reklama v prohlizeci "Ads by Info"

[grep0n]

Ahoj

jestli muzu poprosit o pomoc. V prohlizeci mi na webovych strankach vyskakuje prazdny reklamni frame pod kterym je napsano "Ads by Info" diky za rady


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Jakub (administrator) on JAKUB-PC on 15-09-2014 23:27:48
Running from C:\Users\Jakub\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Macrovision Corporation) C:\Flexlm\Lmgrd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Flexlm\Scia.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Users\Jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Startup: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {02BD18CB-237D-44CB-8086-F345D6FEAFFA} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
BHO: GOSavee -> {2f8a6adc-78a8-4091-aece-dd933e9d77d1} -> C:\Program Files (x86)\GOSavee\arP9rgBH3VUDtf.x64.dll No File
BHO: YoutuBeAduBlockue -> {69deaea4-521e-474a-8ff0-4272d7caf23a} -> C:\Program Files (x86)\YoutuBeAduBlockue\v93O0ag5LJ1FoB.x64.dll No File
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nr1spd6m.default
FF SearchEngineOrder.1: Google
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: {{EXT_NAME}} - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nr1spd6m.default\Extensions\openbookmarkintab@piro.sakura.ne.jp [2014-09-15]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nr1spd6m.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-09-11]
FF Extension: innoApp - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nr1spd6m.default\Extensions\{3c3ae2b4-4a36-40c4-a356-ffc1820b7ece}.xpi [2014-09-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [{7F737E3E-993D-43AB-9109-90C4E82752CC}] - C:\Program Files (x86)\iSkysoft\Free Video Downloader\SVRFirefoxExt
FF Extension: ISkysoft Allmytube downloader - C:\Program Files (x86)\iSkysoft\Free Video Downloader\SVRFirefoxExt [2013-02-16]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-07-31]
FF HKCU\...\Firefox\Extensions: [{7F737E3E-993D-43AB-9109-90C4E82752CC}] - C:\Program Files (x86)\iSkysoft\Free Video Downloader\SVRFirefoxExt
FF Extension: No Name - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nr1spd6m.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [Not Found]
FF Extension: No Name - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nr1spd6m.default\extensions\faststartff@gmail.com [Not Found]

Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://istart.webssearches.com/?type=hp&ts=1410442612&from=wpc&uid=WDCXWD7500AALX-009BA0_WD-WCATR490203202032
CHR StartupUrls: Profile 1 -> "hxxp://www.idnes.cz/"
CHR DefaultSearchKeyword: Profile 1 -> google.cz_
CHR DefaultSuggestURL: Profile 1 -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Překladač Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-09-15]
CHR Extension: (Prezentace Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-11]
CHR Extension: (ISkysoft Allmytube download) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\afapmikcgbhfkecdhiokcgledjcpfbfd [2014-09-11]
CHR Extension: (Dokumenty Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-11]
CHR Extension: (Disk Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-11]
CHR Extension: (YouTube) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-11]
CHR Extension: (Clickjacking Reveal) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ecillfeckjnmpgfdabblnebhibndmnho [2014-09-15]
CHR Extension: (Chromebleed) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2014-09-15]
CHR Extension: (Adobe Acrobat - Vytvořit PDF) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-09-11]
CHR Extension: (Kalendář Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-09-15]
CHR Extension: (Tabulky Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-11]
CHR Extension: (Chrome Notepad) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp [2014-09-15]
CHR Extension: (AdBlock) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-15]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-09-15]
CHR Extension: (jdjbledkahnanmoekcemgbbpeihcgmbp) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jdjbledkahnanmoekcemgbbpeihcgmbp [2014-09-15]
CHR Extension: (Peněženka Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-11]
