
2013-12-29 06:44:05 ----D---- C:\Users\Matrix\AppData\Roaming\Fatshark
2013-12-27 18:31:30 ----SD---- C:\Windows\SYSWOW64\Microsoft
2013-12-26 20:53:17 ----D---- C:\Program Files (x86)\LeeGT-Games
2013-12-11 12:20:55 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-11 12:20:55 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-11 12:20:55 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-11 12:20:53 ----A---- C:\Windows\system32\wmp.dll
2013-12-11 12:20:49 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-11 12:20:49 ----A---- C:\Windows\system32\msieftp.dll
2013-12-11 12:15:05 ----A---- C:\Windows\system32\mshtml.dll
2013-12-11 12:15:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-11 12:15:03 ----A---- C:\Windows\system32\iertutil.dll
2013-12-11 12:15:03 ----A---- C:\Windows\system32\ieframe.dll
2013-12-11 12:15:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-11 12:15:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-11 12:15:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-11 12:15:02 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-11 12:15:01 ----A---- C:\Windows\system32\urlmon.dll
2013-12-11 12:15:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-11 12:15:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-11 12:15:00 ----A---- C:\Windows\system32\wininet.dll
2013-12-11 12:14:59 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-11 12:14:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-11 12:14:59 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-11 12:14:59 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-11 12:14:59 ----A---- C:\Windows\system32\url.dll
2013-12-11 12:14:59 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-11 12:14:59 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-11 12:14:59 ----A---- C:\Windows\system32\ieui.dll
2013-12-11 12:14:57 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-11 12:14:57 ----A---- C:\Windows\system32\tzres.dll
2013-12-11 12:14:54 ----A---- C:\Windows\system32\win32k.sys
2013-12-11 12:14:53 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-11 12:14:53 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-11 12:14:52 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-11 12:14:52 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-11 12:14:51 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-11 12:14:51 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-11 12:14:51 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-11 12:14:51 ----A---- C:\Windows\system32\wscript.exe
2013-12-11 12:14:51 ----A---- C:\Windows\system32\scrrun.dll
2013-12-11 12:14:51 ----A---- C:\Windows\system32\cscript.exe
2013-12-09 17:13:45 ----D---- C:\ProgramData\Blizzard Entertainment
2013-12-09 17:13:45 ----D---- C:\Program Files (x86)\Diablo III
2013-12-09 17:12:54 ----D---- C:\ProgramData\Battle.net
2013-12-08 12:53:27 ----D---- C:\Windows\Migration
2013-12-05 18:03:58 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll

======List of files/folders modified in the last 1 month======

2014-01-02 14:10:02 ----D---- C:\Windows\Prefetch
2014-01-02 14:09:58 ----RD---- C:\Program Files
2014-01-02 14:04:45 ----D---- C:\Windows
2014-01-02 13:56:40 ----D---- C:\Program Files (x86)\Steam
2014-01-02 13:34:01 ----D---- C:\Windows\System32
2014-01-02 13:34:01 ----D---- C:\Windows\inf
2014-01-02 13:34:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-02 12:37:25 ----D---- C:\Windows\system32\config
2014-01-02 12:37:00 ----D---- C:\Windows\Temp
2014-01-01 19:38:42 ----D---- C:\Windows\Logs
2014-01-01 18:20:00 ----D---- C:\Windows\SysWOW64
2014-01-01 17:31:22 ----SHD---- C:\Windows\Installer
2014-01-01 17:30:52 ----RSD---- C:\Windows\assembly
2013-12-29 21:56:48 ----D---- C:\Windows\system32\drivers
2013-12-29 21:54:11 ----D---- C:\Windows\system32\Tasks
2013-12-29 21:54:03 ----D---- C:\Program Files\Windows Sidebar
2013-12-29 21:52:59 ----HD---- C:\ProgramData
2013-12-29 21:51:16 ----D---- C:\Windows\SoftwareDistribution
2013-12-29 21:48:18 ----RD---- C:\Program Files (x86)
2013-12-29 21:33:06 ----SHD---- C:\System Volume Information
2013-12-28 23:23:07 ----D---- C:\Program Files (x86)\Origin
2013-12-28 13:37:45 ----D---- C:\Windows\system32\catroot
2013-12-27 15:30:58 ----D---- C:\Program Files\CCleaner
2013-12-27 13:01:09 ----D---- C:\Windows\system32\catroot2
2013-12-17 13:50:49 ----D---- C:\Windows\rescache
2013-12-15 22:25:42 ----D---- C:\Users\Matrix\AppData\Roaming\Might & Magic Heroes VI
2013-12-12 10:41:47 ----D---- C:\Program Files (x86)\Origin Games
2013-12-11 22:46:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-11 15:26:29 ----D---- C:\Windows\winsxs
2013-12-11 12:21:46 ----D---- C:\Program Files\Windows Media Player
2013-12-11 12:21:46 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-11 12:17:25 ----D---- C:\Windows\SYSWOW64\migration
2013-12-11 12:17:25 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-11 12:17:25 ----D---- C:\Windows\system32\cs-CZ
2013-12-11 12:17:25 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-11 12:17:24 ----D---- C:\Windows\system32\migration
2013-12-11 12:17:24 ----D---- C:\Windows\system32\DriverStore
2013-12-11 12:17:24 ----D---- C:\Program Files\Internet Explorer
2013-12-09 17:13:49 ----D---- C:\Program Files (x86)\Common Files
2013-12-08 19:29:36 ----D---- C:\Windows\Microsoft.NET
2013-12-08 12:58:11 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-12-08 12:53:33 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-08 12:53:33 ----D---- C:\Windows\system32\en-US
2013-12-08 12:53:27 ----SD---- C:\ProgramData\Microsoft
2013-12-05 12:42:37 ----D---- C:\Windows\system32\LogFiles

