Prosim o kontrolu logu

[thomassek]

Zdravím strejda ode mě dostal tenhle už trochu starší kousek a ikdyž sem mu tam hodil Avira stejně to nějak zvládnul zaneřádit havětí..PC je celkem dost zasekaný. Předem díky moc!

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by Vasek (administrator) on VASEK-PC on 03-10-2013 15:21:06
Running from C:\Users\Vasek\Desktop
Microsoft Windows 7 Home Premium (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
() C:\Users\Vasek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Google Inc.) C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Google Inc.) C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe
(LemurLeap) C:\Program Files\LemurLeap\update\i3bms4p2.gfp.exe
(Google Inc.) C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Vasek\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe
() C:\Users\Vasek\AppData\Local\MSGBOX.EXE
(Google Inc.) C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\PING.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-08-29] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [PC-Checkup] - C:\Program Files\CheckUpPC\PCCheckUP.exe [5366360 2012-04-13] (MicroSmarts LLC.)
HKLM\...\Run: [NvSvc] - RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Vasek\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Vasek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
MountPoints2: {47d90835-c1dd-11e2-86a1-000fea7a0d2b} - E:\LGAutoRun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com/?babsrc=HP ... 3&tsp=5007
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={search ... 3&tsp=5007
BHO: LemurLeap - {415419c3-dad0-4df1-ac37-22c72ad81878} - C:\Program Files\LemurLeap\LemurLeapbho.dll (LemurLeap)
BHO: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU -Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 27 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lrmzt357.default
FF NewTab: hxxp://www2.delta-search.com/?babsrc=NT_ss&mntrId=FC5E000FEA7A0D2B&affID=119943&tsp=5007
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: 7Go Games - C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lrmzt357.default\Extensions\7go@7go.com
FF Extension: Seznam lištička - C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lrmzt357.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/?clid=13415
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Vasek\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Vasek\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Vasek\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\24.57844_0
CHR Extension: (Google Docs) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Slovn\u00EDk) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0
CHR Extension: (YouTube) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (LemurLeap) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof\1.0.0_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0
CHR Extension: (Gmail) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR HKLM\...\Chrome\Extension: [gjajpkikblccgefaibcafkfbanllpefi] - C:\Users\Vasek\AppData\Roaming\7go\7go.crx
CHR HKLM\...\Chrome\Extension: [jlnfdbbladgcmhhamgkioifhbobjaoof] - C:\Program Files\LemurLeap\jlnfdbbladgcmhhamgkioifhbobjaoof.crx

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-08-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-08-29] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3289472 2013-07-12] (Skype Technologies S.A.)
S2 Update LemurLeap; C:\Program Files\LemurLeap\updateLemurLeap.exe [206624 2013-09-26] (LemurLeap)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-08-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-06] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1872192 2009-05-20] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-10-02] (DT Soft Ltd)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-10-02] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
U3 aego2lj9; C:\Windows\System32\Drivers\aego2lj9.sys [0 ] (Advanced Micro Devices)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-03 15:20 - 2013-10-03 15:20 - 00029696 _____ C:\Users\Vasek\AppData\Local\MSGBOX.EXE
2013-10-03 15:20 - 2013-10-03 15:20 - 00015327 _____ C:\Users\Vasek\Desktop\LM.bat
2013-10-03 15:20 - 2013-10-03 15:20 - 00000000 ____D C:\FRST
2013-10-03 15:18 - 2013-10-03 15:18 - 00112128 _____ (forum.viry.cz) C:\Users\Vasek\Desktop\FRSTLauncher.exe
2013-10-03 15:17 - 2013-10-03 15:17 - 01087213 _____ (Farbar) C:\Users\Vasek\Desktop\FRST.exe
2013-10-02 18:53 - 2013-10-02 18:53 - 00007605 _____ C:\Users\Vasek\AppData\Local\Resmon.ResmonCfg
2013-10-02 18:20 - 2013-10-02 18:34 - 218396134 _____ C:\Users\Vasek\Downloads\red hot chili peppers - dani california guitar cover (Full Song) ダニーカリフォルニア.mp4
2013-10-02 15:54 - 2013-10-03 15:12 - 00000000 ____D C:\Program Files\LemurLeap
2013-10-02 15:47 - 2013-10-02 15:47 - 00000000 ____D C:\Program Files\Seznam.cz
2013-10-02 15:44 - 2013-10-03 15:12 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\Seznam.cz
2013-10-02 15:43 - 2013-10-02 15:43 - 00001896 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-10-02 15:42 - 2013-10-02 15:42 - 00242240 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-10-02 15:41 - 2013-10-02 15:42 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-10-02 15:38 - 2013-10-02 15:40 - 22532259 _____ C:\Users\Vasek\Downloads\DTLite-setup.exe
2013-10-02 15:35 - 2013-10-02 15:35 - 00166600 _____ () C:\Users\Vasek\Downloads\7ZipSetup.exe
2013-10-02 15:19 - 2013-10-02 15:19 - 00466008 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2013-10-02 15:18 - 2013-09-30 19:42 - 00000000 ____D C:\Users\Vasek\Downloads\Alcohol 120+key
2013-10-02 15:17 - 2013-10-02 15:17 - 01937878 _____ C:\Users\Vasek\Downloads\Alcohol-120+key.rar
2013-10-02 14:58 - 2013-10-02 14:58 - 00000000 ____D C:\Program Files\Rockstar Games
2013-10-02 14:54 - 2013-10-02 15:40 - 00000000 ____D C:\GTA Vice city
2013-10-02 14:52 - 2013-10-02 14:57 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\DAEMON Tools Lite
2013-10-02 14:51 - 2013-10-02 14:57 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-10-02 14:50 - 2013-10-02 14:50 - 13867192 _____ (Disc Soft Ltd) C:\Users\Vasek\Downloads\DTLite4471-0335.exe
2013-10-02 13:30 - 2013-10-02 14:48 - 1355226537 _____ C:\Users\Vasek\Downloads\GTA-Vice-City.rar
2013-10-01 17:45 - 2013-10-01 17:50 - 85164341 _____ C:\Users\Vasek\Downloads\Booze & Glory - -u0027London Skinhead Crew-u0027 - Official Video (HD).mp4
2013-10-01 17:04 - 2013-10-01 17:11 - 108257366 _____ C:\Users\Vasek\Downloads\DOCTOR-P.P.---Rock-n-Roll-Zombie-(CZ-2009).rar
2013-09-30 17:57 - 2013-09-30 19:45 - 2076997402 _____ C:\Users\Vasek\Downloads\Incest porno - Mea culpa - legendarni incest porno retro porno incest (matka-syn, otec-dcera) xxx sex best porno.avi
2013-09-30 17:11 - 2013-09-30 17:13 - 15027480 _____ C:\Users\Vasek\Downloads\Vypsaná fiXa Papírová hyena G2 Acoustic stage (prac.obraz).mp4
2013-09-30 17:09 - 2013-09-30 17:10 - 14387328 _____ C:\Users\Vasek\Downloads\Vypsaná Fixa - Ledňáčci (Óčko TV - G2 Acoustic Stage 2013) (1).mp4
2013-09-26 20:02 - 2013-09-26 20:02 - 98009570 _____ C:\Windows\system32\椬蔟w
2013-09-20 13:23 - 2013-09-20 13:23 - 98474815 _____ C:\Windows\system32\醀㠻Š
2013-09-20 12:41 - 2013-09-20 12:42 - 00067930 _____ C:\Users\Vasek\Downloads\kcpuc100.zip
2013-09-20 12:30 - 2013-09-20 12:30 - 00067930 _____ C:\Users\Vasek\Downloads\kcpuc_100.zip
2013-09-20 11:41 - 2013-10-03 15:09 - 00001278 _____ C:\Windows\setupact.log
2013-09-20 11:41 - 2013-09-20 11:41 - 00000000 _____ C:\Windows\setuperr.log
2013-09-20 11:40 - 2013-10-02 15:20 - 00003034 _____ C:\Windows\PFRO.log
2013-09-20 11:11 - 2013-09-20 11:11 - 00002364 _____ C:\Users\Vasek\Desktop\Google Chrome.lnk
2013-09-20 11:11 - 2013-09-20 11:11 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-09-20 11:10 - 2013-09-20 11:10 - 00000000 ____D C:\Users\Vasek\AppData\Local\Google
2013-09-20 11:07 - 2013-09-20 11:09 - 40269212 _____ C:\Users\Vasek\Downloads\Chrome-setup.exe
2013-09-19 14:35 - 2013-09-19 14:35 - 98378485 _____ C:\Windows\system32\ᜐ䷋h
2013-09-17 12:02 - 2013-09-20 11:18 - 00000000 ____D C:\Program Files\CheckUpPC
2013-09-17 09:24 - 2013-09-18 14:59 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\PCToolsFirewallPlus
2013-09-17 09:23 - 2013-09-18 14:59 - 00000000 ____D C:\Program Files\PC Tools Firewall Plus
2013-09-16 17:22 - 2013-09-16 17:22 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-09-16 17:22 - 2006-10-09 23:58 - 00356352 _____ (NVIDIA Corporation) C:\Windows\system32\NVUNINST.EXE
2013-09-16 17:21 - 2013-09-16 17:21 - 00000000 ____D C:\NVIDIA
2013-09-16 17:13 - 2013-09-16 17:13 - 00000000 ____D C:\Windows\Sun
2013-09-16 17:07 - 2013-09-16 17:09 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\PerformerSoft
2013-09-16 17:06 - 2013-09-16 17:06 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\File Scout
2013-09-16 17:05 - 2013-09-16 17:05 - 00001856 _____ C:\Users\Vasek\Desktop\Search.lnk
2013-09-16 17:05 - 2013-09-16 17:05 - 00001136 _____ C:\Users\Vasek\Desktop\SpeedAnalysis.lnk
2013-09-16 17:05 - 2013-09-16 17:05 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\SpeedAnalysis3
2013-09-16 17:05 - 2013-09-16 17:05 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\Babylon
2013-09-16 17:05 - 2013-09-16 17:05 - 00000000 ____D C:\ProgramData\IBUpdaterService
2013-09-16 17:05 - 2013-09-16 17:05 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-16 17:05 - 2013-09-16 17:05 - 00000000 ____D C:\ProgramData\Babylon
2013-09-16 17:04 - 2013-09-16 17:05 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\7go
2013-09-16 17:04 - 2013-09-16 17:04 - 00001180 _____ C:\Users\Vasek\Desktop\7go.lnk
2013-09-16 16:46 - 2013-09-20 11:38 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\Media Player Classic
2013-09-16 12:20 - 2013-09-16 12:20 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2013-09-16 12:20 - 2013-08-22 19:09 - 00217176 _____ C:\Windows\system32\unrar.dll
2013-09-16 12:20 - 2013-03-17 18:21 - 03649536 _____ (x264vfw project) C:\Windows\system32\x264vfw.dll
2013-09-16 12:20 - 2013-01-06 22:22 - 00112640 _____ C:\Windows\system32\ff_vfw.dll
2013-09-16 12:20 - 2012-07-21 12:54 - 00122880 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2013-09-16 12:20 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\system32\lagarith.dll
2013-09-16 12:20 - 2011-06-24 16:44 - 00243200 _____ C:\Windows\system32\xvidvfw.dll
2013-09-16 12:20 - 2011-06-24 16:28 - 00650752 _____ C:\Windows\system32\xvidcore.dll
2013-09-16 12:09 - 2013-09-16 12:09 - 00001101 _____ C:\Users\Public\Desktop\BS.Player PRO.lnk
2013-09-16 12:07 - 2013-09-16 20:02 - 00000000 ____D C:\Users\Vasek\Desktop\BSplayer Pro 2.64 Build 1073_dudiss
2013-09-16 10:14 - 2013-09-16 10:58 - 696542264 _____ C:\Users\Vasek\Desktop\Podzimní-Cesta-(Komedie)-(2005)-Peter-Falk-cz-dubbing-AVI---Pawlyn.avi
2013-09-11 14:14 - 2013-09-11 14:14 - 00000981 _____ C:\Users\Public\Desktop\MP3 Cut.lnk
2013-09-11 14:14 - 2013-09-11 14:14 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\MP3 Cut
2013-09-11 14:14 - 2013-09-11 14:14 - 00000000 ____D C:\Program Files\MP3 Cut
2013-09-11 14:00 - 2013-09-16 13:21 - 00000000 ____D C:\Windows\Minidump
2013-09-11 13:58 - 2013-09-11 13:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2013-09-11 13:57 - 2013-09-11 13:57 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.3100.dll
2013-09-11 13:55 - 2013-09-11 13:55 - 00000000 ____D C:\Users\Vasek\Desktop\BLA
2013-09-11 13:55 - 2011-10-29 10:43 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2013-09-11 13:55 - 2011-10-29 10:43 - 00851176 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2013-09-11 13:52 - 2013-09-16 14:57 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\Systweak
2013-09-11 13:52 - 2013-06-19 14:58 - 00017920 _____ (PerformerSoft LLC) C:\Windows\system32\roboot.exe
2013-09-11 11:47 - 2013-09-11 11:47 - 97080355 _____ C:\Windows\system32\洅驈w
2013-09-10 13:17 - 2013-09-10 13:17 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-10 13:12 - 2013-10-02 18:36 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\vlc
2013-09-10 13:12 - 2013-09-10 13:13 - 00000000 ____D C:\Users\Vasek\Desktop\VLC media player
2013-09-09 19:39 - 2009-07-14 03:16 - 02755072 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll.backup
2013-09-09 19:39 - 2009-07-14 03:16 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll.backup
2013-09-09 19:39 - 2009-07-14 03:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll.backup
2013-09-09 09:05 - 2006-10-26 19:56 - 00032592 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2013-09-09 08:58 - 2013-09-09 08:58 - 00000000 ____D C:\Program Files\Microsoft Works
2013-09-09 08:56 - 2013-09-09 08:56 - 00000000 ____D C:\Program Files\Microsoft Visual Studio
2013-09-09 08:56 - 2013-09-09 08:56 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-09-09 08:53 - 2013-09-09 08:53 - 00000000 ____D C:\Windows\PCHEALTH
2013-09-09 08:53 - 2013-09-09 08:53 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-09-09 08:48 - 2013-09-09 08:48 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2013-09-09 08:45 - 2013-09-09 09:07 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-09 08:45 - 2013-09-09 08:57 - 00000000 ____D C:\Program Files\Microsoft Office
2013-09-09 08:45 - 2013-09-09 08:45 - 00000000 ____D C:\Users\Vasek\AppData\Local\Microsoft Help
2013-09-09 08:43 - 2013-09-09 08:43 - 00000000 __RHD C:\MSOCache
2013-09-09 08:39 - 2012-02-23 16:27 - 00000000 ____D C:\Users\Vasek\Desktop\Microsoft Office 2007CZ FULL + key
2013-09-08 14:34 - 2013-09-08 14:34 - 96559285 _____ C:\Windows\system32\ⷜ�A
2013-09-04 05:53 - 2013-09-04 05:53 - 95780347 _____ C:\Windows\system32\⑎

==================== One Month Modified Files and Folders =======

2013-10-03 15:20 - 2013-10-03 15:20 - 00029696 _____ C:\Users\Vasek\AppData\Local\MSGBOX.EXE
2013-10-03 15:20 - 2013-10-03 15:20 - 00015327 _____ C:\Users\Vasek\Desktop\LM.bat
2013-10-03 15:20 - 2013-10-03 15:20 - 00000000 ____D C:\FRST
2013-10-03 15:18 - 2013-10-03 15:18 - 00112128 _____ (forum.viry.cz) C:\Users\Vasek\Desktop\FRSTLauncher.exe
2013-10-03 15:18 - 2009-07-14 06:34 - 00014208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-03 15:18 - 2009-07-14 06:34 - 00014208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-03 15:17 - 2013-10-03 15:17 - 01087213 _____ (Farbar) C:\Users\Vasek\Desktop\FRST.exe
2013-10-03 15:12 - 2013-10-02 15:54 - 00000000 ____D C:\Program Files\LemurLeap
2013-10-03 15:12 - 2013-10-02 15:44 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\Seznam.cz
2013-10-03 15:12 - 2013-05-20 18:01 - 01445734 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-03 15:11 - 2013-05-20 17:45 - 00525792 _____ C:\Windows\WindowsUpdate.log
2013-10-03 15:09 - 2013-09-20 11:41 - 00001278 _____ C:\Windows\setupact.log
2013-10-03 15:07 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-02 19:33 - 2013-05-20 17:59 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-02 18:53 - 2013-10-02 18:53 - 00007605 _____ C:\Users\Vasek\AppData\Local\Resmon.ResmonCfg
2013-10-02 18:36 - 2013-09-10 13:12 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\vlc
2013-10-02 18:34 - 2013-10-02 18:20 - 218396134 _____ C:\Users\Vasek\Downloads\red hot chili peppers - dani california guitar cover (Full Song) ダニーカリフォルニア.mp4
2013-10-02 16:03 - 2013-08-14 16:11 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-10-02 15:47 - 2013-10-02 15:47 - 00000000 ____D C:\Program Files\Seznam.cz
2013-10-02 15:43 - 2013-10-02 15:43 - 00001896 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-10-02 15:42 - 2013-10-02 15:42 - 00242240 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-10-02 15:42 - 2013-10-02 15:41 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-10-02 15:40 - 2013-10-02 15:38 - 22532259 _____ C:\Users\Vasek\Downloads\DTLite-setup.exe
2013-10-02 15:40 - 2013-10-02 14:54 - 00000000 ____D C:\GTA Vice city
2013-10-02 15:35 - 2013-10-02 15:35 - 00166600 _____ () C:\Users\Vasek\Downloads\7ZipSetup.exe
2013-10-02 15:20 - 2013-09-20 11:40 - 00003034 _____ C:\Windows\PFRO.log
2013-10-02 15:19 - 2013-10-02 15:19 - 00466008 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2013-10-02 15:17 - 2013-10-02 15:17 - 01937878 _____ C:\Users\Vasek\Downloads\Alcohol-120+key.rar
2013-10-02 14:58 - 2013-10-02 14:58 - 00000000 ____D C:\Program Files\Rockstar Games
2013-10-02 14:57 - 2013-10-02 14:52 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\DAEMON Tools Lite
2013-10-02 14:57 - 2013-10-02 14:51 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-10-02 14:50 - 2013-10-02 14:50 - 13867192 _____ (Disc Soft Ltd) C:\Users\Vasek\Downloads\DTLite4471-0335.exe
2013-10-02 14:48 - 2013-10-02 13:30 - 1355226537 _____ C:\Users\Vasek\Downloads\GTA-Vice-City.rar
2013-10-01 17:50 - 2013-10-01 17:45 - 85164341 _____ C:\Users\Vasek\Downloads\Booze & Glory - -u0027London Skinhead Crew-u0027 - Official Video (HD).mp4
2013-10-01 17:11 - 2013-10-01 17:04 - 108257366 _____ C:\Users\Vasek\Downloads\DOCTOR-P.P.---Rock-n-Roll-Zombie-(CZ-2009).rar
2013-09-30 19:45 - 2013-09-30 17:57 - 2076997402 _____ C:\Users\Vasek\Downloads\Incest porno - Mea culpa - legendarni incest porno retro porno incest (matka-syn, otec-dcera) xxx sex best porno.avi
2013-09-30 19:42 - 2013-10-02 15:18 - 00000000 ____D C:\Users\Vasek\Downloads\Alcohol 120+key
2013-09-30 17:13 - 2013-09-30 17:11 - 15027480 _____ C:\Users\Vasek\Downloads\Vypsaná fiXa Papírová hyena G2 Acoustic stage (prac.obraz).mp4
2013-09-30 17:10 - 2013-09-30 17:09 - 14387328 _____ C:\Users\Vasek\Downloads\Vypsaná Fixa - Ledňáčci (Óčko TV - G2 Acoustic Stage 2013) (1).mp4
2013-09-30 16:39 - 2009-07-14 06:53 - 00032638 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-26 20:02 - 2013-09-26 20:02 - 98009570 _____ C:\Windows\system32\椬蔟w
2013-09-24 13:01 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-09-24 10:15 - 2013-05-20 18:41 - 00000000 ____D C:\Windows\Panther
2013-09-23 13:04 - 2013-08-29 17:13 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\Winamp
2013-09-20 13:33 - 2013-05-20 17:59 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-20 13:33 - 2013-05-20 17:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-20 13:23 - 2013-09-20 13:23 - 98474815 _____ C:\Windows\system32\醀㠻Š
2013-09-20 12:42 - 2013-09-20 12:41 - 00067930 _____ C:\Users\Vasek\Downloads\kcpuc100.zip
2013-09-20 12:30 - 2013-09-20 12:30 - 00067930 _____ C:\Users\Vasek\Downloads\kcpuc_100.zip
2013-09-20 11:41 - 2013-09-20 11:41 - 00000000 _____ C:\Windows\setuperr.log
2013-09-20 11:38 - 2013-09-16 16:46 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\Media Player Classic
2013-09-20 11:18 - 2013-09-17 12:02 - 00000000 ____D C:\Program Files\CheckUpPC
2013-09-20 11:16 - 2013-08-17 12:05 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-20 11:11 - 2013-09-20 11:11 - 00002364 _____ C:\Users\Vasek\Desktop\Google Chrome.lnk
2013-09-20 11:11 - 2013-09-20 11:11 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-09-20 11:10 - 2013-09-20 11:10 - 00000000 ____D C:\Users\Vasek\AppData\Local\Google
2013-09-20 11:09 - 2013-09-20 11:07 - 40269212 _____ C:\Users\Vasek\Downloads\Chrome-setup.exe
2013-09-20 09:55 - 2013-08-15 19:32 - 00000000 ____D C:\Users\Vasek\Desktop\Filmy
2013-09-19 14:35 - 2013-09-19 14:35 - 98378485 _____ C:\Windows\system32\ᜐ䷋h
2013-09-18 14:59 - 2013-09-17 09:24 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\PCToolsFirewallPlus
2013-09-18 14:59 - 2013-09-17 09:23 - 00000000 ____D C:\Program Files\PC Tools Firewall Plus
2013-09-16 20:02 - 2013-09-16 12:07 - 00000000 ____D C:\Users\Vasek\Desktop\BSplayer Pro 2.64 Build 1073_dudiss
2013-09-16 19:14 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\LiveKernelReports
2013-09-16 17:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Help
2013-09-16 17:22 - 2013-09-16 17:22 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-09-16 17:21 - 2013-09-16 17:21 - 00000000 ____D C:\NVIDIA
2013-09-16 17:13 - 2013-09-16 17:13 - 00000000 ____D C:\Windows\Sun
2013-09-16 17:09 - 2013-09-16 17:07 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\PerformerSoft
2013-09-16 17:06 - 2013-09-16 17:06 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\File Scout
2013-09-16 17:05 - 2013-09-16 17:05 - 00001856 _____ C:\Users\Vasek\Desktop\Search.lnk
2013-09-16 17:05 - 2013-09-16 17:05 - 00001136 _____ C:\Users\Vasek\Desktop\SpeedAnalysis.lnk
2013-09-16 17:05 - 2013-09-16 17:05 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\SpeedAnalysis3
2013-09-16 17:05 - 2013-09-16 17:05 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\Babylon
2013-09-16 17:05 - 2013-09-16 17:05 - 00000000 ____D C:\ProgramData\IBUpdaterService
2013-09-16 17:05 - 2013-09-16 17:05 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-16 17:05 - 2013-09-16 17:05 - 00000000 ____D C:\ProgramData\Babylon
2013-09-16 17:05 - 2013-09-16 17:04 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\7go
2013-09-16 17:04 - 2013-09-16 17:04 - 00001180 _____ C:\Users\Vasek\Desktop\7go.lnk
2013-09-16 14:57 - 2013-09-11 13:52 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\Systweak
2013-09-16 13:21 - 2013-09-11 14:00 - 00000000 ____D C:\Windows\Minidump
2013-09-16 13:21 - 2013-08-15 17:09 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\uTorrent
2013-09-16 12:46 - 2013-08-13 12:33 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\BSplayer Pro
2013-09-16 12:20 - 2013-09-16 12:20 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2013-09-16 12:09 - 2013-09-16 12:09 - 00001101 _____ C:\Users\Public\Desktop\BS.Player PRO.lnk
2013-09-16 12:07 - 2013-08-13 12:32 - 00000000 ____D C:\Program Files\Webteh
2013-09-16 10:58 - 2013-09-16 10:14 - 696542264 _____ C:\Users\Vasek\Desktop\Podzimní-Cesta-(Komedie)-(2005)-Peter-Falk-cz-dubbing-AVI---Pawlyn.avi
2013-09-15 15:15 - 2013-05-20 17:51 - 00000000 ____D C:\Users\Vasek
2013-09-11 14:14 - 2013-09-11 14:14 - 00000981 _____ C:\Users\Public\Desktop\MP3 Cut.lnk
2013-09-11 14:14 - 2013-09-11 14:14 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\MP3 Cut
2013-09-11 14:14 - 2013-09-11 14:14 - 00000000 ____D C:\Program Files\MP3 Cut
2013-09-11 13:58 - 2013-09-11 13:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2013-09-11 13:57 - 2013-09-11 13:57 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.3100.dll
2013-09-11 13:57 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-09-11 13:55 - 2013-09-11 13:55 - 00000000 ____D C:\Users\Vasek\Desktop\BLA
2013-09-11 11:47 - 2013-09-11 11:47 - 97080355 _____ C:\Windows\system32\洅驈w
2013-09-10 13:17 - 2013-09-10 13:17 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-10 13:16 - 2013-09-01 15:24 - 00000000 ____D C:\Program Files\VideoLAN
2013-09-10 13:13 - 2013-09-10 13:12 - 00000000 ____D C:\Users\Vasek\Desktop\VLC media player
2013-09-10 13:09 - 2013-08-13 12:33 - 00000000 ____D C:\Users\Vasek\AppData\Roaming\BSplayer
2013-09-10 12:46 - 2013-05-21 09:32 - 00108824 _____ C:\Users\Vasek\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-10 11:56 - 2013-06-05 11:35 - 00000000 ____D C:\Users\Vasek\Documents\The KMPlayer
2013-09-09 19:40 - 2009-07-14 06:33 - 00413336 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-09 09:07 - 2013-09-09 08:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-09 08:58 - 2013-09-09 08:58 - 00000000 ____D C:\Program Files\Microsoft Works
2013-09-09 08:58 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\MSBuild
2013-09-09 08:58 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-09-09 08:57 - 2013-09-09 08:45 - 00000000 ____D C:\Program Files\Microsoft Office
2013-09-09 08:56 - 2013-09-09 08:56 - 00000000 ____D C:\Program Files\Microsoft Visual Studio
2013-09-09 08:56 - 2013-09-09 08:56 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-09-09 08:55 - 2009-07-14 11:19 - 00000000 ____D C:\Windows\ShellNew
2013-09-09 08:53 - 2013-09-09 08:53 - 00000000 ____D C:\Windows\PCHEALTH
2013-09-09 08:53 - 2013-09-09 08:53 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-09-09 08:48 - 2013-09-09 08:48 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2013-09-09 08:45 - 2013-09-09 08:45 - 00000000 ____D C:\Users\Vasek\AppData\Local\Microsoft Help
2013-09-09 08:45 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\System
2013-09-09 08:45 - 2009-07-14 04:04 - 00000478 _____ C:\Windows\win.ini
2013-09-09 08:43 - 2013-09-09 08:43 - 00000000 __RHD C:\MSOCache
2013-09-08 14:34 - 2013-09-08 14:34 - 96559285 _____ C:\Windows\system32\ⷜ�A
2013-09-04 05:53 - 2013-09-04 05:53 - 95780347 _____ C:\Windows\system32\⑎

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3100.dll


Some content of TEMP:
====================
C:\Users\Vasek\AppData\Local\Temp\bitool.dll
C:\Users\Vasek\AppData\Local\Temp\LemurLeap_sm.exe
C:\Users\Vasek\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-02 17:28

==================== End Of Log ============================

[Rudy]

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
MountPoints2: {47d90835-c1dd-11e2-86a1-000fea7a0d2b} - E:\LGAutoRun.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com/?babsrc=HP ... 3&tsp=5007
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={search ... 3&tsp=5007
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU -Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
FF ProfilePath: C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lrmzt357.default
FF NewTab: hxxp://www2.delta-search.com/?babsrc=NT ... 3&tsp=5007
S4 Skype C2C Service
C:\Windows\system32\椬蔟w
C:\Windows\system32\醀㠻Š
C:\Windows\system32\ᜐ䷋h
C:\Users\Vasek\AppData\Roaming\Babylon
C:\Windows\system32\洅驈w
C:\Windows\system32\ⷜ�A
C:\Windows\system32\⑎
C:\Users\Vasek\Desktop\LM.bat
C:\Windows\system32\椬蔟w
C:\Windows\system32\醀㠻Š
C:\Windows\system32\ᜐ䷋h
C:\ProgramData\Babylon
C:\Windows\system32\洅驈w
C:\Windows\system32\ⷜ�A
C:\Windows\system32\⑎
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[thomassek]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-10-2013
Ran by Vasek at 2013-10-03 19:13:03 Run:1
Running from C:\Users\Vasek\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
MountPoints2: {47d90835-c1dd-11e2-86a1-000fea7a0d2b} - E:\LGAutoRun.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com/?babsrc=HP ... 3&tsp=5007
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={search ... 3&tsp=5007
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU -Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
FF ProfilePath: C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lrmzt357.default
FF NewTab: hxxp://www2.delta-search.com/?babsrc=NT ... 3&tsp=5007
S4 Skype C2C Service
C:\Windows\system32\???w
C:\Windows\system32\????
C:\Windows\system32\???h
C:\Users\Vasek\AppData\Roaming\Babylon
C:\Windows\system32\???w
C:\Windows\system32\???A
C:\Windows\system32\????
C:\Users\Vasek\Desktop\LM.bat
C:\Windows\system32\???w
C:\Windows\system32\????
C:\Windows\system32\???h
C:\ProgramData\Babylon
C:\Windows\system32\???w
C:\Windows\system32\???A
C:\Windows\system32\????
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{47d90835-c1dd-11e2-86a1-000fea7a0d2b} => Key deleted successfully.
HKCR\CLSID\{47d90835-c1dd-11e2-86a1-000fea7a0d2b} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41564952-412D-5637-00A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} => Key deleted successfully.
=> Should not be moved.
Firefox newtab deleted successfully.
C:\Windows\system32\???w => Moved successfully.

"C:\Windows\system32\????" directory move:

Could not move "C:\Windows\system32\????" directory. => Scheduled to move on reboot.

C:\Windows\system32\???h => Moved successfully.
C:\Users\Vasek\AppData\Roaming\Babylon => Moved successfully.
"C:\Windows\system32\???w" => File/Directory not found.
C:\Windows\system32\???A => Moved successfully.

"C:\Windows\system32\????" directory move:

Could not move "C:\Windows\system32\????" directory. => Scheduled to move on reboot.

"C:\Users\Vasek\Desktop\LM.bat" => File/Directory not found.
"C:\Windows\system32\???w" => File/Directory not found.

"C:\Windows\system32\????" directory move:

Could not move "C:\Windows\system32\????" directory. => Scheduled to move on reboot.

"C:\Windows\system32\???h" => File/Directory not found.
C:\ProgramData\Babylon => Moved successfully.
"C:\Windows\system32\???w" => File/Directory not found.
"C:\Windows\system32\???A" => File/Directory not found.

"C:\Windows\system32\????" directory move:

Could not move "C:\Windows\system32\????" directory. => Scheduled to move on reboot.


=========== Result of Scheduled Files to move ===========

"C:\Windows\system32\????" => Directory could not move.
"C:\Windows\system32\????" => Directory could not move.
"C:\Windows\system32\????" => Directory could not move.
"C:\Windows\system32\????" => Directory could not move.

==== End of Fixlog ====

[Rudy]

Nastala nějaká změna?

[thomassek]

o trošku lepší ale co koukám že je strašně vytíženej CPU (5% ..25%..100%) a takhle pořád nahoru a dolů..nevím nevyznám se v tom co by ho tak mohlo zatěžovat? a třeba když si chce pustit nějakej film ať ve VLC media, nebo BSplayer je obraz zasekanej a zpomalenej nevíte co s tím?

[Rudy]

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[thomassek]

Muzeme doresit zitra?musim do prace..zatim dekuju

[Rudy]

Muzeme doresit zitra?musim do prace..zatim dekuju

Jistě. Zítra večer tu budu.