VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Adware Generic5.BGPZ a další problémy

https://forum.viry.cz:443/viewtopic.php?t=140231

Stránka 1 z 2

Adware Generic5.BGPZ a další problémy

Napsal: 13 zář 2014 15:13
od Thomas96
Dobrý den. AVG mi ukazuje že mám v počítači vir jménem Adware Generic5.BGPZ který je ve složce c:/Users/Tomáš/AppData/Local/Google/Chrome/User Data/Default/FileSystem/002/t/00/00000000. Zkoušel jsem programy co by mohli pomoci (Adwcleaner,JRT,ComboFix). Bohužel to že není vhodné je používat povolení odborníka jsem zjistil pozdě. Takže tímto žádám o pomoc. Děkuji.

Re: Adware Generic5.BGPZ a další problémy

Napsal: 13 zář 2014 18:54
od vyosek
Zdravim :)

:arrow: Tak sem dejte logy ze vsech tech programu co jste pouzil

Re: Adware Generic5.BGPZ a další problémy

Napsal: 13 zář 2014 18:58
od Thomas96
ComboFix 14-09-12.01 - Tomáš 12.09.2014 21:25:59.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8173.6573 [GMT 2:00]
Spuštěný z: c:\users\TomßÜ\Downloads\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-12 do 2014-09-12 )))))))))))))))))))))))))))))))
.
.
2014-09-12 19:30 . 2014-09-12 19:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-12 14:31 . 2014-09-12 14:31 -------- d-----w- c:\windows\ERUNT
2014-09-12 14:19 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-09-12 14:18 . 2014-09-12 14:20 -------- d-----w- C:\AdwCleaner
2014-09-11 14:28 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-11 14:28 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-08-29 16:17 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-29 16:17 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-29 16:17 . 2014-08-23 00:59 3166720 ----a-w- c:\windows\system32\win32k.sys
2014-08-14 23:36 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-14 23:36 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-14 23:36 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-14 23:36 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-14 23:36 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-14 23:36 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-14 23:36 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-14 23:36 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-14 20:11 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-14 20:11 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-11 12:05 . 2014-03-23 16:14 101694776 ----a-w- c:\windows\system32\MRT.exe
2014-08-06 08:50 . 2014-08-06 08:50 123672 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-21 19:03 . 2014-07-21 19:03 244504 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2014-07-17 19:11 . 2014-04-02 18:52 297088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-07-17 19:11 . 2014-04-02 18:09 297088 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-07-17 19:11 . 2014-04-02 18:09 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-07-07 02:06 . 2014-09-11 12:08 341504 ----a-w- c:\windows\system32\schannel.dll
2014-07-07 01:40 . 2014-09-11 12:08 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-06-30 10:43 . 2014-06-30 10:43 152344 ----a-w- c:\windows\system32\drivers\avgdiska.sys
2014-06-29 11:56 . 2014-04-02 18:09 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-06-18 02:18 . 2014-07-09 16:51 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-09 16:51 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-17 14:21 . 2014-06-17 14:21 235800 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2014-06-17 14:07 . 2014-06-17 14:07 328984 ----a-w- c:\windows\system32\drivers\avgloga.sys
2014-06-17 14:06 . 2014-06-17 14:06 269080 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2014-06-17 14:06 . 2014-06-17 14:06 190744 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2014-06-17 14:06 . 2014-06-17 14:06 31512 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"="c:\program files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" [2014-08-22 2281248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-12-06 766208]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2013-10-23 377368]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-08-25 5188112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-12 19:03 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-11 11:39]
.
2014-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-11 11:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-08-29 16:19 2471744 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-12-13 13662936]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{52FE00A3-0980-4504-AD9E-C7A56046424C}: NameServer = 10.10.10.10,10.10.11.11
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e6,94,22,04,fb,86,7c,49,b1,4d,15,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e6,94,22,04,fb,86,7c,49,b1,4d,15,\
.
[HKEY_USERS\S-1-5-21-3103877282-4095485166-2162268305-1000\Software\SecuROM\License information*]
"datasecu"=hex:02,9d,14,b2,a1,06,cf,04,56,07,42,fd,ec,0a,ae,5e,18,81,b4,36,53,
91,68,dd,1b,21,c0,0c,57,a9,a9,45,61,6c,56,39,3d,59,21,b4,e1,b9,07,b9,9c,04,\
"rkeysecu"=hex:e1,78,2c,56,f8,e1,29,f9,81,32,b7,0e,44,1e,8c,04
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-09-12 21:32:22
ComboFix-quarantined-files.txt 2014-09-12 19:32
.
Před spuštěním: Volných bajtů: 169 125 703 680
Po spuštění: Volných bajtů: 168 879 353 856
.
- - End Of File - - AEA6BF7F456E215C4DDAA080F55E9E42
A36C5E4F47E84449FF07ED3517B43A31

