VIRY.CZ

Dobrý den,
mohli byste mi poradit jak to dostat pryč? Je to BV:AutorunE.

Tady je log z ComboFixu:

ComboFix 14-08-28.01 - Hanule 29.08.2014 7:17.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4001.1493 [GMT 2:00]
Spuštěný z: c:\users\Hanule\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-28 do 2014-08-29 )))))))))))))))))))))))))))))))
.
.
2014-08-29 05:23 . 2014-08-29 05:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-28 12:40 . 2014-08-28 12:40 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{71B0F397-6430-4B5B-B4D4-06C6FFC8E996}\offreg.dll
2014-08-28 12:20 . 2014-08-28 12:20 -------- d-----w- c:\users\Hanule\AppData\Roaming\eCyber
2014-08-28 12:19 . 2014-08-08 06:24 45248 ----a-w- c:\windows\system32\drivers\iSafeKrnlBoot.sys
2014-08-28 12:19 . 2014-08-28 12:19 -------- d-----w- c:\windows\system32\log
2014-08-28 12:18 . 2014-08-29 03:58 -------- d-----w- c:\users\Hanule\AppData\Roaming\iSafe
2014-08-28 04:43 . 2014-08-28 04:43 -------- d-----w- c:\users\Hanule\AppData\Local\Skype
2014-08-28 04:43 . 2014-08-28 05:11 -------- d-----w- c:\users\Hanule\AppData\Roaming\Skype
2014-08-28 04:42 . 2014-08-28 04:42 -------- d-----r- c:\program files (x86)\Skype
2014-08-28 04:42 . 2014-08-28 04:42 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-08-28 04:42 . 2014-08-28 04:43 -------- d-----w- c:\programdata\Skype
2014-08-26 08:05 . 2014-08-21 03:43 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{71B0F397-6430-4B5B-B4D4-06C6FFC8E996}\mpengine.dll
2014-08-25 18:08 . 2014-08-25 18:08 -------- d-----w- c:\users\Hanule\AppData\Roaming\vlc
2014-08-25 18:07 . 2014-08-25 18:07 -------- d-----w- c:\program files (x86)\VideoLAN
2014-08-25 10:06 . 2014-08-25 10:06 -------- d-sh--w- c:\users\Hanule\AppData\Local\EmieUserList
2014-08-25 10:06 . 2014-08-25 10:06 -------- d-sh--w- c:\users\Hanule\AppData\Local\EmieSiteList
2014-08-18 07:52 . 2014-08-18 15:36 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2014-08-16 14:24 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-16 14:24 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-16 14:24 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-16 14:24 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-16 14:24 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-16 14:24 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-16 14:23 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-16 14:23 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-14 04:06 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDTAT.DLL
2014-08-14 04:06 . 2014-07-09 01:31 7168 ----a-w- c:\windows\SysWow64\KBDYAK.DLL
2014-08-14 04:06 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-08-14 04:06 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDRU1.DLL
2014-08-14 04:06 . 2014-07-09 02:03 6656 ----a-w- c:\windows\system32\KBDRU.DLL
2014-08-14 04:06 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDBASH.DLL
2014-08-14 04:06 . 2014-07-09 01:31 6656 ----a-w- c:\windows\SysWow64\KBDBASH.DLL
2014-08-14 04:06 . 2014-07-16 03:23 2048 ----a-w- c:\windows\system32\tzres.dll
2014-08-14 04:06 . 2014-07-16 02:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-08-14 04:02 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-14 04:02 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-08-14 04:02 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-08-14 04:02 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-08-12 14:56 . 2014-08-12 14:56 -------- d-----w- c:\program files (x86)\Microsoft Works
2014-08-12 14:54 . 2014-08-12 14:54 -------- d-----w- c:\windows\PCHEALTH
2014-08-12 14:51 . 2014-08-12 14:51 -------- d-----w- c:\program files\Microsoft Office
2014-08-12 14:51 . 2014-08-12 14:51 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2014-08-12 14:50 . 2014-08-12 14:50 -------- d-----w- c:\users\Hanule\AppData\Local\Microsoft Help
2014-08-12 14:50 . 2014-08-12 14:59 -------- d-----w- c:\programdata\Microsoft Help
2014-08-12 14:49 . 2014-08-12 14:49 -------- d-----r- C:\MSOCache
2014-08-03 19:04 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-08-03 19:04 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-08-03 19:04 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-08-03 19:04 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-08-03 19:03 . 2014-05-14 16:23 38880 ----a-w- c:\windows\system32\wups.dll
2014-08-03 19:03 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll
2014-08-03 19:03 . 2014-05-14 16:23 700384 ----a-w- c:\windows\system32\wuapi.dll
2014-08-03 19:03 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-08-03 19:03 . 2014-05-14 16:20 97792 ----a-w- c:\windows\system32\wudriver.dll
2014-08-03 19:03 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-08-03 19:03 . 2014-05-14 07:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-08-03 19:03 . 2014-05-14 07:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-08-03 19:03 . 2014-05-14 07:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-08-03 19:03 . 2014-05-14 07:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-08-03 10:51 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-08-02 16:39 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2014-08-02 16:39 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2014-08-02 16:39 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-08-02 16:39 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-08-02 16:39 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-08-02 16:39 . 2013-12-24 22:48 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-08-02 16:39 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
2014-08-02 16:39 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-08-02 16:39 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-08-02 16:39 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-08-02 16:39 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-08-02 16:39 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-08-01 15:58 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-08-01 15:58 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-08-01 15:58 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-08-01 15:58 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-08-01 15:57 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-08-01 15:44 . 2014-08-01 15:44 -------- d-----w- c:\windows\Migration
2014-08-01 10:29 . 2014-08-01 10:29 -------- d-----w- c:\users\Hanule\voip
2014-07-30 05:52 . 2014-07-30 05:52 -------- d-----w- c:\users\Hanule\AppData\Roaming\Search Protection
2014-07-30 05:52 . 2014-07-30 05:52 -------- d-----w- c:\programdata\YTD Video Downloader
2014-07-30 05:52 . 2014-07-30 05:52 -------- d-----w- c:\program files (x86)\GreenTree Applications
2014-07-30 05:47 . 2014-07-30 05:47 -------- d-----w- C:\UpdateChromeLinksLogs
2014-07-30 05:47 . 2014-07-30 05:47 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2014-07-30 05:47 . 2014-07-30 05:47 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2014-07-30 05:47 . 2014-07-30 05:47 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2014-07-30 05:29 . 2014-07-30 05:29 -------- d-----w- c:\users\Hanule\aTubeCatcher
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-05 07:20 . 2014-07-16 18:43 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-24 04:02 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-07-24 04:02 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-07-23 09:09 . 2014-07-23 09:05 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-23 09:05 . 2014-07-23 09:05 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-07-23 09:05 . 2014-07-23 09:05 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-23 09:05 . 2014-07-23 09:05 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-07-23 09:05 . 2014-07-23 09:05 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-23 09:05 . 2014-07-23 09:05 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-23 09:05 . 2014-07-23 09:05 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-23 09:05 . 2014-07-23 09:05 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-23 09:05 . 2014-07-23 09:05 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-07-23 09:05 . 2014-07-23 09:05 43152 ----a-w- c:\windows\avastSS.scr
2014-07-18 08:51 . 2014-07-18 08:51 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-18 08:51 . 2014-07-18 08:51 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-16 18:56 . 2014-07-16 18:56 44032 ----a-w- c:\windows\system32\drivers\AmUStor.sys
2014-07-16 18:56 . 2014-07-16 18:56 10752 ----a-w- c:\windows\system32\AmUStor.dll
2014-07-16 18:52 . 2010-08-24 15:55 76912 ----a-w- c:\windows\system32\drivers\L1C62x64.sys
2014-07-16 18:22 . 2010-10-14 22:28 317440 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2014-07-16 18:22 . 2010-10-14 22:27 14848 ----a-w- c:\windows\system32\IntcDAuC.dll
2014-07-16 18:22 . 2011-01-27 07:05 92672 ----a-w- c:\windows\system32\igfxCoIn_v2291.dll
2014-07-16 18:22 . 2011-02-10 11:49 167960 ----a-w- c:\windows\system32\igfxtray.exe
2014-07-16 18:22 . 2011-02-10 11:48 509976 ----a-w- c:\windows\system32\igfxsrvc.exe
2014-07-16 18:22 . 2011-02-10 11:48 418328 ----a-w- c:\windows\system32\igfxpers.exe
2014-07-16 18:22 . 2011-02-10 11:48 239128 ----a-w- c:\windows\system32\igfxext.exe
2014-07-16 18:22 . 2011-01-27 06:55 960940 ----a-w- c:\windows\system32\igkrng600.bin
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrsky.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrrom.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrhrv.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrslv.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrtrk.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrsve.lrc
2014-07-16 18:22 . 2011-01-27 06:25 285696 ----a-w- c:\windows\system32\igfxrtha.lrc
2014-07-16 18:22 . 2011-01-27 06:25 287232 ----a-w- c:\windows\system32\igfxresn.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrrus.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrptg.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrplk.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrptb.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrnor.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrita.lrc
2014-07-16 18:22 . 2011-01-27 06:25 283648 ----a-w- c:\windows\system32\igfxrjpn.lrc
2014-07-16 18:22 . 2011-01-27 06:25 283136 ----a-w- c:\windows\system32\igfxrkor.lrc
2014-07-16 18:22 . 2011-01-27 06:25 287232 ----a-w- c:\windows\system32\igfxrell.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrhun.lrc
2014-07-16 18:22 . 2011-01-27 06:25 285184 ----a-w- c:\windows\system32\igfxrheb.lrc
2014-07-16 18:22 . 2011-01-27 06:25 287232 ----a-w- c:\windows\system32\igfxrfra.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrdeu.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrfin.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrnld.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrcsy.lrc
2014-07-16 18:22 . 2011-01-27 06:25 285696 ----a-w- c:\windows\system32\igfxrdan.lrc
2014-07-16 18:22 . 2011-01-27 06:25 282624 ----a-w- c:\windows\system32\igfxrcht.lrc
2014-07-16 18:22 . 2011-01-27 06:25 285184 ----a-w- c:\windows\system32\igfxrara.lrc
2014-07-16 18:22 . 2011-01-27 06:25 282624 ----a-w- c:\windows\system32\igfxrchs.lrc
2014-07-16 18:22 . 2011-01-27 06:24 335872 ----a-w- c:\windows\system32\igfxpph.dll
2014-07-16 18:22 . 2011-01-27 06:24 28672 ----a-w- c:\windows\system32\igfxexps.dll
2014-07-16 18:22 . 2011-01-27 06:24 380928 ----a-w- c:\windows\system32\igfxTMM.dll
2014-07-16 18:22 . 2011-01-27 06:24 62464 ----a-w- c:\windows\system32\igfxsrvc.dll
2014-07-16 18:22 . 2011-01-27 06:23 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2014-07-16 18:22 . 2011-01-27 06:23 385024 ----a-w- c:\windows\system32\igfxdev.dll
2014-07-16 18:22 . 2011-01-27 06:22 285696 ----a-w- c:\windows\system32\igfxrenu.lrc
2014-07-16 18:22 . 2011-01-27 06:22 9014784 ----a-w- c:\windows\system32\igfxress.dll
2014-07-16 18:22 . 2011-01-27 06:22 142336 ----a-w- c:\windows\system32\igfxdo.dll
2014-07-16 18:22 . 2011-01-27 06:18 24576 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2014-07-16 18:22 . 2011-01-27 06:17 288768 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2014-07-16 18:22 . 2011-01-27 06:11 95744 ----a-w- c:\windows\system32\iglhcp64.dll
2014-07-16 18:22 . 2011-01-27 06:11 86528 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2014-07-16 18:22 . 2011-01-27 06:11 368640 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2014-07-16 18:22 . 2011-01-27 06:11 364032 ----a-w- c:\windows\system32\iglhsip64.dll
2014-07-16 18:22 . 2011-01-27 06:25 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2014-07-16 18:22 . 2011-01-27 06:57 7470080 ----a-w- c:\windows\system32\igdumd64.dll
2014-07-16 18:22 . 2011-01-27 06:57 12273408 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2014-07-16 18:22 . 2011-01-27 06:55 213332 ----a-w- c:\windows\system32\igfcg600m.bin
2014-07-16 18:22 . 2011-01-27 06:51 5689344 ----a-w- c:\windows\SysWow64\igdumd32.dll
2014-07-16 18:22 . 2011-01-27 06:48 575488 ----a-w- c:\windows\SysWow64\igdumdx32.dll
2014-07-16 18:22 . 2011-01-27 06:47 7386112 ----a-w- c:\windows\system32\igd10umd64.dll
2014-07-16 18:22 . 2011-01-27 06:11 142848 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2014-07-16 18:22 . 2011-01-27 06:11 122368 ----a-w- c:\windows\system32\igfxcmrt64.dll
2014-07-16 18:22 . 2011-02-10 11:48 391704 ----a-w- c:\windows\system32\hkcmd.exe
2014-07-16 18:22 . 2011-02-10 11:48 4368920 ----a-w- c:\windows\system32\GfxUI.exe
2014-07-16 18:22 . 2011-01-27 06:55 145804 ----a-w- c:\windows\system32\igcompkrng600.bin
2014-07-16 18:22 . 2011-01-27 06:44 6068224 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2014-07-16 18:22 . 2011-01-27 06:38 19591680 ----a-w- c:\windows\system32\ig4icd64.dll
2014-07-16 18:22 . 2011-01-27 06:30 14292992 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2014-07-16 18:22 . 2011-01-27 06:23 109056 ----a-w- c:\windows\system32\hccutils.dll
2014-07-16 18:22 . 2011-01-27 06:23 144896 ----a-w- c:\windows\system32\gfxSrvc.dll
2014-07-16 18:22 . 2011-01-27 06:11 94208 ----a-w- c:\windows\system32\IccLibDll_x64.dll
2014-07-16 18:22 . 2011-02-10 11:48 179736 ----a-w- c:\windows\system32\difx64.exe
2014-06-18 02:18 . 2014-07-25 06:52 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-25 06:52 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-06 10:10 . 2014-07-25 06:51 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-25 06:51 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-25 06:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-25 06:45 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-25 06:45 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"icq"="c:\users\Hanule\AppData\Roaming\ICQM\icq.exe" [2014-07-22 34983944]
"SearchProtection"="c:\users\Hanule\AppData\Roaming\Search Protection\SearchProtection.EXE" [2014-08-22 1109352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-04-08 43008]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-07-03 2694040]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-03 4085896]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Protokol Intel(R) Centrino(R) Bluetooth 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 PDF Architect 2;PDF Architect 2;c:\program files (x86)\PDF Architect 2\ws.exe;c:\program files (x86)\PDF Architect 2\ws.exe [x]
R3 pdfforge CrashHandler;pdfforge CrashHandler;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys;c:\windows\SYSNATIVE\DRIVERS\sxuptp.sys [x]
S3 AMPPAL;Virtuální adaptér Intel(R) Centrino(R) Bluetooth 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIh.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - iSafeKrnlKit
*Deregistered* - iSafeKrnlR3
*Deregistered* - iSafeNetFilter
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-27 14:18 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.94\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-18 08:51]
.
2014-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-23 09:06]
.
2014-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-23 09:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-06-25 14:51 672416 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-06-25 14:51 672416 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-06-25 14:51 672416 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-23 09:05 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-07-16 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-07-16 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-07-16 418328]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2014-07-16 324096]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
"SC-Print A Msgsrv"="c:\program files\SC-Print A\Msgsrv.exe" [2010-12-13 66560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://qip.ru/?utm_source=qip2012&utm_medium=cpc&utm_campaign=qip2012_start
uDefault_Search_URL = hxxp://search.qip.ru
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{62FE8E15-A8B1-4818-B6E7-A783AA3DB6EC}: NameServer = 169.254.1.1
FF - ProfilePath - c:\users\Hanule\AppData\Roaming\Mozilla\Firefox\Profiles\7qgwyjgz.default\
FF - prefs.js: browser.startup.homepage - hxxp://gmail.com/
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=501549&p=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-08-29 07:26:09
ComboFix-quarantined-files.txt 2014-08-29 05:26
.
Před spuštěním: Volných bajtů: 577 208 688 640
Po spuštění: Volných bajtů: 577 929 138 176
.
- - End Of File - - 3C95578A07A0C5AFB6099395B7BF6526
A36C5E4F47E84449FF07ED3517B43A31