CHR Extension: (Gmail) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-11]
CHR HKLM-x32\...\Chrome\Extension: [afapmikcgbhfkecdhiokcgledjcpfbfd] - C:\Program Files (x86)\iSkysoft\Free Video Downloader\SVRChromePlugin.crx [2013-02-16]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 4d349a54; c:\Program Files (x86)\GS_Booster\AssistantSvc.dll [174928 2014-09-11] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 Flexlm Service 1; C:\Flexlm\Lmgrd.exe [974848 2008-04-02] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 postgresql-x64-9.2; C:/Program Files/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N "postgresql-x64-9.2" -D "C:/Program Files/PostgreSQL/9.2/data" -w [X]
S2 trntv; C:\Users\Jakub\AppData\Roaming\TornTV.com\TornTVSvc.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-07-12] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 23:27 - 2014-09-15 23:28 - 00020678 _____ () C:\Users\Jakub\Desktop\FRST.txt
2014-09-15 23:27 - 2014-09-15 23:27 - 00000000 ____D () C:\FRST
2014-09-15 23:26 - 2014-09-15 23:26 - 02105856 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2014-09-15 23:14 - 2014-09-15 23:14 - 00165888 _____ () C:\Users\Jakub\Downloads\T-Cleaner.exe
2014-09-15 08:17 - 2014-09-15 08:17 - 01391971 _____ () C:\Users\Jakub\Downloads\022-023.jpg.zip
2014-09-15 04:53 - 2014-09-15 08:13 - 00000583 _____ () C:\Users\Jakub\Desktop\christmas.txt
2014-09-14 21:07 - 2014-09-15 08:08 - 00000000 ____D () C:\Users\Jakub\Desktop\C14B23_Christmass
2014-09-14 15:20 - 2014-09-14 15:20 - 00023962 _____ () C:\Users\Jakub\Downloads\logo - Hanousek.cdr
2014-09-12 23:36 - 2014-09-15 20:25 - 00000959 _____ () C:\Users\Jakub\Desktop\dopis.txt
2014-09-12 16:13 - 2014-09-12 16:48 - 1288305236 _____ () C:\Users\Jakub\Desktop\C14B23_Christmass.zip
2014-09-12 09:33 - 2014-09-12 09:33 - 00000000 ___RD () C:\Users\Jakub\Creative Cloud Files
2014-09-12 09:22 - 2014-09-12 09:22 - 00001222 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2014.lnk
2014-09-12 08:47 - 2014-09-12 08:47 - 00001313 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-09-12 08:47 - 2014-09-12 08:47 - 00001301 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-09-12 08:43 - 2014-09-12 08:43 - 00614792 _____ (Adobe Systems Incorporated) C:\Users\Jakub\Downloads\CreativeCloudSet-Up (1).exe
2014-09-12 08:29 - 2014-09-12 08:29 - 140051603 _____ () C:\Users\Jakub\Downloads\AdobeAfterEffects-13.0.0-Trial-13.0.2.zip
2014-09-12 08:27 - 2014-09-12 08:27 - 00614792 _____ (Adobe Systems Incorporated) C:\Users\Jakub\Downloads\CreativeCloudSet-Up.exe
2014-09-12 08:12 - 2014-09-12 08:12 - 00001310 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Update Management Tool.lnk
2014-09-12 08:11 - 2014-09-12 08:11 - 00000000 ____D () C:\Users\Jakub\Downloads\UAP_1.1
2014-09-12 08:07 - 2014-09-12 08:09 - 35712770 _____ () C:\Users\Jakub\Downloads\UAP_1.1.rar
2014-09-11 18:48 - 2014-09-11 18:48 - 00436720 _____ () C:\Users\Jakub\Downloads\Nepotvrzeno 814367.crdownload
2014-09-11 18:48 - 2014-09-11 18:48 - 00436720 _____ () C:\Users\Jakub\Downloads\Nepotvrzeno 640110.crdownload
2014-09-11 18:48 - 2014-09-11 18:48 - 00393216 _____ () C:\Users\Jakub\Downloads\Nepotvrzeno 272524.crdownload
2014-09-11 18:48 - 2014-09-11 18:48 - 00393216 _____ () C:\Users\Jakub\Downloads\Nepotvrzeno 188814.crdownload
2014-09-11 18:48 - 2014-09-11 18:48 - 00393216 _____ () C:\Users\Jakub\Downloads\Nepotvrzeno 130328.crdownload
2014-09-11 18:47 - 2014-09-11 18:52 - 00000000 ____D () C:\Program Files (x86)\innoApp
2014-09-11 18:47 - 2014-09-11 18:48 - 00436720 _____ () C:\Users\Jakub\Downloads\Nepotvrzeno 653643.crdownload
2014-09-11 18:45 - 2014-09-11 18:45 - 00001046 _____ () C:\Users\Jakub\Desktop\Torntv Downloader.lnk
2014-09-11 18:31 - 2014-09-11 18:36 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\uTorrent
2014-09-11 18:31 - 2014-09-11 18:31 - 00000893 _____ () C:\Users\Jakub\Desktop\µTorrent.lnk
2014-09-11 18:31 - 2014-09-11 18:31 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2014-09-11 18:30 - 2014-09-11 18:30 - 01939048 _____ (emc) C:\Users\Jakub\Downloads\uTorrent221.exe
2014-09-11 18:27 - 2014-09-11 18:27 - 00225088 _____ () C:\Users\Jakub\Downloads\FLVPlayer_downloader-N2Ntirowb.exe