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-12-29 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-29 207904]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-12-29 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-12-29 1034464]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-12-29 422216]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-12-29 78648]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-06-30 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-06-30 43680]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2013-12-29 79672]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2012-08-07 65152]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2012-08-07 88832]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-03-30 56448]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-29 50344]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07 116648]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------






DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514
Run by Matrix at 14:13:59 on 2014-01-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8189.6653 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 213.46.172.36 192.168.0.1
TCP: Interfaces\{7D7ADA52-41F6-4DDA-9166-DDFFFCC403F6} : DHCPNameServer = 213.46.172.36 192.168.0.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-12-29 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-12-29 207904]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-12-29 1034464]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-12-29 422216]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-12-29 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-29 50344]
R3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2013-12-29 79672]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2013-5-27 65152]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2013-5-27 88832]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-5-27 646248]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2013-5-27 56448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-5-27 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-13 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-5-27 30208]
.
=============== Created Last 30 ================
.
2014-01-02 13:09:58 -------- d-----w- C:\Program Files\trend micro
2014-01-02 13:04:03 -------- d-----w- C:\FRST
2014-01-01 17:20:00 583 --s-a-w- C:\Windows\SysWow64\msiyiwk.vbe
2014-01-01 17:20:00 5453 --s-a-w- C:\Windows\SysWow64\mswoqu.vbe
2014-01-01 17:20:00 43520 --s-a-w- C:\Windows\SysWow64\nircmdc.exe
2014-01-01 17:20:00 1645 --s-a-w- C:\Windows\SysWow64\msgufhtl.vbe
2013-12-29 20:54:34 -------- d-----w- C:\Users\Matrix\AppData\Roaming\AVAST Software
2013-12-29 20:54:08 79672 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2013-12-29 20:54:08 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-12-29 20:54:08 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-12-29 20:54:08 1034464 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-12-29 20:54:07 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-12-29 20:54:07 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-12-29 20:54:05 43152 ----a-w- C:\Windows\avastSS.scr
2013-12-29 20:53:55 -------- d-----w- C:\Program Files\AVAST Software
2013-12-29 20:52:59 -------- d-----w- C:\ProgramData\AVAST Software
2013-12-29 05:44:05 -------- d-----w- C:\Users\Matrix\AppData\Roaming\Fatshark
2013-12-27 17:31:30 -------- d-s---w- C:\Windows\SysWow64\Microsoft
2013-12-26 19:53:17 -------- d-----w- C:\Program Files (x86)\LeeGT-Games
2013-12-11 11:20:56 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2013-12-11 11:20:56 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2013-12-11 11:20:55 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2013-12-11 11:20:55 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2013-12-11 11:20:49 335360 ----a-w- C:\Windows\System32\msieftp.dll
2013-12-11 11:20:49 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-12-09 16:13:45 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2013-12-09 16:13:45 -------- d-----w- C:\Program Files (x86)\Diablo III
2013-12-09 16:13:45 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2013-12-09 16:12:54 -------- d-----w- C:\ProgramData\Battle.net
2013-12-08 11:53:27 -------- d-----w- C:\Windows\Migration
2013-12-05 17:03:58 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll
.
==================== Find3M ====================
.
2013-12-11 21:46:07 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 21:46:07 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-11-02 02:28:15 1188864 ----a-w- C:\Windows\System32\wininet.dll
2013-11-02 02:07:14 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-02 01:30:23 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-02 01:13:30 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx
2013-10-12 02:31:04 202752 ----a-w- C:\Windows\System32\scrrun.dll
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe
2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe
2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2011-08-28 12:48:25 285 ----a-r- C:\Program Files (x86)\Viewer.BAT
.
============= FINISH: 14:14:21,61 ===============

[vyosek]

Zdravim

Maly dotaz k tomuto - jak jako minule, tohle je vas prvni prispevek pod timto nickem, to tu mate jeste nejaky dalsi ucet??

posledne mne nadvaly

Jinak nahore je takovej veeeelkej oranzovej obdelnik a pokud se jej budete drzet, tak nikdo nadavat nebude

[Mr.Francesko]

Ahoj ano mel jsem nekdy před rokem bhouzel email zanikl byl zrusen...

[vyosek]

OK, tak mrknete na ten obdelnik a ja si pockam na log

[vyosek]

Za prve, proc editujete prvni prispevek a davate logy tam, jak si mam tech editaci vsimnout???

Za druhe, co se pis v tom veeelkem oranzovem obdelniku, z ceho mate dat log a z ceho jste dal?? nepsal jste, ze sjte mel minule problemy s utilitami, nyni se to opakuje. To opravdu nebudem pokracovat, kdyz si delate co mate

[Mr.Francesko]

pardon teda,ale zadnej oranzovej obdelnik nikde nemuzu najit jen jsem nasel z jakejch programu logy udelat......a este namne porad rve Avast ze tu je nejakej vir na webu

[Mr.Francesko]

pardon teda,ale zadnej oranzovej obdelnik nikde nemuzu najit jen jsem nasel z jakejch programu logy udelat......a este namne porad rve Avast ze tu je nejakej vir na webu

nejspis se my blbe nacetla stranka

[vyosek]

uplne nahore, jak je nove tema, ten nevidite???




Je to falesne hlaseni Avastu, pracuje se na naprave

[Mr.Francesko]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Matrix at 2014-01-02 16:15:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 447 GB (47%) free of 954 GB
Total RAM: 8189 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:15:08, on 2.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Matrix.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5944 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 1972
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2588.0.193573164\1984147967" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22,26 --gpu-vendor-id=0x10de --gpu-device-id=0x1201 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1422 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --channel="2588.1.894339712\1368476157" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="2588.2.999066067\113939297" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="2588.3.51039119\1959865450" /prefetch:673131151
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Matrix\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-06-13 1212560]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"=C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-04-23 507744]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-29 3764024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-02 16:15:06 ----D---- C:\rsit
2014-01-02 14:09:58 ----D---- C:\Program Files\trend micro
2014-01-02 14:04:03 ----D---- C:\FRST
2014-01-01 18:20:00 ----AS---- C:\Windows\SYSWOW64\nircmdc.exe
2013-12-29 21:54:34 ----D---- C:\Users\Matrix\AppData\Roaming\AVAST Software
2013-12-29 21:54:08 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-12-29 21:54:08 ----A---- C:\Windows\system32\drivers\aswstm.sys
2013-12-29 21:54:08 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-12-29 21:54:08 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-12-29 21:54:07 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-12-29 21:54:07 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-12-29 21:54:07 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-12-29 21:54:06 ----A---- C:\Windows\system32\aswBoot.exe
2013-12-29 21:54:05 ----A---- C:\Windows\avastSS.scr
2013-12-29 21:53:55 ----D---- C:\Program Files\AVAST Software
2013-12-29 21:52:59 ----D---- C:\ProgramData\AVAST Software
2013-12-29 06:44:05 ----D---- C:\Users\Matrix\AppData\Roaming\Fatshark
2013-12-27 18:31:30 ----SD---- C:\Windows\SYSWOW64\Microsoft
2013-12-26 20:53:17 ----D---- C:\Program Files (x86)\LeeGT-Games
2013-12-11 12:20:55 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-11 12:20:55 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-11 12:20:55 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-11 12:20:53 ----A---- C:\Windows\system32\wmp.dll
2013-12-11 12:20:49 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-11 12:20:49 ----A---- C:\Windows\system32\msieftp.dll
2013-12-11 12:15:05 ----A---- C:\Windows\system32\mshtml.dll
2013-12-11 12:15:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-11 12:15:03 ----A---- C:\Windows\system32\iertutil.dll
2013-12-11 12:15:03 ----A---- C:\Windows\system32\ieframe.dll
2013-12-11 12:15:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-11 12:15:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-11 12:15:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-11 12:15:02 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-11 12:15:01 ----A---- C:\Windows\system32\urlmon.dll
2013-12-11 12:15:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-11 12:15:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-11 12:15:00 ----A---- C:\Windows\system32\wininet.dll
2013-12-11 12:14:59 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-11 12:14:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-11 12:14:59 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-11 12:14:59 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-11 12:14:59 ----A---- C:\Windows\system32\url.dll
2013-12-11 12:14:59 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-11 12:14:59 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-11 12:14:59 ----A---- C:\Windows\system32\ieui.dll
2013-12-11 12:14:57 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-11 12:14:57 ----A---- C:\Windows\system32\tzres.dll
2013-12-11 12:14:54 ----A---- C:\Windows\system32\win32k.sys
2013-12-11 12:14:53 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-11 12:14:53 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-11 12:14:52 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-11 12:14:52 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-11 12:14:51 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-11 12:14:51 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-11 12:14:51 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-11 12:14:51 ----A---- C:\Windows\system32\wscript.exe
2013-12-11 12:14:51 ----A---- C:\Windows\system32\scrrun.dll
2013-12-11 12:14:51 ----A---- C:\Windows\system32\cscript.exe
2013-12-09 17:13:45 ----D---- C:\ProgramData\Blizzard Entertainment
2013-12-09 17:13:45 ----D---- C:\Program Files (x86)\Diablo III
2013-12-09 17:12:54 ----D---- C:\ProgramData\Battle.net
2013-12-08 12:53:27 ----D---- C:\Windows\Migration
2013-12-05 18:03:58 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll

======List of files/folders modified in the last 1 month======

2014-01-02 16:12:16 ----D---- C:\Program Files (x86)\Steam
2014-01-02 15:35:44 ----D---- C:\Windows\Prefetch
2014-01-02 14:09:58 ----RD---- C:\Program Files
2014-01-02 14:04:45 ----D---- C:\Windows
2014-01-02 13:34:01 ----D---- C:\Windows\System32
2014-01-02 13:34:01 ----D---- C:\Windows\inf
2014-01-02 13:34:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-02 12:37:25 ----D---- C:\Windows\system32\config
2014-01-02 12:37:00 ----D---- C:\Windows\Temp
2014-01-01 19:38:42 ----D---- C:\Windows\Logs
2014-01-01 18:20:00 ----D---- C:\Windows\SysWOW64
2014-01-01 17:31:22 ----SHD---- C:\Windows\Installer
2014-01-01 17:30:52 ----RSD---- C:\Windows\assembly
2013-12-29 21:56:48 ----D---- C:\Windows\system32\drivers
2013-12-29 21:54:11 ----D---- C:\Windows\system32\Tasks
2013-12-29 21:54:03 ----D---- C:\Program Files\Windows Sidebar
2013-12-29 21:52:59 ----HD---- C:\ProgramData
2013-12-29 21:51:16 ----D---- C:\Windows\SoftwareDistribution
2013-12-29 21:48:18 ----RD---- C:\Program Files (x86)
2013-12-29 21:33:06 ----SHD---- C:\System Volume Information
2013-12-28 23:23:07 ----D---- C:\Program Files (x86)\Origin
2013-12-28 13:37:45 ----D---- C:\Windows\system32\catroot
2013-12-27 15:30:58 ----D---- C:\Program Files\CCleaner
2013-12-27 13:01:09 ----D---- C:\Windows\system32\catroot2
2013-12-17 13:50:49 ----D---- C:\Windows\rescache
2013-12-15 22:25:42 ----D---- C:\Users\Matrix\AppData\Roaming\Might & Magic Heroes VI
2013-12-12 10:41:47 ----D---- C:\Program Files (x86)\Origin Games
2013-12-11 22:46:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-11 15:26:29 ----D---- C:\Windows\winsxs
2013-12-11 12:21:46 ----D---- C:\Program Files\Windows Media Player
2013-12-11 12:21:46 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-11 12:17:25 ----D---- C:\Windows\SYSWOW64\migration
2013-12-11 12:17:25 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-11 12:17:25 ----D---- C:\Windows\system32\cs-CZ
2013-12-11 12:17:25 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-11 12:17:24 ----D---- C:\Windows\system32\migration
2013-12-11 12:17:24 ----D---- C:\Windows\system32\DriverStore
2013-12-11 12:17:24 ----D---- C:\Program Files\Internet Explorer
2013-12-09 17:13:49 ----D---- C:\Program Files (x86)\Common Files
2013-12-08 19:29:36 ----D---- C:\Windows\Microsoft.NET
2013-12-08 12:58:11 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-12-08 12:53:33 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-08 12:53:33 ----D---- C:\Windows\system32\en-US
2013-12-08 12:53:27 ----SD---- C:\ProgramData\Microsoft
2013-12-05 12:42:37 ----D---- C:\Windows\system32\LogFiles

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-12-29 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-29 207904]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-12-29 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-12-29 1034464]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-12-29 422216]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-12-29 78648]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-06-30 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-06-30 43680]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2013-12-29 79672]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2012-08-07 65152]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2012-08-07 88832]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-03-30 56448]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-29 50344]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07 116648]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[vyosek]

No takze priste lepe koukat

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

• Provedte aktualizaci
• Provedte uplny sken - nic nemazte
• MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

[Mr.Francesko]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.02.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Matrix :: MATRIX-PC [administrátor]

Ochrana: Povolena

2.1.2014 16:27:40
MBAM-log-2014-01-02 (17-31-50).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 503873
Uplynulý čas: 1 hodin, 3 minut, 27 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 6
C:\Windows\System32\msgufhtl.vbe (Trojan.Script) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\msiyiwk.vbe (Trojan.Script) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\mswoqu.vbe (Trojan.Script) -> Nebyla provedena žádná instrukce.
C:\Windows\SysWOW64\msgufhtl.vbe (Trojan.Script) -> Nebyla provedena žádná instrukce.
C:\Windows\SysWOW64\msiyiwk.vbe (Trojan.Script) -> Nebyla provedena žádná instrukce.
C:\Windows\SysWOW64\mswoqu.vbe (Trojan.Script) -> Nebyla provedena žádná instrukce.

(konec)

[vyosek]

Nalezy MBAMu smazte, objevi se log, ten rad uvidim

[Mr.Francesko]

dam vedet zhruba za hodinku,zapl jsem MBAM ty nalezy nebyli v karantene a nikde takze jsem zapl znova uplne skenovani

[vyosek]

OK, pockam si na log

[Mr.Francesko]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.02.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Matrix :: MATRIX-PC [administrátor]

Ochrana: Povolena

2.1.2014 19:15:22
mbam-log-2014-01-02 (19-15-22).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 504391
Uplynulý čas: 1 hodin, 3 minut, 40 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 6
C:\Windows\System32\msgufhtl.vbe (Trojan.Script) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\System32\msiyiwk.vbe (Trojan.Script) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\System32\mswoqu.vbe (Trojan.Script) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\SysWOW64\msgufhtl.vbe (Trojan.Script) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\SysWOW64\msiyiwk.vbe (Trojan.Script) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\SysWOW64\mswoqu.vbe (Trojan.Script) -> Přesun do karantény a smazání se zdařilo.

(konec)



po dokonceni MBAM ukazal tento log odstranit ani do karanteny to neslo a vyzadal si restart po restartu PC byla ta havet v karantene odtamtud sem to smazal ale zadny jiny log MBAM neudal