Dobrý den,
během asi hodiny se mi objevilo, o 15 GB méně na disku C než jsem tam měla asi nějaký vir.
Moc prosím o pomoc.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2014
Ran by Veru (administrator) on VERU-PC on 23-11-2014 19:22:31
Running from C:\Users\Veru\Desktop
Loaded Profile: Veru (Available profiles: Veru)
Platform: Microsoft® Windows Vista™ Business Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\smartlogon.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(Cognizance Corporation) C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe
() C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ASUS) C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
() C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
() C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Cyberlink Corp.) C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Windows\AsScrPro.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynAsus.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_15_0_0_223_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RemoteControl] => C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe [87336 2008-04-03] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\ASUSTek\ASUSDVD\Language\Language.exe [62760 2008-02-22] ()
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [104936 2008-07-19] (CyberLink)
HKLM\...\Run: [P2Go_Menu] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-14] (CyberLink Corp.)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2008-01-12] ()
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [7651328 2008-07-15] (ASUS)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6183456 2008-06-13] (Realtek Semiconductor)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [61440 2008-02-01] ()
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3054136 2008-09-10] (ASUS)
HKLM\...\Run: [ASUS Camera ScreenSaver] => C:\Windows\AsScrProlog.exe [47672 2008-09-10] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-11-16] (Synaptics, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [CognizanceTS] => rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-10-31] (AVAST Software)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
AppInit_DLLs: APSHook.dll => C:\Windows\system32\APSHook.dll [56832 2006-07-13] (Cognizance Corporation)
Lsa: [Notification Packages] scecli ASWLNPkg
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: ASUS Security Protect Manager -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: GoPhotoIt - C:\Users\Veru\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi [2013-08-08]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-11-13]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-24]
Chrome:
=======
CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-13]
CHR Extension: (Disk Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-13]
CHR Extension: (YouTube) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-13]
CHR Extension: (Avast SafePrice) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-30]
CHR Extension: (Avast Online Security) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-23]
CHR Extension: (Peněženka Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-13]
CHR Extension: (Gmail) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-13]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-10-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-24]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASBroker; C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll [74240 2007-02-07] (Cognizance Corporation) [File not signed]
R2 ASChannel; C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll [131584 2006-06-22] (Cognizance Corporation) [File not signed]
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-03] () [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [238968 2008-02-09] (Symantec Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-24] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2014-10-24] (Avast Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (http://www.BitComet.com)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [3220856 2008-09-05] (Symantec Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-10-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-10-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55240 2014-10-24] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-10-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-23] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57928 2014-10-24] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-10-24] ()
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146824 2007-06-17] (AuthenTec, Inc.)
R3 DCamUSBET; C:\Windows\System32\DRIVERS\etDevice.sys [474624 2007-09-06] (eMPIA Technology, Inc.)
R3 FiltUSBET; C:\Windows\System32\DRIVERS\etFilter.sys [206336 2007-10-15] (eMPIA Technology Inc.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [192056 2008-01-21] (Společnost Microsoft)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-03] ()
R1 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20131106.001\IDSvix86.sys [286328 2013-10-30] (Symantec Corporation)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [54784 2007-12-19] (ITE Tech. Inc. )
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15928 2008-06-03] ( )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2008-05-29] (Windows (R) Codename Longhorn DDK provider)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1081912 2008-01-21] (Společnost Microsoft)
R3 ScanUSBET; C:\Windows\System32\DRIVERS\etScan.sys [6656 2007-09-06] (eMPIA Technology, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2014-06-15] () [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2014-10-24] (Avast Software)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-23 19:22 - 2014-11-23 19:23 - 00015892 _____ () C:\Users\Veru\Desktop\FRST.txt
2014-11-23 19:22 - 2014-11-23 19:22 - 00000000 ____D () C:\Users\Veru\Desktop\FRST-OlderVersion
2014-11-23 19:20 - 2014-11-23 19:20 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUSTek ASUSDVD
2014-11-23 16:43 - 2014-11-23 16:43 - 00042256 _____ () C:\Users\Veru\Desktop\arrow.s03e07.hdtv.x264-lol.srt
2014-11-20 18:02 - 2014-11-20 18:03 - 00000000 ____D () C:\Users\Veru\Desktop\Nová složka
2014-11-20 17:52 - 2014-11-20 17:56 - 72810886 _____ () C:\Users\Veru\Downloads\Breakbeat.zip
2014-11-20 16:52 - 2014-11-20 16:52 - 241928411 _____ () C:\Users\Veru\Desktop\arrow-s03e07-hdtv-x264-lol.mp4
2014-11-20 16:31 - 2014-11-20 16:31 - 00000197 _____ () C:\Windows\system32\2014-11-20-15-31-24.077-AvastVBoxSVC.exe-3204.log
2014-11-19 19:41 - 2014-11-19 19:41 - 00000197 _____ () C:\Windows\system32\2014-11-19-18-41-49.037-AvastVBoxSVC.exe-3184.log
2014-11-17 16:51 - 2014-11-17 16:51 - 00000197 _____ () C:\Windows\system32\2014-11-17-15-51-29.033-AvastVBoxSVC.exe-3192.log
2014-11-16 13:32 - 2014-11-23 19:20 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-16 13:32 - 2014-11-23 18:37 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-16 13:31 - 2014-11-16 13:31 - 00000197 _____ () C:\Windows\system32\2014-11-16-12-31-42.070-AvastVBoxSVC.exe-3192.log
2014-11-15 15:32 - 2014-11-15 15:32 - 00000197 _____ () C:\Windows\system32\2014-11-15-14-32-04.099-AvastVBoxSVC.exe-3188.log
2014-11-14 16:10 - 2014-11-14 16:10 - 00000197 _____ () C:\Windows\system32\2014-11-14-15-10-25.070-AvastVBoxSVC.exe-3212.log
2014-11-13 15:58 - 2014-11-13 15:58 - 00000197 _____ () C:\Windows\system32\2014-11-13-14-58-11.006-AvastVBoxSVC.exe-3236.log
2014-11-12 18:15 - 2014-11-12 18:15 - 00000197 _____ () C:\Windows\system32\2014-11-12-17-15-16.078-AvastVBoxSVC.exe-3388.log
2014-11-12 11:13 - 2014-11-12 11:13 - 00000197 _____ () C:\Windows\system32\2014-11-12-10-13-22.040-AvastVBoxSVC.exe-3524.log
2014-11-11 18:19 - 2014-11-11 18:19 - 00000197 _____ () C:\Windows\system32\2014-11-11-17-19-18.065-AvastVBoxSVC.exe-3316.log
2014-11-10 11:57 - 2014-11-10 11:57 - 00000197 _____ () C:\Windows\system32\2014-11-10-10-57-29.087-AvastVBoxSVC.exe-3076.log
2014-11-09 14:24 - 2014-11-09 14:24 - 00000197 _____ () C:\Windows\system32\2014-11-09-13-24-26.097-AvastVBoxSVC.exe-3432.log
2014-11-09 00:51 - 2014-11-09 00:51 - 00000197 _____ () C:\Windows\system32\2014-11-08-23-51-45.096-AvastVBoxSVC.exe-1536.log
2014-11-08 11:47 - 2014-11-08 11:47 - 00000197 _____ () C:\Windows\system32\2014-11-08-10-47-36.070-AvastVBoxSVC.exe-3204.log
2014-11-07 18:07 - 2014-11-07 18:07 - 00000197 _____ () C:\Windows\system32\2014-11-07-17-07-31.095-AvastVBoxSVC.exe-3196.log
2014-11-06 15:35 - 2014-11-06 15:35 - 00000197 _____ () C:\Windows\system32\2014-11-06-14-35-02.073-AvastVBoxSVC.exe-3192.log
2014-11-05 21:41 - 2014-11-05 21:41 - 00000197 _____ () C:\Windows\system32\2014-11-05-20-41-07.035-AvastVBoxSVC.exe-3096.log
2014-11-02 11:25 - 2014-11-02 11:25 - 00000197 _____ () C:\Windows\system32\2014-11-02-10-25-32.051-AvastVBoxSVC.exe-3416.log
2014-11-01 13:39 - 2014-11-01 13:39 - 00000197 _____ () C:\Windows\system32\2014-11-01-12-39-23.017-AvastVBoxSVC.exe-5456.log
2014-11-01 12:12 - 2014-11-01 12:13 - 00000000 ____D () C:\Windows\system32\vbox
2014-10-29 20:43 - 2014-11-23 19:20 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-10-29 19:27 - 2014-10-29 19:29 - 00000000 ____D () C:\AdwCleaner
2014-10-29 19:25 - 2014-10-29 19:25 - 01998336 _____ () C:\Users\Veru\Desktop\adwcleaner_4.002.exe
2014-10-24 20:45 - 2014-10-24 20:45 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\AVAST Software
2014-10-24 20:44 - 2014-11-23 00:08 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-10-24 20:44 - 2014-11-23 00:07 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-10-24 20:44 - 2014-10-31 20:44 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-24 20:44 - 2014-10-24 20:44 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00057928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00055240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-24 20:44 - 2014-10-24 20:44 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00001878 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-24 20:44 - 2014-10-24 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-24 20:40 - 2014-10-24 20:40 - 00000000 ____D () C:\Program Files\AVAST Software
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-23 19:22 - 2014-10-23 17:25 - 00000000 ____D () C:\FRST
2014-11-23 19:22 - 2014-10-23 17:24 - 01110016 _____ (Farbar) C:\Users\Veru\Desktop\FRST.exe
2014-11-23 19:22 - 2008-09-10 19:18 - 01845806 _____ () C:\Windows\WindowsUpdate.log
2014-11-23 19:20 - 2013-11-14 20:05 - 00031776 _____ () C:\ProgramData\nvModes.dat
2014-11-23 19:20 - 2013-11-14 20:05 - 00031776 _____ () C:\ProgramData\nvModes.001
2014-11-23 19:19 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-23 19:19 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-23 19:19 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-23 19:18 - 2008-09-10 19:19 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-11-23 19:18 - 2006-11-02 14:01 - 00032576 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-23 18:55 - 2013-11-13 21:49 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-23 16:59 - 2013-11-13 21:22 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\BitComet
2014-11-23 16:56 - 2014-04-29 13:18 - 00000000 ____D () C:\Users\Veru\Downloads\martin
2014-11-23 16:49 - 2013-11-15 15:08 - 00198656 _____ () C:\Users\Veru\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-23 00:29 - 2013-11-13 20:55 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\Winamp
2014-11-23 00:02 - 2013-11-13 15:38 - 00000416 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{A282210E-BA49-40A2-A842-5B391E5A5A03}.job
2014-11-18 22:42 - 2013-11-13 14:01 - 00001978 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-14 20:21 - 2006-11-02 11:33 - 01418230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-14 16:11 - 2014-09-19 11:08 - 00001886 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-11-14 16:11 - 2014-07-25 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-11-14 16:11 - 2008-09-10 19:38 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-13 19:55 - 2013-11-13 21:49 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-13 19:55 - 2013-11-13 21:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-12 22:34 - 2008-09-10 19:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 22:32 - 2013-11-13 18:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 22:29 - 2006-11-02 11:24 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-11-09 00:53 - 2014-04-07 17:28 - 00000000 ____D () C:\Windows\Minidump
2014-11-04 14:30 - 2013-11-13 20:01 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-01 13:32 - 2013-12-13 18:11 - 00000000 ____D () C:\Program Files\Torntv V6.0
2014-10-29 20:40 - 2013-11-13 14:00 - 00000000 ____D () C:\Program Files\Google
2014-10-29 19:29 - 2013-11-13 13:49 - 00000000 ___RD () C:\Users\Veru
2014-10-24 20:40 - 2014-10-23 17:52 - 00000000 ____D () C:\ProgramData\AVAST Software
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-23 19:25
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o pomoc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
prosím o pomoc
- Přílohy
-
- Addition.rar
- (7.39 KiB) Staženo 28 x
-
Rudy
- Site Admin
- Příspěvky: 119556
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o pomoc
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o pomoc
tady je:
# AdwCleaner v4.101 - Report created 23/11/2014 at 20:20:45
# Updated 09/11/2014 by Xplode
# Database : 2014-11-23.7 [Live]
# Operating System : Windows Vista (TM) Business Service Pack 1 (32 bits)
# Username : Veru - VERU-PC
# Running from : C:\Users\Veru\Desktop\adwcleaner_4.101.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.19088
-\\ Mozilla Firefox v
-\\ Google Chrome v39.0.2171.65
*************************
AdwCleaner[R0].txt - [5592 octets] - [29/10/2014 19:27:28]
AdwCleaner[R1].txt - [1104 octets] - [23/11/2014 20:19:11]
AdwCleaner[S0].txt - [5746 octets] - [29/10/2014 19:29:33]
AdwCleaner[S1].txt - [1030 octets] - [23/11/2014 20:20:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1090 octets] ##########
# AdwCleaner v4.101 - Report created 23/11/2014 at 20:20:45
# Updated 09/11/2014 by Xplode
# Database : 2014-11-23.7 [Live]
# Operating System : Windows Vista (TM) Business Service Pack 1 (32 bits)
# Username : Veru - VERU-PC
# Running from : C:\Users\Veru\Desktop\adwcleaner_4.101.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.19088
-\\ Mozilla Firefox v
-\\ Google Chrome v39.0.2171.65
*************************
AdwCleaner[R0].txt - [5592 octets] - [29/10/2014 19:27:28]
AdwCleaner[R1].txt - [1104 octets] - [23/11/2014 20:19:11]
AdwCleaner[S0].txt - [5746 octets] - [29/10/2014 19:29:33]
AdwCleaner[S1].txt - [1030 octets] - [23/11/2014 20:20:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1090 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119556
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o pomoc
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o pomoc
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2014
Ran by Veru (administrator) on VERU-PC on 23-11-2014 21:17:22
Running from C:\Users\Veru\Desktop
Loaded Profile: Veru (Available profiles: Veru)
Platform: Microsoft® Windows Vista™ Business Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cognizance Corporation) C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Cyberlink Corp.) C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
() C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Windows\AsScrPro.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ASUS) C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
() C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynAsus.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_15_0_0_223_ActiveX.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RemoteControl] => C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe [87336 2008-04-03] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\ASUSTek\ASUSDVD\Language\Language.exe [62760 2008-02-22] ()
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [104936 2008-07-19] (CyberLink)
HKLM\...\Run: [P2Go_Menu] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-14] (CyberLink Corp.)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2008-01-12] ()
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [7651328 2008-07-15] (ASUS)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6183456 2008-06-13] (Realtek Semiconductor)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [61440 2008-02-01] ()
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3054136 2008-09-10] (ASUS)
HKLM\...\Run: [ASUS Camera ScreenSaver] => C:\Windows\AsScrProlog.exe [47672 2008-09-10] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-11-16] (Synaptics, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [CognizanceTS] => rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2014-11-23] (AVAST Software)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
AppInit_DLLs: APSHook.dll => C:\Windows\system32\APSHook.dll [56832 2006-07-13] (Cognizance Corporation)
Lsa: [Notification Packages] scecli ASWLNPkg
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: ASUS Security Protect Manager -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: GoPhotoIt - C:\Users\Veru\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi [2013-08-08]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-11-13]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-23]
Chrome:
=======
CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-13]
CHR Extension: (Disk Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-13]
CHR Extension: (YouTube) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-13]
CHR Extension: (Avast Online Security) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-23]
CHR Extension: (Peněženka Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-13]
CHR Extension: (Gmail) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-13]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-23]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASBroker; C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll [74240 2007-02-07] (Cognizance Corporation) [File not signed]
R2 ASChannel; C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll [131584 2006-06-22] (Cognizance Corporation) [File not signed]
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-03] () [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [238968 2008-02-09] (Symantec Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-23] (AVAST Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (http://www.BitComet.com)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [3220856 2008-09-05] (Symantec Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55240 2014-11-23] (AVAST Software)
S0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-23] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57928 2014-11-23] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-23] ()
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146824 2007-06-17] (AuthenTec, Inc.)
R3 DCamUSBET; C:\Windows\System32\DRIVERS\etDevice.sys [474624 2007-09-06] (eMPIA Technology, Inc.)
R3 FiltUSBET; C:\Windows\System32\DRIVERS\etFilter.sys [206336 2007-10-15] (eMPIA Technology Inc.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [192056 2008-01-21] (Společnost Microsoft)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-03] ()
R1 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20131106.001\IDSvix86.sys [286328 2013-10-30] (Symantec Corporation)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [54784 2007-12-19] (ITE Tech. Inc. )
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15928 2008-06-03] ( )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2008-05-29] (Windows (R) Codename Longhorn DDK provider)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1081912 2008-01-21] (Společnost Microsoft)
R3 ScanUSBET; C:\Windows\System32\DRIVERS\etScan.sys [6656 2007-09-06] (eMPIA Technology, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2014-06-15] () [File not signed]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-23 21:17 - 2014-11-23 21:17 - 00015393 _____ () C:\Users\Veru\Desktop\FRST.txt
2014-11-23 21:16 - 2014-11-23 21:16 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\AVAST Software
2014-11-23 21:15 - 2014-11-23 21:15 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-23 21:15 - 2014-11-23 21:15 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-23 21:15 - 2014-11-23 21:15 - 00422760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1416773732166
2014-11-23 21:15 - 2014-11-23 21:15 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-23 21:15 - 2014-11-23 21:15 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-23 21:15 - 2014-11-23 21:15 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-23 21:15 - 2014-11-23 21:15 - 00057928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-11-23 21:15 - 2014-11-23 21:15 - 00055240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-11-23 21:15 - 2014-11-23 21:15 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-23 21:15 - 2014-11-23 21:15 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-23 21:15 - 2014-11-23 21:15 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-23 21:15 - 2014-11-23 21:15 - 00001878 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-23 21:15 - 2014-11-23 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-23 21:15 - 2014-11-23 21:14 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1416773734256
2014-11-23 21:10 - 2014-11-23 21:10 - 00000000 ____D () C:\Program Files\AVAST Software
2014-11-23 21:08 - 2014-11-23 21:08 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUSTek ASUSDVD
2014-11-23 21:03 - 2014-11-23 21:03 - 00000197 _____ () C:\Windows\system32\2014-11-23-20-03-52.053-AvastVBoxSVC.exe-2372.log
2014-11-23 21:02 - 2014-11-23 21:02 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-23 21:02 - 2014-11-23 21:02 - 00000000 _____ () C:\Windows\setupact.log
2014-11-23 20:21 - 2014-11-23 21:07 - 00404316 _____ () C:\Windows\PFRO.log
2014-11-23 20:18 - 2014-11-23 20:18 - 02140160 _____ () C:\Users\Veru\Desktop\adwcleaner_4.101.exe
2014-11-20 18:02 - 2014-11-20 18:03 - 00000000 ____D () C:\Users\Veru\Desktop\Nová složka
2014-11-20 17:52 - 2014-11-20 17:56 - 72810886 _____ () C:\Users\Veru\Downloads\Breakbeat.zip
2014-11-20 16:31 - 2014-11-20 16:31 - 00000197 _____ () C:\Windows\system32\2014-11-20-15-31-24.077-AvastVBoxSVC.exe-3204.log
2014-11-19 19:41 - 2014-11-19 19:41 - 00000197 _____ () C:\Windows\system32\2014-11-19-18-41-49.037-AvastVBoxSVC.exe-3184.log
2014-11-17 16:51 - 2014-11-17 16:51 - 00000197 _____ () C:\Windows\system32\2014-11-17-15-51-29.033-AvastVBoxSVC.exe-3192.log
2014-11-16 13:32 - 2014-11-23 21:07 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-16 13:32 - 2014-11-23 20:37 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-16 13:31 - 2014-11-16 13:31 - 00000197 _____ () C:\Windows\system32\2014-11-16-12-31-42.070-AvastVBoxSVC.exe-3192.log
2014-11-15 15:32 - 2014-11-15 15:32 - 00000197 _____ () C:\Windows\system32\2014-11-15-14-32-04.099-AvastVBoxSVC.exe-3188.log
2014-11-14 16:10 - 2014-11-14 16:10 - 00000197 _____ () C:\Windows\system32\2014-11-14-15-10-25.070-AvastVBoxSVC.exe-3212.log
2014-11-13 15:58 - 2014-11-13 15:58 - 00000197 _____ () C:\Windows\system32\2014-11-13-14-58-11.006-AvastVBoxSVC.exe-3236.log
2014-11-12 18:15 - 2014-11-12 18:15 - 00000197 _____ () C:\Windows\system32\2014-11-12-17-15-16.078-AvastVBoxSVC.exe-3388.log
2014-11-12 11:13 - 2014-11-12 11:13 - 00000197 _____ () C:\Windows\system32\2014-11-12-10-13-22.040-AvastVBoxSVC.exe-3524.log
2014-11-11 18:19 - 2014-11-11 18:19 - 00000197 _____ () C:\Windows\system32\2014-11-11-17-19-18.065-AvastVBoxSVC.exe-3316.log
2014-11-10 11:57 - 2014-11-10 11:57 - 00000197 _____ () C:\Windows\system32\2014-11-10-10-57-29.087-AvastVBoxSVC.exe-3076.log
2014-11-09 14:24 - 2014-11-09 14:24 - 00000197 _____ () C:\Windows\system32\2014-11-09-13-24-26.097-AvastVBoxSVC.exe-3432.log
2014-11-09 00:51 - 2014-11-09 00:51 - 00000197 _____ () C:\Windows\system32\2014-11-08-23-51-45.096-AvastVBoxSVC.exe-1536.log
2014-11-08 11:47 - 2014-11-08 11:47 - 00000197 _____ () C:\Windows\system32\2014-11-08-10-47-36.070-AvastVBoxSVC.exe-3204.log
2014-11-07 18:07 - 2014-11-07 18:07 - 00000197 _____ () C:\Windows\system32\2014-11-07-17-07-31.095-AvastVBoxSVC.exe-3196.log
2014-11-06 15:35 - 2014-11-06 15:35 - 00000197 _____ () C:\Windows\system32\2014-11-06-14-35-02.073-AvastVBoxSVC.exe-3192.log
2014-11-05 21:41 - 2014-11-05 21:41 - 00000197 _____ () C:\Windows\system32\2014-11-05-20-41-07.035-AvastVBoxSVC.exe-3096.log
2014-11-02 11:25 - 2014-11-02 11:25 - 00000197 _____ () C:\Windows\system32\2014-11-02-10-25-32.051-AvastVBoxSVC.exe-3416.log
2014-11-01 13:39 - 2014-11-01 13:39 - 00000197 _____ () C:\Windows\system32\2014-11-01-12-39-23.017-AvastVBoxSVC.exe-5456.log
2014-11-01 12:12 - 2014-11-01 12:13 - 00000000 ____D () C:\Windows\system32\vbox
2014-10-29 20:43 - 2014-11-23 20:22 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-10-29 19:27 - 2014-11-23 20:20 - 00000000 ____D () C:\AdwCleaner
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-23 21:17 - 2014-10-23 17:25 - 00000000 ____D () C:\FRST
2014-11-23 21:10 - 2014-10-23 17:52 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-23 21:10 - 2008-09-10 19:18 - 01870359 _____ () C:\Windows\WindowsUpdate.log
2014-11-23 21:08 - 2013-11-14 20:05 - 00031776 _____ () C:\ProgramData\nvModes.dat
2014-11-23 21:08 - 2013-11-14 20:05 - 00031776 _____ () C:\ProgramData\nvModes.001
2014-11-23 21:07 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-23 21:07 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-23 21:07 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-23 21:06 - 2006-11-02 14:01 - 00032576 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-23 21:05 - 2008-09-10 19:19 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-11-23 20:55 - 2013-11-13 21:49 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-23 19:22 - 2014-10-23 17:24 - 01110016 _____ (Farbar) C:\Users\Veru\Desktop\FRST.exe
2014-11-23 16:59 - 2013-11-13 21:22 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\BitComet
2014-11-23 16:56 - 2014-04-29 13:18 - 00000000 ____D () C:\Users\Veru\Downloads\martin
2014-11-23 16:49 - 2013-11-15 15:08 - 00198656 _____ () C:\Users\Veru\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-23 00:29 - 2013-11-13 20:55 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\Winamp
2014-11-23 00:02 - 2013-11-13 15:38 - 00000416 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{A282210E-BA49-40A2-A842-5B391E5A5A03}.job
2014-11-18 22:42 - 2013-11-13 14:01 - 00001978 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-14 20:21 - 2006-11-02 11:33 - 01418230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-14 16:11 - 2014-09-19 11:08 - 00001886 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-11-14 16:11 - 2014-07-25 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-11-14 16:11 - 2008-09-10 19:38 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-13 19:55 - 2013-11-13 21:49 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-13 19:55 - 2013-11-13 21:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-12 22:34 - 2008-09-10 19:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 22:32 - 2013-11-13 18:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 22:29 - 2006-11-02 11:24 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-11-09 00:53 - 2014-04-07 17:28 - 00000000 ____D () C:\Windows\Minidump
2014-11-04 14:30 - 2013-11-13 20:01 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-01 13:32 - 2013-12-13 18:11 - 00000000 ____D () C:\Program Files\Torntv V6.0
2014-10-29 20:40 - 2013-11-13 14:00 - 00000000 ____D () C:\Program Files\Google
2014-10-29 19:29 - 2013-11-13 13:49 - 00000000 ___RD () C:\Users\Veru
Some content of TEMP:
====================
C:\Users\Veru\AppData\Local\Temp\Quarantine.exe
C:\Users\Veru\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-23 21:12
==================== End Of Log ============================
Ran by Veru (administrator) on VERU-PC on 23-11-2014 21:17:22
Running from C:\Users\Veru\Desktop
Loaded Profile: Veru (Available profiles: Veru)
Platform: Microsoft® Windows Vista™ Business Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cognizance Corporation) C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Cyberlink Corp.) C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
() C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Windows\AsScrPro.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ASUS) C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
() C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynAsus.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_15_0_0_223_ActiveX.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RemoteControl] => C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe [87336 2008-04-03] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\ASUSTek\ASUSDVD\Language\Language.exe [62760 2008-02-22] ()
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [104936 2008-07-19] (CyberLink)
HKLM\...\Run: [P2Go_Menu] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-14] (CyberLink Corp.)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2008-01-12] ()
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [7651328 2008-07-15] (ASUS)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6183456 2008-06-13] (Realtek Semiconductor)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [61440 2008-02-01] ()
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3054136 2008-09-10] (ASUS)
HKLM\...\Run: [ASUS Camera ScreenSaver] => C:\Windows\AsScrProlog.exe [47672 2008-09-10] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-11-16] (Synaptics, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [CognizanceTS] => rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2014-11-23] (AVAST Software)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
AppInit_DLLs: APSHook.dll => C:\Windows\system32\APSHook.dll [56832 2006-07-13] (Cognizance Corporation)
Lsa: [Notification Packages] scecli ASWLNPkg
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: ASUS Security Protect Manager -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: GoPhotoIt - C:\Users\Veru\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi [2013-08-08]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-11-13]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-23]
Chrome:
=======
CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-13]
CHR Extension: (Disk Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-13]
CHR Extension: (YouTube) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-13]
CHR Extension: (Avast Online Security) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-23]
CHR Extension: (Peněženka Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-13]
CHR Extension: (Gmail) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-13]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-23]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASBroker; C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll [74240 2007-02-07] (Cognizance Corporation) [File not signed]
R2 ASChannel; C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll [131584 2006-06-22] (Cognizance Corporation) [File not signed]
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-03] () [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [238968 2008-02-09] (Symantec Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-23] (AVAST Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (http://www.BitComet.com)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [3220856 2008-09-05] (Symantec Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55240 2014-11-23] (AVAST Software)
S0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-23] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57928 2014-11-23] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-23] ()
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146824 2007-06-17] (AuthenTec, Inc.)
R3 DCamUSBET; C:\Windows\System32\DRIVERS\etDevice.sys [474624 2007-09-06] (eMPIA Technology, Inc.)
R3 FiltUSBET; C:\Windows\System32\DRIVERS\etFilter.sys [206336 2007-10-15] (eMPIA Technology Inc.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [192056 2008-01-21] (Společnost Microsoft)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-03] ()
R1 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20131106.001\IDSvix86.sys [286328 2013-10-30] (Symantec Corporation)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [54784 2007-12-19] (ITE Tech. Inc. )
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15928 2008-06-03] ( )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2008-05-29] (Windows (R) Codename Longhorn DDK provider)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1081912 2008-01-21] (Společnost Microsoft)
R3 ScanUSBET; C:\Windows\System32\DRIVERS\etScan.sys [6656 2007-09-06] (eMPIA Technology, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2014-06-15] () [File not signed]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-23 21:17 - 2014-11-23 21:17 - 00015393 _____ () C:\Users\Veru\Desktop\FRST.txt
2014-11-23 21:16 - 2014-11-23 21:16 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\AVAST Software
2014-11-23 21:15 - 2014-11-23 21:15 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-23 21:15 - 2014-11-23 21:15 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-23 21:15 - 2014-11-23 21:15 - 00422760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1416773732166
2014-11-23 21:15 - 2014-11-23 21:15 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-23 21:15 - 2014-11-23 21:15 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-23 21:15 - 2014-11-23 21:15 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-23 21:15 - 2014-11-23 21:15 - 00057928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-11-23 21:15 - 2014-11-23 21:15 - 00055240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-11-23 21:15 - 2014-11-23 21:15 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-23 21:15 - 2014-11-23 21:15 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-23 21:15 - 2014-11-23 21:15 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-23 21:15 - 2014-11-23 21:15 - 00001878 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-23 21:15 - 2014-11-23 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-23 21:15 - 2014-11-23 21:14 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1416773734256
2014-11-23 21:10 - 2014-11-23 21:10 - 00000000 ____D () C:\Program Files\AVAST Software
2014-11-23 21:08 - 2014-11-23 21:08 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUSTek ASUSDVD
2014-11-23 21:03 - 2014-11-23 21:03 - 00000197 _____ () C:\Windows\system32\2014-11-23-20-03-52.053-AvastVBoxSVC.exe-2372.log
2014-11-23 21:02 - 2014-11-23 21:02 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-23 21:02 - 2014-11-23 21:02 - 00000000 _____ () C:\Windows\setupact.log
2014-11-23 20:21 - 2014-11-23 21:07 - 00404316 _____ () C:\Windows\PFRO.log
2014-11-23 20:18 - 2014-11-23 20:18 - 02140160 _____ () C:\Users\Veru\Desktop\adwcleaner_4.101.exe
2014-11-20 18:02 - 2014-11-20 18:03 - 00000000 ____D () C:\Users\Veru\Desktop\Nová složka
2014-11-20 17:52 - 2014-11-20 17:56 - 72810886 _____ () C:\Users\Veru\Downloads\Breakbeat.zip
2014-11-20 16:31 - 2014-11-20 16:31 - 00000197 _____ () C:\Windows\system32\2014-11-20-15-31-24.077-AvastVBoxSVC.exe-3204.log
2014-11-19 19:41 - 2014-11-19 19:41 - 00000197 _____ () C:\Windows\system32\2014-11-19-18-41-49.037-AvastVBoxSVC.exe-3184.log
2014-11-17 16:51 - 2014-11-17 16:51 - 00000197 _____ () C:\Windows\system32\2014-11-17-15-51-29.033-AvastVBoxSVC.exe-3192.log
2014-11-16 13:32 - 2014-11-23 21:07 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-16 13:32 - 2014-11-23 20:37 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-16 13:31 - 2014-11-16 13:31 - 00000197 _____ () C:\Windows\system32\2014-11-16-12-31-42.070-AvastVBoxSVC.exe-3192.log
2014-11-15 15:32 - 2014-11-15 15:32 - 00000197 _____ () C:\Windows\system32\2014-11-15-14-32-04.099-AvastVBoxSVC.exe-3188.log
2014-11-14 16:10 - 2014-11-14 16:10 - 00000197 _____ () C:\Windows\system32\2014-11-14-15-10-25.070-AvastVBoxSVC.exe-3212.log
2014-11-13 15:58 - 2014-11-13 15:58 - 00000197 _____ () C:\Windows\system32\2014-11-13-14-58-11.006-AvastVBoxSVC.exe-3236.log
2014-11-12 18:15 - 2014-11-12 18:15 - 00000197 _____ () C:\Windows\system32\2014-11-12-17-15-16.078-AvastVBoxSVC.exe-3388.log
2014-11-12 11:13 - 2014-11-12 11:13 - 00000197 _____ () C:\Windows\system32\2014-11-12-10-13-22.040-AvastVBoxSVC.exe-3524.log
2014-11-11 18:19 - 2014-11-11 18:19 - 00000197 _____ () C:\Windows\system32\2014-11-11-17-19-18.065-AvastVBoxSVC.exe-3316.log
2014-11-10 11:57 - 2014-11-10 11:57 - 00000197 _____ () C:\Windows\system32\2014-11-10-10-57-29.087-AvastVBoxSVC.exe-3076.log
2014-11-09 14:24 - 2014-11-09 14:24 - 00000197 _____ () C:\Windows\system32\2014-11-09-13-24-26.097-AvastVBoxSVC.exe-3432.log
2014-11-09 00:51 - 2014-11-09 00:51 - 00000197 _____ () C:\Windows\system32\2014-11-08-23-51-45.096-AvastVBoxSVC.exe-1536.log
2014-11-08 11:47 - 2014-11-08 11:47 - 00000197 _____ () C:\Windows\system32\2014-11-08-10-47-36.070-AvastVBoxSVC.exe-3204.log
2014-11-07 18:07 - 2014-11-07 18:07 - 00000197 _____ () C:\Windows\system32\2014-11-07-17-07-31.095-AvastVBoxSVC.exe-3196.log
2014-11-06 15:35 - 2014-11-06 15:35 - 00000197 _____ () C:\Windows\system32\2014-11-06-14-35-02.073-AvastVBoxSVC.exe-3192.log
2014-11-05 21:41 - 2014-11-05 21:41 - 00000197 _____ () C:\Windows\system32\2014-11-05-20-41-07.035-AvastVBoxSVC.exe-3096.log
2014-11-02 11:25 - 2014-11-02 11:25 - 00000197 _____ () C:\Windows\system32\2014-11-02-10-25-32.051-AvastVBoxSVC.exe-3416.log
2014-11-01 13:39 - 2014-11-01 13:39 - 00000197 _____ () C:\Windows\system32\2014-11-01-12-39-23.017-AvastVBoxSVC.exe-5456.log
2014-11-01 12:12 - 2014-11-01 12:13 - 00000000 ____D () C:\Windows\system32\vbox
2014-10-29 20:43 - 2014-11-23 20:22 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-10-29 19:27 - 2014-11-23 20:20 - 00000000 ____D () C:\AdwCleaner
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-23 21:17 - 2014-10-23 17:25 - 00000000 ____D () C:\FRST
2014-11-23 21:10 - 2014-10-23 17:52 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-23 21:10 - 2008-09-10 19:18 - 01870359 _____ () C:\Windows\WindowsUpdate.log
2014-11-23 21:08 - 2013-11-14 20:05 - 00031776 _____ () C:\ProgramData\nvModes.dat
2014-11-23 21:08 - 2013-11-14 20:05 - 00031776 _____ () C:\ProgramData\nvModes.001
2014-11-23 21:07 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-23 21:07 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-23 21:07 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-23 21:06 - 2006-11-02 14:01 - 00032576 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-23 21:05 - 2008-09-10 19:19 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-11-23 20:55 - 2013-11-13 21:49 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-23 19:22 - 2014-10-23 17:24 - 01110016 _____ (Farbar) C:\Users\Veru\Desktop\FRST.exe
2014-11-23 16:59 - 2013-11-13 21:22 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\BitComet
2014-11-23 16:56 - 2014-04-29 13:18 - 00000000 ____D () C:\Users\Veru\Downloads\martin
2014-11-23 16:49 - 2013-11-15 15:08 - 00198656 _____ () C:\Users\Veru\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-23 00:29 - 2013-11-13 20:55 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\Winamp
2014-11-23 00:02 - 2013-11-13 15:38 - 00000416 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{A282210E-BA49-40A2-A842-5B391E5A5A03}.job
2014-11-18 22:42 - 2013-11-13 14:01 - 00001978 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-14 20:21 - 2006-11-02 11:33 - 01418230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-14 16:11 - 2014-09-19 11:08 - 00001886 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-11-14 16:11 - 2014-07-25 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-11-14 16:11 - 2008-09-10 19:38 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-13 19:55 - 2013-11-13 21:49 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-13 19:55 - 2013-11-13 21:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-12 22:34 - 2008-09-10 19:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 22:32 - 2013-11-13 18:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 22:29 - 2006-11-02 11:24 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-11-09 00:53 - 2014-04-07 17:28 - 00000000 ____D () C:\Windows\Minidump
2014-11-04 14:30 - 2013-11-13 20:01 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-01 13:32 - 2013-12-13 18:11 - 00000000 ____D () C:\Program Files\Torntv V6.0
2014-10-29 20:40 - 2013-11-13 14:00 - 00000000 ____D () C:\Program Files\Google
2014-10-29 19:29 - 2013-11-13 13:49 - 00000000 ___RD () C:\Users\Veru
Some content of TEMP:
====================
C:\Users\Veru\AppData\Local\Temp\Quarantine.exe
C:\Users\Veru\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-23 21:12
==================== End Of Log ============================
- Přílohy
-
- Addition.rar
- (7.7 KiB) Staženo 35 x
-
Rudy
- Site Admin
- Příspěvky: 119556
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o pomoc
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\system32\acovcnt.exe
C:\Users\Veru\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Veru\AppData\Local\Temp
AlternateDataStreams: C:\Users\Veru:gs5sys
AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\Users\Veru\Soubory cookie:gs5sys
AlternateDataStreams: C:\Users\Veru\Šablony:gs5sys
AlternateDataStreams: C:\Users\Veru\AppData\Local\Historie:gs5sys
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o pomoc
tady to je:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-11-2014
Ran by Veru at 2014-11-23 22:23:15 Run:4
Running from C:\Users\Veru\Desktop
Loaded Profile: Veru (Available profiles: Veru)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\system32\acovcnt.exe
C:\Users\Veru\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Veru\AppData\Local\Temp
AlternateDataStreams: C:\Users\Veru:gs5sys
AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\Users\Veru\Soubory cookie:gs5sys
AlternateDataStreams: C:\Users\Veru\Šablony:gs5sys
AlternateDataStreams: C:\Users\Veru\AppData\Local\Historie:gs5sys
End
*****************
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\system32\acovcnt.exe => Moved successfully.
C:\Users\Veru\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Moved successfully.
"C:\Users\Veru\AppData\Local\Temp" directory move:
C:\Users\Veru\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Donate.ico => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Veru\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Veru\AppData\Local\Temp\gomtemp.smi => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\sna13F8.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\sna3E9E.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\snaD3D0.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\snaFA13.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Veru.bmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Temp2_1tmp00.zip\install.rdf => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Temp1_1tmp00.zip\install.rdf => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{CD7587C5-4C01-4A60-B237-C2A36BE1C08C}\Graphics\Expand.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{CD7587C5-4C01-4A60-B237-C2A36BE1C08C}\Graphics\Normal.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{CD7587C5-4C01-4A60-B237-C2A36BE1C08C}\Graphics\Small.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{C8C6DF5B-5825-47CD-B985-40A46C71CDE3}\Graphics\Expand.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{C8C6DF5B-5825-47CD-B985-40A46C71CDE3}\Graphics\Normal.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{C8C6DF5B-5825-47CD-B985-40A46C71CDE3}\Graphics\Small.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{B553C2F9-3475-4A7F-9628-406C39D7EAFE}\Graphics\Expand.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{B553C2F9-3475-4A7F-9628-406C39D7EAFE}\Graphics\Normal.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{B553C2F9-3475-4A7F-9628-406C39D7EAFE}\Graphics\Small.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{AF9A58EE-5D76-40A6-8550-B2C43D903E6F}\Graphics\Expand.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{AF9A58EE-5D76-40A6-8550-B2C43D903E6F}\Graphics\Normal.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{AF9A58EE-5D76-40A6-8550-B2C43D903E6F}\Graphics\Small.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{6CFB6439-7DDC-4785-9BEC-861F027E201E}\Graphics\Expand.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{6CFB6439-7DDC-4785-9BEC-861F027E201E}\Graphics\Normal.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{6CFB6439-7DDC-4785-9BEC-861F027E201E}\Graphics\Small.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\index.dat => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\13[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\15[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\165[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\1[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\208[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\27[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\2[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\54[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\6[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\8[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\9[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\afr[1].htm => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\afr[2].htm => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\context[1].htm => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[10].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[11].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[2].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[3].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[4].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[5].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[6].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[7].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[8].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[9].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hitCA0VHX3T.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hitCA2AA5CZ.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hitCAF49QJW.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hitCAL6026P.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hitCATMMPXV.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hitCAUGL06P.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hitCAZV2A62.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[10].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[11].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[2].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[3].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[4].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[5].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[6].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[7].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[8].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[9].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\icon_mini_members[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\icon_post_report[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\script[1].js => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\stylesheet[1].css => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\upload_bar[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\118[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\11[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\19[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\38[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\41[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\44[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\5[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\78[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\7[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\context[1].htm => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_czCA4BXBLO.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_czCA8WJXEX.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_czCAQSB1OP.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_czCAV85E1D.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[10].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[11].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[2].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[3].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[4].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[5].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[6].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[7].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[8].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[9].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hitCAM26ODL.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hitCAP8AJOQ.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hitCAZHNUC3.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[10].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[11].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[2].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[3].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[4].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[5].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[6].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[7].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[8].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[9].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\iconxquestion[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\icon_mini_profile[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\icon_post_delete[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\icon_post_quote[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\icon_post_target[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\icon_user_online[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\icon_user_profile[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\10[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\169[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\23[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\33[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\34[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\45[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\92[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\93[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\cellpic3[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\cimage2[1].png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\editor[1].js => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_czCA00QU96.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_czCABVO7L8.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_czCAO2ZI04.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_czCAW3EC1H.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[10].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[11].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[2].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[3].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[4].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[5].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[6].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[7].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[8].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[9].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[10].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[11].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[2].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[3].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[4].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[5].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[6].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[7].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[8].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[9].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\icon_exclaim[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\icon_mini_message[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\icon_post_edit[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\icon_post_target_unread[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\icon_t_closed[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\iefox[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\offtopic[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\viewtopic[1].php => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\2774ee066f84f809bfb556985c87863d.160x120[1].jpg => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\admin[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\banner[1].png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\button_topic_new[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\button_topic_reply[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\cellpic1[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\donate[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\fimg_seznam_cz[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\fimg_seznam_cz[2].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\fimg_seznam_cz[3].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\fimg_seznam_cz[4].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\fimg_seznam_cz[5].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\fimg_seznam_cz[6].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\fimg_seznam_cz[7].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\ga[1].js => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hitCA559H6U.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hitCA70YZ1B.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hitCA9LNBU8.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hitCAE0D5XN.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hitCAHNINAD.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hitCANWKYAI.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hitCAOS3C4X.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hitCAP46PCU.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[10].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[11].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[2].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[3].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[4].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[5].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[6].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[7].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[8].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[9].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\icon_mini_faq[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\icon_mini_login[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\icon_mini_register[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\icon_mini_search[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\icon_topic_attach[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\icon_user_offline[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\james_leto_bg_2012_sky_netra[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\RANK_01[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\shop[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\site_logo[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\spacer[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\urchin[1].js => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\History\History.IE5\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\History\History.IE5\index.dat => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Cookies\index.dat => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Cookies\veru@forum.viry[1].txt => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Cookies\veru@imedia[2].txt => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Cookies\veru@reklama2.viry[1].txt => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\avastBCLTMP\chrome\Default\Web Data => Moved successfully.
Could not move "C:\Users\Veru\AppData\Local\Temp" directory. => Scheduled to move on reboot.
"C:\Users\Veru" => ":gs5sys" ADS not found.
"C:\ProgramData\Templates" => ":gs5sys" ADS not found.
"C:\Users\Veru\Soubory cookie" => ":gs5sys" ADS not found.
"C:\Users\Veru\Šablony" => ":gs5sys" ADS not found.
"C:\Users\Veru\AppData\Local\Historie" => ":gs5sys" ADS not found.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-11-23 22:26:50)<=
C:\Users\Veru\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Veru\AppData\Local\Temp => Moved successfully.
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-11-2014
Ran by Veru at 2014-11-23 22:23:15 Run:4
Running from C:\Users\Veru\Desktop
Loaded Profile: Veru (Available profiles: Veru)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\system32\acovcnt.exe
C:\Users\Veru\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Veru\AppData\Local\Temp
AlternateDataStreams: C:\Users\Veru:gs5sys
AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\Users\Veru\Soubory cookie:gs5sys
AlternateDataStreams: C:\Users\Veru\Šablony:gs5sys
AlternateDataStreams: C:\Users\Veru\AppData\Local\Historie:gs5sys
End
*****************
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\system32\acovcnt.exe => Moved successfully.
C:\Users\Veru\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Moved successfully.
"C:\Users\Veru\AppData\Local\Temp" directory move:
C:\Users\Veru\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Donate.ico => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Veru\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Veru\AppData\Local\Temp\gomtemp.smi => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\sna13F8.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\sna3E9E.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\snaD3D0.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\snaFA13.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Veru.bmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Temp2_1tmp00.zip\install.rdf => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Temp1_1tmp00.zip\install.rdf => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{CD7587C5-4C01-4A60-B237-C2A36BE1C08C}\Graphics\Expand.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{CD7587C5-4C01-4A60-B237-C2A36BE1C08C}\Graphics\Normal.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{CD7587C5-4C01-4A60-B237-C2A36BE1C08C}\Graphics\Small.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{C8C6DF5B-5825-47CD-B985-40A46C71CDE3}\Graphics\Expand.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{C8C6DF5B-5825-47CD-B985-40A46C71CDE3}\Graphics\Normal.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{C8C6DF5B-5825-47CD-B985-40A46C71CDE3}\Graphics\Small.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{B553C2F9-3475-4A7F-9628-406C39D7EAFE}\Graphics\Expand.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{B553C2F9-3475-4A7F-9628-406C39D7EAFE}\Graphics\Normal.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{B553C2F9-3475-4A7F-9628-406C39D7EAFE}\Graphics\Small.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{AF9A58EE-5D76-40A6-8550-B2C43D903E6F}\Graphics\Expand.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{AF9A58EE-5D76-40A6-8550-B2C43D903E6F}\Graphics\Normal.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{AF9A58EE-5D76-40A6-8550-B2C43D903E6F}\Graphics\Small.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{6CFB6439-7DDC-4785-9BEC-861F027E201E}\Graphics\Expand.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{6CFB6439-7DDC-4785-9BEC-861F027E201E}\Graphics\Normal.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{6CFB6439-7DDC-4785-9BEC-861F027E201E}\Graphics\Small.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\index.dat => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\13[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\15[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\165[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\1[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\208[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\27[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\2[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\54[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\6[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\8[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\9[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\afr[1].htm => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\afr[2].htm => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\context[1].htm => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[10].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[11].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[2].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[3].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[4].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[5].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[6].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[7].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[8].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\fimg_seznam_cz[9].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hitCA0VHX3T.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hitCA2AA5CZ.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hitCAF49QJW.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hitCAL6026P.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hitCATMMPXV.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hitCAUGL06P.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hitCAZV2A62.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[10].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[11].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[2].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[3].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[4].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[5].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[6].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[7].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[8].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\hit[9].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\icon_mini_members[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\icon_post_report[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\script[1].js => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\stylesheet[1].css => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UHDI9IWP\upload_bar[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\118[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\11[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\19[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\38[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\41[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\44[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\5[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\78[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\7[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\context[1].htm => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_czCA4BXBLO.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_czCA8WJXEX.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_czCAQSB1OP.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_czCAV85E1D.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[10].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[11].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[2].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[3].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[4].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[5].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[6].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[7].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[8].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\fimg_seznam_cz[9].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hitCAM26ODL.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hitCAP8AJOQ.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hitCAZHNUC3.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[10].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[11].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[2].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[3].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[4].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[5].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[6].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[7].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[8].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\hit[9].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\iconxquestion[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\icon_mini_profile[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\icon_post_delete[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\icon_post_quote[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\icon_post_target[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\icon_user_online[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SLH8ZUSN\icon_user_profile[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\10[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\169[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\23[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\33[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\34[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\45[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\92[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\93[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\cellpic3[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\cimage2[1].png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\editor[1].js => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_czCA00QU96.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_czCABVO7L8.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_czCAO2ZI04.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_czCAW3EC1H.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[10].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[11].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[2].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[3].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[4].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[5].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[6].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[7].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[8].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\fimg_seznam_cz[9].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[10].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[11].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[2].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[3].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[4].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[5].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[6].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[7].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[8].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\hit[9].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\icon_exclaim[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\icon_mini_message[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\icon_post_edit[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\icon_post_target_unread[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\icon_t_closed[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\iefox[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\offtopic[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\QT0K12FK\viewtopic[1].php => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\2774ee066f84f809bfb556985c87863d.160x120[1].jpg => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\admin[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\banner[1].png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\button_topic_new[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\button_topic_reply[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\cellpic1[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\donate[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\fimg_seznam_cz[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\fimg_seznam_cz[2].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\fimg_seznam_cz[3].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\fimg_seznam_cz[4].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\fimg_seznam_cz[5].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\fimg_seznam_cz[6].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\fimg_seznam_cz[7].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\ga[1].js => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hitCA559H6U.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hitCA70YZ1B.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hitCA9LNBU8.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hitCAE0D5XN.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hitCAHNINAD.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hitCANWKYAI.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hitCAOS3C4X.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hitCAP46PCU.gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[10].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[11].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[2].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[3].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[4].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[5].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[6].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[7].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[8].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\hit[9].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\icon_mini_faq[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\icon_mini_login[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\icon_mini_register[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\icon_mini_search[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\icon_topic_attach[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\icon_user_offline[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\james_leto_bg_2012_sky_netra[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\RANK_01[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\shop[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\site_logo[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\spacer[1].gif => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\HQ7MV2K4\urchin[1].js => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\History\History.IE5\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\History\History.IE5\index.dat => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Cookies\index.dat => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Cookies\veru@forum.viry[1].txt => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Cookies\veru@imedia[2].txt => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Low\Cookies\veru@reklama2.viry[1].txt => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\avastBCLTMP\chrome\Default\Web Data => Moved successfully.
Could not move "C:\Users\Veru\AppData\Local\Temp" directory. => Scheduled to move on reboot.
"C:\Users\Veru" => ":gs5sys" ADS not found.
"C:\ProgramData\Templates" => ":gs5sys" ADS not found.
"C:\Users\Veru\Soubory cookie" => ":gs5sys" ADS not found.
"C:\Users\Veru\Šablony" => ":gs5sys" ADS not found.
"C:\Users\Veru\AppData\Local\Historie" => ":gs5sys" ADS not found.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-11-23 22:26:50)<=
C:\Users\Veru\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Veru\AppData\Local\Temp => Moved successfully.
==== End of Fixlog ====
-
Rudy
- Site Admin
- Příspěvky: 119556
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o pomoc
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o pomoc
NN pořád to skáče, chvilku je tam o pět víc GB a pak to skočí zase dolů. Měla bych tam mít kolem 26 GB a jsem na 13 GB.
-
Rudy
- Site Admin
- Příspěvky: 119556
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o pomoc
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o pomoc
ComboFix 14-11-24.02 - Veru 24.11.2014 19:38:16.1.2 - x86
Microsoft® Windows Vista™ Business 6.0.6001.1.1250.420.1029.18.3070.1802 [GMT 1:00]
Spuštěný z: c:\users\Veru\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\ASPG_icon.ico
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-24 do 2014-11-24 )))))))))))))))))))))))))))))))
.
.
2014-11-23 21:26 . 2014-11-24 18:49 45056 ----a-w- c:\windows\system32\acovcnt.exe
2014-11-23 20:16 . 2014-11-23 20:16 -------- d-----w- c:\users\Veru\AppData\Roaming\AVAST Software
2014-11-23 20:15 . 2014-11-23 20:15 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-23 20:15 . 2014-11-23 20:15 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-23 20:15 . 2014-11-23 20:15 57928 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-11-23 20:15 . 2014-11-23 20:15 55240 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-11-23 20:15 . 2014-11-23 20:15 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-23 20:15 . 2014-11-23 20:15 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-23 20:15 . 2014-11-23 20:15 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-23 20:15 . 2014-11-23 20:15 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-23 20:15 . 2014-11-23 20:15 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-23 20:15 . 2014-11-23 20:15 43152 ----a-w- c:\windows\avastSS.scr
2014-11-23 20:10 . 2014-11-23 20:10 -------- d-----w- c:\program files\AVAST Software
2014-11-22 23:12 . 2014-11-02 04:17 8941456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7BAFED1C-B902-4B00-B915-49E7EC89219E}\mpengine.dll
2014-11-01 11:12 . 2014-11-01 11:13 -------- d-----w- c:\windows\system32\vbox
2014-10-29 18:27 . 2014-11-23 19:20 -------- d-----w- C:\AdwCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-13 18:55 . 2013-11-13 20:49 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-13 18:55 . 2013-11-13 20:49 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-04 13:30 . 2013-11-13 19:01 229000 ------w- c:\windows\system32\MpSigStub.exe
2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files\Common Files\CPInstallAction.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-23 20:14 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2014-10-15 468192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\ASUSTek\ASUSDVD\PDVDServ.exe" [2008-04-03 87336]
"LanguageShortcut"="c:\program files\ASUSTek\ASUSDVD\Language\Language.exe" [2008-02-22 62760]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-01-12 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-07-15 7651328]
"RtHDVCpl"="RtHDVCpl.exe" [2008-06-13 6183456]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2008-02-01 61440]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2008-09-10 3054136]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2008-09-10 47672]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-16 1029416]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-02 13789728]
"CognizanceTS"="c:\progra~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll" [2003-12-22 17920]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-23 5226600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-10 752168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-18 21:38 1087304 ----a-w- c:\program files\Google\Chrome\Application\39.0.2171.65\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-13 18:55]
.
2014-11-24 c:\windows\Tasks\User_Feed_Synchronization-{A282210E-BA49-40A2-A842-5B391E5A5A03}.job
- c:\windows\system32\msfeedssync.exe [2013-11-15 04:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-iLivid - c:\users\Veru\AppData\Local\iLivid\iLivid.exe
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\SAMSUNG\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\SAMSUNG\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-11-24 19:50
Windows 6.0.6001 Service Pack 1 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_223_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_223_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3528)
c:\windows\system32\APSHook.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItClient.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
c:\program files\ASUS\SmartLogon\sensorsrv.exe
c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\Wireless Console 2\wcourier.exe
c:\program files\ASUS\ASUS CopyProtect\aspg.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\windows\system32\conime.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
.
**************************************************************************
.
Celkový čas: 2014-11-24 19:54:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-24 18:54
.
Před spuštěním: Volných bajtů: 13 821 378 560
Po spuštění: Volných bajtů: 13 293 281 280
.
- - End Of File - - B340982EF1A03C08BDE1D45D394A2800
64B1E91C5C6C2157642651010728F90F
Microsoft® Windows Vista™ Business 6.0.6001.1.1250.420.1029.18.3070.1802 [GMT 1:00]
Spuštěný z: c:\users\Veru\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\ASPG_icon.ico
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-24 do 2014-11-24 )))))))))))))))))))))))))))))))
.
.
2014-11-23 21:26 . 2014-11-24 18:49 45056 ----a-w- c:\windows\system32\acovcnt.exe
2014-11-23 20:16 . 2014-11-23 20:16 -------- d-----w- c:\users\Veru\AppData\Roaming\AVAST Software
2014-11-23 20:15 . 2014-11-23 20:15 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-23 20:15 . 2014-11-23 20:15 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-23 20:15 . 2014-11-23 20:15 57928 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-11-23 20:15 . 2014-11-23 20:15 55240 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-11-23 20:15 . 2014-11-23 20:15 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-23 20:15 . 2014-11-23 20:15 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-23 20:15 . 2014-11-23 20:15 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-23 20:15 . 2014-11-23 20:15 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-23 20:15 . 2014-11-23 20:15 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-23 20:15 . 2014-11-23 20:15 43152 ----a-w- c:\windows\avastSS.scr
2014-11-23 20:10 . 2014-11-23 20:10 -------- d-----w- c:\program files\AVAST Software
2014-11-22 23:12 . 2014-11-02 04:17 8941456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7BAFED1C-B902-4B00-B915-49E7EC89219E}\mpengine.dll
2014-11-01 11:12 . 2014-11-01 11:13 -------- d-----w- c:\windows\system32\vbox
2014-10-29 18:27 . 2014-11-23 19:20 -------- d-----w- C:\AdwCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-13 18:55 . 2013-11-13 20:49 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-13 18:55 . 2013-11-13 20:49 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-04 13:30 . 2013-11-13 19:01 229000 ------w- c:\windows\system32\MpSigStub.exe
2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files\Common Files\CPInstallAction.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-23 20:14 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2014-10-15 468192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\ASUSTek\ASUSDVD\PDVDServ.exe" [2008-04-03 87336]
"LanguageShortcut"="c:\program files\ASUSTek\ASUSDVD\Language\Language.exe" [2008-02-22 62760]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-01-12 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-07-15 7651328]
"RtHDVCpl"="RtHDVCpl.exe" [2008-06-13 6183456]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2008-02-01 61440]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2008-09-10 3054136]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2008-09-10 47672]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-16 1029416]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-02 13789728]
"CognizanceTS"="c:\progra~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll" [2003-12-22 17920]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-23 5226600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-10 752168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-18 21:38 1087304 ----a-w- c:\program files\Google\Chrome\Application\39.0.2171.65\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-13 18:55]
.
2014-11-24 c:\windows\Tasks\User_Feed_Synchronization-{A282210E-BA49-40A2-A842-5B391E5A5A03}.job
- c:\windows\system32\msfeedssync.exe [2013-11-15 04:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-iLivid - c:\users\Veru\AppData\Local\iLivid\iLivid.exe
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\SAMSUNG\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\SAMSUNG\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-11-24 19:50
Windows 6.0.6001 Service Pack 1 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_223_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_223_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3528)
c:\windows\system32\APSHook.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItClient.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
c:\program files\ASUS\SmartLogon\sensorsrv.exe
c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\Wireless Console 2\wcourier.exe
c:\program files\ASUS\ASUS CopyProtect\aspg.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\windows\system32\conime.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
.
**************************************************************************
.
Celkový čas: 2014-11-24 19:54:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-24 18:54
.
Před spuštěním: Volných bajtů: 13 821 378 560
Po spuštění: Volných bajtů: 13 293 281 280
.
- - End Of File - - B340982EF1A03C08BDE1D45D394A2800
64B1E91C5C6C2157642651010728F90F
-
Rudy
- Site Admin
- Příspěvky: 119556
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o pomoc
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhnět nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
File::
c:\windows\system32\acovcnt.exe
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o pomoc
ComboFix 14-11-24.02 - Veru 24.11.2014 20:25:43.2.2 - x86
Microsoft® Windows Vista™ Business 6.0.6001.1.1250.420.1029.18.3070.1847 [GMT 1:00]
Spuštěný z: c:\users\Veru\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Veru\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\acovcnt.exe"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-24 do 2014-11-24 )))))))))))))))))))))))))))))))
.
.
2014-11-24 19:32 . 2014-11-24 19:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-24 18:46 . 2014-11-24 19:36 -------- d-----w- c:\users\Veru\AppData\Local\temp
2014-11-23 21:26 . 2014-11-24 19:35 45056 ----a-w- c:\windows\system32\acovcnt.exe
2014-11-23 20:16 . 2014-11-23 20:16 -------- d-----w- c:\users\Veru\AppData\Roaming\AVAST Software
2014-11-23 20:15 . 2014-11-23 20:15 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-23 20:15 . 2014-11-23 20:15 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-23 20:15 . 2014-11-23 20:15 57928 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-11-23 20:15 . 2014-11-23 20:15 55240 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-11-23 20:15 . 2014-11-23 20:15 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-23 20:15 . 2014-11-23 20:15 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-23 20:15 . 2014-11-23 20:15 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-23 20:15 . 2014-11-23 20:15 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-23 20:15 . 2014-11-23 20:15 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-23 20:15 . 2014-11-23 20:15 43152 ----a-w- c:\windows\avastSS.scr
2014-11-23 20:10 . 2014-11-23 20:10 -------- d-----w- c:\program files\AVAST Software
2014-11-22 23:12 . 2014-11-02 04:17 8941456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7BAFED1C-B902-4B00-B915-49E7EC89219E}\mpengine.dll
2014-11-01 11:12 . 2014-11-01 11:13 -------- d-----w- c:\windows\system32\vbox
2014-10-29 18:27 . 2014-11-23 19:20 -------- d-----w- C:\AdwCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-13 18:55 . 2013-11-13 20:49 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-13 18:55 . 2013-11-13 20:49 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-04 13:30 . 2013-11-13 19:01 229000 ------w- c:\windows\system32\MpSigStub.exe
2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files\Common Files\CPInstallAction.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-23 20:14 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2014-10-15 468192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\ASUSTek\ASUSDVD\PDVDServ.exe" [2008-04-03 87336]
"LanguageShortcut"="c:\program files\ASUSTek\ASUSDVD\Language\Language.exe" [2008-02-22 62760]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-01-12 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-07-15 7651328]
"RtHDVCpl"="RtHDVCpl.exe" [2008-06-13 6183456]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2008-02-01 61440]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2008-09-10 3054136]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2008-09-10 47672]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-16 1029416]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-02 13789728]
"CognizanceTS"="c:\progra~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll" [2003-12-22 17920]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-23 5226600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-10 752168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-18 21:38 1087304 ----a-w- c:\program files\Google\Chrome\Application\39.0.2171.65\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-13 18:55]
.
2014-11-24 c:\windows\Tasks\User_Feed_Synchronization-{A282210E-BA49-40A2-A842-5B391E5A5A03}.job
- c:\windows\system32\msfeedssync.exe [2013-11-15 04:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
TCP: DhcpNameServer = 192.168.1.1
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(160)
c:\windows\system32\APSHook.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItClient.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\agrsmsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\ASUS\SmartLogon\sensorsrv.exe
c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\Wireless Console 2\wcourier.exe
c:\program files\ASUS\ASUS CopyProtect\aspg.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\windows\System32\ACEngSvr.exe
c:\windows\system32\conime.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
.
**************************************************************************
.
Celkový čas: 2014-11-24 20:40:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-24 19:40
ComboFix2.txt 2014-11-24 18:54
.
Před spuštěním: Volných bajtů: 13 313 634 304
Po spuštění: Volných bajtů: 13 081 841 664
.
- - End Of File - - 8722337BA098E27E744F50FA05A590A0
64B1E91C5C6C2157642651010728F90F
Microsoft® Windows Vista™ Business 6.0.6001.1.1250.420.1029.18.3070.1847 [GMT 1:00]
Spuštěný z: c:\users\Veru\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Veru\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\acovcnt.exe"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-24 do 2014-11-24 )))))))))))))))))))))))))))))))
.
.
2014-11-24 19:32 . 2014-11-24 19:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-24 18:46 . 2014-11-24 19:36 -------- d-----w- c:\users\Veru\AppData\Local\temp
2014-11-23 21:26 . 2014-11-24 19:35 45056 ----a-w- c:\windows\system32\acovcnt.exe
2014-11-23 20:16 . 2014-11-23 20:16 -------- d-----w- c:\users\Veru\AppData\Roaming\AVAST Software
2014-11-23 20:15 . 2014-11-23 20:15 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-23 20:15 . 2014-11-23 20:15 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-23 20:15 . 2014-11-23 20:15 57928 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-11-23 20:15 . 2014-11-23 20:15 55240 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-11-23 20:15 . 2014-11-23 20:15 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-23 20:15 . 2014-11-23 20:15 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-23 20:15 . 2014-11-23 20:15 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-23 20:15 . 2014-11-23 20:15 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-23 20:15 . 2014-11-23 20:15 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-23 20:15 . 2014-11-23 20:15 43152 ----a-w- c:\windows\avastSS.scr
2014-11-23 20:10 . 2014-11-23 20:10 -------- d-----w- c:\program files\AVAST Software
2014-11-22 23:12 . 2014-11-02 04:17 8941456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7BAFED1C-B902-4B00-B915-49E7EC89219E}\mpengine.dll
2014-11-01 11:12 . 2014-11-01 11:13 -------- d-----w- c:\windows\system32\vbox
2014-10-29 18:27 . 2014-11-23 19:20 -------- d-----w- C:\AdwCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-13 18:55 . 2013-11-13 20:49 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-13 18:55 . 2013-11-13 20:49 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-04 13:30 . 2013-11-13 19:01 229000 ------w- c:\windows\system32\MpSigStub.exe
2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files\Common Files\CPInstallAction.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-23 20:14 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2014-10-15 468192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\ASUSTek\ASUSDVD\PDVDServ.exe" [2008-04-03 87336]
"LanguageShortcut"="c:\program files\ASUSTek\ASUSDVD\Language\Language.exe" [2008-02-22 62760]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-01-12 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-07-15 7651328]
"RtHDVCpl"="RtHDVCpl.exe" [2008-06-13 6183456]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2008-02-01 61440]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2008-09-10 3054136]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2008-09-10 47672]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-16 1029416]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-02 13789728]
"CognizanceTS"="c:\progra~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll" [2003-12-22 17920]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-23 5226600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-10 752168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-18 21:38 1087304 ----a-w- c:\program files\Google\Chrome\Application\39.0.2171.65\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-13 18:55]
.
2014-11-24 c:\windows\Tasks\User_Feed_Synchronization-{A282210E-BA49-40A2-A842-5B391E5A5A03}.job
- c:\windows\system32\msfeedssync.exe [2013-11-15 04:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
TCP: DhcpNameServer = 192.168.1.1
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(160)
c:\windows\system32\APSHook.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItClient.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\agrsmsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\ASUS\SmartLogon\sensorsrv.exe
c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\Wireless Console 2\wcourier.exe
c:\program files\ASUS\ASUS CopyProtect\aspg.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\windows\System32\ACEngSvr.exe
c:\windows\system32\conime.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
.
**************************************************************************
.
Celkový čas: 2014-11-24 20:40:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-24 19:40
ComboFix2.txt 2014-11-24 18:54
.
Před spuštěním: Volných bajtů: 13 313 634 304
Po spuštění: Volných bajtů: 13 081 841 664
.
- - End Of File - - 8722337BA098E27E744F50FA05A590A0
64B1E91C5C6C2157642651010728F90F
-
Rudy
- Site Admin
- Příspěvky: 119556
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o pomoc
Vše smazáno, log je OK. CF odinstalujte pomocí T-Cleaneru: http://vyosek.tym.cz/pro_usery/T-Cleaner.exe . Nastala nyní změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o pomoc
Teď mám ze 13 GB 12,9 GB
Přispějete na provoz fóra?