Re: Adware Generic5.BGPZ a další problémy

Napsal: 13 zář 2014 18:58
od Thomas96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Tom ç on p  12.09.2014 at 16:31:41,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  12.09.2014 at 16:37:45,78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: Adware Generic5.BGPZ a další problémy

Napsal: 13 zář 2014 19:04
od Thomas96
# AdwCleaner v3.310 - Report created 13/09/2014 at 20:01:53
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tomáš - TOMÁŠ-PC
# Running from : C:\Users\Tomáš\Downloads\adwcleaner_3.310.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\FreeFixer
Folder Deleted : C:\Users\Tomáš\AppData\Local\FreeFixer
Folder Deleted : C:\Users\Tomáš\AppData\Roaming\FreeFixer

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Google Chrome v37.0.2062.120

[ File : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=C4A36D5F-B0F9-4EAE-BBDF-EAFCED7E6F87&apn_ptnrs=U3&apn_sauid=39A1B9C6-64A5-4C52-93E9-E8FD5E17A27A&apn_dtid=OSJ000YYCZ&q={searchTerms}

*************************

AdwCleaner[R0].txt - [1456 octets] - [12/09/2014 16:18:36]
AdwCleaner[R1].txt - [1320 octets] - [13/09/2014 20:00:39]
AdwCleaner[S0].txt - [1478 octets] - [12/09/2014 16:20:04]
AdwCleaner[S1].txt - [1249 octets] - [13/09/2014 20:01:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1309 octets] ##########

Re: Adware Generic5.BGPZ a další problémy

Napsal: 13 zář 2014 21:52
od vyosek
:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Adware Generic5.BGPZ a další problémy

Napsal: 14 zář 2014 09:38
od Thomas96
Zoek.exe v5.0.0.0 Updated 13-September-2014
Tool run by Tom ç on ne 14.09.2014 at 10:25:07,25.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TOM~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

14.9.2014 10:25:47 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Tomáš\AppData\Local\CrashRpt not found
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE10SR"

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=18 folders=18 14061643 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\Tomáš\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\TOM~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 14.09.2014 at 10:36:53,90 ======================

Re: Adware Generic5.BGPZ a další problémy

Napsal: 14 zář 2014 18:23
od vyosek
AVG stale neco hlasi??

Re: Adware Generic5.BGPZ a další problémy

Napsal: 14 zář 2014 19:08
od Thomas96
Ano stále ukazuje že je virus ve virovém trezoru

Re: Adware Generic5.BGPZ a další problémy

Napsal: 14 zář 2014 19:11
od vyosek
:arrow: V trezoru byt muze, tam je neskody, dulezite je, jestli jej nove stale nachazi

Re: Adware Generic5.BGPZ a další problémy

Napsal: 14 zář 2014 19:15
od Thomas96
Ano stále pokud dám smazat a zrestartuji pc tak je tam znovu. Ještě taková drobnost když vypnu prohlížeč tak mi advanced system care ukáže že zablokoval příkaz na změnu domovské stránky (četl jsem že to má virus za úkol)

Re: Adware Generic5.BGPZ a další problémy

Napsal: 14 zář 2014 19:19
od Thomas96
Tak se omlouvám právě jsem zkusil virus smazat z trezoru a restartovat pc a virus je pryč. Ale můžu si být jistý že tomu tak skutečně je?
btw: Stále se něco pokouší změnit domovskou stránku ale naštěstí neúspěšně.

Re: Adware Generic5.BGPZ a další problémy

Napsal: 14 zář 2014 19:21
od vyosek
:arrow: Odinstalujte Advanced SystemCare a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

:arrow: Odinstalujte Combofix
  • Prejmenujte ComboFix na Uninstall
  • Spustte jej
  • Tohle smaze Combofix a jeho slozky
:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Re: Adware Generic5.BGPZ a další problémy

Napsal: 14 zář 2014 19:49
od Thomas96
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Tomáš (administrator) on TOMÁŠ-PC on 14-09-2014 20:46:45
Running from C:\Users\Tomáš\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-12-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [377368 2013-10-23] (Power Software Ltd)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{52FE00A3-0980-4504-AD9E-C7A56046424C}: [NameServer] 10.10.10.10,10.10.11.11

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-11]
CHR Extension: (Disk Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-11]
CHR Extension: (YouTube) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-11]
CHR Extension: (VyhledávánĂ­ Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-11]
CHR Extension: (Peněženka Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-11]
CHR Extension: (Gmail) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-29] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2013-10-21] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-14 20:46 - 2014-09-14 20:47 - 00007806 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2014-09-14 20:46 - 2014-09-14 20:46 - 00000000 ____D () C:\FRST
2014-09-14 20:44 - 2014-09-14 20:44 - 00112640 _____ (forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher.exe
2014-09-14 20:40 - 2014-09-14 20:40 - 02105856 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2014-09-14 20:26 - 2014-09-14 20:26 - 00165888 _____ () C:\Users\Tomáš\Downloads\T-Cleaner.exe
2014-09-14 20:23 - 2014-09-14 20:23 - 00000000 ____D () C:\ProgramData\ProductData
2014-09-14 20:04 - 2014-09-14 20:17 - 00000112 _____ () C:\Windows\setupact.log
2014-09-14 20:04 - 2014-09-14 20:04 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-14 20:03 - 2014-09-14 20:03 - 00000582 _____ () C:\Windows\PFRO.log
2014-09-14 16:41 - 2014-09-14 16:41 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-09-14 11:28 - 2014-09-14 11:28 - 00017211 _____ () C:\Users\Tomáš\Downloads\[CzT]Frajeri_ve_Vegas_Last_Vegas_2013_CZ_.torrent
2014-09-14 10:35 - 2014-09-14 10:35 - 00000000 ____D () C:\Users\TomßÜ
2014-09-14 10:35 - 2014-09-14 10:25 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-14 10:25 - 2014-09-14 10:36 - 00004643 _____ () C:\zoek-results.log
2014-09-14 10:25 - 2014-09-14 10:33 - 00000000 ____D () C:\zoek_backup
2014-09-14 10:24 - 2014-09-14 10:24 - 01290240 _____ () C:\Users\Tomáš\Desktop\zoek.exe
2014-09-13 20:00 - 2014-09-13 20:00 - 01373475 _____ () C:\Users\Tomáš\Downloads\adwcleaner_3.310.exe
2014-09-12 21:40 - 2014-09-12 21:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-12 21:39 - 2014-09-12 21:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Tomáš\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-12 16:31 - 2014-09-12 16:31 - 00000000 ____D () C:\Windows\ERUNT
2014-09-12 16:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-12 16:18 - 2014-09-12 16:18 - 01370467 _____ () C:\Users\Tomáš\Downloads\adwcleaner_3.309.exe
2014-09-11 16:29 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 16:29 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 16:29 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 16:29 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 16:29 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 16:29 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 16:29 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 16:29 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 16:29 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 16:29 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 16:29 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 16:29 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 16:29 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 16:29 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 16:29 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 16:29 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 16:29 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 16:29 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 16:29 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 16:29 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 16:29 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 16:29 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 16:29 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 16:29 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 16:29 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 16:29 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 16:29 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 16:29 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 16:29 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 16:29 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 