Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o pomoc

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o pomoc

#16 Příspěvek od vyosek »

Udelejte znovu log z FRST http://forum.viry.cz/viewtopic.php?f=13 ... 6#p1243587
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
KachnaCZ
Návštěvník
Návštěvník
Příspěvky: 33
Registrován: 08 srp 2013 21:01

Re: Prosím o pomoc

#17 Příspěvek od KachnaCZ »

Zde log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2013
Ran by Jakub (administrator) on 17-08-2013 07:28:22
Running from C:\Users\Jakub\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac7302\Monitor.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ali) C:\Windows\UMStor\Res.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(GIANTS Software GmbH) C:\Program Files (x86)\GIANTS Software\GIANTS_Editor_5.0.1\editor.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [PAC7302_Monitor] - C:\Windows\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKCU\...\Run: [Facebook Update] - C:\Users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-08-13] (Facebook Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [USB Storage Toolbox] - C:\Windows\UMStor\Res.EXE [65536 2005-09-14] (ali)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
Startup: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {523C1BBA-CB85-4BF0-8B5B-6BBABEA33D56} URL = http://websearch.ask.com/redirect?clien ... 8FBA4D3823
SearchScopes: HKCU - {F14900C8-6A11-4A9F-B6E2-210903C28239} URL = http://search.phpnuke.org/?lang=en&cid= ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [326144] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\w8qzfu5i.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Jakub\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Jakub\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Jakub\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Jakub\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Jakub\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Jakub\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Jakub\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Jakub\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Jakub\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Jakub\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
CHR Plugin: (Facebook Desktop) - C:\Users\Jakub\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Jakub\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Skype Click to Call) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.10.0.13089_0
CHR Extension: (NCH EN) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mahgaopgbalgbfohkikbdjfmaapiehaf\10.19.1.506_0
CHR Extension: (Norton Identity Protection) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0
CHR Extension: (Gmail) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [mahgaopgbalgbfohkikbdjfmaapiehaf] - C:\Users\Jakub\AppData\Local\CRE\mahgaopgbalgbfohkikbdjfmaapiehaf.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\Exts\Chrome.crx