Děkuju za radu

Zdravim

Zdravim

Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)?

Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"


Nebezpeci CFka

• Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
• Maze stopy po haveti, takze v logu z RSIT neni nic videt
• Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
• CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
• CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Dobrý den,
já bohužel ne, ale radil, mi s tím kamarád a když už jsme nevěděli jak to dostat pryč, tak našel návod na combofix a odkaz na toto forum.

Je možné mi poradit takto?

Zkoušel jsem vir odstranit pomocí softwaru YAC a Avast, bohužel ani jednou se nepovedlo. Po testu po restartu se PC tváří jako čisté, ale při naběhnutí systému AVAST opět hlásí problém. Nerada bych PC přeintalovávala a ve starších diskuzích jsem našla, že takovýto problém má více lidí.

YAC odinstalujte - je zcela neucinny

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Provedla jsem co jste poradil, tady je log. Bohužel BV:Autorun, co našel avast tam stále je.

# AdwCleaner v3.308 - Report created 29/08/2014 at 14:10:30
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Hanule - ASUS
# Running from : C:\Users\Hanule\Downloads\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Users\Hanule\AppData\Roaming\eCyber
Folder Deleted : C:\Users\Hanule\AppData\Roaming\iSafe
Folder Deleted : C:\Users\Hanule\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Hanule\AppData\Roaming\Search Protection
Folder Deleted : C:\Users\Hanule\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
File Deleted : C:\Windows\System32\drivers\iSafeKrnlBoot.sys
File Deleted : C:\Windows\System32\log\iSafeKrnlCall.log

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SearchProtection]
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASMANCS
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\AppDataLow\Software\Search Protection
Key Deleted : HKLM\SOFTWARE\iSafe
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]

-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Users\Hanule\AppData\Roaming\Mozilla\Firefox\Profiles\7qgwyjgz.default\prefs.js ]


-\\ Google Chrome v37.0.2062.94

[ File : C:\Users\Hanule\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : eofcbnmajmjmplflapaojjnihcjkigck

*************************

AdwCleaner[R0].txt - [2614 octets] - [29/08/2014 14:07:00]
AdwCleaner[S0].txt - [2363 octets] - [29/08/2014 14:10:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2423 octets] ##########

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Folder::
  c:\users\Hanule\AppData\Roaming\Search Protection
  
  File::
  c:\windows\Tasks\Adobe Flash Player Updater.job
  c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "icq"=-
  "SearchProtection"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  "Adobe ARM"=-
  "GrooveMonitor"=-
  
  RegLock::
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  
  ClearJavaCache::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Omlouvám se, za pomalou odpověď. Udělala jsem co bylo napsáno výše. Tady je výstupní log z ComboFixu.

ComboFix 14-08-31.01 - Hanule 31.08.2014 12:21:18.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4001.2392 [GMT 2:00]
Spuštěný z: c:\users\Hanule\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Hanule\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-28 do 2014-08-31 )))))))))))))))))))))))))))))))
.
.
2014-08-31 10:28 . 2014-08-31 10:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-29 12:06 . 2014-08-29 16:51 -------- d-----w- C:\AdwCleaner
2014-08-28 12:19 . 2014-08-29 12:10 -------- d-----w- c:\windows\system32\log
2014-08-28 04:43 . 2014-08-28 04:43 -------- d-----w- c:\users\Hanule\AppData\Local\Skype
2014-08-28 04:43 . 2014-08-28 05:11 -------- d-----w- c:\users\Hanule\AppData\Roaming\Skype
2014-08-28 04:42 . 2014-08-28 04:42 -------- d-----r- c:\program files (x86)\Skype
2014-08-28 04:42 . 2014-08-28 04:42 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-08-28 04:42 . 2014-08-28 04:43 -------- d-----w- c:\programdata\Skype
2014-08-26 08:05 . 2014-08-21 03:43 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{71B0F397-6430-4B5B-B4D4-06C6FFC8E996}\mpengine.dll
2014-08-25 18:08 . 2014-08-25 18:08 -------- d-----w- c:\users\Hanule\AppData\Roaming\vlc
2014-08-25 18:07 . 2014-08-25 18:07 -------- d-----w- c:\program files (x86)\VideoLAN
2014-08-25 10:06 . 2014-08-25 10:06 -------- d-sh--w- c:\users\Hanule\AppData\Local\EmieUserList
2014-08-25 10:06 . 2014-08-25 10:06 -------- d-sh--w- c:\users\Hanule\AppData\Local\EmieSiteList
2014-08-18 07:52 . 2014-08-18 15:36 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2014-08-16 14:24 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-16 14:24 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-16 14:24 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-16 14:24 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-16 14:24 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-16 14:24 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-16 14:23 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-16 14:23 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-14 04:06 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDTAT.DLL
2014-08-14 04:06 . 2014-07-09 01:31 7168 ----a-w- c:\windows\SysWow64\KBDYAK.DLL
2014-08-14 04:06 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-08-14 04:06 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDRU1.DLL
2014-08-14 04:06 . 2014-07-09 02:03 6656 ----a-w- c:\windows\system32\KBDRU.DLL
2014-08-14 04:06 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDBASH.DLL
2014-08-14 04:06 . 2014-07-09 01:31 6656 ----a-w- c:\windows\SysWow64\KBDBASH.DLL
2014-08-14 04:06 . 2014-07-16 03:23 2048 ----a-w- c:\windows\system32\tzres.dll
2014-08-14 04:06 . 2014-07-16 02:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-08-14 04:02 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-14 04:02 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-08-14 04:02 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-08-14 04:02 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-08-12 14:56 . 2014-08-12 14:56 -------- d-----w- c:\program files (x86)\Microsoft Works
2014-08-12 14:54 . 2014-08-12 14:54 -------- d-----w- c:\windows\PCHEALTH
2014-08-12 14:51 . 2014-08-12 14:51 -------- d-----w- c:\program files\Microsoft Office
2014-08-12 14:51 . 2014-08-12 14:51 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2014-08-12 14:50 . 2014-08-12 14:50 -------- d-----w- c:\users\Hanule\AppData\Local\Microsoft Help
2014-08-12 14:50 . 2014-08-12 14:59 -------- d-----w- c:\programdata\Microsoft Help
2014-08-12 14:49 . 2014-08-12 14:49 -------- d-----r- C:\MSOCache
2014-08-03 19:04 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-08-03 19:04 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-08-03 19:04 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-08-03 19:04 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-08-03 19:03 . 2014-05-14 16:23 38880 ----a-w- c:\windows\system32\wups.dll
2014-08-03 19:03 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll
2014-08-03 19:03 . 2014-05-14 16:23 700384 ----a-w- c:\windows\system32\wuapi.dll
2014-08-03 19:03 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-08-03 19:03 . 2014-05-14 16:20 97792 ----a-w- c:\windows\system32\wudriver.dll
2014-08-03 19:03 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-08-03 19:03 . 2014-05-14 07:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-08-03 19:03 . 2014-05-14 07:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-08-03 19:03 . 2014-05-14 07:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-08-03 19:03 . 2014-05-14 07:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-08-03 10:51 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-08-02 16:39 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2014-08-02 16:39 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2014-08-02 16:39 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-08-02 16:39 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-08-02 16:39 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-08-02 16:39 . 2013-12-24 22:48 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-08-02 16:39 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
2014-08-02 16:39 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-08-02 16:39 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-08-02 16:39 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-08-02 16:39 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-08-02 16:39 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-08-01 15:58 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-08-01 15:58 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-08-01 15:58 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-08-01 15:58 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-08-01 15:57 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-08-01 15:44 . 2014-08-01 15:44 -------- d-----w- c:\windows\Migration
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-05 07:20 . 2014-07-16 18:43 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-30 05:47 . 2014-07-30 05:47 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2014-07-30 05:47 . 2014-07-30 05:47 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2014-07-30 05:47 . 2014-07-30 05:47 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2014-07-24 04:02 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-07-24 04:02 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-07-23 09:09 . 2014-07-23 09:05 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-23 09:05 . 2014-07-23 09:05 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-07-23 09:05 . 2014-07-23 09:05 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-23 09:05 . 2014-07-23 09:05 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-07-23 09:05 . 2014-07-23 09:05 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-23 09:05 . 2014-07-23 09:05 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-23 09:05 . 2014-07-23 09:05 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-23 09:05 . 2014-07-23 09:05 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-23 09:05 . 2014-07-23 09:05 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-07-23 09:05 . 2014-07-23 09:05 43152 ----a-w- c:\windows\avastSS.scr
2014-07-18 08:51 . 2014-07-18 08:51 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-18 08:51 . 2014-07-18 08:51 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-16 18:56 . 2014-07-16 18:56 44032 ----a-w- c:\windows\system32\drivers\AmUStor.sys
2014-07-16 18:56 . 2014-07-16 18:56 10752 ----a-w- c:\windows\system32\AmUStor.dll
2014-07-16 18:52 . 2010-08-24 15:55 76912 ----a-w- c:\windows\system32\drivers\L1C62x64.sys
2014-07-16 18:22 . 2010-10-14 22:28 317440 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2014-07-16 18:22 . 2010-10-14 22:27 14848 ----a-w- c:\windows\system32\IntcDAuC.dll
2014-07-16 18:22 . 2011-01-27 07:05 92672 ----a-w- c:\windows\system32\igfxCoIn_v2291.dll
2014-07-16 18:22 . 2011-02-10 11:49 167960 ----a-w- c:\windows\system32\igfxtray.exe
2014-07-16 18:22 . 2011-02-10 11:48 509976 ----a-w- c:\windows\system32\igfxsrvc.exe
2014-07-16 18:22 . 2011-02-10 11:48 418328 ----a-w- c:\windows\system32\igfxpers.exe
2014-07-16 18:22 . 2011-02-10 11:48 239128 ----a-w- c:\windows\system32\igfxext.exe
2014-07-16 18:22 . 2011-01-27 06:55 960940 ----a-w- c:\windows\system32\igkrng600.bin
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrsky.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrrom.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrhrv.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrslv.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrtrk.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrsve.lrc
2014-07-16 18:22 . 2011-01-27 06:25 285696 ----a-w- c:\windows\system32\igfxrtha.lrc
2014-07-16 18:22 . 2011-01-27 06:25 287232 ----a-w- c:\windows\system32\igfxresn.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrrus.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrptg.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrplk.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrptb.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrnor.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrita.lrc
2014-07-16 18:22 . 2011-01-27 06:25 283648 ----a-w- c:\windows\system32\igfxrjpn.lrc
2014-07-16 18:22 . 2011-01-27 06:25 283136 ----a-w- c:\windows\system32\igfxrkor.lrc
2014-07-16 18:22 . 2011-01-27 06:25 287232 ----a-w- c:\windows\system32\igfxrell.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrhun.lrc
2014-07-16 18:22 . 2011-01-27 06:25 285184 ----a-w- c:\windows\system32\igfxrheb.lrc
2014-07-16 18:22 . 2011-01-27 06:25 287232 ----a-w- c:\windows\system32\igfxrfra.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrdeu.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrfin.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrnld.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrcsy.lrc
2014-07-16 18:22 . 2011-01-27 06:25 285696 ----a-w- c:\windows\system32\igfxrdan.lrc
2014-07-16 18:22 . 2011-01-27 06:25 282624 ----a-w- c:\windows\system32\igfxrcht.lrc
2014-07-16 18:22 . 2011-01-27 06:25 285184 ----a-w- c:\windows\system32\igfxrara.lrc
2014-07-16 18:22 . 2011-01-27 06:25 282624 ----a-w- c:\windows\system32\igfxrchs.lrc
2014-07-16 18:22 . 2011-01-27 06:24 335872 ----a-w- c:\windows\system32\igfxpph.dll
2014-07-16 18:22 . 2011-01-27 06:24 28672 ----a-w- c:\windows\system32\igfxexps.dll
2014-07-16 18:22 . 2011-01-27 06:24 380928 ----a-w- c:\windows\system32\igfxTMM.dll
2014-07-16 18:22 . 2011-01-27 06:24 62464 ----a-w- c:\windows\system32\igfxsrvc.dll
2014-07-16 18:22 . 2011-01-27 06:23 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2014-07-16 18:22 . 2011-01-27 06:23 385024 ----a-w- c:\windows\system32\igfxdev.dll
2014-07-16 18:22 . 2011-01-27 06:22 285696 ----a-w- c:\windows\system32\igfxrenu.lrc
2014-07-16 18:22 . 2011-01-27 06:22 9014784 ----a-w- c:\windows\system32\igfxress.dll
2014-07-16 18:22 . 2011-01-27 06:22 142336 ----a-w- c:\windows\system32\igfxdo.dll
2014-07-16 18:22 . 2011-01-27 06:18 24576 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2014-07-16 18:22 . 2011-01-27 06:17 288768 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2014-07-16 18:22 . 2011-01-27 06:11 95744 ----a-w- c:\windows\system32\iglhcp64.dll
2014-07-16 18:22 . 2011-01-27 06:11 86528 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2014-07-16 18:22 . 2011-01-27 06:11 368640 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2014-07-16 18:22 . 2011-01-27 06:11 364032 ----a-w- c:\windows\system32\iglhsip64.dll
2014-07-16 18:22 . 2011-01-27 06:25 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2014-07-16 18:22 . 2011-01-27 06:57 7470080 ----a-w- c:\windows\system32\igdumd64.dll
2014-07-16 18:22 . 2011-01-27 06:57 12273408 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2014-07-16 18:22 . 2011-01-27 06:55 213332 ----a-w- c:\windows\system32\igfcg600m.bin
2014-07-16 18:22 . 2011-01-27 06:51 5689344 ----a-w- c:\windows\SysWow64\igdumd32.dll
2014-07-16 18:22 . 2011-01-27 06:48 575488 ----a-w- c:\windows\SysWow64\igdumdx32.dll
2014-07-16 18:22 . 2011-01-27 06:47 7386112 ----a-w- c:\windows\system32\igd10umd64.dll
2014-07-16 18:22 . 2011-01-27 06:11 142848 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2014-07-16 18:22 . 2011-01-27 06:11 122368 ----a-w- c:\windows\system32\igfxcmrt64.dll
2014-07-16 18:22 . 2011-02-10 11:48 391704 ----a-w- c:\windows\system32\hkcmd.exe
2014-07-16 18:22 . 2011-02-10 11:48 4368920 ----a-w- c:\windows\system32\GfxUI.exe
2014-07-16 18:22 . 2011-01-27 06:55 145804 ----a-w- c:\windows\system32\igcompkrng600.bin
2014-07-16 18:22 . 2011-01-27 06:44 6068224 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2014-07-16 18:22 . 2011-01-27 06:38 19591680 ----a-w- c:\windows\system32\ig4icd64.dll
2014-07-16 18:22 . 2011-01-27 06:30 14292992 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2014-07-16 18:22 . 2011-01-27 06:23 109056 ----a-w- c:\windows\system32\hccutils.dll
2014-07-16 18:22 . 2011-01-27 06:23 144896 ----a-w- c:\windows\system32\gfxSrvc.dll
2014-07-16 18:22 . 2011-01-27 06:11 94208 ----a-w- c:\windows\system32\IccLibDll_x64.dll
2014-07-16 18:22 . 2011-02-10 11:48 179736 ----a-w- c:\windows\system32\difx64.exe
2014-06-18 02:18 . 2014-07-25 06:52 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-25 06:52 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-06 10:10 . 2014-07-25 06:51 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-25 06:51 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-25 06:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-25 06:45 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-25 06:45 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-04-08 43008]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-07-03 2694040]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-03 4085896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:4c9d5938 /wow /dir:C:\Program
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Protokol Intel(R) Centrino(R) Bluetooth 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 PDF Architect 2;PDF Architect 2;c:\program files (x86)\PDF Architect 2\ws.exe;c:\program files (x86)\PDF Architect 2\ws.exe [x]
R3 pdfforge CrashHandler;pdfforge CrashHandler;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys;c:\windows\SYSNATIVE\DRIVERS\sxuptp.sys [x]
S3 AMPPAL;Virtuální adaptér Intel(R) Centrino(R) Bluetooth 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIh.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-27 14:18 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.94\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-18 08:51]
.
2014-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-23 09:06]
.
2014-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-23 09:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-06-25 14:51 672416 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-06-25 14:51 672416 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-06-25 14:51 672416 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-23 09:05 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-07-16 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-07-16 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-07-16 418328]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2014-07-16 324096]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
"SC-Print A Msgsrv"="c:\program files\SC-Print A\Msgsrv.exe" [2010-12-13 66560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 84.16.121.1 84.16.96.2
TCP: Interfaces\{62FE8E15-A8B1-4818-B6E7-A783AA3DB6EC}: NameServer = 169.254.1.1
FF - ProfilePath - c:\users\Hanule\AppData\Roaming\Mozilla\Firefox\Profiles\7qgwyjgz.default\
FF - prefs.js: browser.startup.homepage - hxxp://gmail.com/
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=501549&p=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} - c:\program files (x86)\GreenTree Applications\YTD Video Downloader\uninstall.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
.
**************************************************************************
.
Celkový čas: 2014-08-31 12:36:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-08-31 10:36
ComboFix2.txt 2014-08-29 05:26
.
Před spuštěním: Volných bajtů: 579 304 943 616
Po spuštění: Volných bajtů: 578 950 701 056
.
- - End Of File - - 66584BF84C54335F3C75DFBBE5E70967
A36C5E4F47E84449FF07ED3517B43A31