16:29 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 16:29 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 16:29 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 16:29 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 16:29 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 16:29 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 16:29 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 16:29 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 16:29 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 16:29 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 16:29 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 16:29 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 16:29 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 16:29 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 16:29 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 16:29 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 16:29 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 16:29 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 16:29 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 16:29 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 16:29 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 16:29 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 16:29 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 16:29 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 16:29 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 16:29 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 16:28 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 16:28 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 15:10 - 2014-09-11 15:21 - 207503450 _____ () C:\Users\Tomáš\Downloads\The-Game---The-R.E.D.-Album-(Studio-Album)-2011.rar
2014-09-11 15:07 - 2014-09-11 15:07 - 00016346 _____ () C:\Users\Tomáš\Downloads\[CzT]The_Game_The_R_E_D_Album_2_Music_Videos.torrent
2014-09-11 14:08 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 14:08 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-11 14:08 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 14:08 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 14:08 - 2014-07-07 04:06 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 14:08 - 2014-07-07 04:06 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 14:08 - 2014-07-07 04:06 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-11 14:08 - 2014-07-07 04:06 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-11 14:08 - 2014-07-07 03:40 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 14:08 - 2014-07-07 03:40 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-11 14:08 - 2014-07-07 03:40 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-11 14:08 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 14:08 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 14:08 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 14:08 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 20:36 - 2014-09-10 20:43 - 57834536 _____ () C:\Users\Tomáš\Downloads\N.W.A---Straight-outta-compton.zip
2014-09-10 19:16 - 2014-09-10 19:24 - 135375273 _____ () C:\Users\Tomáš\Downloads\Wu-Tang-Clan---1993---Enter-The-Wu-Tang-(36-Chambers).rar
2014-09-04 16:51 - 2014-09-04 16:52 - 22440548 _____ () C:\Users\Tomáš\Downloads\Maturitní-četba.rar
2014-09-04 14:34 - 2014-09-04 15:25 - 849600584 _____ () C:\Users\Tomáš\Desktop\JUICE.avi
2014-09-03 12:34 - 2014-09-03 13:05 - 1933038152 _____ () C:\Users\Tomáš\Desktop\Jackie Brown.avi
2014-09-01 14:32 - 2014-09-01 15:01 - 1852704768 _____ () C:\Users\Tomáš\Desktop\Nedotknutelní.avi
2014-08-31 22:57 - 2014-08-31 22:57 - 00019087 _____ () C:\Users\Tomáš\Downloads\[CzT]Jackie_Brown_Jackie_Brown_1997_.torrent
2014-08-29 18:17 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-29 18:17 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-29 18:17 - 2014-08-23 02:59 - 03166720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 13:37 - 2014-08-21 14:44 - 1560751630 _____ () C:\Users\Tomáš\Desktop\Kmotr 2.avi
2014-08-21 13:36 - 2014-08-21 14:37 - 1550511490 _____ () C:\Users\Tomáš\Desktop\Kmotr 3.avi
2014-08-21 13:36 - 2014-08-21 14:27 - 1549079546 _____ () C:\Users\Tomáš\Desktop\Kmotr 1.avi
2014-08-20 16:06 - 2014-08-20 16:07 - 00000000 ____D () C:\Users\Tomáš\Documents\Car Instaler
2014-08-15 01:36 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 01:36 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 01:36 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 01:36 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 01:36 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 01:36 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 01:36 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 01:36 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-14 20:47 - 2014-09-14 20:46 - 00007806 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2014-09-14 20:46 - 2014-09-14 20:46 - 00000000 ____D () C:\FRST
2014-09-14 20:44 - 2014-09-14 20:44 - 00112640 _____ (forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher.exe
2014-09-14 20:40 - 2014-09-14 20:40 - 02105856 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2014-09-14 20:38 - 2014-03-11 12:43 - 00000000 ____D () C:\Users\Tomáš
2014-09-14 20:26 - 2014-09-14 20:26 - 00165888 _____ () C:\Users\Tomáš\Downloads\T-Cleaner.exe
2014-09-14 20:24 - 2014-03-12 21:54 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-09-14 20:24 - 2009-07-14 06:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-14 20:24 - 2009-07-14 06:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-14 20:23 - 2014-09-14 20:23 - 00000000 ____D () C:\ProgramData\ProductData
2014-09-14 20:23 - 2014-03-12 21:54 - 00000000 ____D () C:\ProgramData\IObit
2014-09-14 20:20 - 2014-03-11 12:23 - 02004409 _____ () C:\Windows\WindowsUpdate.log
2014-09-14 20:17 - 2014-09-14 20:04 - 00000112 _____ () C:\Windows\setupact.log
2014-09-14 20:17 - 2014-03-11 13:39 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 20:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-14 20:07 - 2014-03-11 13:58 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-14 20:04 - 2014-09-14 20:04 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-14 20:03 - 2014-09-14 20:03 - 00000582 _____ () C:\Windows\PFRO.log
2014-09-14 17:09 - 2014-03-16 18:31 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\dvdcss
2014-09-14 17:02 - 2014-03-11 13:39 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-14 16:41 - 2014-09-14 16:41 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-09-14 12:02 - 2011-04-12 10:34 - 00668542 _____ () C:\Windows\system32\perfh005.dat
2014-09-14 12:02 - 2011-04-12 10:34 - 00141202 _____ () C:\Windows\system32\perfc005.dat
2014-09-14 12:02 - 2009-07-14 07:13 - 01583226 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 11:56 - 2014-03-16 17:33 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\uTorrent
2014-09-14 11:28 - 2014-09-14 11:28 - 00017211 _____ () C:\Users\Tomáš\Downloads\[CzT]Frajeri_ve_Vegas_Last_Vegas_2013_CZ_.torrent
2014-09-14 10:36 - 2014-09-14 10:25 - 00004643 _____ () C:\zoek-results.log
2014-09-14 10:35 - 2014-09-14 10:35 - 00000000 ____D () C:\Users\TomßÜ
2014-09-14 10:33 - 2014-09-14 10:25 - 00000000 ____D () C:\zoek_backup
2014-09-14 10:25 - 2014-09-14 10:35 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-14 10:24 - 2014-09-14 10:24 - 01290240 _____ () C:\Users\Tomáš\Desktop\zoek.exe
2014-09-13 20:00 - 2014-09-13 20:00 - 01373475 _____ () C:\Users\Tomáš\Downloads\adwcleaner_3.310.exe
2014-09-13 17:53 - 2014-03-19 20:37 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Skype
2014-09-12 21:40 - 2014-09-12 21:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-12 21:39 - 2014-09-12 21:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Tomáš\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-12 21:32 - 2014-03-19 16:32 - 00000000 ____D () C:\Users\Tom��
2014-09-12 21:30 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-12 21:05 - 2014-03-11 13:39 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-12 16:31 - 2014-09-12 16:31 - 00000000 ____D () C:\Windows\ERUNT
2014-09-12 16:18 - 2014-09-12 16:18 - 01370467 _____ () C:\Users\Tomáš\Downloads\adwcleaner_3.309.exe
2014-09-12 14:14 - 2014-06-06 21:40 - 00000049 _____ () C:\Users\Tomáš\Documents\snapbacks.txt
2014-09-11 16:28 - 2014-05-06 23:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-11 15:21 - 2014-09-11 15:10 - 207503450 _____ () C:\Users\Tomáš\Downloads\The-Game---The-R.E.D.-Album-(Studio-Album)-2011.rar
2014-09-11 15:07 - 2014-09-11 15:07 - 00016346 _____ () C:\Users\Tomáš\Downloads\[CzT]The_Game_The_R_E_D_Album_2_Music_Videos.torrent
2014-09-11 14:10 - 2014-03-11 12:25 - 01557940 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 14:09 - 2014-03-23 18:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 14:05 - 2014-03-23 18:14 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 20:43 - 2014-09-10 20:36 - 57834536 _____ () C:\Users\Tomáš\Downloads\N.W.A---Straight-outta-compton.zip
2014-09-10 19:24 - 2014-09-10 19:16 - 135375273 _____ () C:\Users\Tomáš\Downloads\Wu-Tang-Clan---1993---Enter-The-Wu-Tang-(36-Chambers).rar
2014-09-05 04:10 - 2014-09-11 14:08 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-11 14:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 22:48 - 2014-03-14 22:38 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Audacity
2014-09-04 16:52 - 2014-09-04 16:51 - 22440548 _____ () C:\Users\Tomáš\Downloads\Maturitní-četba.rar
2014-09-04 15:25 - 2014-09-04 14:34 - 849600584 _____ () C:\Users\Tomáš\Desktop\JUICE.avi
2014-09-03 13:05 - 2014-09-03 12:34 - 1933038152 _____ () C:\Users\Tomáš\Desktop\Jackie Brown.avi
2014-09-02 15:03 - 2014-08-08 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-09-02 15:03 - 2014-05-19 14:27 - 00000977 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-09-01 22:54 - 2014-06-19 17:40 - 00000000 ____D () C:\Users\Tomáš\Documents\GTA San Andreas User Files
2014-09-01 15:01 - 2014-09-01 14:32 - 1852704768 _____ () C:\Users\Tomáš\Desktop\Nedotknutelní.avi
2014-08-31 22:57 - 2014-08-31 22:57 - 00019087 _____ () C:\Users\Tomáš\Downloads\[CzT]Jackie_Brown_Jackie_Brown_1997_.torrent