2014-09-11 17:49 - 2014-09-11 17:37 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-11 17:40 - 2014-09-11 17:50 - 00013363 _____ () C:\zoek-results.log
2014-09-11 17:37 - 2014-09-11 17:50 - 00000000 ____D () C:\zoek_backup
2014-09-11 17:26 - 2014-09-11 17:26 - 00000000 ____D () C:\Windows\ERUNT
2014-09-11 17:12 - 2014-09-15 23:17 - 00009734 _____ () C:\Windows\PFRO.log
2014-09-11 17:12 - 2014-09-15 23:17 - 00002174 _____ () C:\Windows\setupact.log
2014-09-11 17:12 - 2014-09-11 17:12 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-11 16:59 - 2014-09-11 16:59 - 00005348 _____ () C:\Users\Jakub\Documents\cc_20140911_165930.reg
2014-09-11 16:51 - 2014-09-11 16:51 - 00003820 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1410447103
2014-09-11 16:51 - 2014-09-11 16:51 - 00001139 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-09-11 16:51 - 2014-09-11 16:51 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-09-11 16:51 - 2014-09-11 16:51 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\Opera Software
2014-09-11 16:51 - 2014-09-11 16:51 - 00000000 ____D () C:\Users\Jakub\AppData\Local\Opera Software
2014-09-11 16:51 - 2014-09-11 16:51 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-11 16:38 - 2014-09-11 16:38 - 00702658 _____ () C:\Users\Jakub\Downloads\amtlib.dll.rar
2014-09-11 16:26 - 2014-09-11 16:26 - 00000000 _RSHD () C:\Users\Jakub\AppData\Roaming\CapsLock
2014-09-11 15:36 - 2014-09-11 15:36 - 00000000 ____D () C:\Program Files (x86)\GS_Booster
2014-09-11 15:35 - 2014-09-11 15:35 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\postgres\AppData\Local\Google
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\postgres\AppData\Local\Comodo
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\Jakub\AppData\Local\Comodo
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\Guest
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\Administrator
2014-09-11 15:07 - 2014-09-11 15:07 - 00836608 _____ (Flight Characteristic) C:\Users\Jakub\Downloads\Crack and Setup.exe
2014-09-11 15:06 - 2014-09-11 15:06 - 00346816 _____ () C:\Users\Jakub\Downloads\Nepotvrzeno 326671.crdownload
2014-09-11 14:59 - 2014-09-11 14:59 - 00050119 _____ () C:\Users\Jakub\Downloads\84BC13E21BAE3CF191C53267B39CD3964A593A8E.torrent
2014-09-11 14:07 - 2014-09-11 14:07 - 00536576 _____ () C:\Users\Jakub\Downloads\Adobe-After-Effects-CC-2014-13.0.1-(64-bit)-(patch)-[ChingLiu].exe
2014-09-11 03:22 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 03:22 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 03:22 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:22 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:22 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 03:22 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 03:22 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:22 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:22 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 03:22 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 03:22 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 03:22 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 03:22 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 03:22 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:22 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 03:22 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:22 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 03:22 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 03:22 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 03:22 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 03:22 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 03:22 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:22 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 03:22 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 03:22 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 03:22 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 03:22 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 03:22 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 03:22 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 03:22 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:22 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 03:22 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 