So SpybootSD nemozem vymazat nasledovne:
facemood a Babylon Toolbary + Win32.Downloader.gen + Anchor.Hss
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-02-2014 02
Ran by HP (administrator) on HP-PC on 28-02-2014 13:34:32
Running from C:\Users\HP\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: 041B
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCService.exe
(IOBit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ascavsvc.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\Monitor.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Wisdom Software Inc. ) C:\Program Files (x86)\Wisdom-soft ScreenHunter Free\ScreenHunter.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2716216 2009-11-16] (ESET)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-02-25] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
HKU\.DEFAULT\...\Run: [Advanced SystemCare 6] - "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\MountPoints2: {15ec2e99-1619-11e3-b57b-e02a828d3b51} - E:\AutoRun.exe
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\MountPoints2: {1ba615f8-43b0-11e1-85ab-e02a824624d3} - F:\LaunchU3.exe -a
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD550E876CEBBCB01
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default
FF user.js: detected! => C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\user.js
FF SelectedSearchEngine: Google
FF NetworkProxy: "backup.ftp", "55.216.224.160"
FF NetworkProxy: "backup.ftp_port", 3228
FF NetworkProxy: "backup.socks", "55.216.224.160"
FF NetworkProxy: "backup.socks_port", 3228
FF NetworkProxy: "backup.ssl", "55.216.224.160"
FF NetworkProxy: "backup.ssl_port", 3228
FF NetworkProxy: "ftp", "85.216.224.160"
FF NetworkProxy: "http", "85.216.224.160"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "85.216.224.160"
FF NetworkProxy: "ssl", "85.216.224.160"
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\HP\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\HP\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Flash Video Downloader - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\artur.dubovoy@gmail.com [2014-01-24]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\ascsurfingprotection@iobit.com [2014-02-26]
FF Extension: Bloody Red - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{2458abc0-f443-11dd-87af-0800200c9a66} [2013-08-18]
FF Extension: DownloadHelper - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-27]
FF Extension: Flash and Video Download - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-02-15]
FF Extension: Blank Your Monitor + Easy Reading - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\bym@savetheworld.org.xpi [2013-02-05]
FF Extension: New Tab Homepage View - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\clearz@gmail.com.xpi [2013-02-04]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\elemhidehelper@adblockplus.org.xpi [2013-05-22]
FF Extension: No Small Text - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\nosmalltext@pjs.nl.xpi [2013-06-10]
FF Extension: RS+MU Downloader - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\rsDownloader@163.com.xpi [2013-02-03]
FF Extension: MouseZoom - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{28FAD68E-4001-48d5-B994-68069F7CFB1D}.xpi [2013-02-02]
FF Extension: Stylish - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-02-26]
FF Extension: Adblock Plus - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-26]
FF Extension: Black Google Theme - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{e9876d64-8bac-4287-bdc4-0f0c56804b4f}.xpi [2013-02-05]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-17]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-02-17]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-17]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ []
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-01-22]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5
FF Extension: No Name - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5 [2012-05-12]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5
FF Extension: No Name - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5 [2012-05-12]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "sync": {
"suppress_start": true,
"keep_everything_synced": false,
"preferences"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\HP\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\HP\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\HP\AppData\Local\Google\Chrome\Application\33.0.1750.117\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Extension: (Adblock Plus) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-06-15]
CHR Extension: (HÄľadaĹĄ v Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-15]
CHR Extension: (Store) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-02-26]
CHR Extension: (PeĹaĹľenka Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-15]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2014-02-26]
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCService.exe [886592 2013-11-15] (IObit)
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ascavsvc.exe [646976 2013-11-28] (IOBit)
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [23296 2009-11-16] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [735960 2009-11-16] (ESET)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151232 2013-12-02] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [267824 2007-02-26] (Nero AG)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1150368 2012-04-24] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [247704 2012-04-11] (Western Digital)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177496 2012-04-11] (Western Digital )
==================== Drivers (Whitelisted) ====================
S3 appliand; C:\Windows\System32\DRIVERS\appliand.sys [33888 2011-06-26] (Applian Technologies Inc.)
R3 appliandMP; C:\Windows\System32\DRIVERS\appliand.sys [33888 2011-06-26] (Applian Technologies Inc.)
R1 archlp; C:\Windows\System32\drivers\archlp.sys [139840 2011-11-18] ()
R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [145336 2009-11-16] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [136584 2009-11-16] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [123200 2009-12-18] (ESET)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-10-30] ()
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [867064 2012-06-18] (Duplex Secure Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-28 13:34 - 2014-02-28 13:35 - 00020058 _____ () C:\Users\HP\Desktop\FRST.txt
2014-02-28 13:31 - 2014-02-28 13:34 - 00000000 ____D () C:\FRST
2014-02-28 13:24 - 2014-02-28 13:24 - 02155520 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2014-02-28 13:24 - 2014-02-28 13:24 - 00112640 _____ (forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe
2014-02-28 13:12 - 2014-02-28 13:12 - 00115560 _____ () C:\Users\HP\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-27 13:34 - 2014-02-27 13:34 - 00000000 ____D () C:\Users\HP\Desktop\keď obec nesúhlasí s vydržaním pozemku
2014-02-27 07:27 - 2014-02-27 07:29 - 00000000 ____D () C:\DrvInstall
2014-02-27 07:21 - 2014-02-28 06:02 - 00000278 _____ () C:\Windows\Tasks\Driver Booster Update.job
2014-02-27 07:21 - 2014-02-27 07:21 - 00003208 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-02-27 07:21 - 2014-02-27 07:21 - 00002546 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2014-02-27 07:21 - 2014-02-27 07:21 - 00001184 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-02-27 07:19 - 2014-02-27 07:20 - 00001262 _____ () C:\Users\HP\Desktop\Disk Doctor report.log
2014-02-26 10:20 - 2014-02-26 11:42 - 00001070 _____ () C:\Users\HP\Desktop\Nový textový dokument.txt
2014-02-26 08:09 - 2014-02-26 08:09 - 00000080 _____ () C:\Users\HP\AppData\Roaming\mbam.context.scan
2014-02-26 07:46 - 2014-02-26 07:46 - 00003106 _____ () C:\Windows\System32\Tasks\ASC7_PerformanceMonitor
2014-02-26 07:43 - 2014-02-26 07:46 - 00000000 ____D () C:\ProgramData\ProductData
2014-02-26 07:43 - 2014-02-26 07:43 - 00001241 _____ () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-02-26 07:43 - 2014-02-26 07:43 - 00001217 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-02-26 07:42 - 2014-02-28 12:45 - 00002290 _____ () C:\Users\Public\Desktop\Advanced SystemCare Ultimate 7.lnk
2014-02-26 07:42 - 2014-02-26 07:42 - 00002862 _____ () C:\Windows\System32\Tasks\ASC7U_SkipUac_HP
2014-02-26 07:42 - 2014-02-26 07:42 - 00000000 ____D () C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
2014-02-26 07:42 - 2014-02-26 07:42 - 00000000 ____D () C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-02-26 07:38 - 2014-02-26 07:39 - 62687640 _____ (IObit ) C:\Users\HP\Downloads\asc-ultimate7-setup.exe
2014-02-25 01:18 - 2014-02-25 02:38 - 734142812 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-CZ-2010(1).avi
2014-02-25 01:01 - 2014-02-25 01:16 - 132649447 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-CZ-2010.avi
2014-02-17 11:52 - 2014-02-17 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 10:37 - 2014-02-14 10:43 - 109591772 _____ () C:\Users\HP\Downloads\libimseti-fotky-heslovane.zip
2014-02-14 09:57 - 2014-02-14 10:23 - 462046659 _____ () C:\Users\HP\Downloads\CD-Rene-Lacko.rar
2014-02-13 22:40 - 2014-02-13 22:40 - 00001044 _____ () C:\Users\HP\Desktop\how to jailbreak ps3.txt
2014-02-12 07:42 - 2014-02-12 07:42 - 00000376 _____ () C:\Users\HP\Desktop\Papkovcit.txt
2014-02-12 07:41 - 2014-02-12 07:41 - 00000376 _____ () C:\Users\HP\Desktop\Papkovci..txt
2014-02-12 07:36 - 2014-02-12 09:48 - 1124012834 _____ () C:\Users\HP\Downloads\Medzi-vlkmi-CZ-dabing-(2011)-TOP-KVALITA.avi
2014-02-12 07:35 - 2014-02-12 07:41 - 47122605 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part12.rar
2014-02-12 07:33 - 2014-02-12 08:48 - 734003200 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part10.rar
2014-02-12 07:30 - 2014-02-12 08:45 - 734003200 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part09.rar
2014-02-12 06:09 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 06:09 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 06:07 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 06:07 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 06:07 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 06:07 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 06:07 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 06:07 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 06:07 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 06:07 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 06:07 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 06:07 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 06:07 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 06:07 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 06:07 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 06:07 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 06:07 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 06:07 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 06:07 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 06:07 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 06:07 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 06:07 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 06:07 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 06:07 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 06:07 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 06:07 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 06:07 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 06:07 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 06:07 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 06:07 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 06:07 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 06:07 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 06:07 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 06:07 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 06:07 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 06:07 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 06:07 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 06:07 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 06:07 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 06:07 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 06:06 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 06:06 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 06:06 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 06:06 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 06:06 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 06:06 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 06:06 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 06:06 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 06:06 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 06:06 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 06:06 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 06:06 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 06:06 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 06:06 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 06:06 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 06:06 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 06:06 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 06:06 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 06:06 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 06:06 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 06:06 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 06:05 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 06:05 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 06:05 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 06:05 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 06:05 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 06:05 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 06:05 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 06:05 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 22:49 - 2014-02-12 01:39 - 1546721753 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-2010-CZ.avi
2014-02-11 11:06 - 2014-02-11 14:40 - 1627432710 _____ () C:\Users\HP\Downloads\Neznámý-(2011)-(CZ+CZ-tit.)-(Drama,-Thriller,-Mysteriózní,-Akční).avi
2014-02-10 12:23 - 2014-02-10 12:23 - 00011076 _____ () C:\Users\HP\Downloads\[CzT]Snehova_kralovna_The_Snow_Queen_Sneznaja_koroleva_2012_3D_O_U_1080pLQ_.torrent
2014-02-09 15:18 - 2014-02-09 15:18 - 00000181 _____ () C:\Users\HP\Downloads\Jack-a-obri-cz-avi-.txt
2014-02-04 19:01 - 2014-02-04 19:51 - 897785894 _____ () C:\Users\HP\Downloads\Krasna-Zem.avi
2014-02-01 14:01 - 2014-02-01 14:03 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok (3)
2014-02-01 14:01 - 2014-02-01 14:01 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok (2)
2014-01-31 18:43 - 2014-01-31 18:43 - 00000000 ____D () C:\Users\HP\Downloads\Pražský-Výběr---2007---Běr-(AAC)
2014-01-31 18:43 - 2014-01-31 18:43 - 00000000 ____D () C:\Users\HP\Downloads\Pra×skř-Vřbýr---2007---Býr-(AAC)
2014-01-31 18:14 - 2014-01-31 18:39 - 128566262 _____ () C:\Users\HP\Downloads\Pražský-Výběr---2007---Běr-(AAC).rar
2014-01-29 15:35 - 2014-01-29 15:42 - 00000000 ____D () C:\Users\HP\Desktop\Fotky galax
2014-01-29 15:25 - 2014-02-08 14:38 - 00000000 ____D () C:\Users\HP\Desktop\F - plocha
2014-01-29 15:24 - 2014-02-12 07:24 - 00000000 ____D () C:\Users\HP\Desktop\X - plocha
2014-01-29 15:22 - 2014-02-12 07:23 - 00000000 ____D () C:\Users\HP\Desktop\TEXTovky
2014-01-29 09:47 - 2014-01-29 10:38 - 157357459 _____ () C:\Users\HP\Downloads\CMIPOCT74.mp4
==================== One Month Modified Files and Folders =======
2014-02-28 13:35 - 2014-02-28 13:34 - 00020058 _____ () C:\Users\HP\Desktop\FRST.txt
2014-02-28 13:34 - 2014-02-28 13:31 - 00000000 ____D () C:\FRST
2014-02-28 13:32 - 2011-03-07 18:19 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Skype
2014-02-28 13:24 - 2014-02-28 13:24 - 02155520 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2014-02-28 13:24 - 2014-02-28 13:24 - 00112640 _____ (forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe
2014-02-28 13:20 - 2009-07-14 05:45 - 00020720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-28 13:20 - 2009-07-14 05:45 - 00020720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-28 13:12 - 2014-02-28 13:12 - 00115560 _____ () C:\Users\HP\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-28 13:08 - 2011-08-12 09:27 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-28 13:00 - 2011-01-22 16:19 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2EE74662-46DD-4D44-94C9-9F73ED66A5FA}
2014-02-28 12:53 - 2012-04-15 07:39 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000UA.job
2014-02-28 12:47 - 2012-11-16 08:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-28 12:45 - 2014-02-26 07:42 - 00002290 _____ () C:\Users\Public\Desktop\Advanced SystemCare Ultimate 7.lnk
2014-02-28 07:05 - 2012-07-17 11:40 - 01554314 ____N () C:\Windows\WindowsUpdate.log
2014-02-28 06:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-02-28 06:02 - 2014-02-27 07:21 - 00000278 _____ () C:\Windows\Tasks\Driver Booster Update.job
2014-02-28 06:01 - 2011-08-12 09:26 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-28 06:01 - 2009-07-14 06:08 - 00032514 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-28 06:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-27 13:34 - 2014-02-27 13:34 - 00000000 ____D () C:\Users\HP\Desktop\keď obec nesúhlasí s vydržaním pozemku
2014-02-27 12:50 - 2013-05-21 19:54 - 00000000 ____D () C:\ProgramData\IObit
2014-02-27 07:29 - 2014-02-27 07:27 - 00000000 ____D () C:\DrvInstall
2014-02-27 07:21 - 2014-02-27 07:21 - 00003208 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-02-27 07:21 - 2014-02-27 07:21 - 00002546 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2014-02-27 07:21 - 2014-02-27 07:21 - 00001184 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-02-27 07:21 - 2013-05-21 19:54 - 00000000 ____D () C:\Users\HP\AppData\Roaming\IObit
2014-02-27 07:21 - 2013-05-21 19:54 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-02-27 07:20 - 2014-02-27 07:19 - 00001262 _____ () C:\Users\HP\Desktop\Disk Doctor report.log
2014-02-26 18:53 - 2012-04-15 07:39 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000Core.job
2014-02-26 13:02 - 2013-03-31 05:53 - 00000000 ____D () C:\Users\HP\AppData\Roaming\vlc
2014-02-26 13:01 - 2011-03-24 13:31 - 00000000 ____D () C:\Users\HP\dwhelper
2014-02-26 11:42 - 2014-02-26 10:20 - 00001070 _____ () C:\Users\HP\Desktop\Nový textový dokument.txt
2014-02-26 10:44 - 2011-03-08 08:11 - 00000000 ____D () C:\Users\HP\Desktop\ssem1
2014-02-26 08:34 - 2013-03-25 14:17 - 00000000 ___RD () C:\Users\HP\Desktop\NASTROJE z PLOCHY
2014-02-26 08:34 - 2011-01-22 05:56 - 00000000 ____D () C:\Windows\Panther
2014-02-26 08:30 - 2011-01-22 15:03 - 00000000 ____D () C:\Users\HP
2014-02-26 08:09 - 2014-02-26 08:09 - 00000080 _____ () C:\Users\HP\AppData\Roaming\mbam.context.scan
2014-02-26 07:46 - 2014-02-26 07:46 - 00003106 _____ () C:\Windows\System32\Tasks\ASC7_PerformanceMonitor
2014-02-26 07:46 - 2014-02-26 07:43 - 00000000 ____D () C:\ProgramData\ProductData
2014-02-26 07:43 - 2014-02-26 07:43 - 00001241 _____ () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-02-26 07:43 - 2014-02-26 07:43 - 00001217 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-02-26 07:42 - 2014-02-26 07:42 - 00002862 _____ () C:\Windows\System32\Tasks\ASC7U_SkipUac_HP
2014-02-26 07:42 - 2014-02-26 07:42 - 00000000 ____D () C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
2014-02-26 07:42 - 2014-02-26 07:42 - 00000000 ____D () C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-02-26 07:39 - 2014-02-26 07:38 - 62687640 _____ (IObit ) C:\Users\HP\Downloads\asc-ultimate7-setup.exe
2014-02-25 02:38 - 2014-02-25 01:18 - 734142812 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-CZ-2010(1).avi
2014-02-25 01:16 - 2014-02-25 01:01 - 132649447 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-CZ-2010.avi
2014-02-24 22:45 - 2013-04-11 01:51 - 00000000 ____D () C:\Users\HP\Desktop\FreeRapidDownLoader ssem
2014-02-24 14:18 - 2013-03-25 20:49 - 00003168 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForHP
2014-02-24 14:18 - 2013-03-25 20:49 - 00000320 _____ () C:\Windows\Tasks\HPCeeScheduleForHP.job
2014-02-23 21:51 - 2011-05-30 05:25 - 00000000 ____D () C:\Windows\Minidump
2014-02-20 20:59 - 2012-04-15 07:40 - 00002362 _____ () C:\Users\HP\Desktop\Google Chrome.lnk
2014-02-20 07:02 - 2012-12-05 20:03 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-20 07:02 - 2012-11-10 23:53 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-19 17:58 - 2012-07-21 17:40 - 00000000 ____D () C:\Windows\pss
2014-02-19 17:47 - 2013-02-02 11:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-17 11:52 - 2014-02-17 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 10:43 - 2014-02-14 10:37 - 109591772 _____ () C:\Users\HP\Downloads\libimseti-fotky-heslovane.zip
2014-02-14 10:23 - 2014-02-14 09:57 - 462046659 _____ () C:\Users\HP\Downloads\CD-Rene-Lacko.rar
2014-02-13 22:40 - 2014-02-13 22:40 - 00001044 _____ () C:\Users\HP\Desktop\how to jailbreak ps3.txt
2014-02-13 18:48 - 2012-04-15 07:39 - 00003898 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000UA
2014-02-13 18:48 - 2012-04-15 07:39 - 00003502 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000Core
2014-02-12 09:48 - 2014-02-12 07:36 - 1124012834 _____ () C:\Users\HP\Downloads\Medzi-vlkmi-CZ-dabing-(2011)-TOP-KVALITA.avi
2014-02-12 08:48 - 2014-02-12 07:33 - 734003200 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part10.rar
2014-02-12 08:45 - 2014-02-12 07:30 - 734003200 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part09.rar
2014-02-12 07:42 - 2014-02-12 07:42 - 00000376 _____ () C:\Users\HP\Desktop\Papkovcit.txt
2014-02-12 07:41 - 2014-02-12 07:41 - 00000376 _____ () C:\Users\HP\Desktop\Papkovci..txt
2014-02-12 07:41 - 2014-02-12 07:35 - 47122605 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part12.rar
2014-02-12 07:24 - 2014-01-29 15:24 - 00000000 ____D () C:\Users\HP\Desktop\X - plocha
2014-02-12 07:23 - 2014-01-29 15:22 - 00000000 ____D () C:\Users\HP\Desktop\TEXTovky
2014-02-12 07:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-12 06:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-02-12 06:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-02-12 06:30 - 2013-07-15 00:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 06:25 - 2011-01-23 00:31 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-12 06:14 - 2013-11-27 14:28 - 00773014 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-12 06:13 - 2009-07-14 06:13 - 00773014 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-12 01:39 - 2014-02-11 22:49 - 1546721753 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-2010-CZ.avi
2014-02-11 15:11 - 2011-03-31 23:50 - 00000000 ____D () C:\Users\HP\AppData\Roaming\uTorrent
2014-02-11 14:40 - 2014-02-11 11:06 - 1627432710 _____ () C:\Users\HP\Downloads\Neznámý-(2011)-(CZ+CZ-tit.)-(Drama,-Thriller,-Mysteriózní,-Akční).avi
2014-02-11 14:03 - 2011-08-12 09:27 - 00003924 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-11 14:03 - 2011-08-12 09:26 - 00003672 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-10 18:32 - 2011-07-13 19:17 - 00000000 ____D () C:\Users\HP\Desktop\TORRO ssem
2014-02-10 18:32 - 2011-07-13 19:17 - 00000000 ____D () C:\Users\HP\Desktop\TORRO ciel
2014-02-10 12:23 - 2014-02-10 12:23 - 00011076 _____ () C:\Users\HP\Downloads\[CzT]Snehova_kralovna_The_Snow_Queen_Sneznaja_koroleva_2012_3D_O_U_1080pLQ_.torrent
2014-02-09 15:18 - 2014-02-09 15:18 - 00000181 _____ () C:\Users\HP\Downloads\Jack-a-obri-cz-avi-.txt
2014-02-08 14:38 - 2014-01-29 15:25 - 00000000 ____D () C:\Users\HP\Desktop\F - plocha
2014-02-07 03:06 - 2012-04-15 07:40 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-02-07 03:06 - 2011-05-31 11:01 - 00000000 ____D () C:\Users\HP\AppData\Roaming\IrfanView
2014-02-07 03:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-07 03:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-06 13:16 - 2014-02-12 06:07 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 06:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 06:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 06:07 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 06:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 06:07 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 06:07 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 06:07 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 06:07 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 06:07 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 06:07 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 06:07 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 06:07 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 06:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 06:07 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 06:06 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 06:07 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 06:07 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 06:07 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 06:07 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 06:07 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 06:07 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 06:07 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 06:07 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 06:07 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 06:07 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 06:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 06:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 06:07 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 06:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 06:07 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 06:07 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 06:07 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 06:07 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 06:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 06:07 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 06:07 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 19:51 - 2014-02-04 19:01 - 897785894 _____ () C:\Users\HP\Downloads\Krasna-Zem.avi
2014-02-01 14:03 - 2014-02-01 14:01 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok (3)
2014-02-01 14:01 - 2014-02-01 14:01 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok (2)
2014-02-01 09:37 - 2013-01-22 07:55 - 00000000 ____D () C:\Users\HP\Desktop\AL DI MEOLA BERLIN Live
2014-01-31 18:43 - 2014-01-31 18:43 - 00000000 ____D () C:\Users\HP\Downloads\Pražský-Výběr---2007---Běr-(AAC)
2014-01-31 18:43 - 2014-01-31 18:43 - 00000000 ____D () C:\Users\HP\Downloads\Pra×skř-Vřbýr---2007---Býr-(AAC)
2014-01-31 18:39 - 2014-01-31 18:14 - 128566262 _____ () C:\Users\HP\Downloads\Pražský-Výběr---2007---Běr-(AAC).rar
2014-01-29 15:42 - 2014-01-29 15:35 - 00000000 ____D () C:\Users\HP\Desktop\Fotky galax
2014-01-29 15:34 - 2013-10-14 03:44 - 00000000 ____D () C:\Users\HP\Desktop\fotosss
2014-01-29 15:27 - 2012-08-03 09:20 - 00000000 ____D () C:\Users\HP\Desktop\MY - JOB
2014-01-29 10:38 - 2014-01-29 09:47 - 157357459 _____ () C:\Users\HP\Downloads\CMIPOCT74.mp4
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000Core.job => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000UA.job => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForHP.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET NOD32 Antivirus 4.0 (Enabled - Up to date) {CB0F8167-5331-BA19-698E-64816B6801A5}
AV: Advanced SystemCare Ultimate (Disabled - Up to date) {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}
AS: ESET NOD32 Antivirus 4.0 (Enabled - Up to date) {706E6083-750B-B597-533E-5FF310EF4B18}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\HP\Desktop" je 492352 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6
"C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe" /Auto [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare Ultimate
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service
"C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool
"C:\Program Files\CCleaner\CCleaner64.exe" /AUTO [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner
"C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch
C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPWirelessAssistant
"c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan
"c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallShieldSetup
"C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliType Pro
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM
C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files (x86)\Remote Control Server\Remote Control Server.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCPluginUpdater
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Remote Control Server
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
C:\Program Files\IDT\WDM\sttray64.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware
C:\Program Files (x86)\Banamalon\Windows Remote Service\WindowsRemoteService_WMP-less.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
ECHO is off.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp
ECHO is off.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UtiluMFCAllUsers
ECHO is off.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Quick View
ECHO is off.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Remote Service No-WMP
ECHO is off.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Simple Computer Remote.lnk
C:\PROGRA~1\SIMPLE~1\REMOTE~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk
C:\PROGRA~2\ArcSoft\TOTALM~1.5\TMMONI~1.EXE
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosim o kontrolu logu.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119534
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu.
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Dále spusťte:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\MountPoints2: {15ec2e99-1619-11e3-b57b-e02a828d3b51} - E:\AutoRun.exe
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\MountPoints2: {1ba615f8-43b0-11e1-85ab-e02a824624d3} - F:\LaunchU3.exe -a
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default
FF user.js: detected! => C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\user.js
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5
CHR Extension: (HÄľadaĹĄ v Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-15]
CHR Extension: (PeĹaĹľenka Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000UA
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000Core
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000Core.job => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000UA.job => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe
End
Dále spusťte:
Doporučuji odinstalovat AdvancedSystemCare. Důvod: http://forum.viry.cz/viewtopic.php?f=14 ... ilit=iobit .Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-02-2014 02
Ran by HP at 2014-02-28 19:52:22 Run:1
Running from C:\Users\HP\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\MountPoints2: {15ec2e99-1619-11e3-b57b-e02a828d3b51} - E:\AutoRun.exe
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\MountPoints2: {1ba615f8-43b0-11e1-85ab-e02a824624d3} - F:\LaunchU3.exe -a
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default
FF user.js: detected! => C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\user.js
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5
CHR Extension: (Hľadať v Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-15]
CHR Extension: (Peňaženka Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000UA
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000Core
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000Core.job => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000UA.job => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe
End
*****************
HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15ec2e99-1619-11e3-b57b-e02a828d3b51} => Key not found.
HKCR\CLSID\{15ec2e99-1619-11e3-b57b-e02a828d3b51} => Key not found.
HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ba615f8-43b0-11e1-85ab-e02a824624d3} => Key not found.
HKCR\CLSID\{1ba615f8-43b0-11e1-85ab-e02a824624d3} => Key not found.
=> Should not be moved.
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\user.js => Moved successfully.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
HKCU\Software\Mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com => Value deleted successfully.
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf => Moved successfully.
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000UA => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000Core => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000UA.job => Moved successfully.
==== End of Fixlog ====
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Professional x64
Ran by HP on pi 28. 02. 2014 at 20:04:50,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoodssrv_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoodssrv_rasmancs
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\HP\AppData\Roaming\thinstall"
Successfully deleted: [Folder] "C:\Users\HP\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\HP\appdata\locallow\facemoods.com"
Successfully deleted: [Folder] "C:\Users\HP\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
~~~ FireFox
Emptied folder: C:\Users\HP\AppData\Roaming\mozilla\firefox\profiles\ja5tjw2o.default\minidumps [140 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pi 28. 02. 2014 at 20:23:48,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Ran by HP at 2014-02-28 19:52:22 Run:1
Running from C:\Users\HP\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\MountPoints2: {15ec2e99-1619-11e3-b57b-e02a828d3b51} - E:\AutoRun.exe
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\MountPoints2: {1ba615f8-43b0-11e1-85ab-e02a824624d3} - F:\LaunchU3.exe -a
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default
FF user.js: detected! => C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\user.js
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5
CHR Extension: (Hľadať v Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-15]
CHR Extension: (Peňaženka Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000UA
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000Core
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000Core.job => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000UA.job => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe
End
*****************
HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15ec2e99-1619-11e3-b57b-e02a828d3b51} => Key not found.
HKCR\CLSID\{15ec2e99-1619-11e3-b57b-e02a828d3b51} => Key not found.
HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ba615f8-43b0-11e1-85ab-e02a824624d3} => Key not found.
HKCR\CLSID\{1ba615f8-43b0-11e1-85ab-e02a824624d3} => Key not found.
=> Should not be moved.
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\user.js => Moved successfully.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
HKCU\Software\Mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com => Value deleted successfully.
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf => Moved successfully.
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000UA => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000Core => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2722875843-2908511237-1814306272-1000UA.job => Moved successfully.
==== End of Fixlog ====
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Professional x64
Ran by HP on pi 28. 02. 2014 at 20:04:50,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoodssrv_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoodssrv_rasmancs
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\HP\AppData\Roaming\thinstall"
Successfully deleted: [Folder] "C:\Users\HP\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\HP\appdata\locallow\facemoods.com"
Successfully deleted: [Folder] "C:\Users\HP\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
~~~ FireFox
Emptied folder: C:\Users\HP\AppData\Roaming\mozilla\firefox\profiles\ja5tjw2o.default\minidumps [140 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pi 28. 02. 2014 at 20:23:48,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 119534
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu.
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu.
Teraz to vyzera zo SpybootSD stale takto:
++++++++++++++++++++++++++
--- Search result list ---
Toolbar.Facemood: [SBI $8F44A361] ID aplikácie (Kľúč v registri, nothing done)
HKEY_CLASSES_ROOT\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}
Toolbar.Facemood: [SBI $8F44A361] ID aplikácie (Kľúč v registri, nothing done)
HKEY_CLASSES_ROOT\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}
Toolbar.Facemood: [SBI $05FB3923] Vyhľadávacia stránka IE (Zmena v registri, nothing done)
HKEY_LOCAL_MACHINESoftware\Microsoft\Internet Explorer\Search\SearchAssistant=about:blank
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
++++++++++++++++++++++++++++++++++++++++++++++
Zopakoval som test FRST:
+++++++++++++++++
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-02-2014 02
Ran by HP (administrator) on HP-PC on 01-03-2014 22:14:42
Running from C:\Users\HP\Desktop\VIRY.CZ
Windows 7 Professional Service Pack 1 (X64) OS Language: 041B
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Wisdom Software Inc. ) C:\Program Files (x86)\Wisdom-soft ScreenHunter Free\ScreenHunter.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2716216 2009-11-16] (ESET)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-02-25] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
HKU\.DEFAULT\...\Run: [Advanced SystemCare 6] - "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\MountPoints2: {15ec2e99-1619-11e3-b57b-e02a828d3b51} - E:\AutoRun.exe
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\MountPoints2: {1ba615f8-43b0-11e1-85ab-e02a824624d3} - F:\LaunchU3.exe -a
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD550E876CEBBCB01
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default
FF SelectedSearchEngine: Google
FF NetworkProxy: "backup.ftp", "55.216.224.160"
FF NetworkProxy: "backup.ftp_port", 3228
FF NetworkProxy: "backup.socks", "55.216.224.160"
FF NetworkProxy: "backup.socks_port", 3228
FF NetworkProxy: "backup.ssl", "55.216.224.160"
FF NetworkProxy: "backup.ssl_port", 3228
FF NetworkProxy: "ftp", "85.216.224.160"
FF NetworkProxy: "http", "85.216.224.160"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "85.216.224.160"
FF NetworkProxy: "ssl", "85.216.224.160"
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\HP\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\HP\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Flash Video Downloader - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\artur.dubovoy@gmail.com [2014-01-24]
FF Extension: Bloody Red - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{2458abc0-f443-11dd-87af-0800200c9a66} [2013-08-18]
FF Extension: DownloadHelper - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-27]
FF Extension: Flash and Video Download - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-02-15]
FF Extension: Blank Your Monitor + Easy Reading - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\bym@savetheworld.org.xpi [2013-02-05]
FF Extension: New Tab Homepage View - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\clearz@gmail.com.xpi [2013-02-04]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\elemhidehelper@adblockplus.org.xpi [2013-05-22]
FF Extension: No Small Text - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\nosmalltext@pjs.nl.xpi [2013-06-10]
FF Extension: RS+MU Downloader - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\rsDownloader@163.com.xpi [2013-02-03]
FF Extension: MouseZoom - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{28FAD68E-4001-48d5-B994-68069F7CFB1D}.xpi [2013-02-02]
FF Extension: Stylish - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-02-26]
FF Extension: Adblock Plus - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-26]
FF Extension: Black Google Theme - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{e9876d64-8bac-4287-bdc4-0f0c56804b4f}.xpi [2013-02-05]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-17]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-02-17]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-17]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ []
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-01-22]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5
FF Extension: No Name - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5 [2012-05-12]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "sync": {
"suppress_start": true,
"keep_everything_synced": false,
"preferences"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\HP\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\HP\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\HP\AppData\Local\Google\Chrome\Application\33.0.1750.117\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Extension: (Adblock Plus) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-06-15]
CHR Extension: (Store) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-02-26]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-15]
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [23296 2009-11-16] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [735960 2009-11-16] (ESET)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151232 2013-12-02] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [267824 2007-02-26] (Nero AG)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1150368 2012-04-24] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [247704 2012-04-11] (Western Digital)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177496 2012-04-11] (Western Digital )
==================== Drivers (Whitelisted) ====================
S3 appliand; C:\Windows\System32\DRIVERS\appliand.sys [33888 2011-06-26] (Applian Technologies Inc.)
R3 appliandMP; C:\Windows\System32\DRIVERS\appliand.sys [33888 2011-06-26] (Applian Technologies Inc.)
R1 archlp; C:\Windows\System32\drivers\archlp.sys [139840 2011-11-18] ()
R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [145336 2009-11-16] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [136584 2009-11-16] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [123200 2009-12-18] (ESET)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-10-30] ()
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [867064 2012-06-18] (Duplex Secure Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-01 22:12 - 2014-03-01 22:12 - 00112640 _____ (forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe
2014-03-01 22:11 - 2014-03-01 22:11 - 02155520 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2014-03-01 22:01 - 2014-03-01 22:14 - 00000000 ____D () C:\Users\HP\Desktop\VIRY.CZ
2014-03-01 21:30 - 2014-03-01 21:30 - 00220901 _____ () C:\Users\HP\Desktop\SpybotSD.Results.txt
2014-03-01 17:32 - 2014-03-01 17:32 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok (4)
2014-03-01 17:31 - 2014-03-01 17:32 - 10751553 _____ () C:\Users\HP\Downloads\KB971033-Remove-and-Win7-Activate.zip
2014-03-01 02:32 - 2014-03-01 02:33 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok
2014-02-28 20:58 - 2014-02-28 20:58 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-02-28 20:04 - 2014-02-28 20:04 - 00000000 ____D () C:\Windows\ERUNT
2014-02-28 13:31 - 2014-03-01 22:14 - 00000000 ____D () C:\FRST
2014-02-27 13:34 - 2014-02-27 13:34 - 00000000 ____D () C:\Users\HP\Desktop\keď obec nesúhlasí s vydržaním pozemku
2014-02-27 07:27 - 2014-02-27 07:29 - 00000000 ____D () C:\DrvInstall
2014-02-26 08:09 - 2014-02-26 08:09 - 00000080 _____ () C:\Users\HP\AppData\Roaming\mbam.context.scan
2014-02-26 07:43 - 2014-02-28 20:57 - 00000000 ____D () C:\ProgramData\ProductData
2014-02-26 07:42 - 2014-02-26 07:42 - 00000000 ____D () C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
2014-02-26 07:42 - 2014-02-26 07:42 - 00000000 ____D () C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-02-26 07:38 - 2014-02-26 07:39 - 62687640 _____ (IObit ) C:\Users\HP\Downloads\asc-ultimate7-setup.exe
2014-02-25 01:18 - 2014-02-25 02:38 - 734142812 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-CZ-2010(1).avi
2014-02-25 01:01 - 2014-02-25 01:16 - 132649447 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-CZ-2010.avi
2014-02-17 11:52 - 2014-02-17 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 10:37 - 2014-02-14 10:43 - 109591772 _____ () C:\Users\HP\Downloads\libimseti-fotky-heslovane.zip
2014-02-14 09:57 - 2014-02-14 10:23 - 462046659 _____ () C:\Users\HP\Downloads\CD-Rene-Lacko.rar
2014-02-12 07:35 - 2014-02-12 07:41 - 47122605 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part12.rar
2014-02-12 07:33 - 2014-02-12 08:48 - 734003200 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part10.rar
2014-02-12 07:30 - 2014-02-12 08:45 - 734003200 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part09.rar
2014-02-12 06:09 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 06:09 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 06:07 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 06:07 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 06:07 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 06:07 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 06:07 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 06:07 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 06:07 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 06:07 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 06:07 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 06:07 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 06:07 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 06:07 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 06:07 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 06:07 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 06:07 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 06:07 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 06:07 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 06:07 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 06:07 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 06:07 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 06:07 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 06:07 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 06:07 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 06:07 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 06:07 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 06:07 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 06:07 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 06:07 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 06:07 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 06:07 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 06:07 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 06:07 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 06:07 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 06:07 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 06:07 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 06:07 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 06:07 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 06:07 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 06:06 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 06:06 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 06:06 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 06:06 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 06:06 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 06:06 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 06:06 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 06:06 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 06:06 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 06:06 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 06:06 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 06:06 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 06:06 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 06:06 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 06:06 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 06:06 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 06:06 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 06:06 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 06:06 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 06:06 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 06:06 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 06:05 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 06:05 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 06:05 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 06:05 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 06:05 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 06:05 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 06:05 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 06:05 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 22:49 - 2014-02-12 01:39 - 1546721753 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-2010-CZ.avi
2014-02-11 11:06 - 2014-02-11 14:40 - 1627432710 _____ () C:\Users\HP\Downloads\Neznámý-(2011)-(CZ+CZ-tit.)-(Drama,-Thriller,-Mysteriózní,-Akční).avi
2014-02-10 12:23 - 2014-02-10 12:23 - 00011076 _____ () C:\Users\HP\Downloads\[CzT]Snehova_kralovna_The_Snow_Queen_Sneznaja_koroleva_2012_3D_O_U_1080pLQ_.torrent
2014-02-09 15:18 - 2014-02-09 15:18 - 00000181 _____ () C:\Users\HP\Downloads\Jack-a-obri-cz-avi-.txt
2014-02-04 19:01 - 2014-02-04 19:51 - 897785894 _____ () C:\Users\HP\Downloads\Krasna-Zem.avi
2014-02-01 14:01 - 2014-02-01 14:03 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok (3)
2014-02-01 14:01 - 2014-02-01 14:01 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok (2)
2014-01-31 18:43 - 2014-01-31 18:43 - 00000000 ____D () C:\Users\HP\Downloads\Pražský-Výběr---2007---Běr-(AAC)
2014-01-31 18:43 - 2014-01-31 18:43 - 00000000 ____D () C:\Users\HP\Downloads\Pra×skř-Vřbýr---2007---Býr-(AAC)
2014-01-31 18:14 - 2014-01-31 18:39 - 128566262 _____ () C:\Users\HP\Downloads\Pražský-Výběr---2007---Běr-(AAC).rar
==================== One Month Modified Files and Folders =======
2014-03-01 22:16 - 2011-03-07 18:19 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Skype
2014-03-01 22:14 - 2014-03-01 22:01 - 00000000 ____D () C:\Users\HP\Desktop\VIRY.CZ
2014-03-01 22:14 - 2014-02-28 13:31 - 00000000 ____D () C:\FRST
2014-03-01 22:12 - 2014-03-01 22:12 - 00112640 _____ (forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe
2014-03-01 22:11 - 2014-03-01 22:11 - 02155520 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2014-03-01 22:06 - 2011-01-22 16:19 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2EE74662-46DD-4D44-94C9-9F73ED66A5FA}
2014-03-01 22:02 - 2014-01-29 15:22 - 00000000 ____D () C:\Users\HP\Desktop\TEXTovky
2014-03-01 22:00 - 2014-01-29 15:25 - 00000000 ____D () C:\Users\HP\Desktop\F - plocha
2014-03-01 21:52 - 2012-11-16 08:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-01 21:47 - 2009-07-14 05:45 - 00020720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-01 21:47 - 2009-07-14 05:45 - 00020720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-01 21:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-01 21:37 - 2012-07-17 11:40 - 01602958 ____N () C:\Windows\WindowsUpdate.log
2014-03-01 21:36 - 2011-03-08 08:11 - 00000000 ____D () C:\Users\HP\Desktop\ssem1
2014-03-01 21:30 - 2014-03-01 21:30 - 00220901 _____ () C:\Users\HP\Desktop\SpybotSD.Results.txt
2014-03-01 18:48 - 2013-03-31 05:53 - 00000000 ____D () C:\Users\HP\AppData\Roaming\vlc
2014-03-01 18:47 - 2013-09-28 17:17 - 00000000 ____D () C:\Users\HP\Downloads\PREVZATE SUBORY DO 28.8.2013
2014-03-01 17:32 - 2014-03-01 17:32 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok (4)
2014-03-01 17:32 - 2014-03-01 17:31 - 10751553 _____ () C:\Users\HP\Downloads\KB971033-Remove-and-Win7-Activate.zip
2014-03-01 02:33 - 2014-03-01 02:32 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok
2014-02-28 21:08 - 2013-05-21 19:54 - 00000000 ____D () C:\Users\HP\AppData\Roaming\IObit
2014-02-28 21:05 - 2012-05-12 11:53 - 00000000 ____D () C:\Users\HP\Documents\ccleaner zaloha registrov
2014-02-28 21:00 - 2013-05-21 19:54 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-02-28 20:58 - 2014-02-28 20:58 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-02-28 20:57 - 2014-02-26 07:43 - 00000000 ____D () C:\ProgramData\ProductData
2014-02-28 20:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-02-28 20:04 - 2014-02-28 20:04 - 00000000 ____D () C:\Windows\ERUNT
2014-02-28 14:18 - 2013-03-25 20:49 - 00003168 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForHP
2014-02-28 14:18 - 2013-03-25 20:49 - 00000320 _____ () C:\Windows\Tasks\HPCeeScheduleForHP.job
2014-02-28 06:01 - 2009-07-14 06:08 - 00032514 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-27 13:34 - 2014-02-27 13:34 - 00000000 ____D () C:\Users\HP\Desktop\keď obec nesúhlasí s vydržaním pozemku
2014-02-27 12:50 - 2013-05-21 19:54 - 00000000 ____D () C:\ProgramData\IObit
2014-02-27 07:29 - 2014-02-27 07:27 - 00000000 ____D () C:\DrvInstall
2014-02-26 13:01 - 2011-03-24 13:31 - 00000000 ____D () C:\Users\HP\dwhelper
2014-02-26 08:34 - 2013-03-25 14:17 - 00000000 ___RD () C:\Users\HP\Desktop\NASTROJE z PLOCHY
2014-02-26 08:34 - 2011-01-22 05:56 - 00000000 ____D () C:\Windows\Panther
2014-02-26 08:30 - 2011-01-22 15:03 - 00000000 ____D () C:\Users\HP
2014-02-26 08:09 - 2014-02-26 08:09 - 00000080 _____ () C:\Users\HP\AppData\Roaming\mbam.context.scan
2014-02-26 07:42 - 2014-02-26 07:42 - 00000000 ____D () C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
2014-02-26 07:42 - 2014-02-26 07:42 - 00000000 ____D () C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-02-26 07:39 - 2014-02-26 07:38 - 62687640 _____ (IObit ) C:\Users\HP\Downloads\asc-ultimate7-setup.exe
2014-02-25 02:38 - 2014-02-25 01:18 - 734142812 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-CZ-2010(1).avi
2014-02-25 01:16 - 2014-02-25 01:01 - 132649447 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-CZ-2010.avi
2014-02-24 22:45 - 2013-04-11 01:51 - 00000000 ____D () C:\Users\HP\Desktop\FreeRapidDownLoader ssem
2014-02-23 21:51 - 2011-05-30 05:25 - 00000000 ____D () C:\Windows\Minidump
2014-02-20 20:59 - 2012-04-15 07:40 - 00002362 _____ () C:\Users\HP\Desktop\Google Chrome.lnk
2014-02-20 07:02 - 2012-12-05 20:03 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-20 07:02 - 2012-11-10 23:53 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-19 17:58 - 2012-07-21 17:40 - 00000000 ____D () C:\Windows\pss
2014-02-19 17:47 - 2013-02-02 11:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-17 11:52 - 2014-02-17 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 10:43 - 2014-02-14 10:37 - 109591772 _____ () C:\Users\HP\Downloads\libimseti-fotky-heslovane.zip
2014-02-14 10:23 - 2014-02-14 09:57 - 462046659 _____ () C:\Users\HP\Downloads\CD-Rene-Lacko.rar
2014-02-12 08:48 - 2014-02-12 07:33 - 734003200 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part10.rar
2014-02-12 08:45 - 2014-02-12 07:30 - 734003200 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part09.rar
2014-02-12 07:41 - 2014-02-12 07:35 - 47122605 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part12.rar
2014-02-12 07:24 - 2014-01-29 15:24 - 00000000 ____D () C:\Users\HP\Desktop\X - plocha
2014-02-12 07:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-12 06:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-02-12 06:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-02-12 06:30 - 2013-07-15 00:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 06:25 - 2011-01-23 00:31 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-12 06:14 - 2013-11-27 14:28 - 00773014 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-12 06:13 - 2009-07-14 06:13 - 00773014 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-12 01:39 - 2014-02-11 22:49 - 1546721753 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-2010-CZ.avi
2014-02-11 15:11 - 2011-03-31 23:50 - 00000000 ____D () C:\Users\HP\AppData\Roaming\uTorrent
2014-02-11 14:40 - 2014-02-11 11:06 - 1627432710 _____ () C:\Users\HP\Downloads\Neznámý-(2011)-(CZ+CZ-tit.)-(Drama,-Thriller,-Mysteriózní,-Akční).avi
2014-02-10 18:32 - 2011-07-13 19:17 - 00000000 ____D () C:\Users\HP\Desktop\TORRO ssem
2014-02-10 18:32 - 2011-07-13 19:17 - 00000000 ____D () C:\Users\HP\Desktop\TORRO ciel
2014-02-10 12:23 - 2014-02-10 12:23 - 00011076 _____ () C:\Users\HP\Downloads\[CzT]Snehova_kralovna_The_Snow_Queen_Sneznaja_koroleva_2012_3D_O_U_1080pLQ_.torrent
2014-02-09 15:18 - 2014-02-09 15:18 - 00000181 _____ () C:\Users\HP\Downloads\Jack-a-obri-cz-avi-.txt
2014-02-07 03:06 - 2012-04-15 07:40 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-02-07 03:06 - 2011-05-31 11:01 - 00000000 ____D () C:\Users\HP\AppData\Roaming\IrfanView
2014-02-07 03:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-07 03:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-06 13:16 - 2014-02-12 06:07 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 06:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 06:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 06:07 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 06:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 06:07 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 06:07 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 06:07 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 06:07 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 06:07 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 06:07 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 06:07 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 06:07 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 06:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 06:07 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 06:06 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 06:07 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 06:07 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 06:07 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 06:07 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 06:07 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 06:07 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 06:07 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 06:07 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 06:07 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 06:07 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 06:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 06:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 06:07 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 06:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 06:07 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 06:07 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 06:07 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 06:07 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 06:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 06:07 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 06:07 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 19:51 - 2014-02-04 19:01 - 897785894 _____ () C:\Users\HP\Downloads\Krasna-Zem.avi
2014-02-01 14:03 - 2014-02-01 14:01 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok (3)
2014-02-01 14:01 - 2014-02-01 14:01 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok (2)
2014-02-01 09:37 - 2013-01-22 07:55 - 00000000 ____D () C:\Users\HP\Desktop\AL DI MEOLA BERLIN Live
2014-01-31 18:43 - 2014-01-31 18:43 - 00000000 ____D () C:\Users\HP\Downloads\Pražský-Výběr---2007---Běr-(AAC)
2014-01-31 18:43 - 2014-01-31 18:43 - 00000000 ____D () C:\Users\HP\Downloads\Pra×skř-Vřbýr---2007---Býr-(AAC)
2014-01-31 18:39 - 2014-01-31 18:14 - 128566262 _____ () C:\Users\HP\Downloads\Pražský-Výběr---2007---Běr-(AAC).rar
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-28 16:15
==================== End Of Log ============================
++++++++++++++++++++++++++
--- Search result list ---
Toolbar.Facemood: [SBI $8F44A361] ID aplikácie (Kľúč v registri, nothing done)
HKEY_CLASSES_ROOT\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}
Toolbar.Facemood: [SBI $8F44A361] ID aplikácie (Kľúč v registri, nothing done)
HKEY_CLASSES_ROOT\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}
Toolbar.Facemood: [SBI $05FB3923] Vyhľadávacia stránka IE (Zmena v registri, nothing done)
HKEY_LOCAL_MACHINESoftware\Microsoft\Internet Explorer\Search\SearchAssistant=about:blank
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
++++++++++++++++++++++++++++++++++++++++++++++
Zopakoval som test FRST:
+++++++++++++++++
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-02-2014 02
Ran by HP (administrator) on HP-PC on 01-03-2014 22:14:42
Running from C:\Users\HP\Desktop\VIRY.CZ
Windows 7 Professional Service Pack 1 (X64) OS Language: 041B
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Wisdom Software Inc. ) C:\Program Files (x86)\Wisdom-soft ScreenHunter Free\ScreenHunter.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2716216 2009-11-16] (ESET)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-02-25] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
HKU\.DEFAULT\...\Run: [Advanced SystemCare 6] - "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\MountPoints2: {15ec2e99-1619-11e3-b57b-e02a828d3b51} - E:\AutoRun.exe
HKU\S-1-5-21-2722875843-2908511237-1814306272-1000\...\MountPoints2: {1ba615f8-43b0-11e1-85ab-e02a824624d3} - F:\LaunchU3.exe -a
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD550E876CEBBCB01
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default
FF SelectedSearchEngine: Google
FF NetworkProxy: "backup.ftp", "55.216.224.160"
FF NetworkProxy: "backup.ftp_port", 3228
FF NetworkProxy: "backup.socks", "55.216.224.160"
FF NetworkProxy: "backup.socks_port", 3228
FF NetworkProxy: "backup.ssl", "55.216.224.160"
FF NetworkProxy: "backup.ssl_port", 3228
FF NetworkProxy: "ftp", "85.216.224.160"
FF NetworkProxy: "http", "85.216.224.160"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "85.216.224.160"
FF NetworkProxy: "ssl", "85.216.224.160"
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\HP\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\HP\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Flash Video Downloader - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\artur.dubovoy@gmail.com [2014-01-24]
FF Extension: Bloody Red - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{2458abc0-f443-11dd-87af-0800200c9a66} [2013-08-18]
FF Extension: DownloadHelper - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-27]
FF Extension: Flash and Video Download - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-02-15]
FF Extension: Blank Your Monitor + Easy Reading - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\bym@savetheworld.org.xpi [2013-02-05]
FF Extension: New Tab Homepage View - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\clearz@gmail.com.xpi [2013-02-04]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\elemhidehelper@adblockplus.org.xpi [2013-05-22]
FF Extension: No Small Text - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\nosmalltext@pjs.nl.xpi [2013-06-10]
FF Extension: RS+MU Downloader - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\rsDownloader@163.com.xpi [2013-02-03]
FF Extension: MouseZoom - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{28FAD68E-4001-48d5-B994-68069F7CFB1D}.xpi [2013-02-02]
FF Extension: Stylish - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-02-26]
FF Extension: Adblock Plus - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-26]
FF Extension: Black Google Theme - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ja5tjw2o.default\Extensions\{e9876d64-8bac-4287-bdc4-0f0c56804b4f}.xpi [2013-02-05]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-17]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-02-17]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-17]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ []
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-01-22]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5
FF Extension: No Name - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5 [2012-05-12]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "sync": {
"suppress_start": true,
"keep_everything_synced": false,
"preferences"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\HP\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\HP\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\HP\AppData\Local\Google\Chrome\Application\33.0.1750.117\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Extension: (Adblock Plus) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-06-15]
CHR Extension: (Store) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-02-26]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-15]
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [23296 2009-11-16] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [735960 2009-11-16] (ESET)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151232 2013-12-02] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [267824 2007-02-26] (Nero AG)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1150368 2012-04-24] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [247704 2012-04-11] (Western Digital)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177496 2012-04-11] (Western Digital )
==================== Drivers (Whitelisted) ====================
S3 appliand; C:\Windows\System32\DRIVERS\appliand.sys [33888 2011-06-26] (Applian Technologies Inc.)
R3 appliandMP; C:\Windows\System32\DRIVERS\appliand.sys [33888 2011-06-26] (Applian Technologies Inc.)
R1 archlp; C:\Windows\System32\drivers\archlp.sys [139840 2011-11-18] ()
R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [145336 2009-11-16] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [136584 2009-11-16] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [123200 2009-12-18] (ESET)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-10-30] ()
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [867064 2012-06-18] (Duplex Secure Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-01 22:12 - 2014-03-01 22:12 - 00112640 _____ (forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe
2014-03-01 22:11 - 2014-03-01 22:11 - 02155520 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2014-03-01 22:01 - 2014-03-01 22:14 - 00000000 ____D () C:\Users\HP\Desktop\VIRY.CZ
2014-03-01 21:30 - 2014-03-01 21:30 - 00220901 _____ () C:\Users\HP\Desktop\SpybotSD.Results.txt
2014-03-01 17:32 - 2014-03-01 17:32 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok (4)
2014-03-01 17:31 - 2014-03-01 17:32 - 10751553 _____ () C:\Users\HP\Downloads\KB971033-Remove-and-Win7-Activate.zip
2014-03-01 02:32 - 2014-03-01 02:33 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok
2014-02-28 20:58 - 2014-02-28 20:58 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-02-28 20:04 - 2014-02-28 20:04 - 00000000 ____D () C:\Windows\ERUNT
2014-02-28 13:31 - 2014-03-01 22:14 - 00000000 ____D () C:\FRST
2014-02-27 13:34 - 2014-02-27 13:34 - 00000000 ____D () C:\Users\HP\Desktop\keď obec nesúhlasí s vydržaním pozemku
2014-02-27 07:27 - 2014-02-27 07:29 - 00000000 ____D () C:\DrvInstall
2014-02-26 08:09 - 2014-02-26 08:09 - 00000080 _____ () C:\Users\HP\AppData\Roaming\mbam.context.scan
2014-02-26 07:43 - 2014-02-28 20:57 - 00000000 ____D () C:\ProgramData\ProductData
2014-02-26 07:42 - 2014-02-26 07:42 - 00000000 ____D () C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
2014-02-26 07:42 - 2014-02-26 07:42 - 00000000 ____D () C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-02-26 07:38 - 2014-02-26 07:39 - 62687640 _____ (IObit ) C:\Users\HP\Downloads\asc-ultimate7-setup.exe
2014-02-25 01:18 - 2014-02-25 02:38 - 734142812 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-CZ-2010(1).avi
2014-02-25 01:01 - 2014-02-25 01:16 - 132649447 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-CZ-2010.avi
2014-02-17 11:52 - 2014-02-17 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 10:37 - 2014-02-14 10:43 - 109591772 _____ () C:\Users\HP\Downloads\libimseti-fotky-heslovane.zip
2014-02-14 09:57 - 2014-02-14 10:23 - 462046659 _____ () C:\Users\HP\Downloads\CD-Rene-Lacko.rar
2014-02-12 07:35 - 2014-02-12 07:41 - 47122605 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part12.rar
2014-02-12 07:33 - 2014-02-12 08:48 - 734003200 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part10.rar
2014-02-12 07:30 - 2014-02-12 08:45 - 734003200 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part09.rar
2014-02-12 06:09 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 06:09 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 06:07 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 06:07 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 06:07 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 06:07 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 06:07 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 06:07 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 06:07 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 06:07 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 06:07 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 06:07 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 06:07 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 06:07 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 06:07 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 06:07 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 06:07 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 06:07 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 06:07 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 06:07 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 06:07 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 06:07 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 06:07 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 06:07 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 06:07 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 06:07 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 06:07 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 06:07 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 06:07 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 06:07 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 06:07 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 06:07 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 06:07 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 06:07 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 06:07 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 06:07 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 06:07 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 06:07 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 06:07 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 06:07 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 06:06 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 06:06 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 06:06 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 06:06 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 06:06 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 06:06 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 06:06 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 06:06 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 06:06 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 06:06 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 06:06 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 06:06 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 06:06 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 06:06 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 06:06 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 06:06 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 06:06 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 06:06 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 06:06 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 06:06 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 06:06 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 06:05 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 06:05 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 06:05 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 06:05 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 06:05 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 06:05 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 06:05 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 06:05 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 22:49 - 2014-02-12 01:39 - 1546721753 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-2010-CZ.avi
2014-02-11 11:06 - 2014-02-11 14:40 - 1627432710 _____ () C:\Users\HP\Downloads\Neznámý-(2011)-(CZ+CZ-tit.)-(Drama,-Thriller,-Mysteriózní,-Akční).avi
2014-02-10 12:23 - 2014-02-10 12:23 - 00011076 _____ () C:\Users\HP\Downloads\[CzT]Snehova_kralovna_The_Snow_Queen_Sneznaja_koroleva_2012_3D_O_U_1080pLQ_.torrent
2014-02-09 15:18 - 2014-02-09 15:18 - 00000181 _____ () C:\Users\HP\Downloads\Jack-a-obri-cz-avi-.txt
2014-02-04 19:01 - 2014-02-04 19:51 - 897785894 _____ () C:\Users\HP\Downloads\Krasna-Zem.avi
2014-02-01 14:01 - 2014-02-01 14:03 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok (3)
2014-02-01 14:01 - 2014-02-01 14:01 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok (2)
2014-01-31 18:43 - 2014-01-31 18:43 - 00000000 ____D () C:\Users\HP\Downloads\Pražský-Výběr---2007---Běr-(AAC)
2014-01-31 18:43 - 2014-01-31 18:43 - 00000000 ____D () C:\Users\HP\Downloads\Pra×skř-Vřbýr---2007---Býr-(AAC)
2014-01-31 18:14 - 2014-01-31 18:39 - 128566262 _____ () C:\Users\HP\Downloads\Pražský-Výběr---2007---Běr-(AAC).rar
==================== One Month Modified Files and Folders =======
2014-03-01 22:16 - 2011-03-07 18:19 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Skype
2014-03-01 22:14 - 2014-03-01 22:01 - 00000000 ____D () C:\Users\HP\Desktop\VIRY.CZ
2014-03-01 22:14 - 2014-02-28 13:31 - 00000000 ____D () C:\FRST
2014-03-01 22:12 - 2014-03-01 22:12 - 00112640 _____ (forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe
2014-03-01 22:11 - 2014-03-01 22:11 - 02155520 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2014-03-01 22:06 - 2011-01-22 16:19 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2EE74662-46DD-4D44-94C9-9F73ED66A5FA}
2014-03-01 22:02 - 2014-01-29 15:22 - 00000000 ____D () C:\Users\HP\Desktop\TEXTovky
2014-03-01 22:00 - 2014-01-29 15:25 - 00000000 ____D () C:\Users\HP\Desktop\F - plocha
2014-03-01 21:52 - 2012-11-16 08:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-01 21:47 - 2009-07-14 05:45 - 00020720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-01 21:47 - 2009-07-14 05:45 - 00020720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-01 21:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-01 21:37 - 2012-07-17 11:40 - 01602958 ____N () C:\Windows\WindowsUpdate.log
2014-03-01 21:36 - 2011-03-08 08:11 - 00000000 ____D () C:\Users\HP\Desktop\ssem1
2014-03-01 21:30 - 2014-03-01 21:30 - 00220901 _____ () C:\Users\HP\Desktop\SpybotSD.Results.txt
2014-03-01 18:48 - 2013-03-31 05:53 - 00000000 ____D () C:\Users\HP\AppData\Roaming\vlc
2014-03-01 18:47 - 2013-09-28 17:17 - 00000000 ____D () C:\Users\HP\Downloads\PREVZATE SUBORY DO 28.8.2013
2014-03-01 17:32 - 2014-03-01 17:32 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok (4)
2014-03-01 17:32 - 2014-03-01 17:31 - 10751553 _____ () C:\Users\HP\Downloads\KB971033-Remove-and-Win7-Activate.zip
2014-03-01 02:33 - 2014-03-01 02:32 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok
2014-02-28 21:08 - 2013-05-21 19:54 - 00000000 ____D () C:\Users\HP\AppData\Roaming\IObit
2014-02-28 21:05 - 2012-05-12 11:53 - 00000000 ____D () C:\Users\HP\Documents\ccleaner zaloha registrov
2014-02-28 21:00 - 2013-05-21 19:54 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-02-28 20:58 - 2014-02-28 20:58 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-02-28 20:57 - 2014-02-26 07:43 - 00000000 ____D () C:\ProgramData\ProductData
2014-02-28 20:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-02-28 20:04 - 2014-02-28 20:04 - 00000000 ____D () C:\Windows\ERUNT
2014-02-28 14:18 - 2013-03-25 20:49 - 00003168 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForHP
2014-02-28 14:18 - 2013-03-25 20:49 - 00000320 _____ () C:\Windows\Tasks\HPCeeScheduleForHP.job
2014-02-28 06:01 - 2009-07-14 06:08 - 00032514 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-27 13:34 - 2014-02-27 13:34 - 00000000 ____D () C:\Users\HP\Desktop\keď obec nesúhlasí s vydržaním pozemku
2014-02-27 12:50 - 2013-05-21 19:54 - 00000000 ____D () C:\ProgramData\IObit
2014-02-27 07:29 - 2014-02-27 07:27 - 00000000 ____D () C:\DrvInstall
2014-02-26 13:01 - 2011-03-24 13:31 - 00000000 ____D () C:\Users\HP\dwhelper
2014-02-26 08:34 - 2013-03-25 14:17 - 00000000 ___RD () C:\Users\HP\Desktop\NASTROJE z PLOCHY
2014-02-26 08:34 - 2011-01-22 05:56 - 00000000 ____D () C:\Windows\Panther
2014-02-26 08:30 - 2011-01-22 15:03 - 00000000 ____D () C:\Users\HP
2014-02-26 08:09 - 2014-02-26 08:09 - 00000080 _____ () C:\Users\HP\AppData\Roaming\mbam.context.scan
2014-02-26 07:42 - 2014-02-26 07:42 - 00000000 ____D () C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
2014-02-26 07:42 - 2014-02-26 07:42 - 00000000 ____D () C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-02-26 07:39 - 2014-02-26 07:38 - 62687640 _____ (IObit ) C:\Users\HP\Downloads\asc-ultimate7-setup.exe
2014-02-25 02:38 - 2014-02-25 01:18 - 734142812 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-CZ-2010(1).avi
2014-02-25 01:16 - 2014-02-25 01:01 - 132649447 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-CZ-2010.avi
2014-02-24 22:45 - 2013-04-11 01:51 - 00000000 ____D () C:\Users\HP\Desktop\FreeRapidDownLoader ssem
2014-02-23 21:51 - 2011-05-30 05:25 - 00000000 ____D () C:\Windows\Minidump
2014-02-20 20:59 - 2012-04-15 07:40 - 00002362 _____ () C:\Users\HP\Desktop\Google Chrome.lnk
2014-02-20 07:02 - 2012-12-05 20:03 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-20 07:02 - 2012-11-10 23:53 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-19 17:58 - 2012-07-21 17:40 - 00000000 ____D () C:\Windows\pss
2014-02-19 17:47 - 2013-02-02 11:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-17 11:52 - 2014-02-17 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 10:43 - 2014-02-14 10:37 - 109591772 _____ () C:\Users\HP\Downloads\libimseti-fotky-heslovane.zip
2014-02-14 10:23 - 2014-02-14 09:57 - 462046659 _____ () C:\Users\HP\Downloads\CD-Rene-Lacko.rar
2014-02-12 08:48 - 2014-02-12 07:33 - 734003200 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part10.rar
2014-02-12 08:45 - 2014-02-12 07:30 - 734003200 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part09.rar
2014-02-12 07:41 - 2014-02-12 07:35 - 47122605 _____ () C:\Users\HP\Downloads\Vánoční-koledal.3D.SBS.1080p.DTS.EN.DD.CZ.SK.By-jardis19.part12.rar
2014-02-12 07:24 - 2014-01-29 15:24 - 00000000 ____D () C:\Users\HP\Desktop\X - plocha
2014-02-12 07:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-12 06:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-02-12 06:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-02-12 06:30 - 2013-07-15 00:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 06:25 - 2011-01-23 00:31 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-12 06:14 - 2013-11-27 14:28 - 00773014 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-12 06:13 - 2009-07-14 06:13 - 00773014 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-12 01:39 - 2014-02-11 22:49 - 1546721753 _____ () C:\Users\HP\Downloads\Tři-dny-ke-svobodě-2010-CZ.avi
2014-02-11 15:11 - 2011-03-31 23:50 - 00000000 ____D () C:\Users\HP\AppData\Roaming\uTorrent
2014-02-11 14:40 - 2014-02-11 11:06 - 1627432710 _____ () C:\Users\HP\Downloads\Neznámý-(2011)-(CZ+CZ-tit.)-(Drama,-Thriller,-Mysteriózní,-Akční).avi
2014-02-10 18:32 - 2011-07-13 19:17 - 00000000 ____D () C:\Users\HP\Desktop\TORRO ssem
2014-02-10 18:32 - 2011-07-13 19:17 - 00000000 ____D () C:\Users\HP\Desktop\TORRO ciel
2014-02-10 12:23 - 2014-02-10 12:23 - 00011076 _____ () C:\Users\HP\Downloads\[CzT]Snehova_kralovna_The_Snow_Queen_Sneznaja_koroleva_2012_3D_O_U_1080pLQ_.torrent
2014-02-09 15:18 - 2014-02-09 15:18 - 00000181 _____ () C:\Users\HP\Downloads\Jack-a-obri-cz-avi-.txt
2014-02-07 03:06 - 2012-04-15 07:40 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-02-07 03:06 - 2011-05-31 11:01 - 00000000 ____D () C:\Users\HP\AppData\Roaming\IrfanView
2014-02-07 03:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-07 03:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-06 13:16 - 2014-02-12 06:07 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 06:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 06:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 06:07 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 06:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 06:07 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 06:07 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 06:07 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 06:07 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 06:07 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 06:07 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 06:07 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 06:07 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 06:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 06:07 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 06:06 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 06:07 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 06:07 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 06:07 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 06:07 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 06:07 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 06:07 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 06:07 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 06:07 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 06:07 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 06:07 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 06:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 06:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 06:07 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 06:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 06:07 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 06:07 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 06:07 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 06:07 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 06:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 06:07 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 06:07 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 19:51 - 2014-02-04 19:01 - 897785894 _____ () C:\Users\HP\Downloads\Krasna-Zem.avi
2014-02-01 14:03 - 2014-02-01 14:01 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok (3)
2014-02-01 14:01 - 2014-02-01 14:01 - 00000000 ____D () C:\Users\HP\Desktop\Nový priečinok (2)
2014-02-01 09:37 - 2013-01-22 07:55 - 00000000 ____D () C:\Users\HP\Desktop\AL DI MEOLA BERLIN Live
2014-01-31 18:43 - 2014-01-31 18:43 - 00000000 ____D () C:\Users\HP\Downloads\Pražský-Výběr---2007---Běr-(AAC)
2014-01-31 18:43 - 2014-01-31 18:43 - 00000000 ____D () C:\Users\HP\Downloads\Pra×skř-Vřbýr---2007---Býr-(AAC)
2014-01-31 18:39 - 2014-01-31 18:14 - 128566262 _____ () C:\Users\HP\Downloads\Pražský-Výběr---2007---Běr-(AAC).rar
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-28 16:15
==================== End Of Log ============================
-
Rudy
- Site Admin
- Příspěvky: 119534
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu.
Omluva za přehlédnutí. Zkuste ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu.
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
Verzia databázy: v2014.03.06.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
HP :: HP-PC [administrátor]
Ochrana: Vypnuté
6. 3. 2014 9:32:22
MBAM-log-2014-03-06 (20-19-38).txt
Typ kontroly: Úplná kontrola (C:\|D:\|E:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 455493
Uplynutý čas: 2 hod, 34 min, 49 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)
Detegované priečinky: 0
(Škodlivé položky neboli zistené)
Detegované súbory: 1
C:\Users\HP\Downloads\KB971033-Remove-and-Win7-Activate.zip (HackTool.Wpakill) -> Žiadna úloha nevykonaná.
(koniec)
www.malwarebytes.org
Verzia databázy: v2014.03.06.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
HP :: HP-PC [administrátor]
Ochrana: Vypnuté
6. 3. 2014 9:32:22
MBAM-log-2014-03-06 (20-19-38).txt
Typ kontroly: Úplná kontrola (C:\|D:\|E:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 455493
Uplynutý čas: 2 hod, 34 min, 49 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)
Detegované priečinky: 0
(Škodlivé položky neboli zistené)
Detegované súbory: 1
C:\Users\HP\Downloads\KB971033-Remove-and-Win7-Activate.zip (HackTool.Wpakill) -> Žiadna úloha nevykonaná.
(koniec)
-
Rudy
- Site Admin
- Příspěvky: 119534
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu.
Položku, kterou nalezl MBAM, smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu.
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
Verzia databázy: v2014.03.06.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
HP :: HP-PC [administrátor]
Ochrana: Vypnuté
6. 3. 2014 9:32:22
mbam-log-2014-03-06 (09-32-22).txt
Typ kontroly: Úplná kontrola (C:\|D:\|E:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 455493
Uplynutý čas: 2 hod, 34 min, 49 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)
Detegované priečinky: 0
(Škodlivé položky neboli zistené)
Detegované súbory: 1
C:\Users\HP\Downloads\KB971033-Remove-and-Win7-Activate.zip (HackTool.Wpakill) -> Pridanie do karantény a zmazanie úspešné.
(koniec)
www.malwarebytes.org
Verzia databázy: v2014.03.06.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
HP :: HP-PC [administrátor]
Ochrana: Vypnuté
6. 3. 2014 9:32:22
mbam-log-2014-03-06 (09-32-22).txt
Typ kontroly: Úplná kontrola (C:\|D:\|E:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 455493
Uplynutý čas: 2 hod, 34 min, 49 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)
Detegované priečinky: 0
(Škodlivé položky neboli zistené)
Detegované súbory: 1
C:\Users\HP\Downloads\KB971033-Remove-and-Win7-Activate.zip (HackTool.Wpakill) -> Pridanie do karantény a zmazanie úspešné.
(koniec)
-
Rudy
- Site Admin
- Příspěvky: 119534
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu.
OK. Ještě otevřte regedit a ručně smažte tyto registry klíče:
Návod: http://forum.viry.cz/viewtopic.php?f=46&t=2791 .HKEY_CLASSES_ROOT\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}
HKEY_CLASSES_ROOT\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}
HKEY_LOCAL_MACHINESoftware\Microsoft\Internet Explorer\Search\SearchAssistant
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu.
FINDer v regedite nenasiel takyto subor, respektive dva, ako sa pise vo Vasej odpovedi:
HKEY_CLASSES_ROOT\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}
, ale rucne som nasiel taku zlozku, subor v tejto zlozke som sa pokusal vymazat,
ale ostal tam svietit, ked som to zopakoval, dozvedel som sa nasledovne:
"unable to delete all specified values."
Mam vymazat celu zlozku.???
subor v nej sa vola: (Default) Type: REG_SZ Data: (value not set)
----------------------------------------------------------
Pri rucnom hladani (automat opat nic nenasiel)
HKEY_LOCAL_MACHINESoftware\Microsoft\Internet Explorer\Search\SearchAssistant
,som sa dostal po:
HKEY_LOCAL_MACHINESoftware\Microsoft\Internet Explorer\
zbytok pokracuje ako:
SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
nebolo cim pohnut,
takze som nevykonal pravdepodobne nic.
1. A nemoze SpybotSD vidiet tieto chyby v niektorej z pocetnych zaloh registrov vytvorenych CCleanerom v minulosti, ktore mam stale v PC..?
2. SpybotSD sa mi kedysi dokazal nastartovat prednostne pred startom procesov po restarte PC a vymazat chyby - neviem ci je to novsou verziou, alebo ci tuto jeho funkciu uz nieco blokuje, ale teraz to odobrim, ale nevykonava to.
HKEY_CLASSES_ROOT\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}
, ale rucne som nasiel taku zlozku, subor v tejto zlozke som sa pokusal vymazat,
ale ostal tam svietit, ked som to zopakoval, dozvedel som sa nasledovne:
"unable to delete all specified values."
Mam vymazat celu zlozku.???
subor v nej sa vola: (Default) Type: REG_SZ Data: (value not set)
----------------------------------------------------------
Pri rucnom hladani (automat opat nic nenasiel)
HKEY_LOCAL_MACHINESoftware\Microsoft\Internet Explorer\Search\SearchAssistant
,som sa dostal po:
HKEY_LOCAL_MACHINESoftware\Microsoft\Internet Explorer\
zbytok pokracuje ako:
SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
nebolo cim pohnut,
takze som nevykonal pravdepodobne nic.
1. A nemoze SpybotSD vidiet tieto chyby v niektorej z pocetnych zaloh registrov vytvorenych CCleanerom v minulosti, ktore mam stale v PC..?
2. SpybotSD sa mi kedysi dokazal nastartovat prednostne pred startom procesov po restarte PC a vymazat chyby - neviem ci je to novsou verziou, alebo ci tuto jeho funkciu uz nieco blokuje, ale teraz to odobrim, ale nevykonava to.
-
Rudy
- Site Admin
- Příspěvky: 119534
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu.
On Spybot je sw, který má už svou dobu slávy za sebou. Ty klíče (nikoli soubory) byly nalezeny ve skenu S&D:
Pokud jste klíč nenalezl, pak měl S&D chybnou detekci.Toolbar.Facemood: [SBI $8F44A361] ID aplikácie (Kľúč v registri, nothing done)
HKEY_CLASSES_ROOT\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}
Toolbar.Facemood: [SBI $8F44A361] ID aplikácie (Kľúč v registri, nothing done)
HKEY_CLASSES_ROOT\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}
Toolbar.Facemood: [SBI $05FB3923] Vyhľadávacia stránka IE (Zmena v registri, nothing done)
HKEY_LOCAL_MACHINESoftware\Microsoft\Internet Explorer\Search\SearchAssistant=about:blank
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?