==================== Services (Whitelisted) =================

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-05-10] (Intel Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-05-09] ()
R2 Realtek11nCU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-09-11] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2013-01-06] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R3 CamSuiteVAC; C:\Windows\System32\DRIVERS\CamSuiteVAC.sys [56320 2008-09-18] ()
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-06] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-08-02] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-08-02] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-08-02] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130814.002\IDSvia64.sys [520280 2013-08-15] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130814.002\IDSvia64.sys [520280 2013-08-15] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-01-06] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130816.003\ENG64.SYS [126040 2013-08-02] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130816.003\ENG64.SYS [126040 2013-08-02] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130816.003\EX64.SYS [2098776 2013-08-02] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130816.003\EX64.SYS [2098776 2013-08-02] (Symantec Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (PixArt Imaging Inc.)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation )
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S1 cbcbveqs; \??\C:\Windows\system32\drivers\cbcbveqs.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-17 07:27 - 2013-08-17 07:27 - 00000000 ____D C:\Users\Jakub\AppData\Local\qb080AC9.F7
2013-08-17 07:27 - 2013-08-16 22:41 - 01575580 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2013-08-16 20:54 - 2013-08-16 20:55 - 00000000 ____D C:\Users\Jakub\Desktop\Map_by_KachnaCZ
2013-08-16 20:54 - 2013-08-15 21:20 - 29285392 _____ C:\Users\Jakub\Desktop\myModMap.zip
2013-08-16 20:16 - 2013-08-16 20:16 - 00000000 ____D C:\ProgramData\Autodesk
2013-08-16 20:15 - 2013-08-16 20:15 - 00000741 _____ C:\Users\Jakub\Desktop\Untitled.obj
2013-08-16 20:15 - 2013-08-16 20:15 - 00000201 _____ C:\Users\Jakub\Desktop\Untitled.mtl
2013-08-16 20:10 - 2013-08-16 20:10 - 00002196 _____ C:\Users\Public\Desktop\Style Builder 2.lnk
2013-08-16 20:10 - 2013-08-16 20:10 - 00002110 _____ C:\Users\Public\Desktop\LayOut 3.lnk
2013-08-16 20:10 - 2013-08-16 20:10 - 00002025 _____ C:\Users\Public\Desktop\Google SketchUp 8.lnk
2013-08-16 18:11 - 2013-08-16 18:35 - 67444141 _____ C:\Users\Jakub\Desktop\Google-SketchUp-Pro-8.rar
2013-08-16 10:06 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 10:06 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 10:06 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-16 10:06 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 10:06 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 10:06 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 10:06 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 10:06 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 10:06 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 10:06 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 10:06 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-16 10:06 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-16 10:06 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 10:06 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-16 10:06 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 10:06 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-16 10:06 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-16 10:06 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-16 10:06 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-16 10:06 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-16 10:06 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-16 10:06 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-16 10:06 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-16 10:06 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-16 10:06 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-16 10:06 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-16 10:06 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-16 10:06 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-16 10:06 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-16 10:06 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-16 10:06 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 23:37 - 2013-08-15 23:37 - 00000000 ____D C:\d69952b55780c8adae3bcee7f5caf4
2013-08-15 23:21 - 2013-08-16 09:19 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-15 23:14 - 2013-08-15 23:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-15 08:42 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 08:42 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 08:42 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 08:42 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 08:42 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 08:42 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 08:42 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 08:42 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 08:38 - 2013-08-15 08:38 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 08:31 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 08:31 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 08:31 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 08:31 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 08:31 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 08:31 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 08:31 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 08:31 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 08:31 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 08:31 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 08:31 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 08:31 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 08:31 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 08:31 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 08:31 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 08:31 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 08:17 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 08:17 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 08:07 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-13 07:49 - 2013-08-13 07:49 - 00001332 _____ C:\Users\Jakub\Desktop\Facebook Messenger.lnk
2013-08-13 07:49 - 2013-08-13 07:49 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2013-08-13 07:46 - 2013-08-14 20:31 - 00000000 ____D C:\Program Files\Recuva
2013-08-13 07:46 - 2013-08-13 07:46 - 00001658 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-08-12 17:29 - 2013-08-12 17:29 - 00000383 _____ C:\Windows\DirectX.log
2013-08-12 12:43 - 2013-08-12 12:43 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-12 12:27 - 2013-08-17 07:20 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-12 12:27 - 2013-08-16 23:32 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-12 12:27 - 2013-08-12 12:27 - 00003946 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-08-12 12:27 - 2013-08-12 12:27 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-08-11 21:10 - 2013-04-12 13:52 - 00000266 _____ C:\Users\Jakub\Desktop\Dopsat do ModDescu.txt
2013-08-11 21:01 - 2013-08-11 21:01 - 00000000 ____D C:\ProgramData\Google
2013-08-10 11:31 - 2013-08-13 22:19 - 00000000 ____D C:\ProgramData\CyberLink
2013-08-10 08:45 - 2013-08-13 07:06 - 00000000 ____D C:\ProgramData\Adobe
2013-08-10 08:45 - 2013-08-10 08:45 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-08-09 23:33 - 2013-08-14 15:17 - 00000000 ____D C:\Users\Jakub\Desktop\MP3
2013-08-09 20:30 - 2013-08-09 20:30 - 00000000 ____D C:\ProgramData\HP
2013-08-09 17:05 - 2013-08-17 07:19 - 00001120 _____ C:\Windows\setupact.log
2013-08-09 17:05 - 2013-08-09 17:05 - 00000000 _____ C:\Windows\setuperr.log
2013-08-09 17:04 - 2013-08-14 10:32 - 00026310 _____ C:\Windows\PFRO.log
2013-08-09 17:02 - 2013-08-09 17:02 - 00005505 _____ C:\AdwCleaner[R2].txt
2013-08-09 17:02 - 2013-08-09 17:02 - 00005326 _____ C:\AdwCleaner[S1].txt
2013-08-09 16:51 - 2013-08-14 14:04 - 00000487 _____ C:\Users\Jakub\Desktop\Nový textový dokument.txt
2013-08-09 15:55 - 2013-08-09 15:56 - 00005447 _____ C:\AdwCleaner[R1].txt
2013-08-09 15:44 - 2013-08-09 18:03 - 00000000 ____D C:\Users\Public\CyberLink
2013-08-09 15:44 - 2013-08-09 15:44 - 00000000 ____D C:\Users\Jakub\Documents\CyberLink
2013-08-09 15:44 - 2013-08-09 15:44 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\CyberLink
2013-08-09 15:43 - 2013-08-09 15:43 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-08-09 15:42 - 2013-08-09 15:43 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-08-09 15:42 - 2013-08-09 15:42 - 00002020 _____ C:\Users\Public\Desktop\CyberLink PowerDirector 11 (64-bit).lnk
2013-08-09 15:42 - 2013-08-09 15:42 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-08-09 15:41 - 2013-08-09 15:41 - 00000000 ____D C:\Program Files (x86)\Cyberlink
2013-08-09 15:38 - 2013-08-09 15:41 - 00000000 ____D C:\Program Files\CyberLink
2013-08-09 11:15 - 2013-08-09 11:15 - 00041429 _____ C:\ComboFix.txt
2013-08-09 10:29 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-09 10:29 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-09 10:29 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-09 10:29 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-09 10:29 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-09 10:29 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-09 10:29 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-09 10:26 - 2013-08-09 11:51 - 00000000 ____D C:\Qoobox
2013-08-09 10:26 - 2013-08-09 10:53 - 00000000 ____D C:\Windows\erdnt
2013-08-08 22:48 - 2013-08-08 22:48 - 00000000 ____D C:\Users\Jakub\AppData\Local\qb4CD3E3.9F
2013-08-08 22:34 - 2013-08-08 22:38 - 00875008 _____ (Ufasoft) C:\Windows\SysWOW64\usft_ext.dll
2013-08-08 21:46 - 2013-08-08 21:44 - 00200704 _____ (Tencent Technology (Shenzhen) Company Limited) C:\Windows\Miner.dll
2013-08-08 21:39 - 2013-08-08 21:44 - 00200704 _____ (Tencent Technology (Shenzhen) Company Limited) C:\Windows\SysWOW64\miner.dll
2013-08-08 13:26 - 2013-08-08 13:26 - 00003592 _____ C:\{4682CB97-5CA0-4BED-81E1-2DB6282B2728}
2013-08-08 12:27 - 2013-08-08 12:27 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Malwarebytes
2013-08-08 12:25 - 2013-08-08 12:27 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\NexusFile
2013-08-08 12:25 - 2013-08-08 12:25 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\cryptlib
2013-08-08 12:21 - 2013-08-08 12:21 - 00000000 ____D C:\Program Files (x86)\NexusFile
2013-08-08 08:22 - 2013-08-08 08:22 - 00004280 _____ C:\{C7F36A59-8335-4F88-8379-484E33D943BF}
2013-08-07 20:14 - 2013-08-07 20:14 - 00004360 _____ C:\{9A6022A5-1205-4721-81E5-3A15435A46D0}
2013-08-07 08:25 - 2013-08-07 08:25 - 00001211 _____ C:\Users\Jakub\Desktop\Farming Simulator 2013 .lnk
2013-08-07 08:01 - 2013-08-07 08:01 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\TeamViewer
2013-08-07 07:22 - 2013-08-16 23:33 - 00868760 _____ C:\Windows\WindowsUpdate.log
2013-08-06 23:15 - 2013-08-07 06:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-06 23:15 - 2013-08-06 23:45 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-04 18:30 - 2013-08-04 18:30 - 00004360 _____ C:\{5ACCB3E3-B0C6-4972-913D-A311EBAA179C}
2013-08-03 17:55 - 2013-08-06 23:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-03 11:16 - 2013-08-03 11:16 - 00000000 ____D C:\Users\Jakub\AppData\Local\TechSmith
2013-08-03 11:12 - 2013-08-03 11:12 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\TechSmith
2013-08-02 21:24 - 2013-08-02 21:25 - 00000951 _____ C:\Users\Public\Desktop\QuadcoreM2.lnk
2013-08-02 21:22 - 2013-08-14 13:08 - 00000000 ____D C:\Program Files (x86)\QuadCoreM2
2013-08-02 21:07 - 2013-08-02 21:07 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Quadcore Games
2013-08-01 10:43 - 2013-08-06 15:28 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-07-31 12:15 - 2013-07-31 19:02 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Origin
2013-07-31 12:15 - 2013-07-31 15:37 - 00000000 ____D C:\Users\Jakub\AppData\Local\Origin
2013-07-31 11:46 - 2013-08-16 14:27 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-31 11:46 - 2013-07-31 11:46 - 00000979 _____ C:\Users\Public\Desktop\Origin.lnk
2013-07-29 08:58 - 2013-07-29 08:58 - 00000000 ____D C:\Users\Jakub\AppData\Local\Apple Computer
2013-07-29 08:52 - 2013-07-29 08:52 - 00000000 ____D C:\Users\Jakub\AppData\Local\Apple
2013-07-27 22:47 - 2013-07-27 22:47 - 00001031 _____ C:\Users\Jakub\Desktop\PhotoScape.lnk
2013-07-27 10:07 - 2013-07-27 10:07 - 00003124 _____ C:\Windows\System32\Tasks\{338F2149-4DC5-4228-8891-E62F4882FD70}
2013-07-27 09:49 - 2013-07-27 09:49 - 00000000 ____D C:\ProgramData\Studio14Trial
2013-07-27 09:33 - 2013-07-27 09:33 - 00000000 ____D C:\ProgramData\PCTV Systems
2013-07-27 09:33 - 2013-07-27 09:33 - 00000000 ____D C:\Program Files (x86)\Pinnacle
2013-07-25 20:29 - 2013-07-25 20:29 - 00000000 ____D C:\ProgramData\Panasonic
2013-07-25 20:26 - 2013-07-25 20:26 - 00000000 ____D C:\Users\Jakub\AppData\Local\Panasonic
2013-07-25 20:18 - 2007-06-22 00:10 - 00501912 _____ (SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\PICSDK2.dll
2013-07-25 20:18 - 2007-06-22 00:10 - 00000097 _____ C:\Windows\SysWOW64\PICSDK.ini
2013-07-25 20:18 - 2006-10-31 00:10 - 00120992 _____ (SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\EpPicPrt.dll
2013-07-25 20:18 - 2006-10-31 00:10 - 00071840 _____ (SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\EPPicMgr.dll
2013-07-25 20:18 - 2006-10-20 00:10 - 00108704 _____ (SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\PICEntry.dll
2013-07-25 20:18 - 2006-10-20 00:10 - 00080024 _____ (SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\PICSDK.dll
2013-07-25 20:18 - 2005-06-01 00:20 - 00111932 _____ C:\Windows\SysWOW64\EPPICPrinterDB.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00031053 _____ C:\Windows\SysWOW64\EPPICPattern131.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00027417 _____ C:\Windows\SysWOW64\EPPICPattern121.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00026154 _____ C:\Windows\SysWOW64\EPPICPattern1.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00024903 _____ C:\Windows\SysWOW64\EPPICPattern3.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00021390 _____ C:\Windows\SysWOW64\EPPICPattern5.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00020148 _____ C:\Windows\SysWOW64\EPPICPattern2.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00013732 _____ C:\Windows\SysWOW64\EPPICLocal_EN.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00011811 _____ C:\Windows\SysWOW64\EPPICPattern4.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00006442 _____ C:\Windows\SysWOW64\EPPICLocal_IT.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00006347 _____ C:\Windows\SysWOW64\EPPICLocal_PT.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00006347 _____ C:\Windows\SysWOW64\EPPICLocal_BP.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00006335 _____ C:\Windows\SysWOW64\EPPICLocal_GE.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00006195 _____ C:\Windows\SysWOW64\EPPICLocal_FR.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00006195 _____ C:\Windows\SysWOW64\EPPICLocal_CF.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00006122 _____ C:\Windows\SysWOW64\EPPICLocal_DU.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00006103 _____ C:\Windows\SysWOW64\EPPICLocal_ES.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00005817 _____ C:\Windows\SysWOW64\EPPICLocal_KO.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00005436 _____ C:\Windows\SysWOW64\EPPICLocal_SC.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00004943 _____ C:\Windows\SysWOW64\EPPICPattern6.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00002889 _____ C:\Windows\SysWOW64\EPPICLocal_RU.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00002426 _____ C:\Windows\SysWOW64\EPPICLocal_TC.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00001146 _____ C:\Windows\SysWOW64\EPPICPresetData_DU.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00001139 _____ C:\Windows\SysWOW64\EPPICPresetData_PT.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00001139 _____ C:\Windows\SysWOW64\EPPICPresetData_BP.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00001136 _____ C:\Windows\SysWOW64\EPPICPresetData_ES.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00001129 _____ C:\Windows\SysWOW64\EPPICPresetData_FR.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00001129 _____ C:\Windows\SysWOW64\EPPICPresetData_CF.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00001120 _____ C:\Windows\SysWOW64\EPPICPresetData_IT.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00001107 _____ C:\Windows\SysWOW64\EPPICPresetData_GE.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00001104 _____ C:\Windows\SysWOW64\EPPICPresetData_EN.dat
2013-07-25 20:14 - 2013-08-01 10:28 - 00000000 ____D C:\Program Files (x86)\Panasonic
2013-07-25 20:14 - 2013-07-25 20:14 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2013-07-25 20:14 - 2013-07-25 20:14 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-07-25 20:14 - 2013-07-25 20:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-24 19:36 - 2013-07-25 13:10 - 00001848 _____ C:\Users\Jakub\Desktop\Minecraft 1.6.2.lnk
2013-07-24 12:49 - 2013-07-24 12:49 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-07-23 10:14 - 2013-07-23 10:14 - 00000000 ____D C:\ProgramData\Pinnacle
2013-07-23 10:13 - 2013-07-23 10:13 - 00000000 ____D C:\Users\Jakub\AppData\Local\CRE
2013-07-23 08:58 - 2013-07-27 18:12 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2013-07-23 08:58 - 2013-07-27 18:12 - 00000000 ____D C:\Program Files (x86)\NCH Software
2013-07-23 08:58 - 2013-07-27 18:11 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\NCH Software
2013-07-23 08:58 - 2013-07-27 18:11 - 00000000 ____D C:\ProgramData\NCH Software
2013-07-22 21:51 - 2013-07-22 21:52 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Autodesk
2013-07-22 21:24 - 2013-07-22 21:24 - 00001792 _____ C:\Users\Public\Desktop\Autodesk Maya 2013 64-bit.lnk
2013-07-22 21:24 - 2013-07-22 21:24 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2013-07-22 21:17 - 2013-07-22 21:44 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2013-07-20 21:48 - 2013-07-20 22:07 - 00000000 ____D C:\Users\Jakub\AppData\Local\WebPlayer
2013-07-20 21:44 - 2013-07-21 09:51 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Seznam.cz
2013-07-20 13:00 - 2013-07-22 21:52 - 00000000 ____D C:\Users\Jakub\Documents\maya
2013-07-19 23:11 - 2013-07-23 10:23 - 00000000 ____D C:\Program Files (x86)\Autodesk
2013-07-18 21:02 - 2013-07-20 10:46 - 00000000 ____D C:\Users\Jakub\HellSpy

==================== One Month Modified Files and Folders =======

2013-08-17 07:28 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-17 07:28 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-17 07:27 - 2013-08-17 07:27 - 00000000 ____D C:\Users\Jakub\AppData\Local\qb080AC9.F7
2013-08-17 07:24 - 2013-08-07 07:22 - 00868760 _____ C:\Windows\WindowsUpdate.log
2013-08-17 07:21 - 2012-12-27 20:35 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Skype
2013-08-17 07:20 - 2013-08-12 12:27 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-17 07:20 - 2013-01-14 21:56 - 00000000 ____D C:\Users\Jakub\AppData\Local\Adobe
2013-08-17 07:19 - 2013-08-09 17:05 - 00001120 _____ C:\Windows\setupact.log
2013-08-17 07:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-16 23:32 - 2013-08-12 12:27 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-16 23:17 - 2013-03-23 19:41 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA.job
2013-08-16 23:16 - 2013-01-16 11:08 - 00000000 ____D C:\Users\Jakub\AppData\Local\Paint.NET
2013-08-16 23:15 - 2013-01-16 10:35 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{322A0D83-6404-49A6-868A-3920450831EE}
2013-08-16 23:12 - 2012-12-27 20:27 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-16 22:50 - 2013-05-09 17:16 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA.job
2013-08-16 22:41 - 2013-08-17 07:27 - 01575580 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2013-08-16 22:34 - 2013-05-11 21:06 - 00013312 ____H C:\Users\Jakub\Desktop\photothumb.db
2013-08-16 20:55 - 2013-08-16 20:54 - 00000000 ____D C:\Users\Jakub\Desktop\Map_by_KachnaCZ
2013-08-16 20:32 - 2013-07-14 16:40 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\.minecraft
2013-08-16 20:16 - 2013-08-16 20:16 - 00000000 ____D C:\ProgramData\Autodesk
2013-08-16 20:15 - 2013-08-16 20:15 - 00000741 _____ C:\Users\Jakub\Desktop\Untitled.obj
2013-08-16 20:15 - 2013-08-16 20:15 - 00000201 _____ C:\Users\Jakub\Desktop\Untitled.mtl
2013-08-16 20:10 - 2013-08-16 20:10 - 00002196 _____ C:\Users\Public\Desktop\Style Builder 2.lnk
2013-08-16 20:10 - 2013-08-16 20:10 - 00002110 _____ C:\Users\Public\Desktop\LayOut 3.lnk
2013-08-16 20:10 - 2013-08-16 20:10 - 00002025 _____ C:\Users\Public\Desktop\Google SketchUp 8.lnk
2013-08-16 20:09 - 2013-02-02 09:50 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-16 18:35 - 2013-08-16 18:11 - 67444141 _____ C:\Users\Jakub\Desktop\Google-SketchUp-Pro-8.rar
2013-08-16 14:37 - 2011-04-12 10:34 - 00631276 _____ C:\Windows\system32\perfh005.dat
2013-08-16 14:37 - 2011-04-12 10:34 - 00121930 _____ C:\Windows\system32\perfc005.dat
2013-08-16 14:37 - 2009-07-14 07:13 - 01470124 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-16 14:27 - 2013-07-31 11:46 - 00000000 ____D C:\Program Files (x86)\Origin
2013-08-16 14:25 - 2012-12-23 21:23 - 00000000 ____D C:\Windows\Panther
2013-08-16 09:19 - 2013-08-15 23:21 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-16 08:48 - 2009-07-14 07:08 - 00032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-15 23:37 - 2013-08-15 23:37 - 00000000 ____D C:\d69952b55780c8adae3bcee7f5caf4
2013-08-15 23:14 - 2013-08-15 23:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-15 22:52 - 2013-03-11 22:02 - 00000000 ____D C:\FFOutput
2013-08-15 21:20 - 2013-08-16 20:54 - 29285392 _____ C:\Users\Jakub\Desktop\myModMap.zip
2013-08-15 16:28 - 2012-12-23 21:23 - 00268768 _____ C:\DUMP4a77.tmp
2013-08-15 08:44 - 2013-08-15 08:38 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 08:38 - 2012-12-23 22:43 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-15 07:50 - 2013-05-09 17:16 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core.job
2013-08-14 20:32 - 2012-12-23 21:31 - 00000000 ____D C:\Users\Jakub
2013-08-14 20:31 - 2013-08-13 07:46 - 00000000 ____D C:\Program Files\Recuva
2013-08-14 15:17 - 2013-08-09 23:33 - 00000000 ____D C:\Users\Jakub\Desktop\MP3
2013-08-14 14:04 - 2013-08-09 16:51 - 00000487 _____ C:\Users\Jakub\Desktop\Nový textový dokument.txt
2013-08-14 13:08 - 2013-08-02 21:22 - 00000000 ____D C:\Program Files (x86)\QuadCoreM2
2013-08-14 10:32 - 2013-08-09 17:04 - 00026310 _____ C:\Windows\PFRO.log
2013-08-13 22:19 - 2013-08-10 11:31 - 00000000 ____D C:\ProgramData\CyberLink
2013-08-13 22:04 - 2012-12-29 19:38 - 00000000 ____D C:\Users\Jakub\AppData\Local\CrashDumps
2013-08-13 10:57 - 2012-12-29 14:50 - 00000000 ____D C:\Users\Jakub\AppData\Local\Windows Live
2013-08-13 07:49 - 2013-08-13 07:49 - 00001332 _____ C:\Users\Jakub\Desktop\Facebook Messenger.lnk
2013-08-13 07:49 - 2013-08-13 07:49 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2013-08-13 07:46 - 2013-08-13 07:46 - 00001658 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-08-13 07:45 - 2013-05-09 17:16 - 00003904 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA
2013-08-13 07:45 - 2013-05-09 17:16 - 00003536 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core
2013-08-13 07:06 - 2013-08-10 08:45 - 00000000 ____D C:\ProgramData\Adobe
2013-08-12 17:29 - 2013-08-12 17:29 - 00000383 _____ C:\Windows\DirectX.log
2013-08-12 17:28 - 2013-05-18 19:08 - 00000000 ____D C:\Program Files (x86)\Farming Simulator 2013
2013-08-12 12:43 - 2013-08-12 12:43 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-12 12:43 - 2012-12-29 15:37 - 00000000 ____D C:\Users\Jakub\AppData\Local\Google
2013-08-12 12:27 - 2013-08-12 12:27 - 00003946 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-08-12 12:27 - 2013-08-12 12:27 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-08-11 21:01 - 2013-08-11 21:01 - 00000000 ____D C:\ProgramData\Google
2013-08-10 08:45 - 2013-08-10 08:45 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-08-09 21:59 - 2013-05-11 15:41 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\.technic
2013-08-09 20:30 - 2013-08-09 20:30 - 00000000 ____D C:\ProgramData\HP
2013-08-09 18:03 - 2013-08-09 15:44 - 00000000 ____D C:\Users\Public\CyberLink
2013-08-09 17:05 - 2013-08-09 17:05 - 00000000 _____ C:\Windows\setuperr.log
2013-08-09 17:04 - 2009-07-14 06:45 - 00304248 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-09 17:02 - 2013-08-09 17:02 - 00005505 _____ C:\AdwCleaner[R2].txt
2013-08-09 17:02 - 2013-08-09 17:02 - 00005326 _____ C:\AdwCleaner[S1].txt
2013-08-09 15:56 - 2013-08-09 15:55 - 00005447 _____ C:\AdwCleaner[R1].txt
2013-08-09 15:44 - 2013-08-09 15:44 - 00000000 ____D C:\Users\Jakub\Documents\CyberLink
2013-08-09 15:44 - 2013-08-09 15:44 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\CyberLink
2013-08-09 15:44 - 2012-12-25 15:59 - 00075392 _____ C:\Users\Jakub\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-09 15:43 - 2013-08-09 15:43 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-08-09 15:43 - 2013-08-09 15:42 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-08-09 15:42 - 2013-08-09 15:42 - 00002020 _____ C:\Users\Public\Desktop\CyberLink PowerDirector 11 (64-bit).lnk
2013-08-09 15:42 - 2013-08-09 15:42 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-08-09 15:41 - 2013-08-09 15:41 - 00000000 ____D C:\Program Files (x86)\Cyberlink
2013-08-09 15:41 - 2013-08-09 15:38 - 00000000 ____D C:\Program Files\CyberLink
2013-08-09 15:38 - 2012-12-23 21:55 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-09 14:22 - 2013-03-27 18:00 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\uTorrent
2013-08-09 14:16 - 2013-03-19 09:32 - 00000000 ____D C:\Program Files (x86)\GIANTS Software
2013-08-09 13:41 - 2012-12-25 16:20 - 00000000 ____D C:\Users\Jakub\Documents\My Games
2013-08-09 13:33 - 2013-06-08 20:09 - 00000000 ____D C:\ProgramData\Intel
2013-08-09 11:51 - 2013-08-09 10:26 - 00000000 ____D C:\Qoobox
2013-08-09 11:15 - 2013-08-09 11:15 - 00041429 _____ C:\ComboFix.txt
2013-08-09 11:15 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-08-09 11:14 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-09 10:53 - 2013-08-09 10:26 - 00000000 ____D C:\Windows\erdnt
2013-08-09 10:44 - 2009-07-14 04:34 - 73662464 _____ C:\Windows\system32\config\software.bak
2013-08-09 10:44 - 2009-07-14 04:34 - 16515072 _____ C:\Windows\system32\config\system.bak
2013-08-09 10:44 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\default.bak
2013-08-09 10:44 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-08-09 10:44 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2013-08-09 10:43 - 2012-12-23 21:32 - 00000000 ___RD C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-08 22:48 - 2013-08-08 22:48 - 00000000 ____D C:\Users\Jakub\AppData\Local\qb4CD3E3.9F
2013-08-08 22:38 - 2013-08-08 22:34 - 00875008 _____ (Ufasoft) C:\Windows\SysWOW64\usft_ext.dll
2013-08-08 21:44 - 2013-08-08 21:46 - 00200704 _____ (Tencent Technology (Shenzhen) Company Limited) C:\Windows\Miner.dll
2013-08-08 21:44 - 2013-08-08 21:39 - 00200704 _____ (Tencent Technology (Shenzhen) Company Limited) C:\Windows\SysWOW64\miner.dll
2013-08-08 13:26 - 2013-08-08 13:26 - 00003592 _____ C:\{4682CB97-5CA0-4BED-81E1-2DB6282B2728}
2013-08-08 12:27 - 2013-08-08 12:27 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Malwarebytes
2013-08-08 12:27 - 2013-08-08 12:25 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\NexusFile
2013-08-08 12:25 - 2013-08-08 12:25 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\cryptlib
2013-08-08 12:21 - 2013-08-08 12:21 - 00000000 ____D C:\Program Files (x86)\NexusFile
2013-08-08 08:22 - 2013-08-08 08:22 - 00004280 _____ C:\{C7F36A59-8335-4F88-8379-484E33D943BF}
2013-08-07 20:14 - 2013-08-07 20:14 - 00004360 _____ C:\{9A6022A5-1205-4721-81E5-3A15435A46D0}
2013-08-07 08:25 - 2013-08-07 08:25 - 00001211 _____ C:\Users\Jakub\Desktop\Farming Simulator 2013 .lnk
2013-08-07 08:01 - 2013-08-07 08:01 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\TeamViewer
2013-08-07 07:08 - 2012-12-27 20:27 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-07 07:08 - 2012-12-27 20:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-07 07:08 - 2012-12-27 20:27 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-07 06:58 - 2013-08-06 23:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-06 23:45 - 2013-08-06 23:15 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-06 23:45 - 2013-08-03 17:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-06 23:16 - 2012-12-27 20:13 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Mozilla
2013-08-06 23:15 - 2013-05-04 09:52 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\TS3Client
2013-08-06 23:15 - 2012-12-25 15:52 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\DAEMON Tools Lite
2013-08-06 15:28 - 2013-08-01 10:43 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-08-04 18:30 - 2013-08-04 18:30 - 00004360 _____ C:\{5ACCB3E3-B0C6-4972-913D-A311EBAA179C}
2013-08-03 11:16 - 2013-08-03 11:16 - 00000000 ____D C:\Users\Jakub\AppData\Local\TechSmith
2013-08-03 11:12 - 2013-08-03 11:12 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\TechSmith
2013-08-02 21:25 - 2013-08-02 21:24 - 00000951 _____ C:\Users\Public\Desktop\QuadcoreM2.lnk
2013-08-02 21:07 - 2013-08-02 21:07 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Quadcore Games
2013-08-01 22:58 - 2012-12-23 23:55 - 00000000 ____D C:\ProgramData\Norton
2013-08-01 22:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-08-01 10:28 - 2013-07-25 20:14 - 00000000 ____D C:\Program Files (x86)\Panasonic
2013-07-31 19:02 - 2013-07-31 12:15 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Origin
2013-07-31 15:37 - 2013-07-31 12:15 - 00000000 ____D C:\Users\Jakub\AppData\Local\Origin
2013-07-31 12:17 - 2013-02-23 19:47 - 00000000 ____D C:\ProgramData\Origin
2013-07-31 11:46 - 2013-07-31 11:46 - 00000979 _____ C:\Users\Public\Desktop\Origin.lnk
2013-07-31 11:19 - 2013-04-25 08:31 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-07-31 07:40 - 2013-03-20 19:36 - 00000000 ____D C:\ProgramData\Sony
2013-07-29 10:20 - 2013-04-27 10:48 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Apple Computer
2013-07-29 08:58 - 2013-07-29 08:58 - 00000000 ____D C:\Users\Jakub\AppData\Local\Apple Computer
2013-07-29 08:52 - 2013-07-29 08:52 - 00000000 ____D C:\Users\Jakub\AppData\Local\Apple
2013-07-28 20:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-27 22:48 - 2013-06-08 22:13 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2013-07-27 22:47 - 2013-07-27 22:47 - 00001031 _____ C:\Users\Jakub\Desktop\PhotoScape.lnk
2013-07-27 19:56 - 2013-03-20 19:35 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Sony
2013-07-27 18:12 - 2013-07-23 08:58 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2013-07-27 18:12 - 2013-07-23 08:58 - 00000000 ____D C:\Program Files (x86)\NCH Software
2013-07-27 18:11 - 2013-07-23 08:58 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\NCH Software
2013-07-27 18:11 - 2013-07-23 08:58 - 00000000 ____D C:\ProgramData\NCH Software
2013-07-27 10:07 - 2013-07-27 10:07 - 00003124 _____ C:\Windows\System32\Tasks\{338F2149-4DC5-4228-8891-E62F4882FD70}
2013-07-27 09:49 - 2013-07-27 09:49 - 00000000 ____D C:\ProgramData\Studio14Trial
2013-07-27 09:33 - 2013-07-27 09:33 - 00000000 ____D C:\ProgramData\PCTV Systems
2013-07-27 09:33 - 2013-07-27 09:33 - 00000000 ____D C:\Program Files (x86)\Pinnacle
2013-07-26 07:13 - 2013-08-16 10:06 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-16 10:06 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-16 10:06 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-16 10:06 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-16 10:06 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-16 10:06 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-16 10:06 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-16 10:06 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-16 10:06 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-16 10:06 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-16 10:06 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-16 10:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-16 10:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-16 10:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-16 10:06 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-16 10:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-16 10:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-16 10:06 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-16 10:06 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-16 10:06 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-16 10:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-16 10:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-16 10:06 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-16 10:06 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-16 10:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-16 10:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-16 10:06 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-16 10:06 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-16 10:06 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-16 10:06 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-16 10:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 20:29 - 2013-07-25 20:29 - 00000000 ____D C:\ProgramData\Panasonic
2013-07-25 20:26 - 2013-07-25 20:26 - 00000000 ____D C:\Users\Jakub\AppData\Local\Panasonic
2013-07-25 20:14 - 2013-07-25 20:14 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2013-07-25 20:14 - 2013-07-25 20:14 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-07-25 20:14 - 2013-07-25 20:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-25 20:14 - 2012-12-29 15:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-25 13:10 - 2013-07-24 19:36 - 00001848 _____ C:\Users\Jakub\Desktop\Minecraft 1.6.2.lnk
2013-07-25 11:25 - 2013-08-15 08:31 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-15 08:31 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-24 12:49 - 2013-07-24 12:49 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-07-23 10:23 - 2013-07-19 23:11 - 00000000 ____D C:\Program Files (x86)\Autodesk
2013-07-23 10:14 - 2013-07-23 10:14 - 00000000 ____D C:\ProgramData\Pinnacle
2013-07-23 10:13 - 2013-07-23 10:13 - 00000000 ____D C:\Users\Jakub\AppData\Local\CRE
2013-07-23 10:13 - 2013-02-15 18:49 - 00000000 ____D C:\Users\Jakub\AppData\Local\Downloaded Installations
2013-07-22 21:52 - 2013-07-22 21:51 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Autodesk
2013-07-22 21:52 - 2013-07-20 13:00 - 00000000 ____D C:\Users\Jakub\Documents\maya
2013-07-22 21:44 - 2013-07-22 21:17 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2013-07-22 21:30 - 2013-07-13 18:25 - 00000000 ____D C:\Program Files\Autodesk
2013-07-22 21:24 - 2013-07-22 21:24 - 00001792 _____ C:\Users\Public\Desktop\Autodesk Maya 2013 64-bit.lnk
2013-07-22 21:24 - 2013-07-22 21:24 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2013-07-21 09:51 - 2013-07-20 21:44 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Seznam.cz
2013-07-20 22:07 - 2013-07-20 21:48 - 00000000 ____D C:\Users\Jakub\AppData\Local\WebPlayer
2013-07-20 12:17 - 2013-01-06 19:52 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-20 10:46 - 2013-07-18 21:02 - 00000000 ____D C:\Users\Jakub\HellSpy
2013-07-19 21:31 - 2013-07-13 19:25 - 00000000 ____D C:\Users\Jakub\AppData\Local\Autodesk
2013-07-19 03:58 - 2013-08-15 08:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-19 03:41 - 2013-08-15 08:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-07-18 17:46 - 2012-12-27 20:35 - 00000000 ___RD C:\Program Files (x86)\Skype

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



==================== Scheduled Tasks (whitelisted) ===========

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core.job => C:\Users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA.job => C:\Users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core.job => C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA.job => C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Supplementary Scan (All) ================


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000005
"ConsentPromptBehaviorUser"=dword:00000003
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000001
"EnableSecureUIAPaths"=dword:00000001
"EnableUIADesktopToggle"=dword:00000000
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000
"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=dword:00000001
"FirewallDisableNotify"=dword:00000000
"AntiVirusDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"AntiSpywareOverride"=dword:00000000
"FirewallOverride"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.msadpcm"="msadp32.acm"
"midimapper"="midimap.dll"
"wavemapper"="msacm32.drv"
"VIDC.UYVY"="msyuv.dll"
"VIDC.YUY2"="msyuv.dll"
"VIDC.YVYU"="msyuv.dll"
"VIDC.IYUV"="iyuv_32.dll"
"vidc.i420"="iyuv_32.dll"
"VIDC.YVU9"="tsbyuv.dll"
"msacm.l3acm"="C:\\Windows\\System32\\l3codeca.acm"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"
"VIDC.FPS1"="frapsv64.dll"
"MSVideo8"="VfWWDM32.dll"
"wave1"="wdmaud.drv"
"mixer1"="wdmaud.drv"
"wave2"="wdmaud.drv"
"midi1"="wdmaud.drv"
"mixer2"="wdmaud.drv"
"aux1"="wdmaud.drv"
"wave3"="wdmaud.drv"
"midi2"="wdmaud.drv"
"mixer3"="wdmaud.drv"
"aux2"="wdmaud.drv"
"wave4"="wdmaud.drv"
"midi3"="wdmaud.drv"
"mixer4"="wdmaud.drv"
"aux3"="wdmaud.drv"
"vidc.tscc"="C:\\Windows\\SysWOW64\\tsccvid64.dll"
"vidc.tsc2"="C:\\Windows\\SysWOW64\\tsc2_codec64.dll"


==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:74.43 GB) (Free:23.98 GB) NTFS
Drive d: (FMS2013) (CDROM) (Total:1.51 GB) (Free:0 GB) CDFS
Drive e: (ADATA UFD) (Removable) (Total:7.51 GB) (Free:1.04 GB) FAT32

Available physical RAM: 1963.45 MB
Total physical RAM: 3785.84 MB
Percentage of memory in use: 48%

LastRegBack: 2013-07-28 20:27

==================== End Of Log ==============================
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o pomoc

#18 Příspěvek od vyosek »

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKCU\...\Run: [Facebook Update] - C:\Users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-08-13] (Facebook Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
SearchScopes: HKCU - {523C1BBA-CB85-4BF0-8B5B-6BBABEA33D56} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=4E8952E3-8FA7-4B80-AA83-621ACE57E6D4&apn_sauid=7BA4BBFD-4E20-413A-8F2D-DF8FBA4D3823
SearchScopes: HKCU - {F14900C8-6A11-4A9F-B6E2-210903C28239} URL = http://search.phpnuke.org/?lang=en&cid=457c4dfc&q={searchTerms}
S1 cbcbveqs; \??\C:\Windows\system32\drivers\cbcbveqs.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core.job => C:\Users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA.job => C:\Users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core.job => C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA.job => C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\SysWOW64\Drivers\X6va012
C:\Windows\system32\drivers\cbcbveqs.sys
Hosts:
CMD: shutdown /r /f /t 2
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
KachnaCZ
Návštěvník
Návštěvník
Příspěvky: 33
Registrován: 08 srp 2013 21:01

Re: Prosím o pomoc

#19 Příspěvek od KachnaCZ »

:) Zde log:Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-08-2013 01
Ran by Jakub at 2013-08-24 09:02:10 Run:1
Running from C:\Users\Jakub\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKCU\...\Run: [Facebook Update] - C:\Users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-08-13] (Facebook Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
SearchScopes: HKCU - {523C1BBA-CB85-4BF0-8B5B-6BBABEA33D56} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=4E8952E3-8FA7-4B80-AA83-621ACE57E6D4&apn_sauid=7BA4BBFD-4E20-413A-8F2D-DF8FBA4D3823
SearchScopes: HKCU - {F14900C8-6A11-4A9F-B6E2-210903C28239} URL = http://search.phpnuke.org/?lang=en&cid= ... earchTerms}
S1 cbcbveqs; \??\C:\Windows\system32\drivers\cbcbveqs.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core.job => C:\Users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA.job => C:\Users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core.job => C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA.job => C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\SysWOW64\Drivers\X6va012
C:\Windows\system32\drivers\cbcbveqs.sys
Hosts:
CMD: shutdown /r /f /t 2
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{523C1BBA-CB85-4BF0-8B5B-6BBABEA33D56} => Key deleted successfully.
HKCR\CLSID\{523C1BBA-CB85-4BF0-8B5B-6BBABEA33D56} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F14900C8-6A11-4A9F-B6E2-210903C28239} => Key deleted successfully.
HKCR\CLSID\{F14900C8-6A11-4A9F-B6E2-210903C28239} => Key not found.
cbcbveqs => Service deleted successfully.
EagleX64 => Service deleted successfully.
X6va012 => Service deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA.job => Moved successfully.
"C:\Windows\SysWOW64\Drivers\X6va012" => File/Directory not found.
"C:\Windows\system32\drivers\cbcbveqs.sys" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o pomoc

#20 Příspěvek od vyosek »

Fajn, jak se chova PC :???:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
KachnaCZ
Návštěvník
Návštěvník
Příspěvky: 33
Registrován: 08 srp 2013 21:01

Re: Prosím o pomoc

#21 Příspěvek od KachnaCZ »

Skvěle anti vir nic nehlásil ani před ani po kontrole děkuji jen je kapku pomalejší ale projedu to cc cleanerem :) Děkuji
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o pomoc

#22 Příspěvek od vyosek »

Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“