Prosím o kontrolu logu z MBAM Vyřešeno

[Zdendys75]

Tady je log z MBR. Combo fix mi to nechce spustit. Viz příloha..

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-01-16 21:06:05
-----------------------------
21:06:05.156 OS Version: Windows 6.2.9200
21:06:05.156 Number of processors: 4 586 0x3703
21:06:05.171 ComputerName: ZDENDYS-PC UserName: Zdeněk
21:06:05.656 Initialze error 1
21:06:09.437 AVAST engine defs: 14011600
21:06:12.421 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000003e
21:06:12.421 Disk 0 Vendor: VID:45 1.2 Size: 29820MB BusType: 12
21:06:12.437 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000005d
21:06:12.452 Disk 1 Vendor: VID:03 8.0 Size: 15193MB BusType: 12
21:06:12.468 Disk 0 MBR read successfully
21:06:12.468 Disk 0 MBR scan
21:06:12.484 Disk 0 unknown MBR code
21:06:12.484 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
21:06:12.499 Disk 0 scanning C:\Windows\system32\drivers
21:06:12.515 Service scanning
21:06:13.109 Modules scanning
21:06:14.702 Disk 0 trace - called modules:
21:06:14.734 ntoskrnl.exe CLASSPNP.SYS disk.sys sdstor.sys halmacpi.dll ACPI.sys sdbus.sys intelpep.sys
21:06:14.749 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x857f35e0]
21:06:14.781 3 CLASSPNP.SYS[825af4b8] -> nt!IofCallDriver -> \Device\0000003e[0x857b7028]
21:06:14.796 5 sdstor.sys[8252b8f4] -> nt!IofCallDriver -> [0x857ee860]
21:06:14.812 7 ACPI.sys[82cefd7a] -> nt!IofCallDriver -> \Device\SdBus-0[0x857f44d0]
21:06:14.827 AVAST engine scan C:\Windows
21:06:14.843 AVAST engine scan C:\Windows\system32
21:06:14.859 AVAST engine scan C:\Windows\system32\drivers
21:06:14.874 AVAST engine scan C:\Users\Zdeněk
21:06:14.890 AVAST engine scan C:\ProgramData
21:06:14.890 Scan finished successfully
21:06:25.327 Disk 0 MBR fix error
21:06:46.468 Disk 0 MBR has been saved successfully to "C:\Users\Zdeněk\Desktop\MBR.dat"
21:06:46.484 The log file has been saved successfully to "C:\Users\Zdeněk\Desktop\aswMBR2.txt"

[Reklama]

[Orcus]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Farbar Scan Tool
Prosím stáhni příslušnou verzi programu pro Tvůj systém (32-bit/64-bit) Farbar Scan Tool (FrSt)

32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/

64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/

a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Zdendys75]

Tak ComboFix se mi nedaří nikde najít. Přitom na ploše ho mám. Není to u win8 jinak? Tady jsou ty logy.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2014 03
Ran by Zdeněk (administrator) on ZDENDYS-PC on 17-01-2014 11:40:10
Running from C:\Users\Zdeněk\Downloads
Microsoft Windows 8.1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) ===================

(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe
(PS Media s.r.o.) C:\Windows\System32\ssins.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
() C:\Program Files\ASUS\ASUS Reading Mode\ReadingModeWatchDogx86.exe
(ASUSTek Computer INC.) C:\Program Files\ASUS\ASUS AC Reminder\ACReminderSrv.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPCenter.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ASUSPRP] - C:\Program Files\ASUS\APRP\APRP.EXE [3216032 2013-09-07] (ASUSTek Computer Inc.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] - C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [73216 2013-08-24] (Intel Corporation)
HKLM\...\Run: [RtkNGUI] - C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe [2653912 2013-07-16] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-15] (AVAST Software)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\Root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\Root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

========================== Services (Whitelisted) =================

R2 AsHidService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [103224 2013-05-16] (ASUSTek Computer Inc.)
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [107320 2013-01-15] (ASUSTek Computer Inc.)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-15] (AVAST Software)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [1678040 2013-12-13] (Broadcom Corporation.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2013-08-28] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [75264 2013-08-24] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [89088 2013-08-24] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [82432 2013-08-24] (Intel Corporation)
S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe [1280600 2012-12-07] (Microsoft Corporation)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
R2 ssinstall; C:\Windows\System32\ssins.exe [2324216 2014-01-15] (PS Media s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [278264 2013-08-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22240 2013-08-22] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1174016 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R3 AsusHID; C:\Windows\System32\drivers\AsusHID.sys [64312 2013-09-04] (ASUS Corporation)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2014-01-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-01-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2014-01-15] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2014-01-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-15] ()
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [14464 2011-09-07] (ASUS)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [25600 2013-08-22] (Microsoft Corporation)
R3 BCMSDH43XX; C:\Windows\system32\DRIVERS\bcmdhd63.sys [304344 2013-10-16] (Broadcom Corp)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [185856 2013-08-22] (Microsoft Corporation)
R3 BthMini; C:\Windows\System32\Drivers\BTHMINI.sys [24064 2013-08-22] (Microsoft Corporation)
S3 btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [144600 2013-12-13] (Broadcom Corporation.)
R3 BtwSerialBus; C:\Windows\system32\DRIVERS\BtwSerialBus.sys [130776 2013-12-13] (Broadcom Corporation.)
R3 camera; C:\Windows\system32\DRIVERS\camera.sys [334848 2013-08-23] (Intel Corporation)
R3 CM3218x; C:\Windows\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
R3 CPLMACPI; C:\Windows\system32\DRIVERS\CPLMACPI.sys [17000 2013-07-10] (Capella Microsystems, Inc.)
R3 DptfDevDBPT; C:\Windows\system32\DRIVERS\DptfDevPower.sys [17408 2013-08-24] (Intel Corporation)
R3 DptfDevDisplay; C:\Windows\system32\DRIVERS\DptfDevDisplay.sys [20480 2013-08-24] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [28160 2013-08-24] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [72192 2013-08-24] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [176640 2013-08-24] (Intel Corporation)
R3 GPIO; C:\Windows\System32\drivers\iaiogpio.sys [23040 2013-08-23] (Intel Corporation)
R3 GpioVirtual; C:\Windows\System32\drivers\iaiogpiovirtual.sys [17408 2013-08-21] (Intel Corporation)
R3 HIDSwitch; C:\Windows\System32\drivers\AsHIDSwitch.sys [17720 2013-08-06] (ASUS)
R3 iaiouart; C:\Windows\System32\drivers\iaiouart.sys [88064 2013-08-21] (Intel Corporation)
S0 iaStorA; C:\Windows\System32\drivers\iaStorA.sys [505192 2013-08-09] (Intel Corporation)
S3 intaud_WaveExtensible; C:\Windows\system32\drivers\intelaud.sys [33176 2013-08-22] (Intel Corporation)
R3 IntelSST; C:\Windows\system32\drivers\isstrtc.sys [242176 2013-08-26] (Intel(R) Corporation)
R3 INVN_MotionApps; C:\Windows\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
R3 iwdbus; C:\Windows\System32\drivers\iwdbus.sys [22936 2013-08-22] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [21456 2013-08-21] (Intel Corporation)
R3 MT9M114; C:\Windows\System32\drivers\MT9M114.sys [38400 2013-08-23] (Intel Corporation)
S3 NETwNs32; C:\Windows\system32\DRIVERS\Netwsn00.sys [10372096 2013-06-18] (Intel Corporation)
R3 PMIC; C:\Windows\System32\drivers\PMIC.sys [46592 2013-08-21] (Intel Corporation)
R3 rtii2sac; C:\Windows\system32\DRIVERS\rtii2sac.sys [129752 2013-09-13] (Realtek Semiconductor Corp.)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
R3 TXEI; C:\Windows\System32\drivers\TXEI.sys [76304 2013-08-03] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [93024 2013-08-22] (Microsoft Corporation)
R3 WUDFSensorLP; C:\Windows\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
U0 msahci;
U3 TrueSight; \??\ [x]
U3 aswMBR; \??\C:\Users\ZDENK~1\AppData\Local\Temp\aswMBR.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-17 11:40 - 2014-01-17 11:40 - 00012369 _____ C:\Users\Zdeněk\Downloads\FRST.txt
2014-01-17 11:39 - 2014-01-17 11:39 - 01221120 _____ (Farbar) C:\Users\Zdeněk\Downloads\FRST.exe
2014-01-17 11:39 - 2014-01-17 11:39 - 00000000 ____D C:\FRST
2014-01-17 11:36 - 2014-01-17 11:36 - 01221120 _____ (Farbar) C:\Users\Zdeněk\Downloads\FRST (1).exe
2014-01-16 21:08 - 2014-01-16 23:19 - 05167985 _____ (Swearware) C:\Users\Zdeněk\Desktop\ComboFix.exe
2014-01-16 21:06 - 2014-01-16 21:06 - 00002009 _____ C:\Users\Zdeněk\Desktop\aswMBR2.txt
2014-01-16 20:36 - 2014-01-16 20:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-01-16 20:34 - 2014-01-16 21:06 - 00000512 _____ C:\Users\Zdeněk\Desktop\MBR.dat
2014-01-16 20:34 - 2014-01-16 20:34 - 00001957 _____ C:\Users\Zdeněk\Desktop\aswMBR.txt
2014-01-16 20:29 - 2013-02-11 18:51 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Zdeněk\Desktop\TDSSKiller.exe
2014-01-16 20:27 - 2014-01-16 20:27 - 00001929 _____ C:\Users\Zdeněk\Desktop\RKreport[0]_D_01162014_202704.txt
2014-01-16 20:26 - 2014-01-16 20:26 - 04745728 _____ (AVAST Software) C:\Users\Zdeněk\Downloads\aswmbr.exe
2014-01-16 20:26 - 2014-01-16 20:26 - 04745728 _____ (AVAST Software) C:\Users\Zdeněk\Desktop\aswmbr.exe
2014-01-16 20:26 - 2014-01-16 20:25 - 02218636 _____ C:\Users\Zdeněk\Desktop\tdsskiller.zip
2014-01-16 20:25 - 2014-01-16 20:25 - 02218636 _____ C:\Users\Zdeněk\Downloads\tdsskiller.zip
2014-01-16 20:07 - 2014-01-16 20:07 - 00001884 _____ C:\Users\Zdeněk\Desktop\RKreport[0]_S_01162014_200751.txt
2014-01-16 17:48 - 2014-01-16 17:48 - 00000000 ____D C:\Windows\ERUNT
2014-01-16 17:39 - 2014-01-16 20:27 - 00000000 ____D C:\Users\Zdeněk\Desktop\RK_Quarantine
2014-01-16 17:37 - 2014-01-16 17:37 - 01037068 _____ (Thisisu) C:\Users\Zdeněk\Desktop\JRT.exe
2014-01-16 17:36 - 2014-01-16 17:36 - 03809280 _____ C:\Users\Zdeněk\Desktop\RogueKiller.exe
2014-01-16 11:36 - 2014-01-16 17:22 - 00000000 ____D C:\AdwCleaner
2014-01-16 11:20 - 2014-01-16 11:20 - 01236282 _____ C:\Users\Zdeněk\Desktop\adwcleaner.exe
2014-01-16 11:19 - 2014-01-16 11:19 - 00448512 _____ (OldTimer Tools) C:\Users\Zdeněk\Downloads\TFC.exe
2014-01-16 11:19 - 2014-01-16 11:19 - 00050688 _____ (Atribune.org) C:\Users\Zdeněk\Downloads\ATF-Cleaner.exe
2014-01-15 23:41 - 2014-01-15 23:41 - 00000000 ____D C:\Users\Zdeněk\Documents\GomPlayer
2014-01-15 23:20 - 2014-01-15 23:20 - 00000000 ___RD C:\Users\Zdeněk\Documents\Notes
2014-01-15 22:14 - 2014-01-15 22:14 - 00041363 _____ C:\Users\Zdeněk\Desktop\Z201312.xlsx
2014-01-15 22:14 - 2014-01-15 22:14 - 00019686 _____ C:\Users\Zdeněk\Desktop\Nejsou klíče.xlsx
2014-01-15 22:13 - 2014-01-17 11:28 - 00000000 ___RD C:\Users\Zdeněk\Disk Google
2014-01-15 22:13 - 2014-01-15 22:13 - 00001741 _____ C:\Users\Zdeněk\Desktop\Disk Google.lnk
2014-01-15 22:11 - 2014-01-15 22:11 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\Malwarebytes
2014-01-15 22:10 - 2014-01-15 22:10 - 00001081 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-15 22:10 - 2014-01-15 22:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-15 22:10 - 2014-01-15 22:10 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-15 22:10 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-15 22:09 - 2014-01-15 22:09 - 00002018 _____ C:\Users\Public\Desktop\Google Slides.lnk
2014-01-15 22:09 - 2014-01-15 22:09 - 00002016 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2014-01-15 22:09 - 2014-01-15 22:09 - 00002006 _____ C:\Users\Public\Desktop\Google Docs.lnk
2014-01-15 22:07 - 2014-01-15 22:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-01-15 22:05 - 2014-01-16 21:11 - 00039424 ___SH C:\Users\Zdeněk\Desktop\Thumbs.db
2014-01-15 22:04 - 2014-01-15 22:04 - 00000000 ____D C:\Users\Zdeněk\Documents\Výtahy
2014-01-15 21:50 - 2014-01-15 21:50 - 00037159 _____ C:\Users\Zdeněk\Desktop\Leden.xlsx
2014-01-15 21:43 - 2014-01-15 21:44 - 00000000 ____D C:\Program Files\CCleaner
2014-01-15 21:43 - 2014-01-15 21:43 - 00000979 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-15 21:42 - 2014-01-15 21:42 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\WinRAR
2014-01-15 21:40 - 2014-01-15 21:40 - 00002137 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-15 21:40 - 2014-01-15 21:40 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\AVAST Software
2014-01-15 21:40 - 2014-01-15 21:40 - 00000000 ____D C:\ProgramData\Google
2014-01-15 21:39 - 2014-01-17 11:28 - 00000958 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-15 21:39 - 2014-01-17 00:49 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-15 21:39 - 2014-01-16 17:23 - 00000000 _____ C:\Windows\system32\sinstall.log
2014-01-15 21:39 - 2014-01-15 22:09 - 00000000 ____D C:\Users\Zdeněk\AppData\Local\Google
2014-01-15 21:39 - 2014-01-15 22:09 - 00000000 ____D C:\Program Files\Google
2014-01-15 21:39 - 2014-01-15 21:40 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-15 21:39 - 2014-01-15 21:39 - 02324216 _____ (PS Media s.r.o.) C:\Windows\system32\ssins.exe
2014-01-15 21:39 - 2014-01-15 21:39 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-15 21:39 - 2014-01-15 21:39 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-15 21:39 - 2014-01-15 21:39 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-15 21:39 - 2014-01-15 21:39 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-15 21:39 - 2014-01-15 21:39 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-15 21:39 - 2014-01-15 21:39 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-15 21:39 - 2014-01-15 21:39 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-15 21:39 - 2014-01-15 21:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-15 21:39 - 2014-01-15 21:39 - 00000079 _____ C:\Windows\system32\ssinstall-uninstall.bat
2014-01-15 21:39 - 2014-01-15 21:39 - 00000000 ____D C:\Program Files\WinRAR
2014-01-15 21:37 - 2014-01-15 21:37 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-15 21:35 - 2014-01-15 21:35 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-15 21:34 - 2014-01-15 21:34 - 00001197 _____ C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2014-01-15 21:34 - 2014-01-15 21:34 - 00001173 _____ C:\Users\Public\Desktop\GOM Player.lnk
2014-01-15 21:34 - 2014-01-15 21:34 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\GRETECH
2014-01-15 21:33 - 2014-01-15 21:33 - 00002239 _____ C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-01-15 21:33 - 2014-01-15 21:33 - 00002096 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-01-15 21:33 - 2014-01-15 21:33 - 00002096 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-01-15 21:33 - 2014-01-15 21:33 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2014-01-15 21:33 - 2014-01-15 21:33 - 00000000 ____D C:\Program Files\Microsoft SkyDrive
2014-01-15 21:33 - 2014-01-15 21:33 - 00000000 ____D C:\Program Files\GRETECH
2014-01-15 21:32 - 2014-01-15 21:32 - 00000986 _____ C:\Windows\bdestate.Log
2014-01-15 21:31 - 2014-01-15 21:31 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\Macromedia
2014-01-15 21:26 - 2014-01-15 21:26 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2014-01-15 21:21 - 2014-01-15 21:21 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-15 21:17 - 2014-01-15 21:17 - 00000000 ____D C:\Windows\LastGood.Tmp
2014-01-15 21:16 - 2014-01-17 11:28 - 00000000 __RDO C:\Users\Zdeněk\SkyDrive
2014-01-15 21:16 - 2014-01-15 21:16 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\WebStorage
2014-01-15 21:14 - 2014-01-17 11:28 - 00001279 _____ C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ReadingModeWatchDogShortcut.lnk
2014-01-15 21:14 - 2014-01-16 18:01 - 00000000 ____D C:\Users\Zdeněk\AppData\Local\PackageStaging
2014-01-15 21:14 - 2014-01-15 21:14 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\ReadingModeUISetting
2014-01-15 21:13 - 2014-01-15 21:13 - 00001424 _____ C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-15 21:13 - 2014-01-15 21:13 - 00001229 _____ C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ACReminderSrv.lnk
2014-01-15 21:13 - 2014-01-15 21:13 - 00000196 _____ C:\Windows\FixPatch.log
2014-01-15 21:13 - 2014-01-15 21:13 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\Adobe
2014-01-15 21:13 - 2014-01-15 21:13 - 00000000 ____D C:\Users\Zdeněk\AppData\Local\VirtualStore
2014-01-15 21:12 - 2014-01-15 22:13 - 00000000 ____D C:\Users\Zdeněk
2014-01-15 21:12 - 2014-01-15 21:12 - 00000020 ___SH C:\Users\Zdeněk\ntuser.ini
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Šablony
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Soubory cookie
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Poslední
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Okolní tiskárny
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Okolní síť
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Nabídka Start
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Dokumenty
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Documents\Obrázky
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Documents\Hudba
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Documents\Filmy
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Data aplikací
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\AppData\Local\Data aplikací
2014-01-15 21:12 - 2013-08-22 09:17 - 00000000 ___RD C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-15 21:12 - 2013-08-22 09:17 - 00000000 ___RD C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-15 21:12 - 2013-08-22 09:17 - 00000000 ___RD C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-15 21:12 - 2013-08-22 09:17 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-15 21:10 - 2013-10-03 10:02 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2014-01-15 21:10 - 2013-09-29 04:50 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 21:10 - 2013-09-29 04:44 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-01-15 21:10 - 2013-09-29 04:28 - 00698880 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll

==================== One Month Modified Files and Folders =======

2014-01-17 11:40 - 2014-01-17 11:40 - 00012369 _____ C:\Users\Zdeněk\Downloads\FRST.txt
2014-01-17 11:39 - 2014-01-17 11:39 - 01221120 _____ (Farbar) C:\Users\Zdeněk\Downloads\FRST.exe
2014-01-17 11:39 - 2014-01-17 11:39 - 00000000 ____D C:\FRST
2014-01-17 11:36 - 2014-01-17 11:36 - 01221120 _____ (Farbar) C:\Users\Zdeněk\Downloads\FRST (1).exe
2014-01-17 11:28 - 2014-01-15 22:13 - 00000000 ___RD C:\Users\Zdeněk\Disk Google
2014-01-17 11:28 - 2014-01-15 21:39 - 00000958 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-17 11:28 - 2014-01-15 21:16 - 00000000 __RDO C:\Users\Zdeněk\SkyDrive
2014-01-17 11:28 - 2014-01-15 21:14 - 00001279 _____ C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ReadingModeWatchDogShortcut.lnk
2014-01-17 11:28 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\system32\sru
2014-01-17 00:49 - 2014-01-15 21:39 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-16 23:19 - 2014-01-16 21:08 - 05167985 _____ (Swearware) C:\Users\Zdeněk\Desktop\ComboFix.exe
2014-01-16 21:18 - 2013-12-13 10:33 - 00420047 _____ C:\Windows\WindowsUpdate.log
2014-01-16 21:11 - 2014-01-15 22:05 - 00039424 ___SH C:\Users\Zdeněk\Desktop\Thumbs.db
2014-01-16 21:06 - 2014-01-16 21:06 - 00002009 _____ C:\Users\Zdeněk\Desktop\aswMBR2.txt
2014-01-16 21:06 - 2014-01-16 20:34 - 00000512 _____ C:\Users\Zdeněk\Desktop\MBR.dat
2014-01-16 20:36 - 2014-01-16 20:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-01-16 20:36 - 2013-08-22 08:23 - 00014948 _____ C:\Windows\setupact.log
2014-01-16 20:34 - 2014-01-16 20:34 - 00001957 _____ C:\Users\Zdeněk\Desktop\aswMBR.txt
2014-01-16 20:27 - 2014-01-16 20:27 - 00001929 _____ C:\Users\Zdeněk\Desktop\RKreport[0]_D_01162014_202704.txt
2014-01-16 20:27 - 2014-01-16 17:39 - 00000000 ____D C:\Users\Zdeněk\Desktop\RK_Quarantine
2014-01-16 20:26 - 2014-01-16 20:26 - 04745728 _____ (AVAST Software) C:\Users\Zdeněk\Downloads\aswmbr.exe
2014-01-16 20:26 - 2014-01-16 20:26 - 04745728 _____ (AVAST Software) C:\Users\Zdeněk\Desktop\aswmbr.exe
2014-01-16 20:25 - 2014-01-16 20:26 - 02218636 _____ C:\Users\Zdeněk\Desktop\tdsskiller.zip
2014-01-16 20:25 - 2014-01-16 20:25 - 02218636 _____ C:\Users\Zdeněk\Downloads\tdsskiller.zip
2014-01-16 20:07 - 2014-01-16 20:07 - 00001884 _____ C:\Users\Zdeněk\Desktop\RKreport[0]_S_01162014_200751.txt
2014-01-16 18:06 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\AppReadiness
2014-01-16 18:01 - 2014-01-15 21:14 - 00000000 ____D C:\Users\Zdeněk\AppData\Local\PackageStaging
2014-01-16 17:48 - 2014-01-16 17:48 - 00000000 ____D C:\Windows\ERUNT
2014-01-16 17:37 - 2014-01-16 17:37 - 01037068 _____ (Thisisu) C:\Users\Zdeněk\Desktop\JRT.exe
2014-01-16 17:36 - 2014-01-16 17:36 - 03809280 _____ C:\Users\Zdeněk\Desktop\RogueKiller.exe
2014-01-16 17:30 - 2013-09-07 08:50 - 00799508 _____ C:\Windows\system32\perfh015.dat
2014-01-16 17:30 - 2013-09-07 08:50 - 00164194 _____ C:\Windows\system32\perfc015.dat
2014-01-16 17:30 - 2013-09-07 00:26 - 03627856 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-16 17:23 - 2014-01-15 21:39 - 00000000 _____ C:\Windows\system32\sinstall.log
2014-01-16 17:22 - 2014-01-16 11:36 - 00000000 ____D C:\AdwCleaner
2014-01-16 17:22 - 2013-09-07 00:11 - 00018028 _____ C:\Windows\PFRO.log
2014-01-16 17:22 - 2013-08-22 08:23 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-16 17:22 - 2013-08-22 08:22 - 00368048 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 17:22 - 2013-08-22 07:13 - 00262144 ___SH C:\Windows\system32\config\BBI
2014-01-16 11:20 - 2014-01-16 11:20 - 01236282 _____ C:\Users\Zdeněk\Desktop\adwcleaner.exe
2014-01-16 11:19 - 2014-01-16 11:19 - 00448512 _____ (OldTimer Tools) C:\Users\Zdeněk\Downloads\TFC.exe
2014-01-16 11:19 - 2014-01-16 11:19 - 00050688 _____ (Atribune.org) C:\Users\Zdeněk\Downloads\ATF-Cleaner.exe
2014-01-15 23:41 - 2014-01-15 23:41 - 00000000 ____D C:\Users\Zdeněk\Documents\GomPlayer
2014-01-15 23:20 - 2014-01-15 23:20 - 00000000 ___RD C:\Users\Zdeněk\Documents\Notes
2014-01-15 23:16 - 2013-09-07 00:18 - 00000000 ____D C:\Program Files\ASUS
2014-01-15 22:14 - 2014-01-15 22:14 - 00041363 _____ C:\Users\Zdeněk\Desktop\Z201312.xlsx
2014-01-15 22:14 - 2014-01-15 22:14 - 00019686 _____ C:\Users\Zdeněk\Desktop\Nejsou klíče.xlsx
2014-01-15 22:13 - 2014-01-15 22:13 - 00001741 _____ C:\Users\Zdeněk\Desktop\Disk Google.lnk
2014-01-15 22:13 - 2014-01-15 21:12 - 00000000 ____D C:\Users\Zdeněk
2014-01-15 22:11 - 2014-01-15 22:11 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\Malwarebytes
2014-01-15 22:10 - 2014-01-15 22:10 - 00001081 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-15 22:10 - 2014-01-15 22:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-15 22:10 - 2014-01-15 22:10 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-15 22:09 - 2014-01-15 22:09 - 00002018 _____ C:\Users\Public\Desktop\Google Slides.lnk
2014-01-15 22:09 - 2014-01-15 22:09 - 00002016 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2014-01-15 22:09 - 2014-01-15 22:09 - 00002006 _____ C:\Users\Public\Desktop\Google Docs.lnk
2014-01-15 22:09 - 2014-01-15 21:39 - 00000000 ____D C:\Users\Zdeněk\AppData\Local\Google
2014-01-15 22:09 - 2014-01-15 21:39 - 00000000 ____D C:\Program Files\Google
2014-01-15 22:07 - 2014-01-15 22:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-01-15 22:07 - 2013-08-22 07:21 - 00000000 ___RD C:\Users\Public
2014-01-15 22:05 - 2013-08-22 09:17 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2014-01-15 22:04 - 2014-01-15 22:04 - 00000000 ____D C:\Users\Zdeněk\Documents\Výtahy
2014-01-15 22:00 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\Microsoft.NET
2014-01-15 21:50 - 2014-01-15 21:50 - 00037159 _____ C:\Users\Zdeněk\Desktop\Leden.xlsx
2014-01-15 21:44 - 2014-01-15 21:43 - 00000000 ____D C:\Program Files\CCleaner
2014-01-15 21:43 - 2014-01-15 21:43 - 00000979 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-15 21:42 - 2014-01-15 21:42 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\WinRAR
2014-01-15 21:40 - 2014-01-15 21:40 - 00002137 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-15 21:40 - 2014-01-15 21:40 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\AVAST Software
2014-01-15 21:40 - 2014-01-15 21:40 - 00000000 ____D C:\ProgramData\Google
2014-01-15 21:40 - 2014-01-15 21:39 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-15 21:39 - 2014-01-15 21:39 - 02324216 _____ (PS Media s.r.o.) C:\Windows\system32\ssins.exe
2014-01-15 21:39 - 2014-01-15 21:39 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-15 21:39 - 2014-01-15 21:39 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-15 21:39 - 2014-01-15 21:39 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-15 21:39 - 2014-01-15 21:39 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-15 21:39 - 2014-01-15 21:39 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-15 21:39 - 2014-01-15 21:39 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-15 21:39 - 2014-01-15 21:39 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-15 21:39 - 2014-01-15 21:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-15 21:39 - 2014-01-15 21:39 - 00000079 _____ C:\Windows\system32\ssinstall-uninstall.bat
2014-01-15 21:39 - 2014-01-15 21:39 - 00000000 ____D C:\Program Files\WinRAR
2014-01-15 21:37 - 2014-01-15 21:37 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-15 21:35 - 2014-01-15 21:35 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-15 21:34 - 2014-01-15 21:34 - 00001197 _____ C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2014-01-15 21:34 - 2014-01-15 21:34 - 00001173 _____ C:\Users\Public\Desktop\GOM Player.lnk
2014-01-15 21:34 - 2014-01-15 21:34 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\GRETECH
2014-01-15 21:33 - 2014-01-15 21:33 - 00002239 _____ C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-01-15 21:33 - 2014-01-15 21:33 - 00002096 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-01-15 21:33 - 2014-01-15 21:33 - 00002096 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-01-15 21:33 - 2014-01-15 21:33 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2014-01-15 21:33 - 2014-01-15 21:33 - 00000000 ____D C:\Program Files\Microsoft SkyDrive
2014-01-15 21:33 - 2014-01-15 21:33 - 00000000 ____D C:\Program Files\GRETECH
2014-01-15 21:32 - 2014-01-15 21:32 - 00000986 _____ C:\Windows\bdestate.Log
2014-01-15 21:31 - 2014-01-15 21:31 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\Macromedia
2014-01-15 21:26 - 2014-01-15 21:26 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2014-01-15 21:26 - 2013-08-22 09:17 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2014-01-15 21:25 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\system32\LogFiles
2014-01-15 21:25 - 2013-08-22 09:17 - 00000000 ____D C:\Program Files\Microsoft.NET
2014-01-15 21:21 - 2014-01-15 21:21 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-15 21:17 - 2014-01-15 21:17 - 00000000 ____D C:\Windows\LastGood.Tmp
2014-01-15 21:16 - 2014-01-15 21:16 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\WebStorage
2014-01-15 21:14 - 2014-01-15 21:14 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\ReadingModeUISetting
2014-01-15 21:13 - 2014-01-15 21:13 - 00001424 _____ C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-15 21:13 - 2014-01-15 21:13 - 00001229 _____ C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ACReminderSrv.lnk
2014-01-15 21:13 - 2014-01-15 21:13 - 00000196 _____ C:\Windows\FixPatch.log
2014-01-15 21:13 - 2014-01-15 21:13 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\Adobe
2014-01-15 21:13 - 2014-01-15 21:13 - 00000000 ____D C:\Users\Zdeněk\AppData\Local\VirtualStore
2014-01-15 21:13 - 2013-09-07 08:29 - 00000000 ____D C:\Windows\Log
2014-01-15 21:12 - 2014-01-15 21:12 - 00000020 ___SH C:\Users\Zdeněk\ntuser.ini
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Šablony
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Soubory cookie
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Poslední
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Okolní tiskárny
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Okolní síť
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Nabídka Start
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Dokumenty
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Documents\Obrázky
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Documents\Hudba
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Documents\Filmy
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\Data aplikací
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 _SHDL C:\Users\Zdeněk\AppData\Local\Data aplikací
2014-01-15 21:12 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\WinStore
2014-01-15 21:10 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\system32\restore
2014-01-15 21:10 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\Camera

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Zdeněk\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Zdeněk\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2013-08-22 03:06] - [2013-08-22 06:25] - 2063408 ____A (Microsoft Corporation) 2CA8E3C9335C3C8BAEB335345E48364D

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-07 00:11

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-01-2014 03
Ran by Zdeněk at 2014-01-17 11:41:43
Running from C:\Users\Zdeněk\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

ASUS AC Reminder (Version: 1.0.2 - ASUS)
ASUS Live Update (Version: 3.2.6 - ASUS)
ASUS Reading Mode (Version: 1.0.1 - ASUS)
ASUS Screen Saver (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (Version: 2.2.4 - ASUS)
ATK Package (Version: 1.0.0030 - ASUS)
avast! Free Antivirus (Version: 9.0.2011 - Avast Software)
CCleaner (Version: 4.09 - Piriform)
GOM Player (Version: 2.2.56.5183 - Gretech Corporation)
Google Drive (Version: 1.13.5782.599 - Google, Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Intel(R) Processor Graphics (Version: 10.18.10.3286 - Intel Corporation)
Malwarebytes Anti-Malware verze 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Office 2013 pro domácnosti - cs-cz (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SkyDrive (Version: 16.4.6013.0910 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Realtek I2S Audio (Version: 6.2.9400.4035 - Realtek Semiconductor Corp.)
Seznam Instalátor (Version: - Seznam.cz)
Windows Driver Package - ASUS (AsusHID) Mouse (08/31/2013 3.0.0.13) (Version: 08/31/2013 3.0.0.13 - ASUS)
WinFlash (Version: 2.42.0 - ASUS)
WinRAR 4.20 (32-bit) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points =========================


==================== Hosts content: ==========================

2013-08-22 07:13 - 2013-08-22 07:13 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00BC77BF-3352-4FE8-9617-4F1B27BEC19A} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {0B2EF28E-661C-4E47-B3F8-2BA80B4FAC22} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {17233BE9-87E9-40B0-B003-AE9D2B92CBBE} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {1D4E5A33-E640-46DC-9FD8-B949F24B643B} - System32\Tasks\ASUS AC Reminder => C:\Program Files\ASUS\ASUS AC Reminder\ACReminderSrv.exe [2013-10-14] (ASUSTek Computer INC.)
Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {26C26EFC-3DBA-4646-90EC-BF2F9D9B35B1} - System32\Tasks\Asus Reading Mode => C:\Program Files\ASUS\ASUS Reading Mode\ReadingModeWatchDogx86.exe [2013-08-26] ()
Task: {2BE65564-89D1-4396-A5CC-D7D9283FC4A1} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {392EB017-207C-42BF-A061-F3BE721F456C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {4B7EF56A-8A42-4BD2-BB5C-7C389AC54A37} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {5700ACE8-D0AF-4BA7-98B6-1033521A877A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {5D500AD0-9C6C-4AB7-9FAC-56A6C00ADD4D} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLauncher.exe [2013-09-04] (AsusTek)
Task: {6027FD2A-0B17-48D9-8CBF-2F4120AA8419} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-15] (Google Inc.)
Task: {64D2E4EE-10EE-4689-B1A4-02EFDD64967A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-15] (AVAST Software)
Task: {6E84A59B-1863-4B21-8BD8-C9B20FD15484} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {78A52CED-2FC0-41EA-A099-378A5DC63AF5} - System32\Tasks\ASUS Live Update1 => C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe [2013-08-28] (ASUSTeK Computer Inc.)
Task: {7C7CF1DA-F461-4850-96B2-ADCA8A67E59C} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {8B5819AE-7B44-478B-A3D3-8846AF160A8F} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {92ED6570-4654-4BFA-9A6C-1084C6939C16} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {997C8BBD-710B-4E66-B5BC-CC09575A58D2} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {A5D45ED3-F524-4574-8F39-527F3729D1E2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {B877072A-04AB-4639-BA45-BF19EF6BB5A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-15] (Google Inc.)
Task: {C0D0F7C4-419F-41B3-90A2-FE79270B828A} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {C89145E7-001A-490B-994F-2DD8DBE0FF89} - System32\Tasks\ASUS Live Update2 => C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe [2013-08-28] (ASUSTeK Computer Inc.)
Task: {CF5A1DDC-D14D-4D59-AD49-A19A645B087B} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCF55BED-B1DF-4ABF-8D85-6542C7007799} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E4C8774A-2818-45A4-8A6D-11DDF6348886} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {F7217E62-6F97-491F-A19B-413BDD5879FF} - System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask
Task: {F7F725A5-F394-4549-A068-AF616BF700A5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe [2012-12-07] (Microsoft Corporation)
Task: {FAB49829-3EE7-4234-BE84-277862F2A57C} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-08-26 11:53 - 2013-08-26 11:53 - 00394752 _____ () C:\Program Files\ASUS\ASUS Reading Mode\CCTReaderMode.dll
2013-08-26 11:53 - 2013-08-26 11:53 - 00113152 _____ () C:\Program Files\ASUS\ASUS Reading Mode\AppVisibilityNotifyLib_x86.dll
2014-01-15 21:39 - 2014-01-15 21:39 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-17 11:28 - 2014-01-17 11:28 - 00098816 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\win32api.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00110080 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\pywintypes27.dll
2014-01-17 11:28 - 2014-01-17 11:28 - 00364544 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\pythoncom27.dll
2014-01-17 11:28 - 2014-01-17 11:28 - 00044032 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\_socket.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 01153024 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\_ssl.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00320512 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\win32com.shell.shell.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00711680 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\_hashlib.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 01175040 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\wx._core_.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00805888 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\wx._gdi_.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00811008 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\wx._windows_.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 01062400 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\wx._controls_.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00735232 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\wx._misc_.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00128512 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\_elementtree.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00127488 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\pyexpat.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00557056 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\pysqlite2._sqlite.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00087040 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\_ctypes.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00119808 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\win32file.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00108544 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\win32security.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00018432 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\win32event.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00038912 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\win32inet.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00122368 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\wx._wizard.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00026624 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\_multiprocessing.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00070656 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\wx._html2.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00010240 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\select.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00686080 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\unicodedata.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00025600 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\win32pdh.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00521680 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\windows._lib_cacheinvalidation.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00011264 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\win32crypt.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00024064 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\win32pipe.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00035840 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\win32process.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00017408 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\win32profile.pyd
2014-01-17 11:28 - 2014-01-17 11:28 - 00022528 _____ () C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242\win32ts.pyd

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Zdeněk\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (01/17/2014 11:29:11 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 40

Error: (01/17/2014 11:29:11 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: Výstraha o závažné chybě byla vygenerována a zaslána na vzdálený koncový bod. To může vést k ukončení připojení. Kód závažné chyby definovaný protokolem TLS: 40. Stav chyby Windows SChannel: 252

Error: (01/17/2014 11:29:10 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: Výstraha o závažné chybě byla vygenerována a zaslána na vzdálený koncový bod. To může vést k ukončení připojení. Kód závažné chyby definovaný protokolem TLS: 40. Stav chyby Windows SChannel: 252

Error: (01/17/2014 11:29:10 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: Výstraha o závažné chybě byla vygenerována a zaslána na vzdálený koncový bod. To může vést k ukončení připojení. Kód závažné chyby definovaný protokolem TLS: 40. Stav chyby Windows SChannel: 252

Error: (01/17/2014 11:29:10 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: Výstraha o závažné chybě byla vygenerována a zaslána na vzdálený koncový bod. To může vést k ukončení připojení. Kód závažné chyby definovaný protokolem TLS: 40. Stav chyby Windows SChannel: 252

Error: (01/17/2014 11:29:10 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: Výstraha o závažné chybě byla vygenerována a zaslána na vzdálený koncový bod. To může vést k ukončení připojení. Kód závažné chyby definovaný protokolem TLS: 40. Stav chyby Windows SChannel: 252

Error: (01/17/2014 11:29:09 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: Výstraha o závažné chybě byla vygenerována a zaslána na vzdálený koncový bod. To může vést k ukončení připojení. Kód závažné chyby definovaný protokolem TLS: 40. Stav chyby Windows SChannel: 252

Error: (01/17/2014 11:29:09 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: Výstraha o závažné chybě byla vygenerována a zaslána na vzdálený koncový bod. To může vést k ukončení připojení. Kód závažné chyby definovaný protokolem TLS: 40. Stav chyby Windows SChannel: 252

Error: (01/17/2014 11:29:00 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 40

Error: (01/16/2014 11:19:14 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: Výstraha o závažné chybě byla vygenerována a zaslána na vzdálený koncový bod. To může vést k ukončení připojení. Kód závažné chyby definovaný protokolem TLS: 40. Stav chyby Windows SChannel: 252


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 54%
Total physical RAM: 1933.23 MB
Available physical RAM: 887.48 MB
Total Pagefile: 3085.23 MB
Available Pagefile: 1886.23 MB
Total Virtual: 2047.88 MB
Available Virtual: 1863.93 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:20.21 GB) (Free:6.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: () (Removable) (Total:14.83 GB) (Free:12.82 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 29 GB) (Disk ID: A49C1AFC)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)

==================== End Of Log ============================
o

[Zdendys75]

Tak nevím, jestli mám ještě něco dělat. Každopádně jinak je vše ok. MBAM mi už nic nenašel a počítač se po smazání restartoval normálně. Teď by mě ale zajímalo, jak odinstaluju ty programy, co jsem nainstaloval. V odebrat programy je nevidím a nevím kde to hledat. Mám Windows 8 chvilku a ještě s nim moc neumím :).

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Users\Zdeněk\Desktop\ComboFix.exe
C:\Users\Zdeněk\Desktop\tdsskiller.zip
C:\Users\Zdeněk\Downloads\tdsskiller.zip
C:\Users\Zdeněk\Desktop\RK_Quarantine
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Users\Zdeněk\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Zdeněk\AppData\Local\Temp\Quarantine.exe
C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242


(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[Zdendys75]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 17-01-2014 03
Ran by Zdeněk at 2014-01-18 12:42:40 Run:1
Running from C:\Users\Zdeněk\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Users\Zdeněk\Desktop\ComboFix.exe
C:\Users\Zdeněk\Desktop\tdsskiller.zip
C:\Users\Zdeněk\Downloads\tdsskiller.zip
C:\Users\Zdeněk\Desktop\RK_Quarantine
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Users\Zdeněk\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Zdeněk\AppData\Local\Temp\Quarantine.exe
C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242

*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
"C:\Users\Zdeněk\Desktop\ComboFix.exe" => File/Directory not found.
"C:\Users\Zdeněk\Desktop\tdsskiller.zip" => File/Directory not found.
C:\Users\Zdeněk\Downloads\tdsskiller.zip => Moved successfully.
"C:\Users\Zdeněk\Desktop\RK_Quarantine" => File/Directory not found.
C:\ProgramData\SetStretch.exe => Moved successfully.
C:\ProgramData\SetStretch.VBS => Moved successfully.
C:\Users\Zdeněk\AppData\Local\Temp\ntdll_dump.dll => Moved successfully.
C:\Users\Zdeněk\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\ZDENK~1\AppData\Local\Temp\_MEI74242 => Moved successfully.

==== End of Fixlog ====

[jaro3]

Stáhni si zde DelFix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[Zdendys75]

Tak zde je logo. Je to vše.. Děkuji za pomoc.

# DelFix v10.6 - Logfile created 19/01/2014 at 10:42:59
# Updated 11/11/2013 by Xplode
# Username : Zdeněk - ZDENDYS-PC
# Operating System : Windows 8.1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Zdeněk\Desktop\adwcleaner.exe
Deleted : C:\Users\Zdeněk\Desktop\aswmbr.exe
Deleted : C:\Users\Zdeněk\Desktop\Fixlog.txt
Deleted : C:\Users\Zdeněk\Desktop\FRST.exe
Deleted : C:\Users\Zdeněk\Desktop\JRT.exe
Deleted : C:\Users\Zdeněk\Desktop\RogueKiller.exe
Deleted : C:\Users\Zdeněk\Desktop\TDSSKiller.exe
Deleted : C:\Users\Zdeněk\Downloads\Addition.txt
Deleted : C:\Users\Zdeněk\Downloads\aswmbr.exe
Deleted : C:\Users\Zdeněk\Downloads\FRST (1).exe
Deleted : C:\Users\Zdeněk\Downloads\FRST (2).exe
Deleted : C:\Users\Zdeněk\Downloads\FRST (3).exe
Deleted : C:\Users\Zdeněk\Downloads\FRST (4).exe
Deleted : C:\Users\Zdeněk\Downloads\FRST (5).exe
Deleted : C:\Users\Zdeněk\Downloads\FRST (6).exe
Deleted : C:\Users\Zdeněk\Downloads\FRST (7).exe
Deleted : C:\Users\Zdeněk\Downloads\FRST (8).exe
Deleted : C:\Users\Zdeněk\Downloads\FRST.exe
Deleted : C:\Users\Zdeněk\Downloads\FRST.txt
Deleted : C:\Users\Zdeněk\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SYSTEM\CurrentControlSet\Services\aswMBR

~ Cleaning system restore ...


New restore point created !

########## - EOF - ##########