VIRY.CZ

Zdravim chtel bych pozadat o kontrolu. Dneska se mi do pc naboural hacker mam hold smolu Tak bych chtel pro jistotu proverit jestli mi tu nenechal neco neprijemnyho
Dekuji
Zde log
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-03-2014
Ran by Honzík (administrator) on HONZÍK-PC on 06-03-2014 20:08:47
Running from C:\Users\Honzík\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(IVT Corporation) C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\Genius\Gila\mousehid.exe
(IVT Corporation) C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
(KYE) C:\Program Files\Genius\Imperator Pro\IMProHid.exe
() C:\Program Files\Genius\Gila\trayicon.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(Spotify Ltd) C:\Users\Honzík\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(aZmqvkYVG6il) C:\Users\Honzík\AppData\Local\Temp\csrss.exe
(IVT Corporation) C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
(OSD) C:\Program Files\Genius\Gila\OSD.exe
(MFC Application) C:\Program Files\Genius\Imperator Pro\OSD.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10807912 2011-08-09] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-12] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-09] (AVAST Software)
HKLM\...\Run: [Gila] - C:\Program Files\Genius\Gila\mousehid.exe [307712 2013-01-16] ()
HKLM\...\Run: [BtTray] - C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [315478 2009-11-17] (IVT Corporation)
HKLM\...\Run: [Imperator pro] - C:\Program Files\Genius\Imperator Pro\IMProhid.exe [287232 2012-02-24] (KYE)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2013-12-03] (Microsoft Corporation)
HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\...\Run: [177a02611c727b8921a5249258c8bfa0] - C:\Users\Honzík\AppData\Local\Temp\csrss.exe [546816 2014-03-01] (aZmqvkYVG6il) <===== ATTENTION
HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\...\Run: [Spotify Web Helper] - C:\Users\Honzík\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-26] (Spotify Ltd)
HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\...\MountPoints2: {655d1c2d-5c3d-11e3-bc89-50e549c152e8} - L:\Setup.exe

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - DefaultScope {1B7944C5-928C-49e9-A566-3B2EB09F018C} URL = http://uk.search.yahoo.com/search?p={se ... ype=IEBDSV
SearchScopes: HKCU - {1B7944C5-928C-49e9-A566-3B2EB09F018C} URL = http://uk.search.yahoo.com/search?p={se ... ype=IEBDSV
SearchScopes: HKCU - {66EF56BE-38D4-4184-B5C2-BBA3C7C02B73} URL = http://www.google.com/cse?cx=partner-pu ... earchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Honzík\AppData\Roaming\Mozilla\Firefox\Profiles\qo91550y.default
FF user.js: detected! => C:\Users\Honzík\AppData\Roaming\Mozilla\Firefox\Profiles\qo91550y.default\user.js
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Hotspot Shield Extension - C:\Program Files\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-01-13]
FF HKLM\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}] - C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}
FF HKLM\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}] - C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}
FF HKLM\...\Firefox\Extensions: [{d9284e50-81fc-11da-a72b-0800200c9a66}] - C:\Program Files\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66}
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-03]

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-29]
CHR Extension: (Disk Google) - C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-29]
CHR Extension: (YouTube) - C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-29]
CHR Extension: (avast! Online Security) - C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-04]
CHR Extension: (Peněženka Google) - C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-29]
CHR Extension: (Gmail) - C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-29]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-03]

========================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2011-10-12] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-09] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [854016 2009-11-18] (IVT Corporation)
R3 BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [102503 2009-11-17] (IVT Corporation)

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys [36864 2010-03-12] (Advanced Micro Devices)
R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [39424 2011-06-24] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [18544 2011-01-10] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-02-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-12-03] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-12-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-02-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-02-09] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2014-02-09] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2013-12-28] ()
S3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [17928 2009-06-17] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [32640 2009-09-24] (IVT Corporation.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [19592 2009-09-24] (IVT Corporation.)
R3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [22528 2009-09-24] ()
S3 gdrv; C:\Windows\gdrv.sys [17488 2013-12-05] (Windows (R) 2000 DDK provider)
S3 GVTDrv; C:\Windows\system32\Drivers\GVTDrv.sys [24944 2013-12-05] ()
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [25280 2013-12-07] (LogMeIn, Inc.)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [39624 2013-11-13] (AnchorFree Inc.)
R3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [25480 2009-08-26] (IVT Corporation.)
R3 KYEKBPRO; C:\Windows\System32\Drivers\KYEKBPRO.sys [18944 2011-10-14] ( )
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [328552 2011-07-06] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2013-12-03] ()
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
S3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [14856 2009-08-26] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [32392 2009-08-28] (IVT Corporation.)
R1 VirtDiskBus; C:\Windows\System32\DRIVERS\VirtDiskBus.sys [57456 2011-02-08] (Giga-Byte Technology CO., LTD.)
U3 af4es78u; C:\Windows\system32\Drivers\af4es78u.sys [0 ] (Microsoft Corporation)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33800 2009-06-17] (IVT Corporation.)
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-06 20:08 - 2014-03-06 20:08 - 01145344 _____ (Farbar) C:\Users\Honzík\Desktop\FRST.exe
2014-03-06 20:08 - 2014-03-06 20:08 - 00781383 _____ () C:\Users\Honzík\Desktop\RSIT.exe
2014-03-06 20:08 - 2014-03-06 20:08 - 00013312 _____ () C:\Users\Honzík\Desktop\FRST.txt
2014-03-06 20:07 - 2014-03-06 20:07 - 00112640 _____ (forum.viry.cz) C:\Users\Honzík\Desktop\FRSTLauncher.exe
2014-03-06 20:07 - 2014-03-06 20:07 - 00015327 _____ () C:\Users\Honzík\Desktop\LM.bat
2014-03-06 19:52 - 2014-03-06 19:52 - 243943789 _____ () C:\Users\Honzík\Desktop\krvavy-diamant-part1-dvdrip.cz-dab.rar.3889944945196538413.part
2014-03-06 19:52 - 2014-03-06 19:52 - 233710649 _____ () C:\Users\Honzík\Desktop\krvavy-diamant-part2-dvdrip.cz-dab.rar.7040279992298785968.part
2014-03-06 19:52 - 2014-03-06 19:52 - 152438284 _____ () C:\Users\Honzík\Desktop\Země-bez-zákona-(2012.cz).avi.3323468793741697630.part
2014-03-06 19:52 - 2014-03-06 19:52 - 148874414 _____ () C:\Users\Honzík\Desktop\Téměř-dokonalý-zločin-Cz.avi.8774868261427703128.part
2014-03-06 19:15 - 2014-03-06 19:15 - 00000790 _____ () C:\Windows\setupact.log
2014-03-06 19:15 - 2014-03-06 19:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-06 18:31 - 2014-03-06 18:31 - 00000294 _____ () C:\Users\Honzík\Desktop\Nápověda.URL
2014-03-05 19:03 - 2014-03-05 19:28 - 00000000 ____D () C:\Program Files\MKV Player
2014-03-05 19:03 - 2014-03-05 19:03 - 00000000 ____D () C:\Program Files\RelevantKnowledge
2014-03-05 13:25 - 2014-03-05 13:25 - 00496286 _____ () C:\Users\Honzík\Desktop\wowrm.rar
2014-03-05 12:57 - 2014-03-05 12:57 - 00618110 _____ () C:\Users\Honzík\Desktop\metro-last-light-v1.0-1.1-trainer-plus15.zip
2014-03-05 12:57 - 2014-03-05 12:57 - 00000000 ____D () C:\Users\Honzík\Documents\FLiNGTrainer
2014-03-05 12:57 - 2013-05-17 14:51 - 01204224 _____ (3DMGAME) C:\Users\Honzík\Desktop\Metro_Last Light v1.0-1.0.0.2 Plus 15 Trainer.exe
2014-03-05 12:43 - 2014-03-05 12:43 - 00000000 ____D () C:\Users\Honzík\Documents\My Cheat Tables
2014-03-05 12:39 - 2013-05-16 10:42 - 00000047 _____ () C:\Users\Honzík\Desktop\ ABCgames.sk.url
2014-03-03 17:11 - 2014-03-03 17:11 - 00001053 _____ () C:\Users\Public\Desktop\Metro Last Light Read.lnk
2014-03-03 17:03 - 2014-03-03 17:11 - 00000000 ____D () C:\Program Files\Metro Last Light Read
2014-03-02 23:22 - 2014-03-02 23:22 - 00000000 ____D () C:\Users\Honzík\Documents\4A Games
2014-03-02 23:15 - 2014-03-02 23:15 - 00000000 ____D () C:\Users\Honzík\AppData\Local\4A Games
2014-03-02 23:14 - 2014-03-02 23:14 - 00000000 ____D () C:\ProgramData\RELOADED
2014-02-28 01:14 - 2014-03-06 20:08 - 00000000 ____D () C:\FRST
2014-02-28 01:12 - 2014-03-06 20:07 - 00029696 _____ () C:\Users\Honzík\AppData\Local\MSGBOX.EXE
2014-02-27 17:11 - 2014-02-27 17:11 - 00001124 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-27 17:11 - 2014-02-27 17:11 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\TeamViewer
2014-02-27 17:11 - 2014-02-27 17:11 - 00000000 ____D () C:\Program Files\TeamViewer
2014-02-27 17:10 - 2014-02-27 17:10 - 05855408 _____ (TeamViewer GmbH) C:\Users\Honzík\Desktop\TeamViewer_Setup_cs.exe
2014-02-26 13:56 - 2014-03-05 15:49 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\Spotify
2014-02-26 13:56 - 2014-03-03 11:21 - 00000000 ____D () C:\Users\Honzík\AppData\Local\Spotify
2014-02-26 13:56 - 2014-02-26 13:56 - 00001811 _____ () C:\Users\Honzík\Desktop\Spotify.lnk
2014-02-26 13:56 - 2014-02-26 13:56 - 00001797 _____ () C:\Users\Honzík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-02-26 01:03 - 2014-02-26 01:03 - 00007967 _____ () C:\Users\Honzík\Desktop\icdbars098.zip
2014-02-25 00:47 - 2014-02-25 00:47 - 00001256 _____ () C:\Users\Honzík\Desktop\TBC.lnk
2014-02-24 19:06 - 2014-02-24 19:07 - 00000000 ____D () C:\Hack
2014-02-24 11:35 - 2014-02-24 11:35 - 00000000 ____D () C:\Users\Honzík\AppData\Local\BridgeProject
2014-02-24 11:35 - 2014-02-24 11:35 - 00000000 ____D () C:\ProgramData\Steam
2014-02-24 11:34 - 2014-02-24 11:34 - 00000784 _____ () C:\Users\Public\Desktop\Bridge Project.lnk
2014-02-24 11:32 - 2014-02-24 11:35 - 00000000 ____D () C:\Program Files\Bridge Project
2014-02-24 11:05 - 2014-02-24 11:05 - 00000991 _____ () C:\Users\Honzík\Desktop\wowrm2 – zástupce.lnk
2014-02-23 22:22 - 2014-03-06 14:32 - 00000000 ____D () C:\Users\Honzík\Desktop\wowrm
2014-02-23 00:04 - 2013-08-04 23:05 - 00000000 ____D () C:\Users\Honzík\Desktop\Snip
2014-02-22 12:09 - 2014-02-22 12:09 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-02-22 12:09 - 2014-02-22 12:09 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-02-22 11:25 - 2012-03-16 20:17 - 00000000 ____D () C:\Users\Honzík\Desktop\Hitchhiker's Hack 3.3.5
2014-02-13 12:11 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 12:11 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 12:11 - 2014-02-06 11:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 12:11 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 12:11 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 12:11 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 12:11 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 12:11 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 12:11 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 12:11 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 12:11 - 2014-02-06 10:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 12:11 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 12:11 - 2014-02-06 10:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 12:11 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 12:11 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 12:11 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 12:11 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 12:11 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 12:11 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 12:11 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 12:11 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 12:08 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 14:31 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 14:31 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 14:31 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 14:31 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 14:31 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 14:31 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 14:31 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 14:31 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 14:31 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 14:31 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 14:31 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 14:31 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 14:31 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 14:31 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 19:08 - 2014-02-11 19:08 - 00001096 _____ () C:\Users\Honzík\Desktop\EVEREST Ultimate Edition.lnk
2014-02-11 19:08 - 2010-06-18 23:50 - 00000000 ____D () C:\Users\Honzík\Desktop\EVEREST Ultimate Edition 5.50.2100 +Serials [UT]
2014-02-04 20:05 - 2014-02-04 20:07 - 00000000 ____D () C:\Users\Honzík\AppData\Local\Darksiders2
2014-02-04 18:03 - 2014-02-04 18:03 - 00001019 _____ () C:\Users\Public\Desktop\DarkSiders II.lnk
2014-02-04 17:34 - 2014-02-04 18:03 - 00000000 ____D () C:\Program Files\DarkSiders II

==================== One Month Modified Files and Folders =======

2014-03-06 20:09 - 2014-03-06 20:08 - 00013312 _____ () C:\Users\Honzík\Desktop\FRST.txt
2014-03-06 20:08 - 2014-03-06 20:08 - 01145344 _____ (Farbar) C:\Users\Honzík\Desktop\FRST.exe
2014-03-06 20:08 - 2014-03-06 20:08 - 00781383 _____ () C:\Users\Honzík\Desktop\RSIT.exe
2014-03-06 20:08 - 2014-02-28 01:14 - 00000000 ____D () C:\FRST
2014-03-06 20:07 - 2014-03-06 20:07 - 00112640 _____ (forum.viry.cz) C:\Users\Honzík\Desktop\FRSTLauncher.exe
2014-03-06 20:07 - 2014-03-06 20:07 - 00015327 _____ () C:\Users\Honzík\Desktop\LM.bat
2014-03-06 20:07 - 2014-02-28 01:12 - 00029696 _____ () C:\Users\Honzík\AppData\Local\MSGBOX.EXE
2014-03-06 19:54 - 2013-12-03 14:36 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\Skype
2014-03-06 19:52 - 2014-03-06 19:52 - 243943789 _____ () C:\Users\Honzík\Desktop\krvavy-diamant-part1-dvdrip.cz-dab.rar.3889944945196538413.part
2014-03-06 19:52 - 2014-03-06 19:52 - 233710649 _____ () C:\Users\Honzík\Desktop\krvavy-diamant-part2-dvdrip.cz-dab.rar.7040279992298785968.part
2014-03-06 19:52 - 2014-03-06 19:52 - 152438284 _____ () C:\Users\Honzík\Desktop\Země-bez-zákona-(2012.cz).avi.3323468793741697630.part
2014-03-06 19:52 - 2014-03-06 19:52 - 148874414 _____ () C:\Users\Honzík\Desktop\Téměř-dokonalý-zločin-Cz.avi.8774868261427703128.part
2014-03-06 19:43 - 2013-12-03 10:45 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-06 19:40 - 2013-12-29 09:23 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-06 19:16 - 2013-12-04 18:13 - 00654910 _____ () C:\Windows\system32\perfh01D.dat
2014-03-06 19:16 - 2013-12-04 18:13 - 00141728 _____ () C:\Windows\system32\perfc01D.dat
2014-03-06 19:16 - 2013-12-04 17:50 - 00419614 _____ () C:\Windows\system32\perfh012.dat
2014-03-06 19:16 - 2013-12-04 17:50 - 00119638 _____ () C:\Windows\system32\perfc012.dat
2014-03-06 19:16 - 2013-12-04 16:41 - 00372360 _____ () C:\Windows\system32\prfh0804.dat
2014-03-06 19:16 - 2013-12-04 16:41 - 00118846 _____ () C:\Windows\system32\prfc0804.dat
2014-03-06 19:16 - 2013-12-04 16:00 - 00407968 _____ () C:\Windows\system32\perfh011.dat
2014-03-06 19:16 - 2013-12-04 16:00 - 00121354 _____ () C:\Windows\system32\perfc011.dat
2014-03-06 19:16 - 2013-12-04 14:58 - 00734688 _____ () C:\Windows\system32\perfh013.dat
2014-03-06 19:16 - 2013-12-04 14:58 - 00152356 _____ () C:\Windows\system32\perfc013.dat
2014-03-06 19:16 - 2013-12-04 14:38 - 00485704 _____ () C:\Windows\system32\perfh014.dat
2014-03-06 19:16 - 2013-12-04 14:38 - 00094658 _____ () C:\Windows\system32\perfc014.dat
2014-03-06 19:16 - 2013-12-04 13:39 - 00731236 _____ () C:\Windows\system32\perfh010.dat
2014-03-06 19:16 - 2013-12-04 13:39 - 00146100 _____ () C:\Windows\system32\perfc010.dat
2014-03-06 19:16 - 2013-12-04 12:51 - 00720208 _____ () C:\Windows\system32\prfh0816.dat
2014-03-06 19:16 - 2013-12-04 12:51 - 00152160 _____ () C:\Windows\system32\prfc0816.dat
2014-03-06 19:16 - 2013-12-04 12:17 - 00389532 _____ () C:\Windows\system32\prfh0404.dat
2014-03-06 19:16 - 2013-12-04 12:17 - 00114344 _____ () C:\Windows\system32\prfc0404.dat
2014-03-06 19:16 - 2013-12-04 12:04 - 00731548 _____ () C:\Windows\system32\perfh015.dat
2014-03-06 19:16 - 2013-12-04 12:04 - 00155126 _____ () C:\Windows\system32\perfc015.dat
2014-03-06 19:16 - 2013-12-04 11:52 - 00715790 _____ () C:\Windows\system32\perfh019.dat
2014-03-06 19:16 - 2013-12-04 11:52 - 00150096 _____ () C:\Windows\system32\perfc019.dat
2014-03-06 19:16 - 2013-12-04 11:39 - 00705070 _____ () C:\Windows\system32\prfh0416.dat
2014-03-06 19:16 - 2013-12-04 11:39 - 00146910 _____ () C:\Windows\system32\prfc0416.dat
2014-03-06 19:16 - 2013-12-04 09:43 - 00647872 _____ () C:\Windows\system32\perfh01F.dat
2014-03-06 19:16 - 2013-12-04 09:43 - 00139254 _____ () C:\Windows\system32\perfc01F.dat
2014-03-06 19:16 - 2013-12-03 09:44 - 17417856 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-06 19:15 - 2014-03-06 19:15 - 00000790 _____ () C:\Windows\setupact.log
2014-03-06 19:15 - 2014-03-06 19:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-06 19:09 - 2013-12-03 11:20 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\Ahead
2014-03-06 19:08 - 2013-12-03 11:23 - 00000000 ____D () C:\Users\Honzík\AppData\Local\Ahead
2014-03-06 19:07 - 2013-12-03 22:23 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\BitTorrent
2014-03-06 19:02 - 2013-12-03 09:24 - 01581911 _____ () C:\Windows\WindowsUpdate.log
2014-03-06 18:31 - 2014-03-06 18:31 - 00000294 _____ () C:\Users\Honzík\Desktop\Nápověda.URL
2014-03-06 18:13 - 2013-12-03 10:40 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\vlc
2014-03-06 17:00 - 2014-01-11 22:27 - 00000392 _____ () C:\Windows\Tasks\RegCure Program Check.job
2014-03-06 14:32 - 2014-02-23 22:22 - 00000000 ____D () C:\Users\Honzík\Desktop\wowrm
2014-03-06 09:03 - 2009-07-14 05:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-06 09:03 - 2009-07-14 05:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-06 08:54 - 2013-12-21 11:50 - 00000437 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-03-06 08:53 - 2013-12-29 09:23 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-06 08:53 - 2009-11-17 11:44 - 00001035 _____ () C:\Windows\system32\bscs.ini
2014-03-06 08:53 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-05 19:28 - 2014-03-05 19:03 - 00000000 ____D () C:\Program Files\MKV Player
2014-03-05 19:03 - 2014-03-05 19:03 - 00000000 ____D () C:\Program Files\RelevantKnowledge
2014-03-05 19:02 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2014-03-05 15:49 - 2014-02-26 13:56 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\Spotify
2014-03-05 13:59 - 2013-12-03 15:00 - 00000000 ____D () C:\Users\Honzík\Desktop\Hacker
2014-03-05 13:25 - 2014-03-05 13:25 - 00496286 _____ () C:\Users\Honzík\Desktop\wowrm.rar
2014-03-05 12:57 - 2014-03-05 12:57 - 00618110 _____ () C:\Users\Honzík\Desktop\metro-last-light-v1.0-1.1-trainer-plus15.zip
2014-03-05 12:57 - 2014-03-05 12:57 - 00000000 ____D () C:\Users\Honzík\Documents\FLiNGTrainer
2014-03-05 12:43 - 2014-03-05 12:43 - 00000000 ____D () C:\Users\Honzík\Documents\My Cheat Tables
2014-03-05 09:55 - 2013-12-03 20:20 - 00005065 _____ () C:\Windows\system32\LOCALSERVICE.INI
2014-03-05 09:55 - 2013-12-03 20:20 - 00000102 _____ () C:\Windows\system32\LOCALDEVICE.INI
2014-03-04 15:34 - 2013-12-04 19:17 - 00000000 ____D () C:\Program Files\Zrychleni Pocitace
2014-03-04 09:42 - 2013-12-29 09:25 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-03 17:11 - 2014-03-03 17:11 - 00001053 _____ () C:\Users\Public\Desktop\Metro Last Light Read.lnk
2014-03-03 17:11 - 2014-03-03 17:03 - 00000000 ____D () C:\Program Files\Metro Last Light Read
2014-03-03 11:21 - 2014-02-26 13:56 - 00000000 ____D () C:\Users\Honzík\AppData\Local\Spotify
2014-03-02 23:22 - 2014-03-02 23:22 - 00000000 ____D () C:\Users\Honzík\Documents\4A Games
2014-03-02 23:15 - 2014-03-02 23:15 - 00000000 ____D () C:\Users\Honzík\AppData\Local\4A Games
2014-03-02 23:14 - 2014-03-02 23:14 - 00000000 ____D () C:\ProgramData\RELOADED
2014-03-02 12:06 - 2013-12-03 20:22 - 00000125 _____ () C:\Windows\system32\REMOTEDEVICE.INI
2014-03-01 20:47 - 2013-12-30 23:14 - 00000204 _____ () C:\Users\Honzík\Desktop\acc.txt
2014-02-28 12:38 - 2013-12-03 22:58 - 00000000 ____D () C:\Users\Honzík\Desktop\FRD
2014-02-28 08:42 - 2013-12-24 01:28 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\TS3Client
2014-02-28 08:27 - 2009-07-14 05:33 - 00413632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-27 18:04 - 2013-12-06 01:10 - 00000000 ____D () C:\Program Files\OBS
2014-02-27 17:56 - 2013-12-03 10:34 - 00109664 _____ () C:\Users\Honzík\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-27 17:11 - 2014-02-27 17:11 - 00001124 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-27 17:11 - 2014-02-27 17:11 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\TeamViewer
2014-02-27 17:11 - 2014-02-27 17:11 - 00000000 ____D () C:\Program Files\TeamViewer
2014-02-27 17:10 - 2014-02-27 17:10 - 05855408 _____ (TeamViewer GmbH) C:\Users\Honzík\Desktop\TeamViewer_Setup_cs.exe
2014-02-27 15:20 - 2013-12-07 14:00 - 00000924 _____ () C:\Users\Honzík\Desktop\Nový textový dokument (3).txt
2014-02-26 13:56 - 2014-02-26 13:56 - 00001811 _____ () C:\Users\Honzík\Desktop\Spotify.lnk
2014-02-26 13:56 - 2014-02-26 13:56 - 00001797 _____ () C:\Users\Honzík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-02-26 09:16 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing
2014-02-26 01:03 - 2014-02-26 01:03 - 00007967 _____ () C:\Users\Honzík\Desktop\icdbars098.zip
2014-02-25 00:47 - 2014-02-25 00:47 - 00001256 _____ () C:\Users\Honzík\Desktop\TBC.lnk
2014-02-24 23:01 - 2013-12-15 15:31 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-02-24 19:07 - 2014-02-24 19:06 - 00000000 ____D () C:\Hack
2014-02-24 11:35 - 2014-02-24 11:35 - 00000000 ____D () C:\Users\Honzík\AppData\Local\BridgeProject
2014-02-24 11:35 - 2014-02-24 11:35 - 00000000 ____D () C:\ProgramData\Steam
2014-02-24 11:35 - 2014-02-24 11:32 - 00000000 ____D () C:\Program Files\Bridge Project
2014-02-24 11:34 - 2014-02-24 11:34 - 00000784 _____ () C:\Users\Public\Desktop\Bridge Project.lnk
2014-02-24 11:05 - 2014-02-24 11:05 - 00000991 _____ () C:\Users\Honzík\Desktop\wowrm2 – zástupce.lnk
2014-02-23 15:23 - 2013-12-03 15:07 - 00001411 _____ () C:\Users\Honzík\Desktop\Nový textový dokument (2).txt
2014-02-23 11:43 - 2013-12-03 11:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-23 11:41 - 2013-12-03 11:08 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-02-23 11:36 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-02-23 11:36 - 2009-07-14 03:04 - 00000478 _____ () C:\Windows\win.ini
2014-02-22 14:25 - 2013-12-18 17:17 - 00000000 ____D () C:\Users\Honzík\AppData\Local\NFS Underground 2
2014-02-22 12:11 - 2013-12-03 11:11 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-02-22 12:11 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-22 12:09 - 2014-02-22 12:09 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-02-22 12:09 - 2014-02-22 12:09 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-02-21 22:05 - 2014-01-11 02:23 - 00000223 _____ () C:\Users\Honzík\Desktop\Read Me.txt
2014-02-21 11:46 - 2013-12-03 10:45 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-21 11:46 - 2013-12-03 10:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-20 20:31 - 2013-12-02 14:59 - 00000000 ____D () C:\AdwCleaner
2014-02-18 00:58 - 2013-12-03 10:40 - 00001028 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-15 09:38 - 2013-12-20 01:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-15 02:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-13 18:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-02-13 12:11 - 2013-12-03 13:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-13 12:09 - 2013-12-03 13:01 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\th-TH
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\he-IL
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\et-EE
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-02-13 12:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-02-11 19:21 - 2014-01-25 22:23 - 00065536 _____ () C:\Users\Honzík\Desktop\Report.txt
2014-02-11 19:08 - 2014-02-11 19:08 - 00001096 _____ () C:\Users\Honzík\Desktop\EVEREST Ultimate Edition.lnk
2014-02-11 19:08 - 2014-01-25 21:43 - 00000000 ____D () C:\Program Files\Lavalys
2014-02-09 13:03 - 2013-12-28 18:06 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-09 13:03 - 2013-12-03 10:52 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-09 13:03 - 2013-12-03 10:52 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-09 13:03 - 2013-12-03 10:52 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-09 13:03 - 2013-12-03 10:52 - 00002047 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-09 13:03 - 2013-12-03 10:51 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-09 13:03 - 2013-12-03 10:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-08 09:47 - 2013-12-03 09:38 - 00000000 ____D () C:\Users\Honzík
2014-02-08 09:46 - 2014-01-25 22:08 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\KYE ImperatorPro
2014-02-08 09:46 - 2013-12-21 17:20 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\Winamp
2014-02-08 09:46 - 2013-12-03 20:20 - 00000000 ____D () C:\Users\Honzík\AppData\Local\bluesoleil
2014-02-08 09:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-02-08 09:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-02-08 09:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-02-06 11:38 - 2014-02-13 12:11 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 11:20 - 2014-02-13 12:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 11:19 - 2014-02-13 12:11 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 11:01 - 2014-02-13 12:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 11:00 - 2014-02-13 12:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 12:11 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 10:52 - 2014-02-13 12:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 12:11 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 10:49 - 2014-02-13 12:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 10:47 - 2014-02-13 12:11 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 10:47 - 2014-02-13 12:11 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 10:46 - 2014-02-13 12:11 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 10:34 - 2014-02-13 12:11 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 10:25 - 2014-02-13 12:11 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 10:25 - 2014-02-13 12:11 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 10:13 - 2014-02-13 12:11 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 12:11 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 12:11 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 09:41 - 2014-02-13 12:11 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 09:36 - 2014-02-13 12:11 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:34 - 2014-02-13 12:11 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-04 20:07 - 2014-02-04 20:05 - 00000000 ____D () C:\Users\Honzík\AppData\Local\Darksiders2
2014-02-04 20:05 - 2013-12-07 22:04 - 00000000 ____D () C:\Users\Honzík\Documents\My Games
2014-02-04 20:05 - 2013-12-04 13:29 - 00000000 ____D () C:\Users\Honzík\AppData\Local\SKIDROW
2014-02-04 18:03 - 2014-02-04 18:03 - 00001019 _____ () C:\Users\Public\Desktop\DarkSiders II.lnk
2014-02-04 18:03 - 2014-02-04 17:34 - 00000000 ____D () C:\Program Files\DarkSiders II
2014-02-04 18:03 - 2014-01-17 14:59 - 00000000 ____D () C:\Windows\system32\directx

Files to move or delete:
====================
C:\Users\Honzík\AppData\Local\Temp\csrss.exe


Some content of TEMP:
====================
C:\Users\Honzík\AppData\Local\Temp\csrss.exe
C:\Users\Honzík\AppData\Local\Temp\msvcp100.dll
C:\Users\Honzík\AppData\Local\Temp\msvcr100.dll
C:\Users\Honzík\AppData\Local\Temp\nss3.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-01 15:21

==================== End Of Log ============================

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start
C:\Users\Honzík\AppData\Local\Temp\csrss.exe
HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\...\Run: [177a02611c727b8921a5249258c8bfa0] - C:\Users\Honzík\AppData\Local\Temp\csrss.exe [546816 2014-03-01] (aZmqvkYVG6il) <===== ATTENTION
HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\...\MountPoints2: {655d1c2d-5c3d-11e3-bc89-50e549c152e8} - L:\Setup.exe
C:\Program Files\RelevantKnowledge
C:\Users\Honzík\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

tady to je
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-03-2014
Ran by Honzík at 2014-03-06 21:01:02 Run:3
Running from C:\Users\Honzík\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CUsersHonzíkAppDataLocalTempcsrss.exe
HKUS-1-5-21-1434225337-3457470663-2483908841-1000...Run [177a02611c727b8921a5249258c8bfa0] - CUsersHonzíkAppDataLocalTempcsrss.exe [546816 2014-03-01] (aZmqvkYVG6il) ===== ATTENTION
HKUS-1-5-21-1434225337-3457470663-2483908841-1000...MountPoints2 {655d1c2d-5c3d-11e3-bc89-50e549c152e8} - LSetup.exe
CProgram FilesRelevantKnowledge
CUsersHonzíkAppDataLocalTemp
End
*****************


==== End of Fixlog ====

RSIT nemazal. Dejte log Combofix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

tady to je
ComboFix 14-03-05.01 - Honzík 06.03.2014 21:27:52.1.4 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3326.1477 [GMT 1:00]
Spuštěný z: c:\users\Honzík\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\RelevantKnowledge
c:\program files\RelevantKnowledge\rlservice.exe
c:\program files\RelevantKnowledge\rlvknlg.exe
c:\users\Honzík\AppData\Local\MSGBOX.EXE
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\pt
c:\windows\system32\pt\AuthFWSnapIn.Resources.dll
c:\windows\system32\pt\AuthFWWizFwk.Resources.dll
c:\windows\system32\pt\Narrator.resources.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-06 do 2014-03-06 )))))))))))))))))))))))))))))))
.
.
2014-03-06 20:37 . 2014-03-06 20:42 -------- d-----w- c:\users\Honzík\AppData\Local\temp
2014-03-05 18:03 . 2014-03-05 18:28 -------- d-----w- c:\program files\MKV Player
2014-03-04 08:25 . 2014-02-06 07:08 7947048 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{20784C4A-9328-4E51-AA25-0DF19262E855}\mpengine.dll
2014-03-03 16:03 . 2014-03-03 16:11 -------- d-----w- c:\program files\Metro Last Light Read
2014-03-02 22:15 . 2014-03-02 22:15 -------- d-----w- c:\users\Honzík\AppData\Local\4A Games
2014-03-02 22:14 . 2014-03-02 22:14 -------- d-----w- c:\programdata\RELOADED
2014-02-28 00:14 . 2014-03-06 20:01 -------- d-----w- C:\FRST
2014-02-27 16:11 . 2014-02-27 16:11 -------- d-----w- c:\users\Honzík\AppData\Roaming\TeamViewer
2014-02-27 16:11 . 2014-02-27 16:11 -------- d-----w- c:\program files\TeamViewer
2014-02-26 12:56 . 2014-03-03 10:21 -------- d-----w- c:\users\Honzík\AppData\Local\Spotify
2014-02-26 12:56 . 2014-03-05 14:49 -------- d-----w- c:\users\Honzík\AppData\Roaming\Spotify
2014-02-24 18:06 . 2014-02-24 18:07 -------- d-----w- C:\Hack
2014-02-24 10:35 . 2014-02-24 10:35 -------- d-----w- c:\users\Honzík\AppData\Local\BridgeProject
2014-02-24 10:35 . 2014-02-24 10:35 -------- d-----w- c:\programdata\Steam
2014-02-24 10:32 . 2014-02-24 10:35 -------- d-----w- c:\program files\Bridge Project
2014-02-22 11:09 . 2014-02-22 11:09 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-02-13 11:08 . 2013-12-21 08:56 454656 ----a-w- c:\windows\system32\vbscript.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-21 10:46 . 2013-12-03 09:45 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-21 10:46 . 2013-12-03 09:45 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-09 12:03 . 2013-12-28 17:06 64168 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-02-09 12:03 . 2013-12-03 09:52 410784 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-02-09 12:03 . 2013-12-03 09:52 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-02-09 12:03 . 2013-12-03 09:52 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-02-09 12:03 . 2013-12-03 09:51 43152 ----a-w- c:\windows\avastSS.scr
2014-02-09 12:03 . 2013-12-03 09:51 270240 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-25 11:53 . 2014-01-25 11:53 1208831 ----a-w- c:\windows\unins000.exe
2013-12-28 17:06 . 2013-12-03 11:28 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-18 20:10 . 2014-01-21 15:03 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-18 05:13 . 2013-12-03 09:20 231584 ------w- c:\windows\system32\MpSigStub.exe
2013-12-07 21:41 . 2013-12-07 21:41 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-02-09 12:03 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Spotify Web Helper"="c:\users\Honzík\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-02-26 1171968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-08-09 10807912]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-12 343168]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-02-09 3767096]
"Gila"="c:\program files\Genius\Gila\mousehid.exe" [2013-01-16 307712]
"BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2009-11-17 315478]
"Imperator pro"="c:\program files\Genius\Imperator Pro\IMProhid.exe" [2012-02-24 287232]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-12-03 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-03-12 12:49 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-09 17:53 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
2014-02-26 12:56 6118400 ----a-w- c:\users\Honzík\AppData\Roaming\Spotify\spotify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2014-02-26 12:56 1171968 ----a-w- c:\users\Honzík\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2008-04-01 18:49 36352 ----a-w- c:\program files\Winamp\winampa.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 AODDriver;AODDriver;c:\program files\GIGABYTE\ET6\i386\AODDriver.sys [2010-03-12 36864]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 GVTDrv;GVTDrv;c:\windows\system32\Drivers\GVTDrv.sys [2013-12-05 24944]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-02-06 108032]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-12-03 1343400]
R4 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [2014-01-29 4915040]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-09-24 19592]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2013-12-03 691696]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 18544]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-02-09 775952]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-02-09 410784]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2013-11-13 39624]
S1 VirtDiskBus;3TB+ Unlock;c:\windows\system32\DRIVERS\VirtDiskBus.sys [2011-02-08 57456]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-12 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-10-12 291840]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2011-06-24 39424]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-02-09 67824]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-02-09 64168]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-09-24 22528]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-08-26 25480]
S3 KYEKBPRO;IMPERATOR PRO Gaming Keyboard;c:\windows\system32\Drivers\KYEKBPRO.sys [2011-10-14 18944]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2011-08-11 88176]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-04 08:41 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-03 10:46]
.
2014-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-12-29 08:22]
.
2014-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-12-29 08:22]
.
2014-03-06 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 11:45]
.
2014-01-11 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 11:45]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Honzík\AppData\Roaming\Mozilla\Firefox\Profiles\qo91550y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{d08d9f98-1c78-4704-87e6-368b0023d831} - c:\program files\RelevantKnowledge\rlvknlg.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1434225337-3457470663-2483908841-1000\Control Panel\Desktop*]
@Allowed: (Read) (RestrictedCode)
"WheelScrollLines"="3"
DUMPHIVE0.003 (REGF)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3844)
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2014-03-06 21:50:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-03-06 20:50
.
Před spuštěním: Volných bajtů: 51 474 030 592
Po spuštění: Volných bajtů: 50 761 986 048
.
- - End Of File - - 2432DCF6E225024593C39693AA10844A
A36C5E4F47E84449FF07ED3517B43A31

Něco CF smazal. Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Regnull::
[HKEY_USERS\S-1-5-21-1434225337-3457470663-2483908841-1000\Control Panel\Desktop*]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

tady je log

ComboFix 14-03-05.01 - Honzík 06.03.2014 23:02:58.2.4 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3326.2163 [GMT 1:00]
Spuštěný z: c:\users\HonzÝk\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\HonzÝk\Desktop\CFScript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-06 do 2014-03-06 )))))))))))))))))))))))))))))))
.
.
2014-03-06 22:11 . 2014-03-06 22:11 -------- d-----w- c:\users\Honzík\AppData\Local\temp
2014-03-06 22:11 . 2014-03-06 22:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-06 20:35 . 2014-03-06 21:58 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{20784C4A-9328-4E51-AA25-0DF19262E855}\offreg.dll
2014-03-05 18:03 . 2014-03-05 18:28 -------- d-----w- c:\program files\MKV Player
2014-03-04 08:25 . 2014-02-06 07:08 7947048 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{20784C4A-9328-4E51-AA25-0DF19262E855}\mpengine.dll
2014-03-03 16:03 . 2014-03-03 16:11 -------- d-----w- c:\program files\Metro Last Light Read
2014-03-02 22:15 . 2014-03-02 22:15 -------- d-----w- c:\users\Honzík\AppData\Local\4A Games
2014-03-02 22:14 . 2014-03-02 22:14 -------- d-----w- c:\programdata\RELOADED
2014-02-28 00:14 . 2014-03-06 20:01 -------- d-----w- C:\FRST
2014-02-27 16:11 . 2014-02-27 16:11 -------- d-----w- c:\users\Honzík\AppData\Roaming\TeamViewer
2014-02-27 16:11 . 2014-02-27 16:11 -------- d-----w- c:\program files\TeamViewer
2014-02-26 12:56 . 2014-03-03 10:21 -------- d-----w- c:\users\Honzík\AppData\Local\Spotify
2014-02-26 12:56 . 2014-03-05 14:49 -------- d-----w- c:\users\Honzík\AppData\Roaming\Spotify
2014-02-24 18:06 . 2014-02-24 18:07 -------- d-----w- C:\Hack
2014-02-24 10:35 . 2014-02-24 10:35 -------- d-----w- c:\users\Honzík\AppData\Local\BridgeProject
2014-02-24 10:35 . 2014-02-24 10:35 -------- d-----w- c:\programdata\Steam
2014-02-24 10:32 . 2014-02-24 10:35 -------- d-----w- c:\program files\Bridge Project
2014-02-22 11:09 . 2014-02-22 11:09 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-02-13 11:08 . 2013-12-21 08:56 454656 ----a-w- c:\windows\system32\vbscript.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-21 10:46 . 2013-12-03 09:45 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-21 10:46 . 2013-12-03 09:45 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-09 12:03 . 2013-12-28 17:06 64168 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-02-09 12:03 . 2013-12-03 09:52 410784 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-02-09 12:03 . 2013-12-03 09:52 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-02-09 12:03 . 2013-12-03 09:52 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-02-09 12:03 . 2013-12-03 09:51 43152 ----a-w- c:\windows\avastSS.scr
2014-02-09 12:03 . 2013-12-03 09:51 270240 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-25 11:53 . 2014-01-25 11:53 1208831 ----a-w- c:\windows\unins000.exe
2013-12-28 17:06 . 2013-12-03 11:28 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-18 20:10 . 2014-01-21 15:03 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-18 05:13 . 2013-12-03 09:20 231584 ------w- c:\windows\system32\MpSigStub.exe
2013-12-07 21:41 . 2013-12-07 21:41 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-02-09 12:03 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Spotify Web Helper"="c:\users\Honzík\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-02-26 1171968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-08-09 10807912]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-12 343168]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-02-09 3767096]
"Gila"="c:\program files\Genius\Gila\mousehid.exe" [2013-01-16 307712]
"BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2009-11-17 315478]
"Imperator pro"="c:\program files\Genius\Imperator Pro\IMProhid.exe" [2012-02-24 287232]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-12-03 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-03-12 12:49 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-09 17:53 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
2014-02-26 12:56 6118400 ----a-w- c:\users\Honzík\AppData\Roaming\Spotify\spotify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2014-02-26 12:56 1171968 ----a-w- c:\users\Honzík\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2008-04-01 18:49 36352 ----a-w- c:\program files\Winamp\winampa.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 AODDriver;AODDriver;c:\program files\GIGABYTE\ET6\i386\AODDriver.sys [2010-03-12 36864]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-02-09 64168]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 GVTDrv;GVTDrv;c:\windows\system32\Drivers\GVTDrv.sys [2013-12-05 24944]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-02-06 108032]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-12-03 1343400]
R4 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [2014-01-29 4915040]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-09-24 19592]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2013-12-03 691696]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 18544]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-02-09 775952]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-02-09 410784]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2013-11-13 39624]
S1 VirtDiskBus;3TB+ Unlock;c:\windows\system32\DRIVERS\VirtDiskBus.sys [2011-02-08 57456]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-12 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-10-12 291840]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2011-06-24 39424]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-02-09 67824]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-09-24 22528]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-08-26 25480]
S3 KYEKBPRO;IMPERATOR PRO Gaming Keyboard;c:\windows\system32\Drivers\KYEKBPRO.sys [2011-10-14 18944]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2011-08-11 88176]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-04 08:41 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-03 10:46]
.
2014-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-12-29 08:22]
.
2014-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-12-29 08:22]
.
2014-03-06 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 11:45]
.
2014-01-11 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 11:45]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Honzík\AppData\Roaming\Mozilla\Firefox\Profiles\qo91550y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1434225337-3457470663-2483908841-1000\Control Panel\Desktop*]
@Allowed: (Read) (RestrictedCode)
"WheelScrollLines"="3"
DUMPHIVE0.003 (REGF)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-03-06 23:13:09
ComboFix-quarantined-files.txt 2014-03-06 22:13
ComboFix2.txt 2014-03-06 20:50
.
Před spuštěním: Volných bajtů: 50 841 952 256
Po spuštění: Volných bajtů: 50 785 124 352
.
- - End Of File - - 6D289953C5C2537535E51E7ECC4A0F23
A36C5E4F47E84449FF07ED3517B43A31

Log je již OK. CF odinstalujte pomocí T-Cleaneru: http://vyosek.tym.cz/pro_usery/T-Cleaner.exe .

ok dekuji. A chcu se zeptat nejaky program nebo tak neco co by me upozornilo ze v mem pc nejaky hacker je nebo ze se nekdo sem snazi nabourat? Bo vcera mi jen vyskocilo okenko s chatem a mys zacla sama jezdit po plose a nic mne nevarovalo

To vám odhalí pouze personální firewall: http://forum.viry.cz/viewforum.php?f=41. Připravte se ale na to, že budete muset povolovat (nebo naopak zakazovat) každou komunikaci a vytvářet pravidlo pro fw.

aha dekuji no ja mam firewall ten klasicky Brana windous firewall. A ten ani nejak neupozornil proste nic. A na jednou se mi v pc nekdo hrabal.

Ten vám nic neoznámí. Proto říkám "personální".

dobre dekuji.

Rádo se stalo!