2014-08-30 01:18 - 2009-07-14 06:45 - 00414576 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-23 04:07 - 2014-08-29 18:17 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-29 18:17 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-29 18:17 - 03166720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 13:44 - 2009-07-14 07:08 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-21 14:44 - 2014-08-21 13:37 - 1560751630 _____ () C:\Users\Tomáš\Desktop\Kmotr 2.avi
2014-08-21 14:37 - 2014-08-21 13:36 - 1550511490 _____ () C:\Users\Tomáš\Desktop\Kmotr 3.avi
2014-08-21 14:27 - 2014-08-21 13:36 - 1549079546 _____ () C:\Users\Tomáš\Desktop\Kmotr 1.avi
2014-08-20 16:07 - 2014-08-20 16:06 - 00000000 ____D () C:\Users\Tomáš\Documents\Car Instaler
2014-08-19 20:05 - 2014-09-11 16:29 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 19:39 - 2014-09-11 16:29 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 01:01 - 2014-09-11 16:29 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:29 - 2014-09-11 16:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 00:29 - 2014-09-11 16:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 00:26 - 2014-09-11 16:29 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 00:20 - 2014-09-11 16:29 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 00:19 - 2014-09-11 16:29 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 00:15 - 2014-09-11 16:29 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 00:15 - 2014-09-11 16:29 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 00:14 - 2014-09-11 16:29 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 00:14 - 2014-09-11 16:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 00:08 - 2014-09-11 16:29 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 00:08 - 2014-09-11 16:29 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 00:08 - 2014-09-11 16:29 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 00:05 - 2014-09-11 16:29 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 00:03 - 2014-09-11 16:29 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 00:03 - 2014-09-11 16:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 00:03 - 2014-09-11 16:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 23:57 - 2014-09-11 16:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 23:56 - 2014-09-11 16:29 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 23:51 - 2014-09-11 16:29 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 23:46 - 2014-09-11 16:29 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 23:45 - 2014-09-11 16:29 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 23:45 - 2014-09-11 16:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 23:44 - 2014-09-11 16:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 23:44 - 2014-09-11 16:29 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 23:42 - 2014-09-11 16:29 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 23:40 - 2014-09-11 16:29 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 23:39 - 2014-09-11 16:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 23:39 - 2014-09-11 16:29 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 23:39 - 2014-09-11 16:29 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 23:38 - 2014-09-11 16:29 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 23:37 - 2014-09-11 16:29 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 23:36 - 2014-09-11 16:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 23:35 - 2014-09-11 16:29 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 23:27 - 2014-09-11 16:29 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 23:25 - 2014-09-11 16:29 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 23:25 - 2014-09-11 16:29 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 23:23 - 2014-09-11 16:29 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 23:23 - 2014-09-11 16:29 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 23:22 - 2014-09-11 16:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 23:19 - 2014-09-11 16:29 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 23:17 - 2014-09-11 16:29 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 23:17 - 2014-09-11 16:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 23:16 - 2014-09-11 16:29 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 23:15 - 2014-09-11 16:29 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 23:15 - 2014-09-11 16:29 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 23:09 - 2014-09-11 16:29 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 23:08 - 2014-09-11 16:29 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 23:07 - 2014-09-11 16:29 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 22:55 - 2014-09-11 16:29 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 22:46 - 2014-09-11 16:29 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 22:38 - 2014-09-11 16:29 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 22:38 - 2014-09-11 16:29 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 22:36 - 2014-09-11 16:29 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 19:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-15 11:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-08 21:11