Avast stale neco hlasi??

Pripadne dejte screen toho hlaseni

Teď dokontroloval Avastr, a stále hlásí.

Jméno:C:\ProgramData\Microsoft\SearchData\Applications\Windows\tmp.edb
Závažnost: Vysoká
Stav: Hrozba: BV:Autorun-Ef[Wrm]

Takze vytvorte znovu CFScript.txt a aplikujte jako o krok vyse.
Obsah CFScriptu

Asi dělám něco špatně, protože Avast i po aplikaci druhého scriptu hlásí přítomnost.

1) Stáhla jsem
2) přetáhla na plochu
3) spustila - vytvořil se úvodní log
4) vytvořila jsem soubor CFScript a natáhla, otevřela se modrá obrazovka -> spouštění, bod obnovy, pak dokončena fáze 1-X, restart, vytvoření logu.

Avast při kontrole po restartu nic nenajde, ale po najetí systému ano.

Tady je log po druhé aplikaci scriptu

ComboFix 14-08-31.01 - Hanule 31.08.2014 16:29:09.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4001.2382 [GMT 2:00]
Spuštěný z: c:\users\Hanule\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Hanule\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-28 do 2014-08-31 )))))))))))))))))))))))))))))))
.
.
2014-08-31 14:34 . 2014-08-31 14:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-29 12:06 . 2014-08-29 16:51 -------- d-----w- C:\AdwCleaner
2014-08-28 12:19 . 2014-08-29 12:10 -------- d-----w- c:\windows\system32\log
2014-08-28 04:43 . 2014-08-28 04:43 -------- d-----w- c:\users\Hanule\AppData\Local\Skype
2014-08-28 04:43 . 2014-08-28 05:11 -------- d-----w- c:\users\Hanule\AppData\Roaming\Skype
2014-08-28 04:42 . 2014-08-28 04:42 -------- d-----r- c:\program files (x86)\Skype
2014-08-28 04:42 . 2014-08-28 04:42 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-08-28 04:42 . 2014-08-28 04:43 -------- d-----w- c:\programdata\Skype
2014-08-26 08:05 . 2014-08-21 03:43 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{71B0F397-6430-4B5B-B4D4-06C6FFC8E996}\mpengine.dll
2014-08-25 18:08 . 2014-08-25 18:08 -------- d-----w- c:\users\Hanule\AppData\Roaming\vlc
2014-08-25 18:07 . 2014-08-25 18:07 -------- d-----w- c:\program files (x86)\VideoLAN
2014-08-25 10:06 . 2014-08-25 10:06 -------- d-sh--w- c:\users\Hanule\AppData\Local\EmieUserList
2014-08-25 10:06 . 2014-08-25 10:06 -------- d-sh--w- c:\users\Hanule\AppData\Local\EmieSiteList
2014-08-18 07:52 . 2014-08-31 10:38 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2014-08-16 14:24 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-16 14:24 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-16 14:24 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-16 14:24 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-16 14:24 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-16 14:24 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-16 14:23 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-16 14:23 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-14 04:06 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDTAT.DLL
2014-08-14 04:06 . 2014-07-09 01:31 7168 ----a-w- c:\windows\SysWow64\KBDYAK.DLL
2014-08-14 04:06 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-08-14 04:06 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDRU1.DLL
2014-08-14 04:06 . 2014-07-09 02:03 6656 ----a-w- c:\windows\system32\KBDRU.DLL
2014-08-14 04:06 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDBASH.DLL
2014-08-14 04:06 . 2014-07-09 01:31 6656 ----a-w- c:\windows\SysWow64\KBDBASH.DLL
2014-08-14 04:06 . 2014-07-16 03:23 2048 ----a-w- c:\windows\system32\tzres.dll
2014-08-14 04:06 . 2014-07-16 02:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-08-14 04:02 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-14 04:02 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-08-14 04:02 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-08-14 04:02 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-08-12 14:56 . 2014-08-12 14:56 -------- d-----w- c:\program files (x86)\Microsoft Works
2014-08-12 14:54 . 2014-08-12 14:54 -------- d-----w- c:\windows\PCHEALTH
2014-08-12 14:51 . 2014-08-12 14:51 -------- d-----w- c:\program files\Microsoft Office
2014-08-12 14:51 . 2014-08-12 14:51 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2014-08-12 14:50 . 2014-08-12 14:50 -------- d-----w- c:\users\Hanule\AppData\Local\Microsoft Help
2014-08-12 14:50 . 2014-08-12 14:59 -------- d-----w- c:\programdata\Microsoft Help
2014-08-12 14:49 . 2014-08-12 14:49 -------- d-----r- C:\MSOCache
2014-08-03 19:04 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-08-03 19:04 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-08-03 19:04 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-08-03 19:04 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-08-03 19:03 . 2014-05-14 16:23 38880 ----a-w- c:\windows\system32\wups.dll
2014-08-03 19:03 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll
2014-08-03 19:03 . 2014-05-14 16:23 700384 ----a-w- c:\windows\system32\wuapi.dll
2014-08-03 19:03 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-08-03 19:03 . 2014-05-14 16:20 97792 ----a-w- c:\windows\system32\wudriver.dll
2014-08-03 19:03 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-08-03 19:03 . 2014-05-14 07:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-08-03 19:03 . 2014-05-14 07:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-08-03 19:03 . 2014-05-14 07:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-08-03 19:03 . 2014-05-14 07:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-08-03 10:51 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-08-02 16:39 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2014-08-02 16:39 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2014-08-02 16:39 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-08-02 16:39 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-08-02 16:39 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-08-02 16:39 . 2013-12-24 22:48 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-08-02 16:39 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
2014-08-02 16:39 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-08-02 16:39 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-08-02 16:39 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-08-02 16:39 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-08-02 16:39 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-08-01 15:58 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-08-01 15:58 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-08-01 15:58 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-08-01 15:58 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-08-01 15:57 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-08-01 15:44 . 2014-08-01 15:44 -------- d-----w- c:\windows\Migration
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-05 07:20 . 2014-07-16 18:43 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-08-01 11:01 . 2014-08-01 11:01 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-08-01 11:01 . 2014-08-01 11:01 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-08-01 11:01 . 2014-08-01 11:01 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-08-01 11:01 . 2014-08-01 11:01 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2014-08-01 11:01 . 2014-08-01 11:01 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2014-08-01 11:01 . 2014-08-01 11:01 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-01 11:01 . 2014-08-01 11:01 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-08-01 11:01 . 2014-08-01 11:01 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-08-01 11:01 . 2014-08-01 11:01 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2014-08-01 11:01 . 2014-08-01 11:01 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2014-08-01 11:01 . 2014-08-01 11:01 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-08-01 11:01 . 2014-08-01 11:01 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-08-01 11:01 . 2014-08-01 11:01 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-08-01 11:01 . 2014-08-01 11:01 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2014-08-01 11:01 . 2014-08-01 11:01 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-08-01 11:01 . 2014-08-01 11:01 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2014-08-01 11:01 . 2014-08-01 11:01 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2014-08-01 11:01 . 2014-08-01 11:01 1643520 ----a-w- c:\windows\system32\DWrite.dll
2014-08-01 11:01 . 2014-08-01 11:01 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2014-08-01 11:01 . 2014-08-01 11:01 1238528 ----a-w- c:\windows\system32\d3d10.dll
2014-08-01 11:01 . 2014-08-01 11:01 1175552 ----a-w- c:\windows\system32\FntCache.dll
2014-08-01 11:01 . 2014-08-01 11:01 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2014-08-01 11:01 . 2014-08-01 11:01 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-08-01 11:01 . 2014-08-01 11:01 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-08-01 11:01 . 2014-08-01 11:01 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2014-08-01 11:01 . 2014-08-01 11:01 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2014-07-30 05:47 . 2014-07-30 05:47 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2014-07-30 05:47 . 2014-07-30 05:47 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2014-07-30 05:47 . 2014-07-30 05:47 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2014-07-24 04:02 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-07-24 04:02 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-07-23 09:09 . 2014-07-23 09:05 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-23 09:05 . 2014-07-23 09:05 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-07-23 09:05 . 2014-07-23 09:05 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-23 09:05 . 2014-07-23 09:05 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-07-23 09:05 . 2014-07-23 09:05 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-23 09:05 . 2014-07-23 09:05 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-23 09:05 . 2014-07-23 09:05 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-23 09:05 . 2014-07-23 09:05 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-23 09:05 . 2014-07-23 09:05 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-07-23 09:05 . 2014-07-23 09:05 43152 ----a-w- c:\windows\avastSS.scr
2014-07-18 08:51 . 2014-07-18 08:51 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-18 08:51 . 2014-07-18 08:51 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-16 18:56 . 2014-07-16 18:56 44032 ----a-w- c:\windows\system32\drivers\AmUStor.sys
2014-07-16 18:56 . 2014-07-16 18:56 10752 ----a-w- c:\windows\system32\AmUStor.dll
2014-07-16 18:52 . 2010-08-24 15:55 76912 ----a-w- c:\windows\system32\drivers\L1C62x64.sys
2014-07-16 18:22 . 2010-10-14 22:28 317440 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2014-07-16 18:22 . 2010-10-14 22:27 14848 ----a-w- c:\windows\system32\IntcDAuC.dll
2014-07-16 18:22 . 2011-01-27 07:05 92672 ----a-w- c:\windows\system32\igfxCoIn_v2291.dll
2014-07-16 18:22 . 2011-02-10 11:49 167960 ----a-w- c:\windows\system32\igfxtray.exe
2014-07-16 18:22 . 2011-02-10 11:48 509976 ----a-w- c:\windows\system32\igfxsrvc.exe
2014-07-16 18:22 . 2011-02-10 11:48 418328 ----a-w- c:\windows\system32\igfxpers.exe
2014-07-16 18:22 . 2011-02-10 11:48 239128 ----a-w- c:\windows\system32\igfxext.exe
2014-07-16 18:22 . 2011-01-27 06:55 960940 ----a-w- c:\windows\system32\igkrng600.bin
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrsky.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrrom.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrhrv.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrslv.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrtrk.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrsve.lrc
2014-07-16 18:22 . 2011-01-27 06:25 285696 ----a-w- c:\windows\system32\igfxrtha.lrc
2014-07-16 18:22 . 2011-01-27 06:25 287232 ----a-w- c:\windows\system32\igfxresn.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrrus.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrptg.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrplk.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrptb.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrnor.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrita.lrc
2014-07-16 18:22 . 2011-01-27 06:25 283648 ----a-w- c:\windows\system32\igfxrjpn.lrc
2014-07-16 18:22 . 2011-01-27 06:25 283136 ----a-w- c:\windows\system32\igfxrkor.lrc
2014-07-16 18:22 . 2011-01-27 06:25 287232 ----a-w- c:\windows\system32\igfxrell.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrhun.lrc
2014-07-16 18:22 . 2011-01-27 06:25 285184 ----a-w- c:\windows\system32\igfxrheb.lrc
2014-07-16 18:22 . 2011-01-27 06:25 287232 ----a-w- c:\windows\system32\igfxrfra.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrdeu.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286208 ----a-w- c:\windows\system32\igfxrfin.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrnld.lrc
2014-07-16 18:22 . 2011-01-27 06:25 286720 ----a-w- c:\windows\system32\igfxrcsy.lrc
2014-07-16 18:22 . 2011-01-27 06:25 285696 ----a-w- c:\windows\system32\igfxrdan.lrc
2014-07-16 18:22 . 2011-01-27 06:25 282624 ----a-w- c:\windows\system32\igfxrcht.lrc
2014-07-16 18:22 . 2011-01-27 06:25 285184 ----a-w- c:\windows\system32\igfxrara.lrc
2014-07-16 18:22 . 2011-01-27 06:25 282624 ----a-w- c:\windows\system32\igfxrchs.lrc
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-04-08 43008]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-07-03 2694040]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-03 4085896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:4c9d5938 /wow /dir:C:\Program
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Protokol Intel(R) Centrino(R) Bluetooth 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 PDF Architect 2;PDF Architect 2;c:\program files (x86)\PDF Architect 2\ws.exe;c:\program files (x86)\PDF Architect 2\ws.exe [x]
R3 pdfforge CrashHandler;pdfforge CrashHandler;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys;c:\windows\SYSNATIVE\DRIVERS\sxuptp.sys [x]
S3 AMPPAL;Virtuální adaptér Intel(R) Centrino(R) Bluetooth 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIh.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-27 14:18 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.94\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-18 08:51]
.
2014-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-23 09:06]
.
2014-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-23 09:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-06-25 14:51 672416 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-06-25 14:51 672416 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-06-25 14:51 672416 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-23 09:05 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-07-16 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-07-16 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-07-16 418328]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2014-07-16 324096]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
"SC-Print A Msgsrv"="c:\program files\SC-Print A\Msgsrv.exe" [2010-12-13 66560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 84.16.121.1 84.16.96.2
TCP: Interfaces\{62FE8E15-A8B1-4818-B6E7-A783AA3DB6EC}: NameServer = 169.254.1.1
FF - ProfilePath - c:\users\Hanule\AppData\Roaming\Mozilla\Firefox\Profiles\7qgwyjgz.default\
FF - prefs.js: browser.startup.homepage - hxxp://gmail.com/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} - c:\program files (x86)\GreenTree Applications\YTD Video Downloader\uninstall.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
.
**************************************************************************
.
Celkový čas: 2014-08-31 16:43:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-08-31 14:43
ComboFix2.txt 2014-08-31 10:36
ComboFix3.txt 2014-08-29 05:26
.
Před spuštěním: Volných bajtů: 578 727 378 944
Po spuštění: Volných bajtů: 578 627 653 632
.
- - End Of File - - 32DD148B60EC2B38034888B6B0664010
A36C5E4F47E84449FF07ED3517B43A31

Je možné aplikovat tento postup?

http://forum.viry.cz/viewtopic.php?f=13&t=120767

Opravdu bych se ráda vyhnula formátu PC. Děkuju

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Zde je log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014 02
Ran by Hanule (administrator) on ASUS on 01-09-2014 09:41:55
Running from C:\Users\Hanule\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\SC-Print A\Msgsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Hanule\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2014-07-16] (Alcor Micro Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SC-Print A Msgsrv] => C:\Program Files\SC-Print A\Msgsrv.exe [66560 2010-12-13] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [FLxHCIm] => C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe [43008 2011-04-08] (Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-03] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * aswBoot.exe /M:4c9d5938 /wow /dir:C:\Program

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {C9EC6BD9-A9F4-4083-9724-A8CFF20F4E5F} URL = https://search.yahoo.com/search?fr=chr- ... earchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Tcpip\Parameters: [DhcpNameServer] 84.16.121.1 84.16.96.2
Tcpip\..\Interfaces\{62FE8E15-A8B1-4818-B6E7-A783AA3DB6EC}: [NameServer] 169.254.1.1

FireFox:
========
FF ProfilePath: C:\Users\Hanule\AppData\Roaming\Mozilla\Firefox\Profiles\7qgwyjgz.default
FF Homepage: hxxp://gmail.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF SearchPlugin: C:\Users\Hanule\AppData\Roaming\Mozilla\Firefox\Profiles\7qgwyjgz.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: YouTube to MP3 - C:\Users\Hanule\AppData\Roaming\Mozilla\Firefox\Profiles\7qgwyjgz.default\Extensions\youtube2mp3@mondayx.de.xpi [2014-07-30]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-23]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSearchProvider: Default -> Yahoo
CHR DefaultSearchURL: Default -> https://search.yahoo.com/search?fr=chr- ... earchTerms}
CHR DefaultSuggestURL: Default -> https://ff.search.yahoo.com/gossip?outp ... earchTerms}
CHR Profile: C:\Users\Hanule\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Hanule\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-23]
CHR Extension: (Disk Google) - C:\Users\Hanule\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-23]
CHR Extension: (YouTube) - C:\Users\Hanule\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Hanule\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-23]
CHR Extension: (avast! Online Security) - C:\Users\Hanule\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-26]
CHR Extension: (Peněženka Google) - C:\Users\Hanule\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-26]
CHR Extension: (Gmail) - C:\Users\Hanule\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-23] (AVAST Software)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-23] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-23] ()
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [56320 2011-04-08] (Fresco Logic)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [288792 2008-07-01] (silex technology, Inc.)
S1 tmdibcvy; C:\Windows\system32\drivers\tmdibcvy.sys [55104 2014-09-01] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-01 09:41 - 2014-09-01 09:42 - 00016601 _____ () C:\Users\Hanule\Desktop\FRST.txt
2014-09-01 09:41 - 2014-09-01 09:42 - 00000000 ____D () C:\FRST
2014-09-01 09:39 - 2014-09-01 09:39 - 00112640 _____ (forum.viry.cz) C:\Users\Hanule\Desktop\FRSTLauncher.exe
2014-09-01 09:38 - 2014-09-01 09:38 - 02104832 _____ (Farbar) C:\Users\Hanule\Desktop\FRST64.exe
2014-09-01 09:36 - 2014-09-01 09:36 - 00055104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tmdibcvy.sys
2014-09-01 09:15 - 2014-09-01 09:16 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Hanule\Downloads\tdsskiller.exe
2014-08-31 20:49 - 2014-08-31 20:49 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-08-31 20:49 - 2014-08-31 20:49 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-08-31 17:34 - 2014-08-31 17:34 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-08-31 17:34 - 2014-08-31 17:34 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-08-31 17:34 - 2014-08-31 17:34 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-08-31 17:34 - 2014-08-31 17:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-08-31 17:33 - 2014-08-31 17:33 - 13850816 _____ (Microsoft Corporation) C:\Users\Hanule\Downloads\mseinstall.exe
2014-08-31 17:32 - 2014-08-31 17:32 - 00000000 ___SD () C:\ComboFix
2014-08-31 16:45 - 2014-08-31 16:45 - 00028891 _____ () C:\Users\Hanule\Desktop\vystup.txt
2014-08-31 12:08 - 2014-08-31 12:08 - 05576326 ____R (Swearware) C:\Users\Hanule\Desktop\ComboFix.exe
2014-08-29 14:15 - 2014-08-29 14:15 - 00002503 _____ () C:\Users\Hanule\Desktop\AdwCleaner[S0].txt
2014-08-29 14:06 - 2014-08-29 18:51 - 00000000 ____D () C:\AdwCleaner
2014-08-29 13:45 - 2014-08-29 13:45 - 00572775 _____ () C:\Users\Hanule\Desktop\Svěráky pro vertikální soustruhy.pptx
2014-08-29 10:23 - 2014-08-29 10:23 - 01364531 _____ () C:\Users\Hanule\Desktop\adwcleaner_3.308.exe
2014-08-29 08:20 - 2014-08-29 08:20 - 00001038 _____ () C:\Users\Hanule\Desktop\PSPad Editor.lnk
2014-08-29 07:15 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-29 07:15 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-29 07:15 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-29 07:15 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-29 07:15 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-29 07:15 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-29 07:15 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-29 07:15 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-29 07:14 - 2014-08-31 17:32 - 00000000 ____D () C:\Qoobox
2014-08-29 07:14 - 2014-08-31 12:28 - 00000000 ____D () C:\Windows\erdnt
2014-08-28 14:19 - 2014-08-29 14:10 - 00000000 ____D () C:\Windows\system32\log
2014-08-28 14:17 - 2014-08-28 14:18 - 12925224 _____ (Elex do Brasil Participações Ltda) C:\Users\Hanule\Downloads\yet_another_cleaner_sk.exe
2014-08-28 07:21 - 2014-08-28 07:21 - 00025550 _____ () C:\Users\Hanule\Downloads\mail_merge-3.8.0-tb+sm.xpi
2014-08-28 07:19 - 2014-08-28 11:45 - 00002791 _____ () C:\Users\Hanule\Desktop\adres.csv
2014-08-28 06:43 - 2014-08-28 07:11 - 00000000 ____D () C:\Users\Hanule\AppData\Roaming\Skype
2014-08-28 06:43 - 2014-08-28 06:43 - 00000000 ____D () C:\Users\Hanule\AppData\Local\Skype
2014-08-28 06:42 - 2014-08-28 06:43 - 00000000 ____D () C:\ProgramData\Skype
2014-08-28 06:42 - 2014-08-28 06:42 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-28 06:42 - 2014-08-28 06:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-28 06:42 - 2014-08-28 06:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-28 06:40 - 2014-08-28 06:40 - 01677928 _____ (Skype Technologies S.A.) C:\Users\Hanule\Downloads\SkypeSetup.exe
2014-08-28 06:24 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 06:24 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 06:24 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 11:35 - 2014-08-27 13:39 - 00015190 _____ () C:\Users\Hanule\Desktop\seznam_fy_2808.xlsx
2014-08-27 06:34 - 2014-08-27 06:35 - 00000000 ____D () C:\Users\Hanule\Downloads\pro katalog
2014-08-26 17:33 - 2014-08-31 16:25 - 00000000 ____D () C:\Users\Hanule\Desktop\Timková_srpen 2014
2014-08-25 20:08 - 2014-08-25 20:08 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-25 20:08 - 2014-08-25 20:08 - 00000000 ____D () C:\Users\Hanule\AppData\Roaming\vlc
2014-08-25 20:08 - 2014-08-25 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-25 20:07 - 2014-08-25 20:07 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-25 17:07 - 2014-08-25 17:08 - 31206605 _____ () C:\Users\Hanule\Downloads\vlc-setup.exe
2014-08-25 17:06 - 2014-08-25 17:06 - 24735966 _____ () C:\Users\Hanule\Downloads\vlc-2.1.5-win32.exe.part
2014-08-25 15:40 - 2014-08-25 16:35 - 495369652 _____ () C:\Users\Hanule\Downloads\Frozen-CZ-tit-iTunes-ready-FullHD.mp4
2014-08-25 12:06 - 2014-08-25 12:06 - 00000000 __SHD () C:\Users\Hanule\AppData\Local\EmieUserList
2014-08-25 12:06 - 2014-08-25 12:06 - 00000000 __SHD () C:\Users\Hanule\AppData\Local\EmieSiteList
2014-08-23 06:30 - 2014-08-23 06:31 - 62719361 _____ () C:\Users\Hanule\Downloads\vnoučata s prarodiči.zip
2014-08-21 11:56 - 2014-08-21 13:34 - 00000000 ____D () C:\Users\Hanule\Desktop\SCREEN
2014-08-20 15:57 - 2014-08-25 16:47 - 00000000 ____D () C:\Users\Hanule\Downloads\zasilka-AI5VZV25AT28P6XI
2014-08-20 15:53 - 2014-08-20 15:56 - 377428240 _____ () C:\Users\Hanule\Downloads\zasilka-AI5VZV25AT28P6XI.zip
2014-08-20 10:31 - 2014-08-20 10:32 - 00000000 ____D () C:\Users\Hanule\Desktop\HUDBA
2014-08-19 20:14 - 2014-08-20 20:41 - 11414688 _____ () C:\Users\Hanule\Desktop\emauzy3.psd
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\Users\Hanule\Downloads\fwdfoto(1)
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\Users\Hanule\Downloads\fwdfoto
2014-08-19 14:51 - 2014-08-19 14:51 - 00458326 _____ () C:\Users\Hanule\Downloads\fwdfoto(1).zip
2014-08-19 14:50 - 2014-08-19 14:50 - 00645548 _____ () C:\Users\Hanule\Downloads\fwdfoto.zip
2014-08-19 13:06 - 2014-08-19 15:26 - 1229010944 _____ () C:\Users\Hanule\Downloads\Slecna-Drsnak---CZ-dvdrip.avi
2014-08-19 10:07 - 2014-08-29 08:37 - 00002446 _____ () C:\Users\Hanule\Desktop\Osvědčení o jakosti a kompletnosti – zástupce.lnk
2014-08-19 08:21 - 2014-08-19 08:21 - 00000000 ____D () C:\Users\Hanule\Desktop\KATALOGY
2014-08-18 09:52 - 2014-08-31 12:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-08-16 16:24 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-16 16:24 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-16 16:24 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-16 16:24 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-16 16:24 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-16 16:24 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-16 16:23 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-16 16:23 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 10:34 - 2014-08-21 12:05 - 00000000 ____D () C:\Users\Hanule\Desktop\EMAUZY
2014-08-14 06:06 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 06:06 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 06:06 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 06:06 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 06:06 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 06:06 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 06:06 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 06:06 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 06:06 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 06:06 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 06:06 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 06:06 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 06:06 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 06:06 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 06:05 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 06:05 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 06:05 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 06:05 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 06:05 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 06:05 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 06:05 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 06:05 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 06:05 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 06:05 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 06:05 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 06:05 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 06:05 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 06:05 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 06:05 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 06:05 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 06:05 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 06:05 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 06:05 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 06:05 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 06:05 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 06:05 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 06:05 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 06:05 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 06:05 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 06:05 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 06:05 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 06:05 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 06:05 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 06:05 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 06:05 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 06:05 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 06:05 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 06:05 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 06:05 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 06:05 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 06:05 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 06:05 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 06:05 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 06:05 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 06:05 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 06:05 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 06:05 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 06:05 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 06:05 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 06:05 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 06:05 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 06:05 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 06:05 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 06:05 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 06:05 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 06:05 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 06:05 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 06:05 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 06:05 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 06:05 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 06:05 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 06:05 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 06:05 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 06:05 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 06:05 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 06:05 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 06:05 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 06:05 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 06:05 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 06:05 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 06:02 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 06:02 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 06:02 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 06:02 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-12 16:59 - 2014-08-12 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-12 16:56 - 2014-08-31 20:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-08-12 16:55 - 2014-08-12 16:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-08-12 16:54 - 2014-08-12 16:54 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-12 16:51 - 2014-08-12 16:51 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-12 16:51 - 2014-08-12 16:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-08-12 16:50 - 2014-08-31 20:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-12 16:50 - 2014-08-12 16:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-12 16:50 - 2014-08-12 16:50 - 00000000 ____D () C:\Users\Hanule\AppData\Local\Microsoft Help
2014-08-12 16:49 - 2014-08-12 16:49 - 00000000 ___RD () C:\MSOCache
2014-08-10 19:11 - 2014-08-19 19:30 - 00000000 ____D () C:\Users\Hanule\Desktop\Itálie 2014
2014-08-03 21:04 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-03 21:04 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-03 21:04 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-03 21:04 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-03 21:03 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-03 21:03 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-03 21:03 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-03 21:03 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-03 21:03 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-03 21:03 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-03 21:03 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-03 21:03 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-03 21:03 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-03 21:03 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-03 12:51 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-08-03 12:46 - 2014-08-03 12:46 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-03 12:46 - 2014-08-03 12:46 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-03 12:46 - 2014-08-03 12:46 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-03 12:46 - 2014-08-03 12:46 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-03 12:46 - 2014-08-03 12:46 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-03 12:46 - 2014-08-03 12:46 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-03 12:46 - 2014-08-03 12:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-02 18:39 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-08-02 18:39 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-08-02 18:39 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-08-02 18:39 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-08-02 18:39 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-08-02 18:39 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-08-02 18:39 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-08-02 18:39 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-08-02 18:39 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-08-02 18:39 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-08-02 18:39 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-08-02 18:39 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-01 09:42 - 2014-09-01 09:41 - 00016601 _____ () C:\Users\Hanule\Desktop\FRST.txt
2014-09-01 09:42 - 2014-09-01 09:41 - 00000000 ____D () C:\FRST
2014-09-01 09:39 - 2014-09-01 09:39 - 00112640 _____ (forum.viry.cz) C:\Users\Hanule\Desktop\FRSTLauncher.exe
2014-09-01 09:38 - 2014-09-01 09:38 - 02104832 _____ (Farbar) C:\Users\Hanule\Desktop\FRST64.exe
2014-09-01 09:36 - 2014-09-01 09:36 - 00055104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tmdibcvy.sys
2014-09-01 09:31 - 2014-07-18 10:51 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-01 09:17 - 2014-07-23 11:06 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-01 09:16 - 2014-09-01 09:15 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Hanule\Downloads\tdsskiller.exe
2014-09-01 08:25 - 2014-07-16 19:50 - 01057666 _____ () C:\Windows\WindowsUpdate.log
2014-09-01 08:25 - 2009-07-14 06:45 - 00024048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-01 08:25 - 2009-07-14 06:45 - 00024048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-01 08:17 - 2014-07-23 11:06 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-01 08:17 - 2014-07-17 22:06 - 00115688 _____ () C:\Users\Hanule\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-01 08:17 - 2009-07-14 06:45 - 00440328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-01 08:15 - 2014-07-16 20:34 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-01 08:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-01 08:15 - 2009-07-14 06:51 - 00027598 _____ () C:\Windows\setupact.log
2014-08-31 20:55 - 2014-08-12 16:50 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-31 20:51 - 2014-08-12 16:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-08-31 20:49 - 2014-08-31 20:49 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-08-31 20:49 - 2014-08-31 20:49 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-08-31 20:49 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2014-08-31 20:20 - 2014-07-23 11:08 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-31 17:34 - 2014-08-31 17:34 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-08-31 17:34 - 2014-08-31 17:34 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-08-31 17:34 - 2014-08-31 17:34 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-08-31 17:34 - 2014-08-31 17:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-08-31 17:33 - 2014-08-31 17:33 - 13850816 _____ (Microsoft Corporation) C:\Users\Hanule\Downloads\mseinstall.exe
2014-08-31 17:32 - 2014-08-31 17:32 - 00000000 ___SD () C:\ComboFix
2014-08-31 17:32 - 2014-08-29 07:14 - 00000000 ____D () C:\Qoobox
2014-08-31 16:45 - 2014-08-31 16:45 - 00028891 _____ () C:\Users\Hanule\Desktop\vystup.txt
2014-08-31 16:38 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-31 16:35 - 2014-07-18 14:43 - 00156422 _____ () C:\Windows\PFRO.log
2014-08-31 16:25 - 2014-08-26 17:33 - 00000000 ____D () C:\Users\Hanule\Desktop\Timková_srpen 2014
2014-08-31 12:38 - 2014-08-18 09:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-08-31 12:28 - 2014-08-29 07:14 - 00000000 ____D () C:\Windows\erdnt
2014-08-31 12:12 - 2014-07-17 21:21 - 00000000 ____D () C:\Users\Hanule\AppData\Local\Adobe
2014-08-31 12:08 - 2014-08-31 12:08 - 05576326 ____R (Swearware) C:\Users\Hanule\Desktop\ComboFix.exe
2014-08-29 18:51 - 2014-08-29 14:06 - 00000000 ____D () C:\AdwCleaner
2014-08-29 18:26 - 2014-07-30 16:08 - 00000000 ____D () C:\Users\Hanule\Desktop\Formulka
2014-08-29 14:15 - 2014-08-29 14:15 - 00002503 _____ () C:\Users\Hanule\Desktop\AdwCleaner[S0].txt
2014-08-29 14:10 - 2014-08-28 14:19 - 00000000 ____D () C:\Windows\system32\log
2014-08-29 13:45 - 2014-08-29 13:45 - 00572775 _____ () C:\Users\Hanule\Desktop\Svěráky pro vertikální soustruhy.pptx
2014-08-29 13:41 - 2014-07-16 19:59 - 00000000 ____D () C:\Users\Hanule
2014-08-29 13:28 - 2014-07-18 08:29 - 00000000 ____D () C:\Users\Hanule\AppData\Local\CrashDumps
2014-08-29 11:47 - 2009-07-14 17:18 - 00669116 _____ () C:\Windows\system32\perfh005.dat
2014-08-29 11:47 - 2009-07-14 17:18 - 00141744 _____ () C:\Windows\system32\perfc005.dat
2014-08-29 11:47 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-29 10:23 - 2014-08-29 10:23 - 01364531 _____ () C:\Users\Hanule\Desktop\adwcleaner_3.308.exe
2014-08-29 08:37 - 2014-08-19 10:07 - 00002446 _____ () C:\Users\Hanule\Desktop\Osvědčení o jakosti a kompletnosti – zástupce.lnk
2014-08-29 08:37 - 2014-07-23 11:09 - 00002010 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-29 08:37 - 2014-07-18 07:49 - 00002436 _____ () C:\Users\Public\Desktop\Ekonomický systém POHODA 2014 (síťový klient) Komplet.lnk
2014-08-29 08:20 - 2014-08-29 08:20 - 00001038 _____ () C:\Users\Hanule\Desktop\PSPad Editor.lnk
2014-08-29 07:26 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-29 05:59 - 2014-07-29 21:52 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-08-28 14:18 - 2014-08-28 14:17 - 12925224 _____ (Elex do Brasil Participações Ltda) C:\Users\Hanule\Downloads\yet_another_cleaner_sk.exe
2014-08-28 11:45 - 2014-08-28 07:19 - 00002791 _____ () C:\Users\Hanule\Desktop\adres.csv
2014-08-28 07:21 - 2014-08-28 07:21 - 00025550 _____ () C:\Users\Hanule\Downloads\mail_merge-3.8.0-tb+sm.xpi
2014-08-28 07:11 - 2014-08-28 06:43 - 00000000 ____D () C:\Users\Hanule\AppData\Roaming\Skype
2014-08-28 06:43 - 2014-08-28 06:43 - 00000000 ____D () C:\Users\Hanule\AppData\Local\Skype
2014-08-28 06:43 - 2014-08-28 06:42 - 00000000 ____D () C:\ProgramData\Skype
2014-08-28 06:42 - 2014-08-28 06:42 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-28 06:42 - 2014-08-28 06:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-28 06:42 - 2014-08-28 06:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-28 06:40 - 2014-08-28 06:40 - 01677928 _____ (Skype Technologies S.A.) C:\Users\Hanule\Downloads\SkypeSetup.exe
2014-08-28 06:27 - 2014-07-21 12:30 - 00000000 ____D () C:\Users\Hanule\AppData\Local\GHISLER
2014-08-27 13:39 - 2014-08-27 11:35 - 00015190 _____ () C:\Users\Hanule\Desktop\seznam_fy_2808.xlsx
2014-08-27 06:35 - 2014-08-27 06:34 - 00000000 ____D () C:\Users\Hanule\Downloads\pro katalog
2014-08-25 20:08 - 2014-08-25 20:08 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-25 20:08 - 2014-08-25 20:08 - 00000000 ____D () C:\Users\Hanule\AppData\Roaming\vlc
2014-08-25 20:08 - 2014-08-25 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-25 20:07 - 2014-08-25 20:07 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-25 17:08 - 2014-08-25 17:07 - 31206605 _____ () C:\Users\Hanule\Downloads\vlc-setup.exe
2014-08-25 17:06 - 2014-08-25 17:06 - 24735966 _____ () C:\Users\Hanule\Downloads\vlc-2.1.5-win32.exe.part
2014-08-25 16:47 - 2014-08-20 15:57 - 00000000 ____D () C:\Users\Hanule\Downloads\zasilka-AI5VZV25AT28P6XI
2014-08-25 16:35 - 2014-08-25 15:40 - 495369652 _____ () C:\Users\Hanule\Downloads\Frozen-CZ-tit-iTunes-ready-FullHD.mp4
2014-08-25 12:06 - 2014-08-25 12:06 - 00000000 __SHD () C:\Users\Hanule\AppData\Local\EmieUserList
2014-08-25 12:06 - 2014-08-25 12:06 - 00000000 __SHD () C:\Users\Hanule\AppData\Local\EmieSiteList
2014-08-23 06:31 - 2014-08-23 06:30 - 62719361 _____ () C:\Users\Hanule\Downloads\vnoučata s prarodiči.zip
2014-08-23 04:07 - 2014-08-28 06:24 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 06:24 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 06:24 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 11:34 - 2014-07-21 11:14 - 00001480 _____ () C:\Users\Hanule\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2014-08-21 13:34 - 2014-08-21 11:56 - 00000000 ____D () C:\Users\Hanule\Desktop\SCREEN
2014-08-21 12:05 - 2014-08-15 10:34 - 00000000 ____D () C:\Users\Hanule\Desktop\EMAUZY
2014-08-21 10:41 - 2014-07-24 08:33 - 00000000 ____D () C:\Users\Hanule\AppData\Roaming\XnView
2014-08-21 06:57 - 2014-07-16 21:30 - 00000000 ____D () C:\Users\Hanule\Documents\Bluetooth Folder
2014-08-20 20:41 - 2014-08-19 20:14 - 11414688 _____ () C:\Users\Hanule\Desktop\emauzy3.psd
2014-08-20 15:56 - 2014-08-20 15:53 - 377428240 _____ () C:\Users\Hanule\Downloads\zasilka-AI5VZV25AT28P6XI.zip
2014-08-20 10:32 - 2014-08-20 10:31 - 00000000 ____D () C:\Users\Hanule\Desktop\HUDBA
2014-08-19 19:30 - 2014-08-10 19:11 - 00000000 ____D () C:\Users\Hanule\Desktop\Itálie 2014
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\Users\Hanule\Downloads\fwdfoto(1)
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\Users\Hanule\Downloads\fwdfoto
2014-08-19 15:26 - 2014-08-19 13:06 - 1229010944 _____ () C:\Users\Hanule\Downloads\Slecna-Drsnak---CZ-dvdrip.avi
2014-08-19 14:51 - 2014-08-19 14:51 - 00458326 _____ () C:\Users\Hanule\Downloads\fwdfoto(1).zip
2014-08-19 14:50 - 2014-08-19 14:50 - 00645548 _____ () C:\Users\Hanule\Downloads\fwdfoto.zip
2014-08-19 13:09 - 2014-07-17 21:16 - 00000000 ____D () C:\Users\Hanule\AppData\Local\Thunderbird
2014-08-19 08:21 - 2014-08-19 08:21 - 00000000 ____D () C:\Users\Hanule\Desktop\KATALOGY
2014-08-18 20:57 - 2014-07-16 21:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-18 09:02 - 2014-07-24 08:33 - 00001793 _____ () C:\Users\Hanule\Desktop\XnView.lnk
2014-08-18 09:02 - 2014-07-24 08:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2014-08-18 09:02 - 2014-07-24 08:33 - 00000000 ____D () C:\Program Files (x86)\XnView
2014-08-17 11:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-16 16:22 - 2014-07-20 09:23 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 07:27 - 2014-07-17 22:06 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-12 16:59 - 2014-08-12 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-12 16:56 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-08-12 16:55 - 2014-08-12 16:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-08-12 16:55 - 2014-08-12 16:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-12 16:55 - 2009-07-14 17:36 - 00000000 ____D () C:\Windows\ShellNew
2014-08-12 16:54 - 2014-08-12 16:54 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-12 16:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-12 16:51 - 2014-08-12 16:51 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-12 16:51 - 2014-08-12 16:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-08-12 16:50 - 2014-08-12 16:50 - 00000000 ____D () C:\Users\Hanule\AppData\Local\Microsoft Help
2014-08-12 16:49 - 2014-08-12 16:49 - 00000000 ___RD () C:\MSOCache
2014-08-07 04:06 - 2014-08-14 06:02 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 06:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 18:06 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-08-03 20:56 - 2014-07-16 20:00 - 00001397 _____ () C:\Users\Hanule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-03 12:51 - 2014-08-01 12:57 - 00018282 _____ () C:\Windows\IE11_main.log
2014-08-03 12:46 - 2014-08-03 12:46 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-03 12:46 - 2014-08-03 12:46 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-03 12:46 - 2014-08-03 12:46 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-03 12:46 - 2014-08-03 12:46 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-03 12:46 - 2014-08-03 12:46 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-03 12:46 - 2014-08-03 12:46 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-03 12:46 - 2014-08-03 12:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-03 12:46 - 2014-08-03 12:46 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-03 12:46 - 2014-08-03 12:46 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-03 12:37 - 2014-07-16 20:43 - 01560204 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-02 09:55 - 2009-07-14 17:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-02 09:55 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-02 09:55 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-08-02 09:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-08-02 09:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-08-02 09:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-02 09:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-08-02 09:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-08-02 09:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows\system32\Drivers\tmdibcvy.sys:changelist

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Hanule\Desktop" je 1465 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Odinstalujte Microsoft Security Client, jinak bude kolidovat s Avastem

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
  
  SearchScopes: HKCU - {C9EC6BD9-A9F4-4083-9724-A8CFF20F4E5F} URL = https://search.yahoo.com/search?fr=chr- ... =501549&p={searchTerms}
  
  FF SearchPlugin: C:\Users\Hanule\AppData\Roaming\Mozilla\Firefox\Profiles\7qgwyjgz.default\searchplugins\yahoo_ff.xml
  
  CHR DefaultSearchKeyword: Default -> yahoo.com search
  CHR DefaultSearchProvider: Default -> Yahoo
  CHR DefaultSearchURL: Default -> https://search.yahoo.com/search?fr=chr- ... =501549&p={searchTerms}
  CHR DefaultSuggestURL: Default -> https://ff.search.yahoo.com/gossip?outp ... n&command={searchTerms}
  
  S3 catchme; \??\C:\ComboFix\catchme.sys [X]
  
  2014-09-01 09:39 - 2014-09-01 09:39 - 00112640 _____ (forum.viry.cz) C:\Users\Hanule\Desktop\FRSTLauncher.exe
  2014-09-01 09:36 - 2014-09-01 09:36 - 00055104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tmdibcvy.sys
  2014-09-01 09:15 - 2014-09-01 09:16 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Hanule\Downloads\tdsskiller.exe
  2014-08-31 16:45 - 2014-08-31 16:45 - 00028891 _____ () C:\Users\Hanule\Desktop\vystup.txt
  2014-08-29 14:15 - 2014-08-29 14:15 - 00002503 _____ () C:\Users\Hanule\Desktop\AdwCleaner[S0].txt
  2014-08-29 14:06 - 2014-08-29 18:51 - 00000000 ____D () C:\AdwCleaner
  2014-08-28 14:17 - 2014-08-28 14:18 - 12925224 _____ (Elex do Brasil Participações Ltda) C:\Users\Hanule\Downloads\yet_another_cleaner_sk.exe
  C:\Windows\system32\Drivers\tmdibcvy.sys
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  AlternateDataStreams: C:\Windows\system32\Drivers\tmdibcvy.sys:changelist
  
  Hosts:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt