Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivku PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o preventivku PC
Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=30&t=133101
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
Mr.Francesko
- Návštěvník
- Příspěvky: 11
- Registrován: 02 led 2014 13:39
Re: Prosím o preventivku PC
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2014
Ran by Matrix (administrator) on MATRIX-PC on 03-01-2014 10:19:51
Running from C:\Users\Matrix\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [507744 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 192.168.0.1
Chrome:
=======
CHR HomePage: hxxp://www.google.cz/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! Online Security) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0
CHR Extension: (Google Wallet) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-29] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-06-30] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-06-30] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-03 10:19 - 2014-01-03 10:20 - 00006605 _____ C:\Users\Matrix\Desktop\FRST.txt
2014-01-03 10:19 - 2014-01-03 10:19 - 00000000 ____D C:\FRST
2014-01-03 10:17 - 2014-01-03 10:17 - 00112640 _____ (forum.viry.cz) C:\Users\Matrix\Desktop\FRSTLauncher.exe
2014-01-03 10:16 - 2014-01-03 10:16 - 00029696 _____ C:\Users\Matrix\AppData\Local\MSGBOX.EXE
2014-01-03 10:12 - 2014-01-03 10:13 - 01931750 _____ (Farbar) C:\Users\Matrix\Desktop\FRST64.exe
2014-01-03 07:48 - 2014-01-03 07:48 - 00000056 _____ C:\Windows\setupact.log
2014-01-03 07:48 - 2014-01-03 07:48 - 00000000 _____ C:\Windows\setuperr.log
2014-01-02 16:25 - 2014-01-02 16:25 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\Malwarebytes
2014-01-02 16:24 - 2014-01-02 16:24 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-02 16:24 - 2014-01-02 16:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-02 16:24 - 2014-01-02 16:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-02 16:24 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-02 14:09 - 2014-01-02 16:15 - 00000000 ____D C:\Program Files\trend micro
2014-01-02 14:09 - 2014-01-02 14:09 - 00935175 _____ C:\Users\Matrix\Desktop\RSITx64.exe
2014-01-01 18:20 - 2013-08-11 15:40 - 00043520 ____S (NirSoft) C:\Windows\SysWOW64\nircmdc.exe
2013-12-29 21:54 - 2014-01-03 07:49 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-29 21:54 - 2013-12-29 21:54 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 21:54 - 2013-12-29 21:54 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 21:54 - 2013-12-29 21:54 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\AVAST Software
2013-12-29 21:53 - 2013-12-29 21:53 - 00000000 ____D C:\Program Files\AVAST Software
2013-12-29 21:52 - 2013-12-29 21:53 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-29 06:44 - 2013-12-29 06:44 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\Fatshark
2013-12-28 13:41 - 2014-01-03 07:52 - 00186438 _____ C:\Windows\WindowsUpdate.log
2013-12-26 20:53 - 2013-12-26 20:53 - 00001335 _____ C:\Users\Public\Desktop\Virtual Families 2.lnk
2013-12-26 20:53 - 2013-12-26 20:53 - 00000000 ____D C:\Users\Matrix\Documents\LDW
2013-12-26 20:53 - 2013-12-26 20:53 - 00000000 ____D C:\Program Files (x86)\LeeGT-Games
2013-12-12 10:42 - 2013-12-12 10:42 - 00000000 ____D C:\Users\Matrix\Documents\SimCity
2013-12-11 12:20 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 12:20 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 12:20 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 12:20 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 12:20 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 12:20 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 12:15 - 2013-11-02 03:28 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 12:15 - 2013-11-02 03:28 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 12:15 - 2013-11-02 03:26 - 09073152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 12:15 - 2013-11-02 03:26 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 12:15 - 2013-11-02 03:25 - 12295168 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 12:15 - 2013-11-02 03:25 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 12:15 - 2013-11-02 03:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 12:15 - 2013-11-02 03:07 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 12:15 - 2013-11-02 03:04 - 06039552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 12:15 - 2013-11-02 03:04 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 12:15 - 2013-11-02 03:03 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 12:15 - 2013-11-02 03:03 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 12:14 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 12:14 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 12:14 - 2013-11-02 03:28 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 12:14 - 2013-11-02 03:26 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 12:14 - 2013-11-02 03:25 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 12:14 - 2013-11-02 03:25 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 12:14 - 2013-11-02 03:07 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-11 12:14 - 2013-11-02 03:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-11 12:14 - 2013-11-02 03:04 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 12:14 - 2013-11-02 03:03 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 12:14 - 2013-11-02 02:30 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 12:14 - 2013-11-02 02:13 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 12:14 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 12:14 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 12:14 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 12:14 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 12:14 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 12:14 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 12:14 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 12:14 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 12:14 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 12:14 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 12:14 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 12:14 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 12:14 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-09 17:35 - 2013-12-09 17:35 - 00000000 ____D C:\Users\Matrix\Documents\Diablo III
2013-12-09 17:13 - 2013-12-09 17:35 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-12-09 17:13 - 2013-12-09 17:13 - 00001144 _____ C:\Users\Public\Desktop\Diablo III.lnk
2013-12-09 17:13 - 2013-12-09 17:13 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-12-09 17:12 - 2013-12-09 17:13 - 00000000 ____D C:\ProgramData\Battle.net
2013-12-05 18:03 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
==================== One Month Modified Files and Folders =======
2014-01-03 10:20 - 2014-01-03 10:19 - 00006605 _____ C:\Users\Matrix\Desktop\FRST.txt
2014-01-03 10:19 - 2014-01-03 10:19 - 00000000 ____D C:\FRST
2014-01-03 10:17 - 2014-01-03 10:17 - 00112640 _____ (forum.viry.cz) C:\Users\Matrix\Desktop\FRSTLauncher.exe
2014-01-03 10:16 - 2014-01-03 10:16 - 00029696 _____ C:\Users\Matrix\AppData\Local\MSGBOX.EXE
2014-01-03 10:13 - 2014-01-03 10:12 - 01931750 _____ (Farbar) C:\Users\Matrix\Desktop\FRST64.exe
2014-01-03 10:11 - 2013-05-27 19:30 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-03 09:57 - 2013-11-07 10:47 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-03 09:46 - 2013-05-27 17:39 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-03 07:56 - 2009-07-14 05:45 - 00021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-03 07:56 - 2009-07-14 05:45 - 00021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-03 07:53 - 2010-11-21 10:27 - 00668866 _____ C:\Windows\system32\perfh005.dat
2014-01-03 07:53 - 2010-11-21 10:27 - 00141526 _____ C:\Windows\system32\perfc005.dat
2014-01-03 07:53 - 2009-07-14 06:13 - 01584554 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-03 07:52 - 2013-12-28 13:41 - 00186438 _____ C:\Windows\WindowsUpdate.log
2014-01-03 07:49 - 2013-12-29 21:54 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-03 07:49 - 2013-11-07 10:47 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-03 07:48 - 2014-01-03 07:48 - 00000056 _____ C:\Windows\setupact.log
2014-01-03 07:48 - 2014-01-03 07:48 - 00000000 _____ C:\Windows\setuperr.log
2014-01-03 07:48 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-02 16:25 - 2014-01-02 16:25 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\Malwarebytes
2014-01-02 16:24 - 2014-01-02 16:24 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-02 16:24 - 2014-01-02 16:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-02 16:24 - 2014-01-02 16:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-02 16:15 - 2014-01-02 14:09 - 00000000 ____D C:\Program Files\trend micro
2014-01-02 14:09 - 2014-01-02 14:09 - 00935175 _____ C:\Users\Matrix\Desktop\RSITx64.exe
2014-01-01 21:03 - 2013-05-28 00:48 - 00000000 ____D C:\Users\Matrix\Documents\my games
2013-12-29 21:54 - 2013-12-29 21:54 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 21:54 - 2013-12-29 21:54 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 21:54 - 2013-12-29 21:54 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\AVAST Software
2013-12-29 21:54 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-12-29 21:53 - 2013-12-29 21:53 - 00000000 ____D C:\Program Files\AVAST Software
2013-12-29 21:53 - 2013-12-29 21:52 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-29 06:44 - 2013-12-29 06:44 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\Fatshark
2013-12-28 23:23 - 2013-06-01 21:51 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-27 18:45 - 2013-05-27 15:43 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-12-27 15:30 - 2013-05-27 15:56 - 00000000 ____D C:\Program Files\CCleaner
2013-12-26 20:53 - 2013-12-26 20:53 - 00001335 _____ C:\Users\Public\Desktop\Virtual Families 2.lnk
2013-12-26 20:53 - 2013-12-26 20:53 - 00000000 ____D C:\Users\Matrix\Documents\LDW
2013-12-26 20:53 - 2013-12-26 20:53 - 00000000 ____D C:\Program Files (x86)\LeeGT-Games
2013-12-17 13:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-15 22:25 - 2013-07-14 15:50 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\Might & Magic Heroes VI
2013-12-12 10:42 - 2013-12-12 10:42 - 00000000 ____D C:\Users\Matrix\Documents\SimCity
2013-12-12 10:41 - 2013-06-01 21:52 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-12-11 22:46 - 2013-05-27 17:39 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 22:46 - 2013-05-27 17:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 22:46 - 2013-05-27 17:39 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 12:18 - 2009-07-14 05:45 - 00276128 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-09 17:35 - 2013-12-09 17:35 - 00000000 ____D C:\Users\Matrix\Documents\Diablo III
2013-12-09 17:35 - 2013-12-09 17:13 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-12-09 17:13 - 2013-12-09 17:13 - 00001144 _____ C:\Users\Public\Desktop\Diablo III.lnk
2013-12-09 17:13 - 2013-12-09 17:13 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-12-09 17:13 - 2013-12-09 17:12 - 00000000 ____D C:\ProgramData\Battle.net
2013-12-08 12:58 - 2013-05-27 15:14 - 01559268 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-07 18:52 - 2013-11-07 10:47 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-07 18:52 - 2013-11-07 10:47 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-05 12:05 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-30 22:48
==================== End Of Log ============================
Ran by Matrix (administrator) on MATRIX-PC on 03-01-2014 10:19:51
Running from C:\Users\Matrix\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [507744 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 192.168.0.1
Chrome:
=======
CHR HomePage: hxxp://www.google.cz/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! Online Security) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0
CHR Extension: (Google Wallet) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Matrix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-29] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-06-30] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-06-30] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-03 10:19 - 2014-01-03 10:20 - 00006605 _____ C:\Users\Matrix\Desktop\FRST.txt
2014-01-03 10:19 - 2014-01-03 10:19 - 00000000 ____D C:\FRST
2014-01-03 10:17 - 2014-01-03 10:17 - 00112640 _____ (forum.viry.cz) C:\Users\Matrix\Desktop\FRSTLauncher.exe
2014-01-03 10:16 - 2014-01-03 10:16 - 00029696 _____ C:\Users\Matrix\AppData\Local\MSGBOX.EXE
2014-01-03 10:12 - 2014-01-03 10:13 - 01931750 _____ (Farbar) C:\Users\Matrix\Desktop\FRST64.exe
2014-01-03 07:48 - 2014-01-03 07:48 - 00000056 _____ C:\Windows\setupact.log
2014-01-03 07:48 - 2014-01-03 07:48 - 00000000 _____ C:\Windows\setuperr.log
2014-01-02 16:25 - 2014-01-02 16:25 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\Malwarebytes
2014-01-02 16:24 - 2014-01-02 16:24 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-02 16:24 - 2014-01-02 16:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-02 16:24 - 2014-01-02 16:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-02 16:24 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-02 14:09 - 2014-01-02 16:15 - 00000000 ____D C:\Program Files\trend micro
2014-01-02 14:09 - 2014-01-02 14:09 - 00935175 _____ C:\Users\Matrix\Desktop\RSITx64.exe
2014-01-01 18:20 - 2013-08-11 15:40 - 00043520 ____S (NirSoft) C:\Windows\SysWOW64\nircmdc.exe
2013-12-29 21:54 - 2014-01-03 07:49 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-29 21:54 - 2013-12-29 21:54 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 21:54 - 2013-12-29 21:54 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 21:54 - 2013-12-29 21:54 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\AVAST Software
2013-12-29 21:53 - 2013-12-29 21:53 - 00000000 ____D C:\Program Files\AVAST Software
2013-12-29 21:52 - 2013-12-29 21:53 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-29 06:44 - 2013-12-29 06:44 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\Fatshark
2013-12-28 13:41 - 2014-01-03 07:52 - 00186438 _____ C:\Windows\WindowsUpdate.log
2013-12-26 20:53 - 2013-12-26 20:53 - 00001335 _____ C:\Users\Public\Desktop\Virtual Families 2.lnk
2013-12-26 20:53 - 2013-12-26 20:53 - 00000000 ____D C:\Users\Matrix\Documents\LDW
2013-12-26 20:53 - 2013-12-26 20:53 - 00000000 ____D C:\Program Files (x86)\LeeGT-Games
2013-12-12 10:42 - 2013-12-12 10:42 - 00000000 ____D C:\Users\Matrix\Documents\SimCity
2013-12-11 12:20 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 12:20 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 12:20 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 12:20 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 12:20 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 12:20 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 12:15 - 2013-11-02 03:28 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 12:15 - 2013-11-02 03:28 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 12:15 - 2013-11-02 03:26 - 09073152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 12:15 - 2013-11-02 03:26 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 12:15 - 2013-11-02 03:25 - 12295168 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 12:15 - 2013-11-02 03:25 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 12:15 - 2013-11-02 03:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 12:15 - 2013-11-02 03:07 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 12:15 - 2013-11-02 03:04 - 06039552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 12:15 - 2013-11-02 03:04 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 12:15 - 2013-11-02 03:03 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 12:15 - 2013-11-02 03:03 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 12:14 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 12:14 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 12:14 - 2013-11-02 03:28 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 12:14 - 2013-11-02 03:26 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 12:14 - 2013-11-02 03:25 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 12:14 - 2013-11-02 03:25 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 12:14 - 2013-11-02 03:07 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-11 12:14 - 2013-11-02 03:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-11 12:14 - 2013-11-02 03:04 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 12:14 - 2013-11-02 03:03 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 12:14 - 2013-11-02 02:30 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 12:14 - 2013-11-02 02:13 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 12:14 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 12:14 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 12:14 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 12:14 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 12:14 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 12:14 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 12:14 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 12:14 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 12:14 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 12:14 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 12:14 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 12:14 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 12:14 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-09 17:35 - 2013-12-09 17:35 - 00000000 ____D C:\Users\Matrix\Documents\Diablo III
2013-12-09 17:13 - 2013-12-09 17:35 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-12-09 17:13 - 2013-12-09 17:13 - 00001144 _____ C:\Users\Public\Desktop\Diablo III.lnk
2013-12-09 17:13 - 2013-12-09 17:13 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-12-09 17:12 - 2013-12-09 17:13 - 00000000 ____D C:\ProgramData\Battle.net
2013-12-05 18:03 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
==================== One Month Modified Files and Folders =======
2014-01-03 10:20 - 2014-01-03 10:19 - 00006605 _____ C:\Users\Matrix\Desktop\FRST.txt
2014-01-03 10:19 - 2014-01-03 10:19 - 00000000 ____D C:\FRST
2014-01-03 10:17 - 2014-01-03 10:17 - 00112640 _____ (forum.viry.cz) C:\Users\Matrix\Desktop\FRSTLauncher.exe
2014-01-03 10:16 - 2014-01-03 10:16 - 00029696 _____ C:\Users\Matrix\AppData\Local\MSGBOX.EXE
2014-01-03 10:13 - 2014-01-03 10:12 - 01931750 _____ (Farbar) C:\Users\Matrix\Desktop\FRST64.exe
2014-01-03 10:11 - 2013-05-27 19:30 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-03 09:57 - 2013-11-07 10:47 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-03 09:46 - 2013-05-27 17:39 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-03 07:56 - 2009-07-14 05:45 - 00021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-03 07:56 - 2009-07-14 05:45 - 00021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-03 07:53 - 2010-11-21 10:27 - 00668866 _____ C:\Windows\system32\perfh005.dat
2014-01-03 07:53 - 2010-11-21 10:27 - 00141526 _____ C:\Windows\system32\perfc005.dat
2014-01-03 07:53 - 2009-07-14 06:13 - 01584554 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-03 07:52 - 2013-12-28 13:41 - 00186438 _____ C:\Windows\WindowsUpdate.log
2014-01-03 07:49 - 2013-12-29 21:54 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-03 07:49 - 2013-11-07 10:47 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-03 07:48 - 2014-01-03 07:48 - 00000056 _____ C:\Windows\setupact.log
2014-01-03 07:48 - 2014-01-03 07:48 - 00000000 _____ C:\Windows\setuperr.log
2014-01-03 07:48 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-02 16:25 - 2014-01-02 16:25 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\Malwarebytes
2014-01-02 16:24 - 2014-01-02 16:24 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-02 16:24 - 2014-01-02 16:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-02 16:24 - 2014-01-02 16:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-02 16:15 - 2014-01-02 14:09 - 00000000 ____D C:\Program Files\trend micro
2014-01-02 14:09 - 2014-01-02 14:09 - 00935175 _____ C:\Users\Matrix\Desktop\RSITx64.exe
2014-01-01 21:03 - 2013-05-28 00:48 - 00000000 ____D C:\Users\Matrix\Documents\my games
2013-12-29 21:54 - 2013-12-29 21:54 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 21:54 - 2013-12-29 21:54 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-29 21:54 - 2013-12-29 21:54 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 21:54 - 2013-12-29 21:54 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\AVAST Software
2013-12-29 21:54 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-12-29 21:53 - 2013-12-29 21:53 - 00000000 ____D C:\Program Files\AVAST Software
2013-12-29 21:53 - 2013-12-29 21:52 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-29 06:44 - 2013-12-29 06:44 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\Fatshark
2013-12-28 23:23 - 2013-06-01 21:51 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-27 18:45 - 2013-05-27 15:43 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-12-27 15:30 - 2013-05-27 15:56 - 00000000 ____D C:\Program Files\CCleaner
2013-12-26 20:53 - 2013-12-26 20:53 - 00001335 _____ C:\Users\Public\Desktop\Virtual Families 2.lnk
2013-12-26 20:53 - 2013-12-26 20:53 - 00000000 ____D C:\Users\Matrix\Documents\LDW
2013-12-26 20:53 - 2013-12-26 20:53 - 00000000 ____D C:\Program Files (x86)\LeeGT-Games
2013-12-17 13:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-15 22:25 - 2013-07-14 15:50 - 00000000 ____D C:\Users\Matrix\AppData\Roaming\Might & Magic Heroes VI
2013-12-12 10:42 - 2013-12-12 10:42 - 00000000 ____D C:\Users\Matrix\Documents\SimCity
2013-12-12 10:41 - 2013-06-01 21:52 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-12-11 22:46 - 2013-05-27 17:39 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 22:46 - 2013-05-27 17:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 22:46 - 2013-05-27 17:39 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 12:18 - 2009-07-14 05:45 - 00276128 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-09 17:35 - 2013-12-09 17:35 - 00000000 ____D C:\Users\Matrix\Documents\Diablo III
2013-12-09 17:35 - 2013-12-09 17:13 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-12-09 17:13 - 2013-12-09 17:13 - 00001144 _____ C:\Users\Public\Desktop\Diablo III.lnk
2013-12-09 17:13 - 2013-12-09 17:13 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-12-09 17:13 - 2013-12-09 17:12 - 00000000 ____D C:\ProgramData\Battle.net
2013-12-08 12:58 - 2013-05-27 15:14 - 01559268 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-07 18:52 - 2013-11-07 10:47 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-07 18:52 - 2013-11-07 10:47 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-05 12:05 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-30 22:48
==================== End Of Log ============================
- Přílohy
-
- Addition.rar
- (3.69 KiB) Staženo 25 x
Re: Prosím o preventivku PC
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File 2014-01-03 10:17 - 2014-01-03 10:17 - 00112640 _____ (forum.viry.cz) C:\Users\Matrix\Desktop\FRSTLauncher.exe 2014-01-03 10:16 - 2014-01-03 10:16 - 00029696 _____ C:\Users\Matrix\AppData\Local\MSGBOX.EXE Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Mr.Francesko
- Návštěvník
- Příspěvky: 11
- Registrován: 02 led 2014 13:39
Re: Prosím o preventivku PC
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-01-2014
Ran by Matrix at 2014-01-03 16:16:11 Run:1
Running from C:\Users\Matrix\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
2014-01-03 10:17 - 2014-01-03 10:17 - 00112640 _____ (forum.viry.cz) C:\Users\Matrix\Desktop\FRSTLauncher.exe
2014-01-03 10:16 - 2014-01-03 10:16 - 00029696 _____ C:\Users\Matrix\AppData\Local\MSGBOX.EXE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
C:\Users\Matrix\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Matrix\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Ran by Matrix at 2014-01-03 16:16:11 Run:1
Running from C:\Users\Matrix\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
2014-01-03 10:17 - 2014-01-03 10:17 - 00112640 _____ (forum.viry.cz) C:\Users\Matrix\Desktop\FRSTLauncher.exe
2014-01-03 10:16 - 2014-01-03 10:16 - 00029696 _____ C:\Users\Matrix\AppData\Local\MSGBOX.EXE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
C:\Users\Matrix\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Matrix\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: Prosím o preventivku PC
Tak jeste uklidime 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Mr.Francesko
- Návštěvník
- Příspěvky: 11
- Registrován: 02 led 2014 13:39
Re: Prosím o preventivku PC
Asi by nemelo smysl vysvetlovat co to bylo za havet a jak se kemne mohla dostat....... Dekuji za vas cas a pomoc 
preju hezky vikend 
preju hezky vikend Re: Prosím o preventivku PC
Vypadalo to na BitCoint Minery http://www.viry.cz/tezba-bitcoinu-bez-v ... le-i-v-cr/Nemate zac, rad jsem pomohl
Zase nekdy 
A na zaklade Pravidla o zamykani temat
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?