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:244.04 GB) (Free:169.41 GB) NTFS
Drive d: (Disk) (Fixed) (Total:687.37 GB) (Free:521.64 GB) NTFS
Drive e: (Disk) (Fixed) (Total:931.51 GB) (Free:869.47 GB) NTFS

Available physical RAM: 6456.3 MB
Total physical RAM: 8173.24 MB
Percentage of memory in use: 21%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 76F2EAB9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=687.4 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 035AD537)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tom��\Desktop" je 26777 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Adware Generic5.BGPZ a další problémy

Napsal: 14 zář 2014 19:52
od vyosek
:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
CloseProcesses:

HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [377368 2013-10-23] (Power Software Ltd)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)

CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}

S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

C:\Program Files (x86)\IObit
2014-09-14 20:46 - 2014-09-14 20:47 - 00007806 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2014-09-14 20:44 - 2014-09-14 20:44 - 00112640 _____ (forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher.exe
014-09-14 20:26 - 2014-09-14 20:26 - 00165888 _____ () C:\Users\Tomáš\Downloads\T-Cleaner.exe
2014-09-14 20:23 - 2014-09-14 20:23 - 00000000 ____D () C:\ProgramData\ProductData
2014-09-14 20:04 - 2014-09-14 20:17 - 00000112 _____ () C:\Windows\setupact.log
2014-09-14 20:04 - 2014-09-14 20:04 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-14 20:03 - 2014-09-14 20:03 - 00000582 _____ () C:\Windows\PFRO.log
2014-09-14 10:35 - 2014-09-14 10:25 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-14 10:25 - 2014-09-14 10:36 - 00004643 _____ () C:\zoek-results.log
2014-09-14 10:25 - 2014-09-14 10:33 - 00000000 ____D () C:\zoek_backup
2014-09-14 10:24 - 2014-09-14 10:24 - 01290240 _____ () C:\Users\Tomáš\Desktop\zoek.exe
2014-09-13 20:00 - 2014-09-13 20:00 - 01373475 _____ () C:\Users\Tomáš\Downloads\adwcleaner_3.310.exe
2014-09-12 16:31 - 2014-09-12 16:31 - 00000000 ____D () C:\Windows\ERUNT
2014-09-12 16:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-12 16:18 - 2014-09-12 16:18 - 01370467 _____ () C:\Users\Tomáš\Downloads\adwcleaner_3.309.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz