VIRY.CZ

prosim o preventivni kontrolu, chrome mi nejak zlobi, diky

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2014
Ran by Petr (administrator) on PETR-PC on 11-03-2014 11:34:56
Running from C:\Users\Petr\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
() C:\Windows\system32\PnkBstrA.exe
() C:\Program Files\rnamfler\naofsvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1681408 2009-09-21] (VIA)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [Mobile Partner] - C:\Program Files\Hi Suite\Hi Suite.exe [518656 2013-04-14] ()
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [747264 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [HydraVisionDesktopManager] - C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-10-16] (AMD)
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [ManicTime] - C:\Program Files\ManicTime\ManicTime.exe [250120 2013-04-10] (Finkit d.o.o.)
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [Advanced SystemCare 7] - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2285344 2013-12-09] (IObit)
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-1941282194-1708415242-375424287-1019\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204
FF user.js: detected! => C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @winzip.com/Winzip Courier - C:\Program Files\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll (vShare.tv )
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\ascsurfingprotection@iobit.com [2014-01-01]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-02-17]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-02-17]
FF Extension: Adblock Plus - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-12]
FF HKLM\...\Firefox\Extensions: [{74c841e3-b59f-479e-8d7a-e26a942a87c8}] - C:\Program Files\WinZip Courier\FFExt
FF Extension: WinZip Courier - C:\Program Files\WinZip Courier\FFExt [2011-11-25]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2012-12-30]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Bejeweled) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2014-01-22]
CHR Extension: (Angry Birds) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-01-22]
CHR Extension: (TV) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-01-22]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-22]
CHR Extension: (McAfee Security Scan+) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-21]
CHR Extension: (Adblock Plus) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-21]
CHR Extension: (VyhledÄ‚Äââ�CHR Extension: (WinZip Courier) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilckobikkmajlmhhdenkhonjkoaneclk [2012-08-27]
CHR Extension: (vshare plugin) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj [2012-08-27]
CHR Extension: (Plants vs Zombies) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2014-01-22]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-22]
CHR Extension: (PenĂ„Äââ�========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2013-12-06] (Advanced Micro Devices, Inc.)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1678672 2014-02-26] (LogMeIn Inc.)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-02-26] (LogMeIn, Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [104880 2014-01-22] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2011-09-29] ()
R2 RdnaoFlSvc; C:\Program Files\rnamfler\naofsvc.exe [55296 2006-02-06] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1514304 2011-12-08] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\fxxandroidusb.sys [25728 2011-03-22] (Google Inc)
R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50432 2013-09-19] (Advanced Micro Devices)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50432 2013-09-19] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [232512 2011-09-26] (DT Soft Ltd)
S3 FreshIO; C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [2410 2004-10-26] ()
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
S3 qcusbser; C:\Windows\System32\DRIVERS\FXX\qcusbser.sys [103424 2011-03-22] (QUALCOMM Incorporated)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1086976 2009-09-17] (VIA Technologies, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-11 11:34 - 2014-03-11 11:41 - 04812001 _____ () C:\Users\Petr\Desktop\FRST.txt
2014-03-11 11:34 - 2014-03-11 11:34 - 00000000 ____D () C:\FRST
2014-03-11 11:32 - 2014-03-11 11:32 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2014-03-11 11:31 - 2014-03-11 11:31 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Downloads\Nepotvrzeno 565636.crdownload
2014-03-11 11:30 - 2014-03-11 11:30 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Downloads\Nepotvrzeno 297226.crdownload
2014-03-11 11:29 - 2014-03-11 11:30 - 01145856 _____ (Farbar) C:\Users\Petr\Desktop\FRST.exe
2014-03-11 11:18 - 2014-03-11 11:40 - 00000672 _____ () C:\Windows\setupact.log
2014-03-11 11:18 - 2014-03-11 11:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-07 21:19 - 2014-03-11 11:25 - 4029889286 _____ () C:\Users\Petr\Desktop\Mononoke.hime.1997.HDTV.720p.x264.cz.mkv
2014-03-05 21:32 - 2014-03-05 22:49 - 00000000 ____D () C:\Users\Petr\Desktop\Foo Fighters
2014-03-05 21:31 - 2014-03-05 21:43 - 00000000 ____D () C:\Users\Petr\Desktop\Bon Jovi - Collection of the Best Hits Bon Jovi (4CD) 2011 H.M.C. [FLAC
2014-03-05 11:36 - 2014-03-05 11:36 - 00041891 _____ () C:\Users\Petr\Downloads\house.of.cards.2013.s02e01.720p.webrip.x264-2hd (+720p).srt
2014-03-05 11:35 - 2014-03-05 11:35 - 00043007 _____ () C:\Users\Petr\Downloads\House.Of.Cards.2013.S02E01.720p.WEB-DL.x264-Sohu CZ.srt
2014-03-04 11:22 - 2014-03-04 11:22 - 00000000 ___RD () C:\Program Files\Skype
2014-03-04 11:22 - 2014-03-04 11:22 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-27 13:21 - 2014-02-27 13:21 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-02-17 23:34 - 2014-02-17 23:35 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\FreeVideoConverter
2014-02-17 23:34 - 2014-02-17 23:34 - 00001161 _____ () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Video Converter.lnk
2014-02-17 23:34 - 2014-02-17 23:34 - 00001099 _____ () C:\Users\Petr\Desktop\Free Video Converter.lnk
2014-02-17 23:33 - 2014-02-17 23:34 - 00000000 ____D () C:\Program Files\Free Video Converter
2014-02-17 23:32 - 2014-02-17 23:33 - 01128384 _____ (Koyote-Lab Inc) C:\Users\Petr\Downloads\FreeVideoConverterSetup-r0-n-bf.exe
2014-02-17 20:30 - 2014-02-17 20:30 - 00065862 _____ () C:\Users\Petr\Downloads\house.of.cards.201.rar
2014-02-17 20:28 - 2014-02-17 20:28 - 00061038 _____ () C:\Users\Petr\Downloads\house.of.cards.202.rar
2014-02-17 14:27 - 2014-02-17 14:27 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-16 15:52 - 2014-02-16 15:53 - 00000000 ____D () C:\Windows\rescache
2014-02-15 23:10 - 2014-02-15 23:10 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Angry Birds Breakfast 1
2014-02-15 23:10 - 2014-02-15 23:10 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\com.rovio.AngryBirdsBreakfast1
2014-02-15 23:10 - 2014-02-15 23:10 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Angry Birds Breakfast 1
2014-02-15 20:36 - 2014-02-15 20:36 - 00021697 _____ () C:\Users\Petr\Downloads\Phantasm-IV-Oblivion(0000059426).srt
2014-02-15 20:33 - 2014-02-15 20:33 - 00023973 _____ () C:\Users\Petr\Downloads\Phantasm-II(0000039182).srt
2014-02-15 20:31 - 2014-02-15 20:31 - 00024192 _____ () C:\Users\Petr\Downloads\Phantasm(0000039181).srt
2014-02-15 20:12 - 2014-02-15 20:13 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-14 09:15 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-14 09:15 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 09:15 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-14 09:14 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-14 09:14 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-14 09:14 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-14 09:14 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 09:14 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-14 09:14 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 09:14 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-14 09:14 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-14 09:14 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 09:14 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 09:14 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-11 11:41 - 2014-03-11 11:34 - 04812001 _____ () C:\Users\Petr\Desktop\FRST.txt
2014-03-11 11:40 - 2014-03-11 11:18 - 00000672 _____ () C:\Windows\setupact.log
2014-03-11 11:36 - 2011-09-27 19:42 - 00000000 ____D () C:\Users\Petr\Documents\Soubory aplikace Outlook
2014-03-11 11:34 - 2014-03-11 11:34 - 00000000 ____D () C:\FRST
2014-03-11 11:32 - 2014-03-11 11:32 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2014-03-11 11:31 - 2014-03-11 11:31 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Downloads\Nepotvrzeno 565636.crdownload
2014-03-11 11:30 - 2014-03-11 11:30 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Downloads\Nepotvrzeno 297226.crdownload
2014-03-11 11:30 - 2014-03-11 11:29 - 01145856 _____ (Farbar) C:\Users\Petr\Desktop\FRST.exe
2014-03-11 11:25 - 2014-03-07 21:19 - 4029889286 _____ () C:\Users\Petr\Desktop\Mononoke.hime.1997.HDTV.720p.x264.cz.mkv
2014-03-11 11:25 - 2011-09-26 22:15 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\uTorrent
2014-03-11 11:21 - 2012-08-27 05:57 - 00006578 _____ () C:\Windows\system32\PerfStringBackup.TMP
2014-03-11 11:18 - 2014-03-11 11:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-11 10:55 - 2012-09-20 19:16 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-11 10:48 - 2011-09-26 22:02 - 01185026 ____N () C:\Windows\WindowsUpdate.log
2014-03-11 10:45 - 2013-01-03 19:09 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-11 10:43 - 2009-07-14 05:34 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-11 10:43 - 2009-07-14 05:34 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-11 10:32 - 2013-02-14 07:25 - 00000000 ____D () C:\Users\Petr\AppData\Local\LogMeIn Hamachi
2014-03-11 10:28 - 2012-09-20 19:16 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-11 10:27 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-10 22:37 - 2012-04-04 12:24 - 00000000 ____D () C:\Trefik10
2014-03-10 22:36 - 2014-01-01 22:01 - 00002151 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-03-10 22:36 - 2011-09-26 22:44 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Media Player Classic
2014-03-10 21:46 - 2014-01-01 22:23 - 62734336 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-03-10 21:46 - 2014-01-01 22:23 - 00233472 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-03-10 21:46 - 2014-01-01 22:23 - 00135168 _____ () C:\Windows\system32\config\SAM.iobit
2014-03-10 21:46 - 2014-01-01 22:23 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-03-10 21:46 - 2011-09-26 22:00 - 00000000 ____D () C:\Users\Petr
2014-03-10 13:43 - 2013-02-23 13:46 - 00000000 ____D () C:\Users\Michal\AppData\Local\LogMeIn Hamachi
2014-03-08 12:11 - 2013-09-04 20:18 - 00000000 ____D () C:\Users\Petr\AppData\Local\PMB Files
2014-03-06 19:19 - 2013-09-04 20:17 - 00000000 ____D () C:\ProgramData\PMB Files
2014-03-05 22:49 - 2014-03-05 21:32 - 00000000 ____D () C:\Users\Petr\Desktop\Foo Fighters
2014-03-05 21:43 - 2014-03-05 21:31 - 00000000 ____D () C:\Users\Petr\Desktop\Bon Jovi - Collection of the Best Hits Bon Jovi (4CD) 2011 H.M.C. [FLAC
2014-03-05 11:36 - 2014-03-05 11:36 - 00041891 _____ () C:\Users\Petr\Downloads\house.of.cards.2013.s02e01.720p.webrip.x264-2hd (+720p).srt
2014-03-05 11:35 - 2014-03-05 11:35 - 00043007 _____ () C:\Users\Petr\Downloads\House.Of.Cards.2013.S02E01.720p.WEB-DL.x264-Sohu CZ.srt
2014-03-04 11:26 - 2012-06-12 12:58 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Skype
2014-03-04 11:22 - 2014-03-04 11:22 - 00000000 ___RD () C:\Program Files\Skype
2014-03-04 11:22 - 2014-03-04 11:22 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-04 11:22 - 2012-06-12 12:58 - 00002719 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-04 11:22 - 2012-06-12 12:58 - 00000000 ____D () C:\ProgramData\Skype
2014-03-04 11:07 - 2013-09-01 08:07 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-27 13:21 - 2014-02-27 13:21 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-02-27 13:21 - 2013-11-14 17:46 - 00000896 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-02-26 19:11 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-26 16:25 - 2013-06-01 09:29 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\.minecraft
2014-02-21 21:46 - 2012-03-31 07:57 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-21 21:46 - 2011-09-29 08:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-19 15:10 - 2014-01-07 05:13 - 00135168 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-02-19 15:10 - 2014-01-07 05:13 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-02-19 15:10 - 2014-01-07 05:12 - 60096512 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-02-19 15:10 - 2014-01-07 05:12 - 00233472 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-02-18 21:05 - 2011-09-27 17:31 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Winamp
2014-02-17 23:35 - 2014-02-17 23:34 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\FreeVideoConverter
2014-02-17 23:34 - 2014-02-17 23:34 - 00001161 _____ () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Video Converter.lnk
2014-02-17 23:34 - 2014-02-17 23:34 - 00001099 _____ () C:\Users\Petr\Desktop\Free Video Converter.lnk
2014-02-17 23:34 - 2014-02-17 23:33 - 00000000 ____D () C:\Program Files\Free Video Converter
2014-02-17 23:33 - 2014-02-17 23:32 - 01128384 _____ (Koyote-Lab Inc) C:\Users\Petr\Downloads\FreeVideoConverterSetup-r0-n-bf.exe
2014-02-17 20:30 - 2014-02-17 20:30 - 00065862 _____ () C:\Users\Petr\Downloads\house.of.cards.201.rar
2014-02-17 20:28 - 2014-02-17 20:28 - 00061038 _____ () C:\Users\Petr\Downloads\house.of.cards.202.rar
2014-02-17 14:27 - 2014-02-17 14:27 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-17 14:27 - 2013-11-18 07:16 - 00002012 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-16 15:53 - 2014-02-16 15:52 - 00000000 ____D () C:\Windows\rescache
2014-02-16 08:03 - 2013-02-23 12:17 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-15 23:10 - 2014-02-15 23:10 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Angry Birds Breakfast 1
2014-02-15 23:10 - 2014-02-15 23:10 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\com.rovio.AngryBirdsBreakfast1
2014-02-15 23:10 - 2014-02-15 23:10 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Angry Birds Breakfast 1
2014-02-15 21:45 - 2013-11-30 23:22 - 00000759 _____ () C:\Users\Petr\Desktop\AC4BFSP – zástupce.lnk
2014-02-15 20:36 - 2014-02-15 20:36 - 00021697 _____ () C:\Users\Petr\Downloads\Phantasm-IV-Oblivion(0000059426).srt
2014-02-15 20:33 - 2014-02-15 20:33 - 00023973 _____ () C:\Users\Petr\Downloads\Phantasm-II(0000039182).srt
2014-02-15 20:31 - 2014-02-15 20:31 - 00024192 _____ () C:\Users\Petr\Downloads\Phantasm(0000039181).srt
2014-02-15 20:13 - 2014-02-15 20:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-14 11:41 - 2011-09-27 16:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-14 11:39 - 2013-08-14 14:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 11:37 - 2011-09-27 08:31 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-14 11:33 - 2009-07-14 03:04 - 00000478 _____ () C:\Windows\win.ini
2014-02-09 18:58 - 2009-07-14 05:53 - 00032612 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Some content of TEMP:
====================
C:\Users\Michal\AppData\Local\temp\i4jdel0.exe
C:\Users\Michal\AppData\Local\temp\i4jdel1.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Petr\Desktop" je 14853 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravím, přes Odebrat programy odinstaluj Advanced SystemCare


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po té proběhne sken a po jeho skončení klikni na Report a to co na Tebe vypadne mi sem zkopíruj.


Ovladače grafiky máš aktuální ?

Tak se ještě podíváme pro jistotu hlouběji.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

ComboFix 14-03-16.01 - Petr 18.03.2014 21:12:38.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3583.2473 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\iun6002.exe
c:\windows\system32\drivers\etc\hosts.ics
I:\Autorun.inf
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_RdnaoFlSvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-18 do 2014-03-18 )))))))))))))))))))))))))))))))
.
.
2014-03-18 20:19 . 2014-03-18 20:21 -------- d-----w- c:\users\Petr\AppData\Local\temp
2014-03-18 20:19 . 2014-03-18 20:19 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-03-18 20:19 . 2014-03-18 20:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-18 20:09 . 2014-03-18 20:09 39464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5E46D785-1B64-452B-9418-17A84AA79030}\MpKsl8540185d.sys
2014-03-18 13:11 . 2014-03-07 04:35 7969936 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5E46D785-1B64-452B-9418-17A84AA79030}\mpengine.dll
2014-03-16 19:57 . 2014-02-06 07:08 7947048 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-14 12:45 . 2014-02-20 15:54 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B5E88A0F-BF98-4F9D-B33C-7E59EEB28A06}\gapaengine.dll
2014-03-12 23:10 . 2014-03-16 23:04 -------- d-----w- C:\AdwCleaner
2014-03-12 18:20 . 2014-02-04 02:04 509440 ----a-w- c:\windows\system32\qedit.dll
2014-03-12 18:20 . 2014-01-28 02:07 185344 ----a-w- c:\windows\system32\wwansvc.dll
2014-03-12 18:20 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-12 18:20 . 2014-02-07 01:07 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-03-12 18:20 . 2014-01-29 02:06 381440 ----a-w- c:\windows\system32\wer.dll
2014-03-11 10:34 . 2014-03-11 10:34 -------- d-----w- C:\FRST
2014-03-04 10:22 . 2014-03-04 10:22 -------- d-----w- c:\program files\Common Files\Skype
2014-03-04 10:22 . 2014-03-04 10:22 -------- d-----r- c:\program files\Skype
2014-02-27 12:21 . 2014-02-27 12:21 -------- d-----w- c:\program files\LogMeIn Hamachi
2014-02-25 17:39 . 2014-02-25 17:39 -------- d-----w- c:\windows\Migration
2014-02-17 22:34 . 2014-02-17 22:35 -------- d-----w- c:\users\Petr\AppData\Roaming\FreeVideoConverter
2014-02-17 22:33 . 2014-02-17 22:34 -------- d-----w- c:\program files\Free Video Converter
2014-02-17 13:27 . 2014-02-17 13:27 -------- d-----w- c:\program files\McAfee Security Scan
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-16 18:53 . 2012-08-27 04:57 6578 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2014-03-12 18:44 . 2012-03-31 06:57 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-12 18:44 . 2011-09-29 07:22 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-20 15:54 . 2011-10-11 04:32 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-01-19 07:32 . 2011-09-26 21:20 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-01-01 21:44 . 2014-01-01 21:44 301568 ----a-w- c:\windows\system32\msieftp.dll
2014-01-01 21:44 . 2014-01-01 21:44 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-01-01 21:43 . 2014-01-01 21:43 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2014-01-01 21:43 . 2014-01-01 21:43 1796096 ----a-w- c:\windows\system32\authui.dll
2014-01-01 21:43 . 2014-01-01 21:43 168960 ----a-w- c:\windows\system32\credui.dll
2014-01-01 21:43 . 2014-01-01 21:43 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2014-01-01 21:42 . 2014-01-01 21:42 81920 ----a-w- c:\windows\system32\davclnt.dll
2014-01-01 21:42 . 2014-01-01 21:42 205824 ----a-w- c:\windows\system32\WebClnt.dll
2014-01-01 21:42 . 2014-01-01 21:42 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-01-01 21:42 . 2014-01-01 21:42 434688 ----a-w- c:\windows\system32\scavengeui.dll
2014-01-01 21:42 . 2014-01-01 21:42 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-12-24 23:09 . 2014-02-14 08:14 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-01-01 21:01 752448 ----a-w- c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"HydraVisionDesktopManager"="c:\program files\ATI Technologies\HydraVision\HydraDM.exe" [2011-10-16 393216]
"ManicTime"="c:\program files\ManicTime\ManicTime.exe" [2013-04-10 250120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-21 1681408]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"Mobile Partner"="c:\program files\Hi Suite\Hi Suite.exe" [2013-04-14 518656]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" [2013-12-06 747264]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-02-26 3814736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 277920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"WinampAgent"="c:\program files\Winamp\winampa.exe"
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"AMD AVT"=Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\program files\AMD AVT\bin\kdbsync.exe" aml
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2013-09-19 50432]
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\fxxandroidusb.sys [2011-03-22 25728]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-01-16 235696]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
R3 qcusbser;USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\FXX\qcusbser.sys [2011-03-22 103424]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-27 1343400]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-26 232512]
S1 MpKsl8540185d;MpKsl8540185d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5E46D785-1B64-452B-9418-17A84AA79030}\MpKsl8540185d.sys [2014-03-18 39464]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-12-06 209408]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-06 276992]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2013-09-19 50432]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2014-02-26 1678672]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-02-26 375056]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [2014-01-22 104880]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-12-08 1514304]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-09-24 77312]
S3 netr28u;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-07-13 657408]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-09-17 1086976]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 17:55 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 18:44]
.
2014-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-27 18:29]
.
2014-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-27 18:29]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Petr\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138 192.168.1.1
FF - ProfilePath - c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-vShare.tv plugin - c:\program files\vShare.tv plugin\uninst.exe
AddRemove-LOTROen - g:\happycloud\Cache\The Lord of the Rings Online\hcuninstaller.exe
AddRemove-MC Titan Minecraft 1.5 - c:\users\Petr\AppData\Roaming\.minecraft\Uninstal.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4008)
c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\AUDIODG.EXE
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2014-03-18 21:25:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-03-18 20:25
.
Před spuštěním: 774 754 304
Po spuštění: 1 712 177 152
.
- - End Of File - - 1E56C342B84717E3D2335ABFE9BC3D27
A36C5E4F47E84449FF07ED3517B43A31

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

ComboFix 14-03-16.01 - Petr 19.03.2014 21:22:30.4.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3583.2654 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\IObit
c:\program files\IObit\IObit Uninstaller\datastate.dll
c:\program files\IObit\IObit Uninstaller\EULA.rtf
c:\program files\IObit\IObit Uninstaller\help.html
c:\program files\IObit\IObit Uninstaller\Images\batch-uninstall.jpg
c:\program files\IObit\IObit Uninstaller\Images\browser-plug-ins.jpg
c:\program files\IObit\IObit Uninstaller\Images\control-panel-entrance.jpg
c:\program files\IObit\IObit Uninstaller\Images\create-restore-point.jpg
c:\program files\IObit\IObit Uninstaller\Images\file-shred.jpg
c:\program files\IObit\IObit Uninstaller\Images\file-shredder.jpg
c:\program files\IObit\IObit Uninstaller\Images\main-screen.jpg
c:\program files\IObit\IObit Uninstaller\Images\more-settings-button.jpg
c:\program files\IObit\IObit Uninstaller\Images\more-settings.jpg
c:\program files\IObit\IObit Uninstaller\Images\powerful-scan.jpg
c:\program files\IObit\IObit Uninstaller\Images\restore-browser-default.jpg
c:\program files\IObit\IObit Uninstaller\Images\right-click-entrance.jpg
c:\program files\IObit\IObit Uninstaller\Images\search-program.jpg
c:\program files\IObit\IObit Uninstaller\Images\settings.jpg
c:\program files\IObit\IObit Uninstaller\Images\shred-file.jpg
c:\program files\IObit\IObit Uninstaller\Images\uninstall.jpg
c:\program files\IObit\IObit Uninstaller\Images\uninstalling.jpg
c:\program files\IObit\IObit Uninstaller\Images\view-style.jpg
c:\program files\IObit\IObit Uninstaller\Images\vote.jpg
c:\program files\IObit\IObit Uninstaller\IObitUninstaler.exe
c:\program files\IObit\IObit Uninstaller\Language\Arabic.lng
c:\program files\IObit\IObit Uninstaller\Language\Belarusian.lng
c:\program files\IObit\IObit Uninstaller\Language\Czech.lng
c:\program files\IObit\IObit Uninstaller\Language\Danish.lng
c:\program files\IObit\IObit Uninstaller\Language\Dinka.lng
c:\program files\IObit\IObit Uninstaller\Language\Dutch.lng
c:\program files\IObit\IObit Uninstaller\Language\English.lng
c:\program files\IObit\IObit Uninstaller\Language\Finnish.lng
c:\program files\IObit\IObit Uninstaller\Language\French.lng
c:\program files\IObit\IObit Uninstaller\Language\German.lng
c:\program files\IObit\IObit Uninstaller\Language\Greek.lng
c:\program files\IObit\IObit Uninstaller\Language\Hungarian.lng
c:\program files\IObit\IObit Uninstaller\Language\ChineseSimp.lng
c:\program files\IObit\IObit Uninstaller\Language\ChineseTrad.lng
c:\program files\IObit\IObit Uninstaller\Language\Indonesian.lng
c:\program files\IObit\IObit Uninstaller\Language\Italian.lng
c:\program files\IObit\IObit Uninstaller\Language\Japanese.lng
c:\program files\IObit\IObit Uninstaller\Language\Korean.lng
c:\program files\IObit\IObit Uninstaller\Language\Malayalam.lng
c:\program files\IObit\IObit Uninstaller\Language\Nuer.lng
c:\program files\IObit\IObit Uninstaller\Language\Polish.lng
c:\program files\IObit\IObit Uninstaller\Language\Portuguese(PT-BR).lng
c:\program files\IObit\IObit Uninstaller\Language\Portuguese(PT-PT).lng
c:\program files\IObit\IObit Uninstaller\Language\Romanian.lng
c:\program files\IObit\IObit Uninstaller\Language\Russian.lng
c:\program files\IObit\IObit Uninstaller\Language\Serbian(Cyrillic).lng
c:\program files\IObit\IObit Uninstaller\Language\Serbian(Latin).lng
c:\program files\IObit\IObit Uninstaller\Language\Slovenian.lng
c:\program files\IObit\IObit Uninstaller\Language\Spanish.lng
c:\program files\IObit\IObit Uninstaller\Language\Swedish.lng
c:\program files\IObit\IObit Uninstaller\Language\Thai.lng
c:\program files\IObit\IObit Uninstaller\Language\Turkish.lng
c:\program files\IObit\IObit Uninstaller\Language\Ukrainian.lng
c:\program files\IObit\IObit Uninstaller\Language\Vietnamese.lng
c:\program files\IObit\IObit Uninstaller\LatestNews\LatestNews.ini
c:\program files\IObit\IObit Uninstaller\madbasic_.bpl
c:\program files\IObit\IObit Uninstaller\maddisAsm_.bpl
c:\program files\IObit\IObit Uninstaller\madexcept_.bpl
c:\program files\IObit\IObit Uninstaller\pr.dat
c:\program files\IObit\IObit Uninstaller\ProductStatistics.dll
c:\program files\IObit\IObit Uninstaller\rtl120.bpl
c:\program files\IObit\IObit Uninstaller\sqlite3.dll
c:\program files\IObit\IObit Uninstaller\UninstallDisplay.exe
c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
c:\program files\IObit\IObit Uninstaller\UninstallMenuRight32.dll
c:\program files\IObit\IObit Uninstaller\UninstallPromote.exe
c:\program files\IObit\IObit Uninstaller\UninstallRote.dbd
c:\program files\IObit\IObit Uninstaller\vcl120.bpl
c:\program files\IObit\IObit Uninstaller\vclx120.bpl
c:\program files\IObit\LiveUpdate\Language\Arabic.lng
c:\program files\IObit\LiveUpdate\Language\Belarusian.lng
c:\program files\IObit\LiveUpdate\Language\Czech.lng
c:\program files\IObit\LiveUpdate\Language\Danish.lng
c:\program files\IObit\LiveUpdate\Language\Dinka.lng
c:\program files\IObit\LiveUpdate\Language\Dutch.lng
c:\program files\IObit\LiveUpdate\Language\English.lng
c:\program files\IObit\LiveUpdate\Language\Finnish.lng
c:\program files\IObit\LiveUpdate\Language\French.lng
c:\program files\IObit\LiveUpdate\Language\German.lng
c:\program files\IObit\LiveUpdate\Language\Hungarian.lng
c:\program files\IObit\LiveUpdate\Language\ChineseSimp.lng
c:\program files\IObit\LiveUpdate\Language\ChineseTrad.lng
c:\program files\IObit\LiveUpdate\Language\Indonesia.lng
c:\program files\IObit\LiveUpdate\Language\Italian.lng
c:\program files\IObit\LiveUpdate\Language\Japanese.lng
c:\program files\IObit\LiveUpdate\Language\Korean.lng
c:\program files\IObit\LiveUpdate\Language\Latvian.lng
c:\program files\IObit\LiveUpdate\Language\Malayalam.lng
c:\program files\IObit\LiveUpdate\Language\Polish.lng
c:\program files\IObit\LiveUpdate\Language\Portuguese(PT-BR).lng
c:\program files\IObit\LiveUpdate\Language\Portuguese(PT-PT).lng
c:\program files\IObit\LiveUpdate\Language\Romanian.lng
c:\program files\IObit\LiveUpdate\Language\Russian.lng
c:\program files\IObit\LiveUpdate\Language\Serbian (cyrillic).lng
c:\program files\IObit\LiveUpdate\Language\Serbian (latin).lng
c:\program files\IObit\LiveUpdate\Language\Slovak.lng
c:\program files\IObit\LiveUpdate\Language\Slovenian.lng
c:\program files\IObit\LiveUpdate\Language\Spanish.lng
c:\program files\IObit\LiveUpdate\Language\Swedish.lng
c:\program files\IObit\LiveUpdate\Language\Turkish.lng
c:\program files\IObit\LiveUpdate\Language\Vietnamese.lng
c:\program files\IObit\LiveUpdate\LiveUpdate.exe
c:\program files\IObit\LiveUpdate\LiveUpdate.log
c:\program files\IObit\LiveUpdate\LiveUpdate_1.log
c:\program files\IObit\LiveUpdate\LiveUpdateSrvUpt.log
c:\program files\IObit\LiveUpdate\ProductStatistics.dll
c:\program files\IObit\LiveUpdate\ProductUpt.log
c:\program files\IObit\LiveUpdate\system.ini
c:\program files\IObit\LiveUpdate\update\timer.db
c:\program files\IObit\LiveUpdate\update\update.spt
c:\program files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx
c:\program files\IObit\Surfing Protection\BrowerProtect\ASCBrowserProtection.safariextz
c:\program files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome.manifest
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.xul
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\imagemgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\languagemgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\popbox.css
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\protectpage.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\searchresultmgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\urlbaricon.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\icon.png
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\install.rdf
c:\program files\IObit\Surfing Protection\BrowerProtect\ASCUrlScanner.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\BrowserProtect.oex
c:\program files\IObit\Surfing Protection\BrowerProtect\errorpage.html
c:\program files\IObit\Surfing Protection\BrowerProtect\images\asc.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\icon_gray.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_tip_details.gif
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\popbox_btn_close.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\popbox_btn_ok.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\risk_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\safe_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\tip_details.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\window_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\window_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\manifest.json
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\ASCPlugin_Protect.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\background.html
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\background.js
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Ex.js
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\asc.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\popbox_btn_close.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\popbox_btn_ok.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\risk_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\safe_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\tip_details.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\window_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\window_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\popup.html
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\popup.js
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\tips.js
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\warning.bak
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\warning.js
c:\program files\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\NPASCSafariPluginProtect.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\Safari_baidu_script.js
c:\program files\IObit\Surfing Protection\BrowerProtect\script.js
c:\program files\IObit\Surfing Protection\BrowerProtect\SPAD_script.js
c:\program files\IObit\Surfing Protection\Database\ASCSpecialUrl.db
c:\program files\IObit\Surfing Protection\Database\base_safe_browse_0211
c:\program files\IObit\Surfing Protection\Database\base_upt_add
c:\program files\IObit\Surfing Protection\Database\spupdate.utp
c:\program files\IObit\Surfing Protection\Extensions.plist
c:\program files\IObit\Surfing Protection\Language\Arabic.lng
c:\program files\IObit\Surfing Protection\Language\Belarusian.lng
c:\program files\IObit\Surfing Protection\Language\Czech.lng
c:\program files\IObit\Surfing Protection\Language\Dutch.lng
c:\program files\IObit\Surfing Protection\Language\English.lng
c:\program files\IObit\Surfing Protection\Language\Finnish.lng
c:\program files\IObit\Surfing Protection\Language\Hungarian.lng
c:\program files\IObit\Surfing Protection\Language\ChineseSimp.lng
c:\program files\IObit\Surfing Protection\Language\ChineseTrad.lng
c:\program files\IObit\Surfing Protection\Language\Japanese.lng
c:\program files\IObit\Surfing Protection\Language\Korean.lng
c:\program files\IObit\Surfing Protection\Language\Polish.lng
c:\program files\IObit\Surfing Protection\Language\Portuguese(PT-BR).lng
c:\program files\IObit\Surfing Protection\Language\Romanian.lng
c:\program files\IObit\Surfing Protection\Language\Russian.lng
c:\program files\IObit\Surfing Protection\Language\Serbian (cyrillic).lng
c:\program files\IObit\Surfing Protection\Language\Serbian (latin).lng
c:\program files\IObit\Surfing Protection\Language\Slovenian.lng
c:\program files\IObit\Surfing Protection\Language\Spanish.lng
c:\program files\IObit\Surfing Protection\Language\Swedish.lng
c:\program files\IObit\Surfing Protection\Language\Turkish.lng
c:\program files\IObit\Surfing Protection\Language\Vietnamese.lng
c:\program files\IObit\Surfing Protection\PluginInstall.exe
c:\program files\IObit\Surfing Protection\SPUpdate.exe
c:\program files\IObit\Surfing Protection\sqlite3.dll
c:\program files\IObit\Surfing Protection\unins000.dat
c:\program files\IObit\Surfing Protection\unins000.exe
c:\program files\IObit\Surfing Protection\unins000.msg
c:\program files\IObit\Surfing Protection\Update\Update.ini
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_LiveUpdateSvc
-------\Service_LiveUpdateSvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-19 do 2014-03-19 )))))))))))))))))))))))))))))))
.
.
2014-03-19 20:29 . 2014-03-19 20:29 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-03-19 20:29 . 2014-03-19 20:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-19 20:01 . 2014-03-19 20:01 39464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{15793430-5986-4E12-B607-729355F8F4E4}\MpKsl9cc7c78c.sys
2014-03-18 20:28 . 2014-03-07 04:35 7969936 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{15793430-5986-4E12-B607-729355F8F4E4}\mpengine.dll
2014-03-18 20:27 . 2014-03-07 04:35 7969936 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-14 12:45 . 2014-02-20 15:54 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B5E88A0F-BF98-4F9D-B33C-7E59EEB28A06}\gapaengine.dll
2014-03-12 23:10 . 2014-03-16 23:04 -------- d-----w- C:\AdwCleaner
2014-03-12 18:20 . 2014-02-04 02:04 509440 ----a-w- c:\windows\system32\qedit.dll
2014-03-12 18:20 . 2014-01-28 02:07 185344 ----a-w- c:\windows\system32\wwansvc.dll
2014-03-12 18:20 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-12 18:20 . 2014-02-07 01:07 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-03-12 18:20 . 2014-01-29 02:06 381440 ----a-w- c:\windows\system32\wer.dll
2014-03-11 10:34 . 2014-03-11 10:34 -------- d-----w- C:\FRST
2014-03-04 10:22 . 2014-03-04 10:22 -------- d-----w- c:\program files\Common Files\Skype
2014-03-04 10:22 . 2014-03-04 10:22 -------- d-----r- c:\program files\Skype
2014-02-27 12:21 . 2014-02-27 12:21 -------- d-----w- c:\program files\LogMeIn Hamachi
2014-02-25 17:39 . 2014-02-25 17:39 -------- d-----w- c:\windows\Migration
2014-02-17 22:34 . 2014-02-17 22:35 -------- d-----w- c:\users\Petr\AppData\Roaming\FreeVideoConverter
2014-02-17 22:33 . 2014-02-17 22:34 -------- d-----w- c:\program files\Free Video Converter
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-16 18:53 . 2012-08-27 04:57 6578 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2014-03-12 18:44 . 2012-03-31 06:57 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-12 18:44 . 2011-09-29 07:22 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-20 15:54 . 2011-10-11 04:32 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-01-19 07:32 . 2011-09-26 21:20 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-01-01 21:44 . 2014-01-01 21:44 301568 ----a-w- c:\windows\system32\msieftp.dll
2014-01-01 21:44 . 2014-01-01 21:44 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-01-01 21:43 . 2014-01-01 21:43 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2014-01-01 21:43 . 2014-01-01 21:43 1796096 ----a-w- c:\windows\system32\authui.dll
2014-01-01 21:43 . 2014-01-01 21:43 168960 ----a-w- c:\windows\system32\credui.dll
2014-01-01 21:43 . 2014-01-01 21:43 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2014-01-01 21:42 . 2014-01-01 21:42 81920 ----a-w- c:\windows\system32\davclnt.dll
2014-01-01 21:42 . 2014-01-01 21:42 205824 ----a-w- c:\windows\system32\WebClnt.dll
2014-01-01 21:42 . 2014-01-01 21:42 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-01-01 21:42 . 2014-01-01 21:42 434688 ----a-w- c:\windows\system32\scavengeui.dll
2014-01-01 21:42 . 2014-01-01 21:42 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-12-24 23:09 . 2014-02-14 08:14 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"HydraVisionDesktopManager"="c:\program files\ATI Technologies\HydraVision\HydraDM.exe" [2011-10-16 393216]
"ManicTime"="c:\program files\ManicTime\ManicTime.exe" [2013-04-10 250120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-21 1681408]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"Mobile Partner"="c:\program files\Hi Suite\Hi Suite.exe" [2013-04-14 518656]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" [2013-12-06 747264]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-02-26 3814736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 277920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"WinampAgent"="c:\program files\Winamp\winampa.exe"
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"AMD AVT"=Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\program files\AMD AVT\bin\kdbsync.exe" aml
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2013-09-19 50432]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\fxxandroidusb.sys [2011-03-22 25728]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-01-16 235696]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
R3 qcusbser;USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\FXX\qcusbser.sys [2011-03-22 103424]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-27 1343400]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-26 232512]
S1 MpKsl9cc7c78c;MpKsl9cc7c78c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{15793430-5986-4E12-B607-729355F8F4E4}\MpKsl9cc7c78c.sys [2014-03-19 39464]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-12-06 209408]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-06 276992]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2013-09-19 50432]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2014-02-26 1678672]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-02-26 375056]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [2014-01-22 104880]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-12-08 1514304]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-09-24 77312]
S3 netr28u;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-07-13 657408]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-09-17 1086976]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 17:55 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 18:44]
.
2014-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-27 18:29]
.
2014-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-27 18:29]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Petr\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138 192.168.1.1
FF - ProfilePath - c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-IObit Surfing Protection_is1 - c:\program files\IObit\Surfing Protection\unins000.exe
AddRemove-IObitUninstall - c:\program files\IObit\IObit Uninstaller\UninstallDisplay.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\AUDIODG.EXE
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2014-03-19 21:34:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-03-19 20:34
ComboFix2.txt 2014-03-18 20:25
.
Před spuštěním: 1 556 889 600
Po spuštění: 1 839 276 032
.
- - End Of File - - 24BDAD9C4A9C4C9F364D8976A96D984C
A36C5E4F47E84449FF07ED3517B43A31

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jaký je stav PC.

vypada to v poradku, moc diky...co tomu bylo?

cica18 píše:...co tomu bylo?

Pár breberek se Ti tam prohánělo

cica18 píše:...., moc diky...

Není zač a