Vir na flashce - Murdoc

Zpráva

Murdoc · #1 Příspěvek od **Murdoc** » 22 dub 2014 20:49

Ahoj mám totožný problém jako tady tomesPJ, jsme spolužáci, myslím že nás podarovala ta stejná paní, co nemá drobné

mám zakládat nové téma, nebo můžu hodit svoje logy sem?

#2 Příspěvek od **vyosek** » 22 dub 2014 21:15

Zdravim kolegu stavare

Tema jsem oddelil, at se nam to neplete

Poprosim o aplikovani USBFixu

Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)

Stahne a ulozte na plochu UsbFix http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
Spustte a kliknete na Deletion
Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt

Murdoc · #3 Příspěvek od **Murdoc** » 22 dub 2014 23:09

tak tady to je. už jsem se pokoušel sám o nějaké čištění, ale flashka je stále "prázdná", respektive nejdříve byli zástupci a teď mám všechny soubory a složky skryté.

############################## | UsbFix V 7.134 | [Deletion]

User: Murdoc (Administrator) # MURDOC-NTB
Updated 06/09/2013 by El Desaparecido
Started at 23:35:26 | 22/04/2014

Website: http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: eldesaparecido@sosvirus.net

PC: LENOVO (Lenovo G580) (x64-based PC)
CPU: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz (2200)
RAM -> [Total : 3996 | Free : 2391]
BIOS: InsydeH2O Version 03.71.515ECN33WW(V2.03)
BOOT: Normal boot

OS: Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16798

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 886 Gb (377 Mb free - 43%) [Windows7_OS] # NTFS
D:\ -> Fixed drive # 25 Gb (22 Mb free - 87%) [LENOVO] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> Removable drive # 4 Gb (2 Mb free - 56%) [] # FAT32

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE | Run : [USB3MON] - "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKLM\SOFTWARE | Run : [UpdatePRCShortCut] - "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
HKLM\SOFTWARE | Run : [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM\SOFTWARE | Run : [LockKey] - C:\Program Files (x86)\LockKey\LockKey.exe
HKLM\SOFTWARE | Run : [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
HKLM\SOFTWARE | Run : [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
HKLM\SOFTWARE | Run : [Dolby Advanced Audio v2] - "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
HKLM\SOFTWARE | Run : [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [331BigDog] - C:\Program Files (x86)\USB Camera\VM331_STI.EXE
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | Run : [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKLM\SOFTWARE | Run : [LogMeIn Hamachi Ui] - "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
HKLM\SOFTWARE | Run : [USB Security] - C:\Program Files (x86)\USB Disk Security\USBGuard.exe
HKLM\SOFTWARE\wow6432Node | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE\wow6432Node | Run : [USB3MON] - "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKLM\SOFTWARE\wow6432Node | Run : [UpdatePRCShortCut] - "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
HKLM\SOFTWARE\wow6432Node | Run : [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM\SOFTWARE\wow6432Node | Run : [LockKey] - C:\Program Files (x86)\LockKey\LockKey.exe
HKLM\SOFTWARE\wow6432Node | Run : [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
HKLM\SOFTWARE\wow6432Node | Run : [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
HKLM\SOFTWARE\wow6432Node | Run : [Dolby Advanced Audio v2] - "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
HKLM\SOFTWARE\wow6432Node | Run : [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [331BigDog] - C:\Program Files (x86)\USB Camera\VM331_STI.EXE
HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE\wow6432Node | Run : [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKLM\SOFTWARE\wow6432Node | Run : [LogMeIn Hamachi Ui] - "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
HKLM\SOFTWARE\wow6432Node | Run : [USB Security] - C:\Program Files (x86)\USB Disk Security\USBGuard.exe
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-673523585-3230307534-867329203-1001\SOFTWARE | Run : [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-673523585-3230307534-867329203-1001\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-673523585-3230307534-867329203-1001\SOFTWARE | Run : [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-673523585-3230307534-867329203-1001\SOFTWARE | Run : [Spotify Web Helper] - "C:\Users\Murdoc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
HKU\S-1-5-21-673523585-3230307534-867329203-1001\SOFTWARE | Run : [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
HKU\S-1-5-18\SOFTWARE | Run : [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe

################## | Stopped processes |

Stopped! C:\Windows\system32\nvvsvc.exe (968)
Stopped! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1456)
Stopped! C:\Windows\system32\WLANExt.exe (1464)
Stopped! C:\Windows\system32\conhost.exe (1484)
Stopped! C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1572)
Stopped! C:\Windows\system32\nvvsvc.exe (1580)
Stopped! C:\Windows\System32\spoolsv.exe (2020)
Stopped! C:\Windows\system32\taskhost.exe (728)
Stopped! C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (1764)
Stopped! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1944)
Stopped! C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (1748)
Stopped! C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe (1632)
Stopped! C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (2128)
Stopped! C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe (2160)
Stopped! C:\Windows\System32\igfxpers.exe (2168)
Stopped! C:\Windows\System32\igfxtray.exe (2176)
Stopped! C:\Windows\System32\hkcmd.exe (2192)
Stopped! C:\Program Files\FileOpen\Services\FileOpenBroker64.exe (2200)
Stopped! C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (2276)
Stopped! C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (2328)
Stopped! C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (2348)
Stopped! C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (2420)
Stopped! C:\Program Files\Windows Sidebar\sidebar.exe (2432)
Stopped! C:\Users\Murdoc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (2520)
Stopped! C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (2604)
Stopped! C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (2656)
Stopped! C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (2708)
Stopped! C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (2736)
Stopped! C:\Windows\system32\CxAudMsg64.exe (2772)
Stopped! C:\Program Files\FileOpen\Services\FileOpenManagerService64.exe (2848)
Stopped! C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (2864)
Stopped! C:\Program Files\Intel\iCLS Client\HeciServer.exe (2904)
Stopped! C:\Users\Murdoc\AppData\Roaming\Dropbox\bin\Dropbox.exe (2928)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (2984)
Stopped! C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (1392)
Stopped! C:\Program Files\AVAST Software\Avast\AvastUI.exe (2804)
Stopped! C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (1204)
Stopped! C:\Windows\SysWOW64\NLSSRV32.EXE (2512)
Stopped! C:\Program Files (x86)\LockKey\LockKey.exe (3092)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (3196)
Stopped! C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (3240)
Stopped! C:\Program Files (x86)\USB Camera\VM331_STI.EXE (3396)
Stopped! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (3460)
Stopped! C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (3468)
Stopped! C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (3480)
Stopped! C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (3576)
Stopped! C:\Windows\SysWOW64\RunDll32.exe (3764)
Stopped! C:\Windows\system32\SearchIndexer.exe (4980)
Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (1500)
Stopped! C:\Windows\system32\DllHost.exe (6080)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (4724)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (5420)
Stopped! C:\Program Files\totalcmd\TOTALCMD64.EXE (236)
Stopped! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (6928)
Stopped! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (6844)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (2952)
Stopped! C:\Windows\system32\wuauclt.exe (5940)
Stopped! C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (5616)
Stopped! C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe (4656)
Stopped! C:\Windows\system32\taskeng.exe (4520)
Stopped! C:\Windows\System32\WUDFHost.exe (6252)

################## | Files # Infected Folders |

Not deleted ! E:\Setup.exe
Not deleted ! E:\autorun.inf

(!) Temporary files deleted.

################## | Registry |

Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{77761f27-1ed1-11e2-a4a0-08edb9a70762}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{ac2bcf9e-5197-11e2-9443-08edb9a70762}

################## | Listing |

[26/05/2013 - 10:10:06 | SHD ] C:\$Recycle.Bin
[19/04/2014 - 19:40:41 | D ] C:\- MOJE -
[22/04/2014 - 18:40:06 | D ] C:\AdwCleaner
[21/02/2014 - 10:30:28 | D ] C:\Autodesk
[24/02/2011 - 19:03:40 | SHD ] C:\Boot
[21/11/2010 - 05:23:51 | RASH | 383786] C:\bootmgr
[24/02/2011 - 19:03:41 | N | 8192] C:\BOOTSECT.BAK
[22/04/2014 - 17:48:58 | D ] C:\Config.Msi
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[28/04/2013 - 07:26:29 | N | 36856] C:\FaceProv.log
[28/12/2012 - 12:33:13 | D ] C:\found.000
[22/04/2014 - 18:41:24 | ASH | 3142864896] C:\hiberfil.sys
[06/08/2012 - 23:29:10 | D ] C:\Intel
[16/10/2012 - 12:19:37 | D ] C:\ldiag
[16/10/2012 - 18:11:16 | RHD ] C:\MSOCache
[12/01/2014 - 22:14:35 | D ] C:\output
[22/04/2014 - 18:41:35 | ASH | 4190486528] C:\pagefile.sys
[14/07/2009 - 05:20:08 | D ] C:\PerfLogs
[22/04/2014 - 11:28:44 | D ] C:\Program Files
[22/04/2014 - 18:39:59 | D ] C:\Program Files (x86)
[22/04/2014 - 18:39:58 | HD ] C:\ProgramData
[16/10/2012 - 11:52:03 | SHD ] C:\Recovery
[28/04/2013 - 08:22:53 | D ] C:\SWTOOLS
[07/08/2012 - 00:08:08 | D ] C:\SysPart
[22/04/2014 - 23:33:13 | SHD ] C:\System Volume Information
[22/04/2014 - 23:41:21 | D ] C:\UsbFix
[22/04/2014 - 17:34:33 | N | 11768] C:\UsbFix [Clean 1] MURDOC-NTB.txt
[22/04/2014 - 17:56:29 | N | 10942] C:\UsbFix [Clean 2] MURDOC-NTB.txt
[22/04/2014 - 23:41:34 | A | 12439] C:\UsbFix [Clean 3] MURDOC-NTB.txt
[07/08/2012 - 00:01:39 | D ] C:\UserGuidePDF
[16/10/2012 - 11:54:01 | D ] C:\Users
[28/04/2013 - 08:26:40 | N | 14] C:\veriface_uninstall.log
[22/04/2014 - 18:12:49 | D ] C:\Windows
[16/10/2012 - 11:55:54 | SHD ] D:\$RECYCLE.BIN
[07/08/2012 - 00:05:38 | D ] D:\Application
[07/08/2012 - 00:08:51 | D ] D:\drivers
[06/08/2012 - 23:12:26 | SHD ] D:\System Volume Information
[27/03/2013 - 12:13:08 | D ] E:\3rdParty
[27/03/2013 - 12:13:09 | D ] E:\CER
[27/03/2013 - 12:13:09 | D ] E:\Content
[27/03/2013 - 21:01:38 | D ] E:\Crack
[27/03/2013 - 12:13:13 | D ] E:\EULA
[27/03/2013 - 12:13:13 | D ] E:\NLSDL
[27/03/2013 - 12:13:14 | D ] E:\Setup
[18/01/2013 - 23:24:40 | R | 960904] E:\Setup.exe
[27/03/2013 - 12:13:14 | D ] E:\SetupRes
[25/10/2011 - 02:14:35 | R | 41] E:\autorun.inf
[18/03/2013 - 04:42:37 | R | 94] E:\dlm.ini
[27/03/2013 - 12:13:13 | D ] E:\en-us
[30/01/2013 - 10:09:08 | R | 48284] E:\setup.ini
[27/03/2013 - 12:15:05 | D ] E:\x64

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | http://www.sosvirus.net |

#4 Příspěvek od **vyosek** » 23 dub 2014 05:36

Dle logu USBFixu by mel byt disk E:\ v pohode

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Murdoc · #5 Příspěvek od **Murdoc** » 23 dub 2014 12:06

pozor, E:\ je virtuální mechanika, flashka je G:\. ale jak říkám - já se pokušel o čištění už sám, než jsem našel tohle vlákno. takže PC už jsem projel adwCleanerem a JRT (mám i uložené logy) a pak ještě Microsoft Security Essentials (na nějakém eng fóru psali, žeprý je schopný vir najít a vymazat) a taky ještě nějakou utilitkou pro USB jejíž jméno si už žel nepamatuju (tady už logy nemám, ale u všech proběhly scany a čištění)

tady je FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by Murdoc (administrator) on MURDOC-NTB on 23-04-2014 13:02:17
Running from C:\Users\Murdoc\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManagerService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Murdoc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Dropbox, Inc.) C:\Users\Murdoc\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Zbshareware Lab) C:\Program Files (x86)\USB Disk Security\USBGuard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
() C:\Program Files (x86)\Opera\20.0.1387.91\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
() C:\Program Files (x86)\foobar2000\foobar2000.exe
(Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
(forum.viry.cz) C:\Users\Murdoc\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1092528 2012-10-17] (FileOpen Systems Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2809856 2012-01-16] (ELAN Microelectronics Corp.)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-08-07] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-08-07] (Lenovo (Beijing) Limited)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [564352 2011-12-15] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-31] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [LockKey] => C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-26] ( )
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2012-01-26] (Lenovo, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-30] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331_STI.EXE [548864 2011-11-24] (Vimicro)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207360 2010-03-18] (ArcSoft Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [USB Security] => C:\Program Files (x86)\USB Disk Security\USBGuard.exe [687336 2013-06-20] (Zbshareware Lab)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-07] (Google Inc.)
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\Run: [Spotify Web Helper] => C:\Users\Murdoc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-20] (Spotify Ltd)
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\Policies\Explorer: []
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\MountPoints2: {77761f27-1ed1-11e2-a4a0-08edb9a70762} - E:\Setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [250504 2013-02-10] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [205184 2013-02-10] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Murdoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Murdoc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Murdoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com/ig/redirectdomain ... &bmod=KMOH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs =
HKCU\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages =
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=i ... OH_csCZ506
SearchScopes: HKCU - ${searchCLSID} URL = http://search.live.com/results.aspx?q={ ... rer:source?}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=i ... OH_csCZ506
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{53287C29-BC37-4883-924D-DF69F50744FD}: [NameServer]192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Murdoc\AppData\Roaming\Mozilla\Firefox\Profiles\i3b3fo04.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_38 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in - C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Murdoc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Media Stealer - C:\Users\Murdoc\AppData\Roaming\Mozilla\Firefox\Profiles\i3b3fo04.default\Extensions\stealer@physacco.com.xpi [2013-09-09]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} [2014-03-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-10-16]

Chrome:
=======
CHR HomePage:
CHR Extension: (avast! WebRep) - C:\Users\Murdoc\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-11-10]
CHR Extension: (Web Navigation) - C:\Users\Murdoc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkemddiljapcmhicklfpcbpfffahfbja [2014-04-22]
CHR Extension: (Peněženka Google) - C:\Users\Murdoc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-10]
CHR Extension: (No Name) - C:\Users\Murdoc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2013-11-10]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2012-10-16]
CHR HKLM-x32\...\Chrome\Extension: [lkemddiljapcmhicklfpcbpfffahfbja] - C:\Users\Murdoc\AppData\Local\Google\Chrome\User Data\Default\extensions\WebNavigation.crx [2014-04-19]

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-31] (AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-02] (Broadcom Corporation.)
S4 DamageGuardSvc; C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe [572976 2012-03-26] (Lenovo (Beijing) Limited)
R2 FileOpenManagerService; C:\Program Files\FileOpen\Services\FileOpenManagerService64.exe [335288 2012-10-17] (FileOpen Systems Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [71600 2012-10-31] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-10-15] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-31] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-31] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-31] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-10-28] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
S4 DamageGuard; C:\Windows\System32\DRIVERS\DamageGuardX64.sys [217392 2012-02-11] (Lenovo)
S4 dgFltr; C:\Windows\System32\drivers\dgFltrX64.sys [23648 2011-12-13] (Lenovo)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-28] (DT Soft Ltd)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2014-02-12] (ITE )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-10-28] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [952832 2011-12-06] (Vimicro Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
U3 BcmSqlStartupSvc;
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
U2 DriverService;
U2 iATAgentService;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 Oasis2Service;
U2 PCCarerService;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SeaPort;
U2 SoftwareService;
U3 SQLWriter;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-23 13:02 - 2014-04-23 13:02 - 00024148 _____ () C:\Users\Murdoc\Desktop\FRST.txt
2014-04-23 13:01 - 2014-04-23 13:02 - 00000000 ____D () C:\FRST
2014-04-23 13:00 - 2014-04-23 13:00 - 00112640 _____ (forum.viry.cz) C:\Users\Murdoc\Desktop\FRSTLauncher.exe
2014-04-23 12:53 - 2014-04-23 12:53 - 02061312 _____ (Farbar) C:\Users\Murdoc\Desktop\FRST64.exe
2014-04-23 00:01 - 2014-04-23 00:01 - 00000000 ____D () C:\Users\Murdoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2014-04-22 23:53 - 2014-04-22 23:53 - 00013722 _____ () C:\Users\Murdoc\Desktop\UsbFix [Clean 3] MURDOC-NTB.txt
2014-04-22 23:35 - 2014-04-22 23:52 - 00013722 _____ () C:\UsbFix [Clean 3] MURDOC-NTB.txt
2014-04-22 18:47 - 2014-04-22 18:47 - 00003089 _____ () C:\Users\Murdoc\Desktop\AdwCleaner[S0].txt
2014-04-22 18:38 - 2014-04-22 18:40 - 00000000 ____D () C:\AdwCleaner
2014-04-22 18:28 - 2014-04-22 18:28 - 00002769 _____ () C:\Users\Murdoc\Desktop\JRT.txt
2014-04-22 18:12 - 2014-04-22 18:12 - 00000000 ____D () C:\Windows\ERUNT
2014-04-22 17:56 - 2014-04-22 17:56 - 00010942 ____N () C:\UsbFix [Clean 2] MURDOC-NTB.txt
2014-04-22 17:33 - 2014-04-22 23:41 - 00000000 ____D () C:\UsbFix
2014-04-22 17:33 - 2014-04-22 17:34 - 00011768 ____N () C:\UsbFix [Clean 1] MURDOC-NTB.txt
2014-04-19 19:41 - 2014-04-19 19:41 - 00001081 _____ () C:\Users\Public\Desktop\USB Disk Security.lnk
2014-04-19 19:41 - 2014-04-19 19:41 - 00001069 _____ () C:\Users\Public\Desktop\Web Navigation.lnk
2014-04-19 19:41 - 2014-04-19 19:41 - 00000000 ____D () C:\Users\Murdoc\AppData\Roaming\Zbshareware Lab
2014-04-19 19:41 - 2014-04-19 19:41 - 00000000 ____D () C:\Program Files (x86)\USB Disk Security
2014-04-19 18:34 - 2014-04-22 11:28 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-18 19:29 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-18 19:29 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-18 19:29 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-18 19:29 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-18 19:28 - 2014-04-18 19:29 - 00005293 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-18 13:27 - 2014-04-18 13:27 - 04461568 _____ () C:\Users\Murdoc\Downloads\22D9.tmp
2014-04-17 11:53 - 2014-04-17 11:53 - 00010792 _____ () C:\Users\Murdoc\Desktop\Uem.xlsx
2014-04-12 18:00 - 2014-04-19 17:45 - 00000000 ____D () C:\Users\Murdoc\AppData\Local\Windows Live
2014-04-09 21:23 - 2014-04-09 21:23 - 00001069 _____ () C:\Users\Public\Desktop\ArchiCAD 16.lnk
2014-04-09 20:55 - 2011-12-16 05:40 - 00471952 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\WibuXpm4J64.dll
2014-04-09 20:55 - 2011-12-16 05:40 - 00375184 _____ (WIBU-SYSTEMS AG) C:\Windows\SysWOW64\WibuXpm4J32.dll
2014-04-09 20:55 - 2009-12-03 07:00 - 00430080 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\wibuKJni64.dll
2014-04-09 20:55 - 2009-12-03 07:00 - 00418304 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\WkExt64.dll
2014-04-09 20:55 - 2009-12-03 07:00 - 00344576 _____ (WIBU-SYSTEMS AG) C:\Windows\SysWOW64\wibuKJni.dll
2014-04-09 20:55 - 2009-12-03 07:00 - 00333824 _____ (WIBU-SYSTEMS AG) C:\Windows\SysWOW64\WkExt32.dll
2014-04-09 20:55 - 2009-12-03 07:00 - 00022528 _____ (WIBU-SYSTEMS AG) C:\Windows\SysWOW64\WkWin32.lde
2014-04-09 20:55 - 2009-12-03 07:00 - 00022528 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\WkWin64.lde
2014-04-09 20:55 - 2009-12-03 07:00 - 00022016 _____ (WIBU-SYSTEMS AG) C:\Windows\SysWOW64\WkWin32.lfr
2014-04-09 20:55 - 2009-12-03 07:00 - 00022016 _____ (WIBU-SYSTEMS AG) C:\Windows\SysWOW64\WkWin32.les
2014-04-09 20:55 - 2009-12-03 07:00 - 00022016 _____ (WIBU-SYSTEMS AG) C:\Windows\SysWOW64\WkWin32.lbr
2014-04-09 20:55 - 2009-12-03 07:00 - 00022016 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\WkWin64.lfr
2014-04-09 20:55 - 2009-12-03 07:00 - 00022016 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\WkWin64.les
2014-04-09 20:55 - 2009-12-03 07:00 - 00021504 _____ (WIBU-SYSTEMS AG) C:\Windows\SysWOW64\WkWin32.lit
2014-04-09 20:55 - 2009-12-03 07:00 - 00021504 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\WkWin64.lit
2014-04-09 20:55 - 2009-12-03 07:00 - 00020992 _____ (WIBU-SYSTEMS AG) C:\Windows\SysWOW64\WkWin32.ljp
2014-04-09 20:55 - 2009-12-03 07:00 - 00020992 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\WkWin64.ljp
2014-04-09 20:55 - 2009-12-03 07:00 - 00020480 _____ () C:\Windows\SysWOW64\WkWin32.lhu
2014-04-09 20:55 - 2009-12-03 07:00 - 00020480 _____ () C:\Windows\system32\WkWin64.lhu
2014-04-09 20:55 - 2009-12-03 07:00 - 00015360 _____ (WIBU-SYSTEMS AG) C:\Windows\SysWOW64\WkWin32.lcn
2014-04-09 20:55 - 2009-12-03 07:00 - 00015360 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\WkWin64.lcn
2014-04-09 20:54 - 2014-04-09 20:54 - 00000000 ____D () C:\Program Files\WIBU-SYSTEMS
2014-04-09 20:54 - 2014-04-09 20:54 - 00000000 ____D () C:\Program Files (x86)\WIBU-SYSTEMS
2014-04-09 20:54 - 2011-09-22 06:00 - 00097792 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\Drivers\WibuKey64.sys
2014-04-09 20:54 - 2009-12-03 07:00 - 00169984 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\WkWin64.dll
2014-04-09 20:54 - 2009-12-03 07:00 - 00150528 _____ (WIBU-SYSTEMS AG) C:\Windows\SysWOW64\WkWin32.dll
2014-04-09 20:54 - 2009-08-07 09:59 - 00016896 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\Drivers\Wibukey2_64.sys
2014-04-07 23:02 - 2014-04-07 23:03 - 17293904 _____ () C:\Users\Murdoc\Documents\DIPLOMKA STUDIE 2.skp
2014-04-06 21:21 - 2014-04-06 21:21 - 00000000 ____D () C:\Program Files\Uninstall.AC
2014-04-06 20:52 - 2014-04-23 00:00 - 00001530 _____ () C:\Windows\setupact.log
2014-04-06 20:52 - 2014-04-19 18:50 - 00001268 _____ () C:\Windows\PFRO.log
2014-04-06 20:52 - 2014-04-06 20:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-06 19:13 - 2014-04-06 19:13 - 00001544 _____ () C:\Users\Murdoc\Desktop\Artlantis Studio.lnk
2014-03-28 13:28 - 2014-03-28 13:28 - 00001987 _____ () C:\Users\Murdoc\Desktop\ArchiCAD 17.lnk
2014-03-28 09:58 - 2014-03-28 10:02 - 00000000 ____D () C:\Program Files (x86)\PDF Editor 4
2014-03-28 09:58 - 2014-03-28 09:58 - 00082072 _____ () C:\Windows\cadkasdeinst01e.exe
2014-03-28 09:58 - 2014-03-28 09:58 - 00001041 _____ () C:\Users\UpdatusUser\Desktop\PDF Editor 3.3.lnk
2014-03-28 09:58 - 2014-03-28 09:58 - 00000000 ____D () C:\Users\Murdoc\AppData\Roaming\CAD-KAS
2014-03-25 18:27 - 2014-03-25 18:27 - 00046450 _____ () C:\Users\Public\Documents\cc_20140325_172701.reg
2014-03-25 17:59 - 2014-03-25 17:59 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-03-25 10:58 - 2014-03-25 10:59 - 00062790 _____ () C:\Users\Murdoc\AppData\Local\1395737931063usageLogSubmitter.log

==================== One Month Modified Files and Folders =======

2014-04-23 13:03 - 2012-10-20 10:16 - 00000000 ____D () C:\Users\Murdoc\AppData\Local\Last.fm
2014-04-23 13:02 - 2014-04-23 13:02 - 00024148 _____ () C:\Users\Murdoc\Desktop\FRST.txt
2014-04-23 13:02 - 2014-04-23 13:01 - 00000000 ____D () C:\FRST
2014-04-23 13:00 - 2014-04-23 13:00 - 00112640 _____ (forum.viry.cz) C:\Users\Murdoc\Desktop\FRSTLauncher.exe
2014-04-23 13:00 - 2012-08-06 23:14 - 01914233 _____ () C:\Windows\WindowsUpdate.log
2014-04-23 12:53 - 2014-04-23 12:53 - 02061312 _____ (Farbar) C:\Users\Murdoc\Desktop\FRST64.exe
2014-04-23 12:33 - 2012-08-07 00:06 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-23 12:06 - 2012-10-16 12:18 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-23 00:07 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-23 00:07 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-23 00:01 - 2014-04-23 00:01 - 00000000 ____D () C:\Users\Murdoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2014-04-23 00:01 - 2013-01-06 18:08 - 00000000 ____D () C:\Users\Murdoc\AppData\Roaming\Dropbox
2014-04-23 00:00 - 2014-04-06 20:52 - 00001530 _____ () C:\Windows\setupact.log
2014-04-23 00:00 - 2013-06-24 20:31 - 00000000 ____D () C:\Users\Murdoc\AppData\Local\LogMeIn Hamachi
2014-04-22 23:55 - 2012-08-07 00:06 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-22 23:54 - 2012-10-18 14:43 - 00000292 _____ () C:\Windows\Tasks\AutoKMS.job
2014-04-22 23:54 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-22 23:53 - 2014-04-22 23:53 - 00013722 _____ () C:\Users\Murdoc\Desktop\UsbFix [Clean 3] MURDOC-NTB.txt
2014-04-22 23:52 - 2014-04-22 23:35 - 00013722 _____ () C:\UsbFix [Clean 3] MURDOC-NTB.txt
2014-04-22 23:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-22 23:41 - 2014-04-22 17:33 - 00000000 ____D () C:\UsbFix
2014-04-22 23:41 - 2013-08-27 15:57 - 00150016 ___SH () C:\Users\Murdoc\Desktop\Thumbs.db
2014-04-22 23:33 - 2012-10-20 10:00 - 00000000 ____D () C:\Users\Murdoc\AppData\Roaming\foobar2000
2014-04-22 19:12 - 2012-10-16 22:26 - 00000000 ____D () C:\Users\Murdoc\AppData\Roaming\vlc
2014-04-22 18:47 - 2014-04-22 18:47 - 00003089 _____ () C:\Users\Murdoc\Desktop\AdwCleaner[S0].txt
2014-04-22 18:40 - 2014-04-22 18:38 - 00000000 ____D () C:\AdwCleaner
2014-04-22 18:28 - 2014-04-22 18:28 - 00002769 _____ () C:\Users\Murdoc\Desktop\JRT.txt
2014-04-22 18:12 - 2014-04-22 18:12 - 00000000 ____D () C:\Windows\ERUNT
2014-04-22 17:56 - 2014-04-22 17:56 - 00010942 ____N () C:\UsbFix [Clean 2] MURDOC-NTB.txt
2014-04-22 17:34 - 2014-04-22 17:33 - 00011768 ____N () C:\UsbFix [Clean 1] MURDOC-NTB.txt
2014-04-22 11:28 - 2014-04-19 18:34 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-19 19:41 - 2014-04-19 19:41 - 00001081 _____ () C:\Users\Public\Desktop\USB Disk Security.lnk
2014-04-19 19:41 - 2014-04-19 19:41 - 00001069 _____ () C:\Users\Public\Desktop\Web Navigation.lnk
2014-04-19 19:41 - 2014-04-19 19:41 - 00000000 ____D () C:\Users\Murdoc\AppData\Roaming\Zbshareware Lab
2014-04-19 19:41 - 2014-04-19 19:41 - 00000000 ____D () C:\Program Files (x86)\USB Disk Security
2014-04-19 19:40 - 2012-10-16 15:52 - 00000000 ____D () C:\- MOJE -
2014-04-19 18:50 - 2014-04-06 20:52 - 00001268 _____ () C:\Windows\PFRO.log
2014-04-19 18:42 - 2012-10-16 11:56 - 00000000 ___RD () C:\Users\Murdoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-19 17:45 - 2014-04-12 18:00 - 00000000 ____D () C:\Users\Murdoc\AppData\Local\Windows Live
2014-04-18 19:30 - 2013-12-12 22:44 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-18 19:29 - 2014-04-18 19:28 - 00005293 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-18 19:29 - 2012-10-16 16:10 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-18 13:27 - 2014-04-18 13:27 - 04461568 _____ () C:\Users\Murdoc\Downloads\22D9.tmp
2014-04-17 11:53 - 2014-04-17 11:53 - 00010792 _____ () C:\Users\Murdoc\Desktop\Uem.xlsx
2014-04-15 14:37 - 2012-10-16 22:05 - 00000000 ____D () C:\Users\Murdoc\Graphisoft
2014-04-15 11:01 - 2012-08-06 22:57 - 00669736 _____ () C:\Windows\system32\perfh005.dat
2014-04-15 11:01 - 2012-08-06 22:57 - 00141336 _____ () C:\Windows\system32\perfc005.dat
2014-04-15 11:01 - 2009-07-14 07:13 - 01585238 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-14 20:13 - 2014-04-18 19:29 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-18 19:29 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-18 19:29 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-18 19:29 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 07:59 - 2012-10-16 22:56 - 00000000 ____D () C:\Users\Murdoc\Documents\BIMx
2014-04-10 08:08 - 2013-11-10 17:15 - 00002194 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-09 21:32 - 2012-10-16 22:05 - 00000000 ____D () C:\Users\Murdoc\AppData\Roaming\Graphisoft
2014-04-09 21:30 - 2012-10-16 16:16 - 00015406 _____ () C:\Windows\vpd.properties
2014-04-09 21:28 - 2012-10-16 16:10 - 00000000 ____D () C:\Users\Murdoc\AppData\Roaming\Install.GS
2014-04-09 21:23 - 2014-04-09 21:23 - 00001069 _____ () C:\Users\Public\Desktop\ArchiCAD 16.lnk
2014-04-09 20:55 - 2012-10-16 22:55 - 00000000 ____D () C:\Program Files (x86)\GRAPHISOFT
2014-04-09 20:55 - 2012-10-16 22:52 - 00000000 ____D () C:\Program Files\GRAPHISOFT
2014-04-09 20:54 - 2014-04-09 20:54 - 00000000 ____D () C:\Program Files\WIBU-SYSTEMS
2014-04-09 20:54 - 2014-04-09 20:54 - 00000000 ____D () C:\Program Files (x86)\WIBU-SYSTEMS
2014-04-09 20:54 - 2012-10-17 10:38 - 00000000 ____D () C:\Program Files (x86)\WIBUKEY
2014-04-09 20:36 - 2014-02-12 16:49 - 00000000 ____D () C:\ProgramData\ArcSoft
2014-04-08 14:42 - 2013-11-02 00:22 - 00000000 ____D () C:\Users\Murdoc\AppData\Roaming\qtscrob
2014-04-08 09:44 - 2014-02-24 22:05 - 00000000 ____D () C:\Users\Murdoc\AppData\Local\cache
2014-04-08 09:44 - 2013-11-18 23:24 - 00112582 _____ () C:\Windows\system32\webservice4.log
2014-04-07 23:03 - 2014-04-07 23:02 - 17293904 _____ () C:\Users\Murdoc\Documents\DIPLOMKA STUDIE 2.skp
2014-04-06 21:24 - 2013-06-03 13:50 - 00000000 ____D () C:\Program Files\Artlantis Studio 4
2014-04-06 21:21 - 2014-04-06 21:21 - 00000000 ____D () C:\Program Files\Uninstall.AC
2014-04-06 20:59 - 2013-12-01 11:07 - 00000054 _____ () C:\Users\Murdoc\Desktop\dary.txt
2014-04-06 20:52 - 2014-04-06 20:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-06 20:52 - 2013-07-27 08:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-06 20:52 - 2012-08-06 23:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-06 19:13 - 2014-04-06 19:13 - 00001544 _____ () C:\Users\Murdoc\Desktop\Artlantis Studio.lnk
2014-04-03 23:36 - 2012-10-16 12:15 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-03 13:28 - 2012-08-07 00:06 - 00003962 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-03 13:28 - 2012-08-07 00:06 - 00003710 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-02 23:27 - 2012-10-16 12:03 - 00000000 ____D () C:\Users\Murdoc\AppData\Local\Adobe
2014-03-30 23:17 - 2013-12-16 09:16 - 00000000 ____D () C:\Users\Murdoc\AppData\Roaming\Spotify
2014-03-30 23:06 - 2012-10-16 17:37 - 00000000 ____D () C:\Users\Murdoc\AppData\Roaming\Skype
2014-03-30 17:52 - 2012-10-16 22:05 - 00000000 ____D () C:\Users\Murdoc\AppData\Local\Graphisoft
2014-03-28 13:28 - 2014-03-28 13:28 - 00001987 _____ () C:\Users\Murdoc\Desktop\ArchiCAD 17.lnk
2014-03-28 10:02 - 2014-03-28 09:58 - 00000000 ____D () C:\Program Files (x86)\PDF Editor 4
2014-03-28 09:58 - 2014-03-28 09:58 - 00082072 _____ () C:\Windows\cadkasdeinst01e.exe
2014-03-28 09:58 - 2014-03-28 09:58 - 00001041 _____ () C:\Users\UpdatusUser\Desktop\PDF Editor 3.3.lnk
2014-03-28 09:58 - 2014-03-28 09:58 - 00000000 ____D () C:\Users\Murdoc\AppData\Roaming\CAD-KAS
2014-03-25 18:27 - 2014-03-25 18:27 - 00046450 _____ () C:\Users\Public\Documents\cc_20140325_172701.reg
2014-03-25 18:25 - 2011-02-24 19:03 - 00000000 ____D () C:\Windows\Panther
2014-03-25 18:24 - 2012-11-22 09:20 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-25 18:24 - 2012-11-22 09:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-25 17:59 - 2014-03-25 17:59 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-03-25 10:59 - 2014-03-25 10:58 - 00062790 _____ () C:\Users\Murdoc\AppData\Local\1395737931063usageLogSubmitter.log
2014-03-24 14:23 - 2013-12-16 09:23 - 00000000 ____D () C:\Users\Murdoc\AppData\Local\Spotify

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.1932.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Murdoc\Desktop" je 3 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#6 Příspěvek od **vyosek** » 24 dub 2014 08:01

A byl flash disk (pismeno G:\) zapojen kdyz se spoustel USBFix

V logu totit neni videt

Tohle USB Disk Security odinstalujte

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-07] (Google Inc.)
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\Run: [Spotify Web Helper] => C:\Users\Murdoc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-20] (Spotify Ltd)
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\Policies\Explorer: []
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\MountPoints2: {77761f27-1ed1-11e2-a4a0-08edb9a70762} - E:\Setup.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com/ig/redirectdomain ... &bmod=KMOH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs =
HKCU\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages =
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7KMOH_csCZ506
SearchScopes: HKCU - ${searchCLSID} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7KMOH_csCZ506

U3 BcmSqlStartupSvc;
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
U2 DriverService;
U2 iATAgentService;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 Oasis2Service;
U2 PCCarerService;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SeaPort;
U2 SoftwareService;
U3 SQLWriter;

2014-04-23 13:00 - 2014-04-23 13:00 - 00112640 _____ (forum.viry.cz) C:\Users\Murdoc\Desktop\FRSTLauncher.exe
2014-04-22 23:53 - 2014-04-22 23:53 - 00013722 _____ () C:\Users\Murdoc\Desktop\UsbFix [Clean 3] MURDOC-NTB.txt
2014-04-22 23:35 - 2014-04-22 23:52 - 00013722 _____ () C:\UsbFix [Clean 3] MURDOC-NTB.txt
2014-04-22 18:47 - 2014-04-22 18:47 - 00003089 _____ () C:\Users\Murdoc\Desktop\AdwCleaner[S0].txt
2014-04-22 18:28 - 2014-04-22 18:28 - 00002769 _____ () C:\Users\Murdoc\Desktop\JRT.txt
2014-04-22 17:56 - 2014-04-22 17:56 - 00010942 ____N () C:\UsbFix [Clean 2] MURDOC-NTB.txt
2014-04-22 17:33 - 2014-04-22 17:34 - 00011768 ____N () C:\UsbFix [Clean 1] MURDOC-NTB.txt
2014-04-19 19:41 - 2014-04-19 19:41 - 00001081 _____ () C:\Users\Public\Desktop\USB Disk Security.lnk
2014-04-19 19:41 - 2014-04-19 19:41 - 00000000 ____D () C:\Users\Murdoc\AppData\Roaming\Zbshareware Lab
2014-04-19 19:41 - 2014-04-19 19:41 - 00000000 ____D () C:\Program Files (x86)\USB Disk Security

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Murdoc · #7 Příspěvek od **Murdoc** » 24 dub 2014 17:42

ano flashka tam určitě byla

vidím ji tam. ale jen hned na začátku, pak už nic.

Murdoc píše: C:\ (%systemdrive%) -> Fixed drive # 886 Gb (377 Mb free - 43%) [Windows7_OS] # NTFS
D:\ -> Fixed drive # 25 Gb (22 Mb free - 87%) [LENOVO] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> Removable drive # 4 Gb (2 Mb free - 56%) [] # FAT32

Zde fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-04-2014
Ran by Murdoc at 2014-04-24 17:07:27 Run:1
Running from C:\Users\Murdoc\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-07] (Google Inc.)
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\Run: [Spotify Web Helper] => C:\Users\Murdoc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-20] (Spotify Ltd)
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\Policies\Explorer: []
HKU\S-1-5-21-673523585-3230307534-867329203-1001\...\MountPoints2: {77761f27-1ed1-11e2-a4a0-08edb9a70762} - E:\Setup.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com/ig/redirectdomain ... &bmod=KMOH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs =
HKCU\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages =
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=i ... OH_csCZ506
SearchScopes: HKCU - ${searchCLSID} URL = http://search.live.com/results.aspx?q={ ... rer:source?}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=i ... OH_csCZ506

U3 BcmSqlStartupSvc;
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
U2 DriverService;
U2 iATAgentService;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 Oasis2Service;
U2 PCCarerService;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SeaPort;
U2 SoftwareService;
U3 SQLWriter;

2014-04-23 13:00 - 2014-04-23 13:00 - 00112640 _____ (forum.viry.cz) C:\Users\Murdoc\Desktop\FRSTLauncher.exe
2014-04-22 23:53 - 2014-04-22 23:53 - 00013722 _____ () C:\Users\Murdoc\Desktop\UsbFix [Clean 3] MURDOC-NTB.txt
2014-04-22 23:35 - 2014-04-22 23:52 - 00013722 _____ () C:\UsbFix [Clean 3] MURDOC-NTB.txt
2014-04-22 18:47 - 2014-04-22 18:47 - 00003089 _____ () C:\Users\Murdoc\Desktop\AdwCleaner[S0].txt
2014-04-22 18:28 - 2014-04-22 18:28 - 00002769 _____ () C:\Users\Murdoc\Desktop\JRT.txt
2014-04-22 17:56 - 2014-04-22 17:56 - 00010942 ____N () C:\UsbFix [Clean 2] MURDOC-NTB.txt
2014-04-22 17:33 - 2014-04-22 17:34 - 00011768 ____N () C:\UsbFix [Clean 1] MURDOC-NTB.txt
2014-04-19 19:41 - 2014-04-19 19:41 - 00001081 _____ () C:\Users\Public\Desktop\USB Disk Security.lnk
2014-04-19 19:41 - 2014-04-19 19:41 - 00000000 ____D () C:\Users\Murdoc\AppData\Roaming\Zbshareware Lab
2014-04-19 19:41 - 2014-04-19 19:41 - 00000000 ____D () C:\Program Files (x86)\USB Disk Security

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui => Value deleted successfully.
HKU\S-1-5-21-673523585-3230307534-867329203-1001\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKU\S-1-5-21-673523585-3230307534-867329203-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-673523585-3230307534-867329203-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper => Value deleted successfully.
HKU\S-1-5-21-673523585-3230307534-867329203-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Autodesk Sync => Value deleted successfully.
HKU\S-1-5-21-673523585-3230307534-867329203-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => Value deleted successfully.
HKU\S-1-5-21-673523585-3230307534-867329203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{77761f27-1ed1-11e2-a4a0-08edb9a70762} => Key deleted successfully.
HKCR\CLSID\{77761f27-1ed1-11e2-a4a0-08edb9a70762} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search bar => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\${searchCLSID} => Key deleted successfully.
HKCR\CLSID\${searchCLSID} => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
BcmSqlStartupSvc => Service deleted successfully.
CLKMSVC10_3A60B698 => Service deleted successfully.
CLKMSVC10_C3B3B687 => Service deleted successfully.
clwvd => Service deleted successfully.
DriverService => Service deleted successfully.
iATAgentService => Service deleted successfully.
idealife Update Service => Service deleted successfully.
IGRS => Service deleted successfully.
IviRegMgr => Service deleted successfully.
Oasis2Service => Service deleted successfully.
PCCarerService => Service deleted successfully.
ReadyComm.DirectRouter => Service deleted successfully.
RichVideo => Service deleted successfully.
RtLedService => Service deleted successfully.
SeaPort => Service deleted successfully.
SoftwareService => Service deleted successfully.
SQLWriter => Service deleted successfully.
"C:\Users\Murdoc\Desktop\FRSTLauncher.exe" => File/Directory not found.
C:\Users\Murdoc\Desktop\UsbFix [Clean 3] MURDOC-NTB.txt => Moved successfully.
C:\UsbFix [Clean 3] MURDOC-NTB.txt => Moved successfully.
C:\Users\Murdoc\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\Users\Murdoc\Desktop\JRT.txt => Moved successfully.
C:\UsbFix [Clean 2] MURDOC-NTB.txt => Moved successfully.
C:\UsbFix [Clean 1] MURDOC-NTB.txt => Moved successfully.
C:\Users\Public\Desktop\USB Disk Security.lnk => Moved successfully.
C:\Users\Murdoc\AppData\Roaming\Zbshareware Lab => Moved successfully.
C:\Program Files (x86)\USB Disk Security => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\AutoKMS.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

#8 Příspěvek od **vyosek** » 24 dub 2014 18:02

Pripojit flash disk

Stahnete SytemLook http://jpshortstuff.247fixes.com/SystemLook.exe a ulozte jej na plochu

Do okna vlozte skript nize
Kód: Vybrat vše
```
:dir
G:\
```
Kliknete na Look
Tlacitko Look se zmeni na Scanning a zsedne
Pockejte pokud se tlacitko Scanning opet nezmeni na Look - tak poznate ze SystemLook dokoncil svou praci
Vyskoci na Vas log s nazvem SystemLook (pripadne bude ulozen na plose), jeho obsah mi sem vlozte

Murdoc · #9 Příspěvek od **Murdoc** » 24 dub 2014 21:36

SystemLook 30.07.11 by jpshortstuff
Log created at 22:35 on 24/04/2014 by Murdoc
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== dir ==========

G: - Parameters: "(none)"

---Files---
(Petr Bíza) Rekapitulace a Jízdenka.pdf ---hs-- 230766 bytes [09:25 19/06/2013] [15:17 23/03/2012]
_2_podstatna_jmena-_prechylovani.ppt ---hs-- 154624 bytes [09:25 19/06/2013] [11:37 12/10/2011]
_3_Sloveso_SER_shrnuti_.ppt ---hs-- 143360 bytes [09:25 19/06/2013] [11:36 12/10/2011]
BD04_tabulka_14_10.pdf ---hs-- 355705 bytes [09:25 19/06/2013] [06:17 07/12/2011]
BD04_tabulky.pdf ---hs-- 725439 bytes [09:25 19/06/2013] [06:17 07/12/2011]
Beton - základová patka ELISKA.xlsx ---hs-- 47065 bytes [09:25 19/06/2013] [18:56 21/04/2012]
Beton - základová patka.xls ---hs-- 92160 bytes [09:25 19/06/2013] [11:12 30/04/2012]
Beton.pln ---hs-- 984112 bytes [09:25 19/06/2013] [11:56 12/04/2011]
DETAIL VODOVODNÍ PŘÍPOJKY.pln ---hs-- 1529856 bytes [09:25 19/06/2013] [19:19 24/04/2011]
diagram strecha.xlsx ---hs-- 11787 bytes [09:25 19/06/2013] [12:53 10/12/2011]
diagram vykopy.xlsx ---hs-- 12748 bytes [09:25 19/06/2013] [06:14 17/10/2011]
etiketa.docx ---hs-- 52337 bytes [09:25 19/06/2013] [10:18 13/12/2009]
Hodonín (Mutěnice) - Bíza, Bravenec.docx ---hs-- 1706672 bytes [09:25 19/06/2013] [08:48 07/05/2010]
img003.jpg ---hs-- 288004 bytes [09:25 19/06/2013] [07:42 05/05/2011]
mechanika zemin 16.pdf ---hs-- 267645 bytes [09:25 19/06/2013] [13:27 26/04/2011]
MECHZEM 16.xlsx ---hs-- 23527 bytes [09:25 19/06/2013] [11:15 26/04/2011]
MOCNY EXCEL vse.xls ---hs-- 81408 bytes [09:25 19/06/2013] [13:34 01/06/2011]
Mutěnští mládenci.docx ---hs-- 12405 bytes [09:25 19/06/2013] [12:14 22/11/2009]
navrh bedneni.jpg ---hs-- 185408 bytes [09:25 19/06/2013] [23:46 23/10/2011]
pozemak.pdf ---hs-- 265573 bytes [09:25 19/06/2013] [11:53 24/03/2011]
řez.pdf ---hs-- 222889 bytes [09:25 19/06/2013] [11:18 20/04/2011]
seminárka.docx ---hs-- 26811 bytes [09:25 19/06/2013] [08:45 28/03/2013]
strop, panely.pdf ---hs-- 242809 bytes [09:25 19/06/2013] [06:31 14/04/2011]
strop.pdf ---hs-- 264176 bytes [09:25 19/06/2013] [13:08 24/03/2011]
technická zpráva.docx ---hs-- 16449 bytes [09:25 19/06/2013] [19:33 24/04/2011]
TECHNOLOGICKÝ PŘEDPIS PRO DŘEVĚNÝ KROV.docx ---hs-- 29213 bytes [09:25 19/06/2013] [00:50 12/12/2011]
TECHNOLOGICKÝ PŘEDPIS PRO MONOLITICKÝ ŽELEZOBETONOVÝ STROP.doc ---hs-- 310784 bytes [09:25 19/06/2013] [06:41 05/12/2011]
TECHNOLOGICKÝ PŘEDPIS PRO MONOLITICKÝ ŽELEZOBETONOVÝ STROP.docx ---hs-- 270847 bytes [09:25 19/06/2013] [13:40 13/11/2011]
TECHNOLOGICKÝ PŘEDPIS PRO ZDĚNÍ TYPICKÉHO PODLAŽI.doc ---hs-- 160768 bytes [09:25 19/06/2013] [05:05 31/10/2011]
TECHNOLOGICKÝ PŘEDPIS PRO ZEMNÍ PRÁCE.doc ---hs-- 242176 bytes [09:25 19/06/2013] [05:22 17/10/2011]
TECHNOLOGICKÝ PŘEDPIS PRO ZEMNÍ PRÁCE.docx ---hs-- 271546 bytes [09:25 19/06/2013] [22:42 02/10/2011]
TECHNOLOGICKÝ PŘEDPIS PRO ŽELEZOBETONOVÉ MONOLITICKÉ ZÁKLADY.doc ---hs-- 54784 bytes [09:25 19/06/2013] [05:16 24/10/2011]
TECHNOLOGICKÝ PŘEDPIS PRO ŽELEZOBETONOVÉ MONOLITICKÉ ZÁKLADY.docx ---hs-- 20190 bytes [09:25 19/06/2013] [15:00 16/10/2011]
TITULKA,SEZNAMY.docx ---hs-- 874639 bytes [09:25 19/06/2013] [09:54 30/04/2012]
TZB.pln ---hs-- 1998960 bytes [09:25 19/06/2013] [19:50 10/10/2011]
TZB.pln.lck ---hs-- 60 bytes [09:25 19/06/2013] [06:29 11/10/2011]
Vvnitřní vodovod.pln ---hs-- 2035072 bytes [09:25 19/06/2013] [19:33 24/04/2011]
VYKRESY.pln ---hs-- 757776 bytes [09:25 19/06/2013] [11:56 12/04/2011]
Ticketpro-eTicket-4311047.pdf ---hs-- 115913 bytes [10:29 28/03/2014] [14:42 20/01/2014]
VýstřižekSLEVA.PNG ---hs-- 90955 bytes [07:19 16/04/2014] [07:19 16/04/2014]
pohledy, zdroje, 6. cviko¨mára.dwg ---hs-- 30233 bytes [08:31 08/04/2014] [08:31 08/04/2014]
Zadání příkladů_cvičení č.2.doc ---hs-- 46592 bytes [07:14 15/10/2013] [07:14 15/10/2013]
~$Sešit1.xlsx tom.xlsx ---hs-- 165 bytes [09:46 13/11/2013] [09:46 13/11/2013]
cnz-staz-protokol-prijeti02.pdf ---hs-- 71109 bytes [05:30 26/02/2014] [12:31 25/02/2014]
ST_8_L.xls ---hs-- 341504 bytes [07:19 26/02/2014] [09:02 05/03/2014]
Protokol Hurdis jirĚŚiĚ.xlsx ---hs-- 3912342 bytes [08:02 05/03/2014] [08:00 05/03/2014]
~$Protokol Hurdis jirĚŚiĚ.xlsx ---hs-- 165 bytes [08:02 05/03/2014] [08:03 05/03/2014]
Nový.dls --a---- 4267 bytes [11:06 24/04/2014] [11:17 24/04/2014]
WDLS.zip --a---- 38845 bytes [11:30 24/04/2014] [11:25 24/04/2014]

---Folders---
BETON d--hs-- [09:23 19/06/2013]
BETON III d--hs-- [09:23 19/06/2013]
betron II d--hs-- [09:23 19/06/2013]
-ja d--hs-- [09:23 19/06/2013]
Mutěnice d--hs-- [09:23 19/06/2013]
NAUKA I d--hs-- [09:24 19/06/2013]
NAUKA II d--hs-- [09:24 19/06/2013]
Pozemak d--hs-- [09:24 19/06/2013]
POZEMÁK II d--hs-- [09:24 19/06/2013]
POZEMÁK III d--hs-- [09:24 19/06/2013]
požárko d--hs-- [09:24 19/06/2013]
Projekt d--hs-- [09:24 19/06/2013]
REALIZACE STAVEB d--hs-- [09:24 19/06/2013]
rekonstrukce d--hs-- [09:24 19/06/2013]
techno II d--hs-- [09:24 19/06/2013]
tepelna technika d--hs-- [09:24 19/06/2013]
TZB d--hs-- [09:24 19/06/2013]
TZB II d--hs-- [09:24 19/06/2013]
TZB III d--hs-- [09:24 19/06/2013]
valtice 2012 d--hs-- [09:25 19/06/2013]
VODA - HOTOVO d--hs-- [09:25 19/06/2013]
TABY, AKORDY d--hs-- [15:43 31/03/2014]
KOVYII d--hs-- [21:36 07/10/2013]
OCEŇOVÁNÍ d--hs-- [07:24 09/10/2013]
- USI - d--hs-- [07:10 24/10/2013]
PŘEDPJAŤÁK d--hs-- [06:06 12/12/2013]
INF II d--hs-- [15:28 17/02/2014]
- DIPLOMKA - d--hs-- [12:01 19/02/2014]
POČÍTAČOVÁ APLIKACE STF d--hs-- [09:46 20/02/2014]
- STÁŽ - d--hs-- [13:53 24/02/2014]
PROSTOROVÁ AKUSTIKA d--hs-- [05:26 25/02/2014]
APL FYZIKA d--hs-- [05:28 26/02/2014]
VÝSTAVBA d--hs-- [13:00 06/03/2014]
MODERNÍ STM d--hs-- [05:38 26/03/2014]
MAMKA d--hs-- [10:35 30/03/2014]
WDLS d------ [11:30 24/04/2014]

-= EOF =-

#10 Příspěvek od **vyosek** » 28 dub 2014 11:08

Znovu vytvorit fixlist s timto obsahem

Kód: Vybrat vše

CMD: attrib -s -h "G:\(Petr Bíza) Rekapitulace a Jízdenka.pdf"
CMD: attrib -s -h "G:\_2_podstatna_jmena-_prechylovani.ppt"
CMD: attrib -s -h "G:\_3_Sloveso_SER_shrnuti_.ppt"
CMD: attrib -s -h "G:\BD04_tabulka_14_10.pdf"
CMD: attrib -s -h "G:\BD04_tabulky.pdf"
CMD: attrib -s -h "G:\Beton - základová patka ELISKA.xlsx"
CMD: attrib -s -h "G:\Beton - základová patka.xls"
CMD: attrib -s -h "G:\Beton.pln"
CMD: attrib -s -h "G:\DETAIL VODOVODNÍ PŘÍPOJKY.pln"
CMD: attrib -s -h "G:\diagram strecha.xlsx"
CMD: attrib -s -h "G:\diagram vykopy.xlsx"
CMD: attrib -s -h "G:\etiketa.docx"
CMD: attrib -s -h "G:\Hodonín (Mutěnice)"
CMD: attrib -s -h "G:\img003.jpg"
CMD: attrib -s -h "G:\mechanika zemin 16.pdf"
CMD: attrib -s -h "G:\MECHZEM 16.xlsx"
CMD: attrib -s -h "G:\MOCNY EXCEL vse.xls"
CMD: attrib -s -h "G:\Mutěnští mládenci.docx"
CMD: attrib -s -h "G:\navrh bedneni.jpg"
CMD: attrib -s -h "G:\pozemak.pdf"
CMD: attrib -s -h "G:\řez.pdf"
CMD: attrib -s -h "G:\seminárka.docx"
CMD: attrib -s -h "G:\strop, panely.pdf"
CMD: attrib -s -h "G:\strop.pdf"
CMD: attrib -s -h "G:\technická zpráva.docx"
CMD: attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO DŘEVĚNÝ KROV.docx"
CMD: attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO MONOLITICKÝ ŽELEZOBETONOVÝ STROP.doc"
CMD: attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO MONOLITICKÝ ŽELEZOBETONOVÝ STROP.docx"
CMD: attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO ZDĚNÍ TYPICKÉHO PODLAŽI.doc"
CMD: attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO ZEMNÍ PRÁCE.doc"
CMD: attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO ZEMNÍ PRÁCE.docx"
CMD: attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO ŽELEZOBETONOVÉ MONOLITICKÉ ZÁKLADY.doc"
CMD: attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO ŽELEZOBETONOVÉ MONOLITICKÉ ZÁKLADY.docx"
CMD: attrib -s -h "G:\TITULKA,SEZNAMY.docx"
CMD: attrib -s -h "G:\TZB.pln"
CMD: attrib -s -h "G:\TZB.pln.lck"
CMD: attrib -s -h "G:\Vvnitřní vodovod.pln"
CMD: attrib -s -h "G:\VYKRESY.pln"
CMD: attrib -s -h "G:\Ticketpro-eTicket-4311047.pdf"
CMD: attrib -s -h "G:\VýstřižekSLEVA.PNG"
CMD: attrib -s -h "G:\pohledy, zdroje, 6. cviko¨mára.dwg"
CMD: attrib -s -h "G:\Zadání příkladů_cvičení č.2.doc"
CMD: attrib -s -h "G:\~$Sešit1.xlsx tom.xlsx"
CMD: attrib -s -h "G:\cnz-staz-protokol-prijeti02.pdf"
CMD: attrib -s -h "G:\ST_8_L.xls"
CMD: attrib -s -h "G:\Protokol Hurdis jirĚŚiĚ.xlsx"
CMD: attrib -s -h "G:\~$Protokol Hurdis jirĚŚiĚ.xlsx"

CMD: attrib -s -h "G:\BETON"
CMD: attrib -s -h "G:\BETON III"
CMD: attrib -s -h "G:\betron II"
CMD: attrib -s -h "G:\-ja"
CMD: attrib -s -h "G:\Mutěnice"
CMD: attrib -s -h "G:\NAUKA I"
CMD: attrib -s -h "G:\NAUKA II"
CMD: attrib -s -h "G:\Pozemak"
CMD: attrib -s -h "G:\POZEMÁK II"
CMD: attrib -s -h "G:\POZEMÁK III"
CMD: attrib -s -h "G:\požárko"
CMD: attrib -s -h "G:\Projekt"
CMD: attrib -s -h "G:\REALIZACE STAVEB"
CMD: attrib -s -h "G:\rekonstrukce"
CMD: attrib -s -h "G:\techno II"
CMD: attrib -s -h "G:\tepelna technika"
CMD: attrib -s -h "G:\TZB"
CMD: attrib -s -h "G:\TZB II"
CMD: attrib -s -h "G:\TZB III"
CMD: attrib -s -h "G:\valtice 2012"
CMD: attrib -s -h "G:\VODA - HOTOVO"
CMD: attrib -s -h "G:\TABY, AKORDY"
CMD: attrib -s -h "G:\KOVYII"
CMD: attrib -s -h "G:\OCEŇOVÁNÍ"
CMD: attrib -s -h "G:\- USI"
CMD: attrib -s -h "G:\PŘEDPJAŤÁK"
CMD: attrib -s -h "G:\INF II"
CMD: attrib -s -h "G:\- DIPLOMKA"
CMD: attrib -s -h "G:\POČÍTAČOVÁ APLIKACE STF"
CMD: attrib -s -h "G:\- STÁŽ"
CMD: attrib -s -h "G:\PROSTOROVÁ AKUSTIKA"
CMD: attrib -s -h "G:\APL FYZIKA"
CMD: attrib -s -h "G:\VÝSTAVBA"
CMD: attrib -s -h "G:\MODERNÍ STM"
CMD: attrib -s -h "G:\MAMKA"

Pripojit flash disk

Spustit FRST a klik na Fix

Murdoc · #11 Příspěvek od **Murdoc** » 28 dub 2014 11:28

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-04-2014
Ran by Murdoc at 2014-04-28 12:27:20 Run:2
Running from C:\Users\Murdoc\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CMD: attrib -s -h "G:\(Petr Bíza) Rekapitulace a Jízdenka.pdf"
CMD: attrib -s -h "G:\_2_podstatna_jmena-_prechylovani.ppt"
CMD: attrib -s -h "G:\_3_Sloveso_SER_shrnuti_.ppt"
CMD: attrib -s -h "G:\BD04_tabulka_14_10.pdf"
CMD: attrib -s -h "G:\BD04_tabulky.pdf"
CMD: attrib -s -h "G:\Beton - základová patka ELISKA.xlsx"
CMD: attrib -s -h "G:\Beton - základová patka.xls"
CMD: attrib -s -h "G:\Beton.pln"
CMD: attrib -s -h "G:\DETAIL VODOVODNÍ PŘÍPOJKY.pln"
CMD: attrib -s -h "G:\diagram strecha.xlsx"
CMD: attrib -s -h "G:\diagram vykopy.xlsx"
CMD: attrib -s -h "G:\etiketa.docx"
CMD: attrib -s -h "G:\Hodonín (Mutěnice)"
CMD: attrib -s -h "G:\img003.jpg"
CMD: attrib -s -h "G:\mechanika zemin 16.pdf"
CMD: attrib -s -h "G:\MECHZEM 16.xlsx"
CMD: attrib -s -h "G:\MOCNY EXCEL vse.xls"
CMD: attrib -s -h "G:\Mutěnští mládenci.docx"
CMD: attrib -s -h "G:\navrh bedneni.jpg"
CMD: attrib -s -h "G:\pozemak.pdf"
CMD: attrib -s -h "G:\řez.pdf"
CMD: attrib -s -h "G:\seminárka.docx"
CMD: attrib -s -h "G:\strop, panely.pdf"
CMD: attrib -s -h "G:\strop.pdf"
CMD: attrib -s -h "G:\technická zpráva.docx"
CMD: attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO DŘEVĚNÝ KROV.docx"
CMD: attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO MONOLITICKÝ ŽELEZOBETONOVÝ STROP.doc"
CMD: attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO MONOLITICKÝ ŽELEZOBETONOVÝ STROP.docx"
CMD: attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO ZDĚNÍ TYPICKÉHO PODLAŽI.doc"
CMD: attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO ZEMNÍ PRÁCE.doc"
CMD: attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO ZEMNÍ PRÁCE.docx"
CMD: attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO ŽELEZOBETONOVÉ MONOLITICKÉ ZÁKLADY.doc"
CMD: attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO ŽELEZOBETONOVÉ MONOLITICKÉ ZÁKLADY.docx"
CMD: attrib -s -h "G:\TITULKA,SEZNAMY.docx"
CMD: attrib -s -h "G:\TZB.pln"
CMD: attrib -s -h "G:\TZB.pln.lck"
CMD: attrib -s -h "G:\Vvnitřní vodovod.pln"
CMD: attrib -s -h "G:\VYKRESY.pln"
CMD: attrib -s -h "G:\Ticketpro-eTicket-4311047.pdf"
CMD: attrib -s -h "G:\VýstřižekSLEVA.PNG"
CMD: attrib -s -h "G:\pohledy, zdroje, 6. cviko¨mára.dwg"
CMD: attrib -s -h "G:\Zadání příkladů_cvičení č.2.doc"
CMD: attrib -s -h "G:\~$Sešit1.xlsx tom.xlsx"
CMD: attrib -s -h "G:\cnz-staz-protokol-prijeti02.pdf"
CMD: attrib -s -h "G:\ST_8_L.xls"
CMD: attrib -s -h "G:\Protokol Hurdis jirĚŚiĚ.xlsx"
CMD: attrib -s -h "G:\~$Protokol Hurdis jirĚŚiĚ.xlsx"

CMD: attrib -s -h "G:\BETON"
CMD: attrib -s -h "G:\BETON III"
CMD: attrib -s -h "G:\betron II"
CMD: attrib -s -h "G:\-ja"
CMD: attrib -s -h "G:\Mutěnice"
CMD: attrib -s -h "G:\NAUKA I"
CMD: attrib -s -h "G:\NAUKA II"
CMD: attrib -s -h "G:\Pozemak"
CMD: attrib -s -h "G:\POZEMÁK II"
CMD: attrib -s -h "G:\POZEMÁK III"
CMD: attrib -s -h "G:\požárko"
CMD: attrib -s -h "G:\Projekt"
CMD: attrib -s -h "G:\REALIZACE STAVEB"
CMD: attrib -s -h "G:\rekonstrukce"
CMD: attrib -s -h "G:\techno II"
CMD: attrib -s -h "G:\tepelna technika"
CMD: attrib -s -h "G:\TZB"
CMD: attrib -s -h "G:\TZB II"
CMD: attrib -s -h "G:\TZB III"
CMD: attrib -s -h "G:\valtice 2012"
CMD: attrib -s -h "G:\VODA - HOTOVO"
CMD: attrib -s -h "G:\TABY, AKORDY"
CMD: attrib -s -h "G:\KOVYII"
CMD: attrib -s -h "G:\OCEŇOVÁNÍ"
CMD: attrib -s -h "G:\- USI"
CMD: attrib -s -h "G:\PŘEDPJAŤÁK"
CMD: attrib -s -h "G:\INF II"
CMD: attrib -s -h "G:\- DIPLOMKA"
CMD: attrib -s -h "G:\POČÍTAČOVÁ APLIKACE STF"
CMD: attrib -s -h "G:\- STÁŽ"
CMD: attrib -s -h "G:\PROSTOROVÁ AKUSTIKA"
CMD: attrib -s -h "G:\APL FYZIKA"
CMD: attrib -s -h "G:\VÝSTAVBA"
CMD: attrib -s -h "G:\MODERNÍ STM"
CMD: attrib -s -h "G:\MAMKA"
*****************

========= attrib -s -h "G:\(Petr Bíza) Rekapitulace a Jízdenka.pdf" =========

========= End of CMD: =========

========= attrib -s -h "G:\_2_podstatna_jmena-_prechylovani.ppt" =========

========= End of CMD: =========

========= attrib -s -h "G:\_3_Sloveso_SER_shrnuti_.ppt" =========

========= End of CMD: =========

========= attrib -s -h "G:\BD04_tabulka_14_10.pdf" =========

========= End of CMD: =========

========= attrib -s -h "G:\BD04_tabulky.pdf" =========

========= End of CMD: =========

========= attrib -s -h "G:\Beton - základová patka ELISKA.xlsx" =========

========= End of CMD: =========

========= attrib -s -h "G:\Beton - základová patka.xls" =========

========= End of CMD: =========

========= attrib -s -h "G:\Beton.pln" =========

========= End of CMD: =========

========= attrib -s -h "G:\DETAIL VODOVODNÍ PŘÍPOJKY.pln" =========

========= End of CMD: =========

========= attrib -s -h "G:\diagram strecha.xlsx" =========

========= End of CMD: =========

========= attrib -s -h "G:\diagram vykopy.xlsx" =========

========= End of CMD: =========

========= attrib -s -h "G:\etiketa.docx" =========

========= End of CMD: =========

========= attrib -s -h "G:\Hodonín (Mutěnice)" =========

Soubor nebyl nalezen - G:\Hodon�n (Mut�nice).

========= End of CMD: =========

========= attrib -s -h "G:\img003.jpg" =========

========= End of CMD: =========

========= attrib -s -h "G:\mechanika zemin 16.pdf" =========

========= End of CMD: =========

========= attrib -s -h "G:\MECHZEM 16.xlsx" =========

========= End of CMD: =========

========= attrib -s -h "G:\MOCNY EXCEL vse.xls" =========

========= End of CMD: =========

========= attrib -s -h "G:\Mutěnští mládenci.docx" =========

========= End of CMD: =========

========= attrib -s -h "G:\navrh bedneni.jpg" =========

========= End of CMD: =========

========= attrib -s -h "G:\pozemak.pdf" =========

========= End of CMD: =========

========= attrib -s -h "G:\řez.pdf" =========

========= End of CMD: =========

========= attrib -s -h "G:\seminárka.docx" =========

========= End of CMD: =========

========= attrib -s -h "G:\strop, panely.pdf" =========

========= End of CMD: =========

========= attrib -s -h "G:\strop.pdf" =========

========= End of CMD: =========

========= attrib -s -h "G:\technická zpráva.docx" =========

========= End of CMD: =========

========= attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO DŘEVĚNÝ KROV.docx" =========

========= End of CMD: =========

========= attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO MONOLITICKÝ ŽELEZOBETONOVÝ STROP.doc" =========

========= End of CMD: =========

========= attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO MONOLITICKÝ ŽELEZOBETONOVÝ STROP.docx" =========

========= End of CMD: =========

========= attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO ZDĚNÍ TYPICKÉHO PODLAŽI.doc" =========

========= End of CMD: =========

========= attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO ZEMNÍ PRÁCE.doc" =========

========= End of CMD: =========

========= attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO ZEMNÍ PRÁCE.docx" =========

========= End of CMD: =========

========= attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO ŽELEZOBETONOVÉ MONOLITICKÉ ZÁKLADY.doc" =========

========= End of CMD: =========

========= attrib -s -h "G:\TECHNOLOGICKÝ PŘEDPIS PRO ŽELEZOBETONOVÉ MONOLITICKÉ ZÁKLADY.docx" =========

========= End of CMD: =========

========= attrib -s -h "G:\TITULKA,SEZNAMY.docx" =========

========= End of CMD: =========

========= attrib -s -h "G:\TZB.pln" =========

========= End of CMD: =========

========= attrib -s -h "G:\TZB.pln.lck" =========

========= End of CMD: =========

========= attrib -s -h "G:\Vvnitřní vodovod.pln" =========

========= End of CMD: =========

========= attrib -s -h "G:\VYKRESY.pln" =========

========= End of CMD: =========

========= attrib -s -h "G:\Ticketpro-eTicket-4311047.pdf" =========

========= End of CMD: =========

========= attrib -s -h "G:\VýstřižekSLEVA.PNG" =========

========= End of CMD: =========

========= attrib -s -h "G:\pohledy, zdroje, 6. cviko¨mára.dwg" =========

========= End of CMD: =========

========= attrib -s -h "G:\Zadání příkladů_cvičení č.2.doc" =========

========= End of CMD: =========

========= attrib -s -h "G:\~$Sešit1.xlsx tom.xlsx" =========

========= End of CMD: =========

========= attrib -s -h "G:\cnz-staz-protokol-prijeti02.pdf" =========

========= End of CMD: =========

========= attrib -s -h "G:\ST_8_L.xls" =========

========= End of CMD: =========

========= attrib -s -h "G:\Protokol Hurdis jirĚŚiĚ.xlsx" =========

========= End of CMD: =========

========= attrib -s -h "G:\~$Protokol Hurdis jirĚŚiĚ.xlsx" =========

========= End of CMD: =========

========= attrib -s -h "G:\BETON" =========

========= End of CMD: =========

========= attrib -s -h "G:\BETON III" =========

========= End of CMD: =========

========= attrib -s -h "G:\betron II" =========

========= End of CMD: =========

========= attrib -s -h "G:\-ja" =========

========= End of CMD: =========

========= attrib -s -h "G:\Mutěnice" =========

========= End of CMD: =========

========= attrib -s -h "G:\NAUKA I" =========

========= End of CMD: =========

========= attrib -s -h "G:\NAUKA II" =========

========= End of CMD: =========

========= attrib -s -h "G:\Pozemak" =========

========= End of CMD: =========

========= attrib -s -h "G:\POZEMÁK II" =========

========= End of CMD: =========

========= attrib -s -h "G:\POZEMÁK III" =========

========= End of CMD: =========

========= attrib -s -h "G:\požárko" =========

========= End of CMD: =========

========= attrib -s -h "G:\Projekt" =========

========= End of CMD: =========

========= attrib -s -h "G:\REALIZACE STAVEB" =========

========= End of CMD: =========

========= attrib -s -h "G:\rekonstrukce" =========

========= End of CMD: =========

========= attrib -s -h "G:\techno II" =========

========= End of CMD: =========

========= attrib -s -h "G:\tepelna technika" =========

========= End of CMD: =========

========= attrib -s -h "G:\TZB" =========

========= End of CMD: =========

========= attrib -s -h "G:\TZB II" =========

========= End of CMD: =========

========= attrib -s -h "G:\TZB III" =========

========= End of CMD: =========

========= attrib -s -h "G:\valtice 2012" =========

========= End of CMD: =========

========= attrib -s -h "G:\VODA - HOTOVO" =========

========= End of CMD: =========

========= attrib -s -h "G:\TABY, AKORDY" =========

========= End of CMD: =========

========= attrib -s -h "G:\KOVYII" =========

========= End of CMD: =========

========= attrib -s -h "G:\OCEŇOVÁNÍ" =========

========= End of CMD: =========

========= attrib -s -h "G:\- USI" =========

Soubor nebyl nalezen - G:\- USI.

========= End of CMD: =========

========= attrib -s -h "G:\PŘEDPJAŤÁK" =========

========= End of CMD: =========

========= attrib -s -h "G:\INF II" =========

========= End of CMD: =========

========= attrib -s -h "G:\- DIPLOMKA" =========

Soubor nebyl nalezen - G:\- DIPLOMKA.

========= End of CMD: =========

========= attrib -s -h "G:\POČÍTAČOVÁ APLIKACE STF" =========

========= End of CMD: =========

========= attrib -s -h "G:\- STÁŽ" =========

Soubor nebyl nalezen - G:\- ST��.

========= End of CMD: =========

========= attrib -s -h "G:\PROSTOROVÁ AKUSTIKA" =========

========= End of CMD: =========

========= attrib -s -h "G:\APL FYZIKA" =========

========= End of CMD: =========

========= attrib -s -h "G:\VÝSTAVBA" =========

========= End of CMD: =========

========= attrib -s -h "G:\MODERNÍ STM" =========

========= End of CMD: =========

========= attrib -s -h "G:\MAMKA" =========

========= End of CMD: =========

==== End of Fixlog ====

#12 Příspěvek od **vyosek** » 28 dub 2014 11:40

Tak co flash disk, stale skrytej??

Murdoc · #13 Příspěvek od **Murdoc** » 28 dub 2014 11:47

jojo už všechno vidím...

super, jsi king! jen tam chybí ještě složky "- DIPLOMKA -" "- USI -" a "- STÁŽ -". předpokládám že aplikací stejného fixlogu s těmito složkami je zobrazím taky?

#14 Příspěvek od **vyosek** » 28 dub 2014 11:50

aaano, fixlog by mel mit tuto podobu

Kód: Vybrat vše

Start
CMD: attrib -s -h "G:\- USI -"
CMD: attrib -s -h "G:\- DIPLOMKA -"
CMD: attrib -s -h "G:\- STÁŽ -"
End

Murdoc · #15 Příspěvek od **Murdoc** » 28 dub 2014 12:14

Díky, takže flashka by měla být už čistá i s počítačem?

VIRY.CZ

Vir na flashce - Murdoc

Vir na flashce - Murdoc

Re: Vir na flashce - Murdoc

Re: Vir na flashce - Murdoc

Re: Vir na flashce - Murdoc

Re: Vir na flashce - Murdoc

Re: Vir na flashce - Murdoc

Re: Vir na flashce - Murdoc

Re: Vir na flashce - Murdoc

Re: Vir na flashce - Murdoc

Re: Vir na flashce - Murdoc

Re: Vir na flashce - Murdoc

Re: Vir na flashce - Murdoc

Re: Vir na flashce - Murdoc

Re: Vir na flashce - Murdoc

Re: Vir na flashce - Murdoc