03:22 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:22 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 03:22 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 03:22 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 03:22 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 03:22 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:22 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 03:22 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:22 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 03:22 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 03:22 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 03:22 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 03:22 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 03:22 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:22 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 03:22 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:22 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 03:22 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 03:22 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 03:22 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:22 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 03:22 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 03:22 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 03:22 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 03:01 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:01 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 22:54 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 22:54 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 22:53 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 22:53 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 22:52 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 22:52 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 22:52 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 22:52 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 22:52 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 22:52 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 22:52 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 13:32 - 2014-09-11 15:13 - 00002500 _____ () C:\Users\Jakub\Downloads\poznamky k videu RD rymarov.txt
2014-09-10 13:21 - 2014-09-10 13:21 - 00000637 _____ () C:\Users\Jakub\Desktop\trenink_dnska.txt
2014-09-09 14:48 - 2014-09-09 14:48 - 00926662 _____ () C:\Users\Jakub\Downloads\IMG_6598 (1).MOV
2014-09-09 09:29 - 2014-09-09 09:29 - 00001236 _____ () C:\Users\Jakub\Downloads\event.ics
2014-09-09 07:28 - 2014-09-10 07:03 - 00001270 _____ () C:\Users\Jakub\Downloads\rdr-video-titulky.txt
2014-09-08 22:02 - 2014-09-08 22:02 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-08 22:02 - 2014-09-08 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-08 22:01 - 2014-09-08 22:02 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-08 22:01 - 2014-09-08 22:02 - 00000000 ____D () C:\Program Files\iTunes
2014-09-08 22:01 - 2014-09-08 22:02 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-08 22:01 - 2014-09-08 22:01 - 00000000 ____D () C:\Program Files\iPod
2014-09-08 08:08 - 2014-09-08 08:09 - 02698456 _____ (Adobe Systems, Incorporated) C:\Users\Jakub\Downloads\amtlib.dll
2014-09-08 08:03 - 2014-09-08 08:03 - 00000000 ____D () C:\Users\Jakub\Downloads\Adobe-After-Effects-CC-12.2.0.52-Final-Multilanguage-www.merefile.com
2014-09-08 08:02 - 2014-06-04 02:59 - 02698456 _____ (Adobe Systems, Incorporated) C:\Users\Jakub\Desktop\amtlib.dll
2014-09-07 22:22 - 2014-09-07 22:23 - 23256236 _____ () C:\Users\Jakub\Downloads\881466462.dem
2014-09-06 08:58 - 2014-09-06 09:53 - 00000000 ____D () C:\Users\Jakub\Desktop\HF_OCTOBER
2014-09-02 20:03 - 2014-09-02 20:04 - 00000043 _____ () C:\Users\Jakub\Desktop\trenink1.txt
2014-09-02 18:34 - 2014-09-02 18:35 - 65488554 _____ () C:\Users\Jakub\Downloads\theeye.aif
2014-09-01 22:50 - 2014-09-01 22:50 - 00521216 _____ (PainteR) C:\Users\Jakub\Downloads\Adobe-Universal-Patcher.exe
2014-09-01 22:49 - 2014-09-01 22:49 - 00521216 _____ (PainteR) C:\Users\Jakub\Downloads\AdobeUniversalPatcher.exe
2014-08-28 12:20 - 2014-08-28 12:20 - 00005720 _____ () C:\Users\Jakub\Desktop\tlpanet_kokretury.txt
2014-08-28 04:08 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 04:08 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 04:08 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 21:18 - 2014-08-27 21:18 - 00022120 _____ () C:\Users\Jakub\Downloads\6496ca42a77c6f2893bcf946603f34fd1751e2ea.zip
2014-08-27 14:03 - 2014-08-27 14:03 - 00003537 _____ () C:\Users\Jakub\Downloads\SmartReview.jnlp
2014-08-27 09:45 - 2014-08-27 11:39 - 00000000 ____D () C:\Users\Jakub\Desktop\September_RIP
2014-08-26 18:08 - 2014-08-26 18:09 - 27846358 _____ () C:\Users\Jakub\Downloads\SuspendedInASunbeam(Master).wav
2014-08-26 10:11 - 2014-08-26 10:11 - 00000000 ____D () C:\Users\Jakub\Desktop\PDF_RIP
2014-08-22 04:42 - 2014-09-13 04:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-22 04:42 - 2014-08-22 04:42 - 00000967 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-08-22 04:42 - 2014-08-22 04:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-20 21:19 - 2014-08-20 21:19 - 00481367 _____ () C:\Users\Jakub\Downloads\Onefit.cz.rar
2014-08-19 22:45 - 2014-08-19 22:45 - 00059031 _____ () C:\Users\Jakub\Downloads\Suits.S04E09.PROPER.HDTV.x264-KILLERS.srt
2014-08-19 16:09 - 2014-08-19 16:11 - 56402990 _____ () C:\Users\Jakub\Downloads\Sky People M.wav
2014-08-19 13:31 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-19 13:31 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-19 13:31 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-19 13:31 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-19 13:31 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-19 13:31 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-19 13:31 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-19 13:31 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-19 13:31 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-19 13:31 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-19 13:30 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-19 13:30 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-19 13:30 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-19 13:30 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 23:28 - 2014-09-15 23:27 - 00020678 _____ () C:\Users\Jakub\Desktop\FRST.txt
2014-09-15 23:27 - 2014-09-15 23:27 - 00000000 ____D () C:\FRST
2014-09-15 23:26 - 2014-09-15 23:26 - 02105856 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2014-09-15 23:25 - 2009-07-14 06:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-15 23:25 - 2009-07-14 06:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 23:23 - 2013-01-30 23:31 - 01366717 _____ () C:\Windows\WindowsUpdate.log
2014-09-15 23:18 - 2013-05-19 12:55 - 00000000 ___RD () C:\Users\Jakub\Dropbox
2014-09-15 23:18 - 2013-05-19 12:48 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\Dropbox
2014-09-15 23:18 - 2013-01-31 22:14 - 00000000 ____D () C:\Users\Jakub\AppData\Local\Adobe
2014-09-15 23:17 - 2014-09-11 17:12 - 00009734 _____ () C:\Windows\PFRO.log
2014-09-15 23:17 - 2014-09-11 17:12 - 00002174 _____ () C:\Windows\setupact.log
2014-09-15 23:17 - 2013-02-01 02:49 - 00000000 ____D () C:\Users\postgres
2014-09-15 23:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-15 23:15 - 2013-01-30 23:31 - 00000000 ____D () C:\Users\Jakub
2014-09-15 23:14 - 2014-09-15 23:14 - 00165888 _____ () C:\Users\Jakub\Downloads\T-Cleaner.exe
2014-09-15 23:14 - 2014-01-24 18:36 - 00000000 ____D () C:\Qoobox
2014-09-15 22:48 - 2013-07-14 22:18 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-15 20:25 - 2014-09-12 23:36 - 00000959 _____ () C:\Users\Jakub\Desktop\dopis.txt
2014-09-15 18:39 - 2014-05-05 15:04 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2014-09-15 18:06 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-15 17:52 - 2013-01-31 23:02 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\vlc
2014-09-15 08:17 - 2014-09-15 08:17 - 01391971 _____ () C:\Users\Jakub\Downloads\022-023.jpg.zip
2014-09-15 08:13 - 2014-09-15 04:53 - 00000583 _____ () C:\Users\Jakub\Desktop\christmas.txt
2014-09-15 08:08 - 2014-09-14 21:07 - 00000000 ____D () C:\Users\Jakub\Desktop\C14B23_Christmass
2014-09-14 22:25 - 2014-08-05 18:39 - 00000510 _____ () C:\Users\Jakub\Desktop\Zaplatit.txt
2014-09-14 15:20 - 2014-09-14 15:20 - 00023962 _____ () C:\Users\Jakub\Downloads\logo - Hanousek.cdr
2014-09-13 09:30 - 2013-02-01 01:25 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\Skype
2014-09-13 04:34 - 2014-08-22 04:42 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-13 03:26 - 2013-05-24 23:44 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\TS3Client
2014-09-12 16:48 - 2014-09-12 16:13 - 1288305236 _____ () C:\Users\Jakub\Desktop\C14B23_Christmass.zip
2014-09-12 09:49 - 2013-01-31 22:20 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-09-12 09:33 - 2014-09-12 09:33 - 00000000 ___RD () C:\Users\Jakub\Creative Cloud Files
2014-09-12 09:33 - 2014-09-12 09:33 - 00000000 ____D () C:\Users\Jakub\Downloads\Universal-Adobe-_er-1.1-+-All-in-one-X-FORCE-Keygen
2014-09-12 09:33 - 2014-09-12 09:33 - 00000000 ____D () C:\Users\Jakub\Downloads\Universal Adobe Patcher 1.1.0.0
2014-09-12 09:22 - 2014-09-12 09:22 - 00001222 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2014.lnk
2014-09-12 09:17 - 2013-01-31 22:18 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-12 08:49 - 2013-09-23 10:11 - 00000000 ___RD () C:\Users\Jakub\Creative Cloud Files (greg.greg@centrum.cz)
2014-09-12 08:49 - 2013-01-31 22:14 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\Adobe
2014-09-12 08:47 - 2014-09-12 08:47 - 00001313 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-09-12 08:47 - 2014-09-12 08:47 - 00001301 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-09-12 08:47 - 2013-01-31 22:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-12 08:43 - 2014-09-12 08:43 - 00614792 _____ (Adobe Systems Incorporated) C:\Users\Jakub\Downloads\CreativeCloudSet-Up (1).exe
2014-09-12 08:29 - 2014-09-12 08:29 - 140051603 _____ () C:\Users\Jakub\Downloads\AdobeAfterEffects-13.0.0-Trial-13.0.2.zip
2014-09-12 08:27 - 2014-09-12 08:27 - 00614792 _____ (Adobe Systems Incorporated) C:\Users\Jakub\Downloads\CreativeCloudSet-Up.exe
2014-09-12 08:26 - 2014-09-12 08:10 - 37079618 _____ () C:\Users\Jakub\Downloads\Universal Adobe Patcher 1.1.0.0.rar
2014-09-12 08:12 - 2014-09-12 08:12 - 00001310 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Update Management Tool.lnk
2014-09-12 08:11 - 2014-09-12 08:11 - 00000000 ____D () C:\Users\Jakub\Downloads\UAP_1.1
2014-09-12 08:10 - 2014-09-12 08:10 - 01377341 _____ () C:\Users\Jakub\Downloads\Universal-Adobe-_er-1.1-+-All-in-one-X-FORCE-Keygen.rar
2014-09-12 08:10 - 2014-09-12 08:09 - 14185985 _____ () C:\Users\Jakub\Downloads\Universal-Adobe-Patcher-1.1-PainteR-activate-all-Adobe-products-CC-2014---YouTube.mp4
2014-09-12 08:09 - 2014-09-12 08:07 - 35712770 _____ () C:\Users\Jakub\Downloads\UAP_1.1.rar
2014-09-11 18:52 - 2014-09-11 18:47 - 00000000 ____D () C:\Program Files (x86)\innoApp
2014-09-11 18:52 - 2014-05-05 15:03 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-11 18:52 - 2013-11-27 04:23 - 00000969 _____ () C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-11 18:52 - 2013-06-16 02:10 - 00001065 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-11 18:52 - 2013-06-16 02:10 - 00001053 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-11 18:52 - 2013-01-31 00:11 - 00001290 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-11 18:52 - 2013-01-31 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-11 18:52 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-09-11 18:48 - 2014-09-11 18:48 - 00436720 _____ () C:\Users\Jakub\Downloads\Nepotvrzeno 814367.crdownload
2014-09-11 18:48 - 2014-09-11 18:48 - 00436720 _____ () C:\Users\Jakub\Downloads\Nepotvrzeno 640110.crdownload
2014-09-11 18:48 - 2014-09-11 18:48 - 00393216 _____ () C:\Users\Jakub\Downloads\Nepotvrzeno 272524.crdownload
2014-09-11 18:48 - 2014-09-11 18:48 - 00393216 _____ () C:\Users\Jakub\Downloads\Nepotvrzeno 188814.crdownload
2014-09-11 18:48 - 2014-09-11 18:48 - 00393216 _____ () C:\Users\Jakub\Downloads\Nepotvrzeno 130328.crdownload
2014-09-11 18:48 - 2014-09-11 18:47 - 00436720 _____ () C:\Users\Jakub\Downloads\Nepotvrzeno 653643.crdownload
2014-09-11 18:47 - 2013-10-18 22:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-11 18:46 - 2013-01-31 00:11 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-11 18:45 - 2014-09-11 18:45 - 00001046 _____ () C:\Users\Jakub\Desktop\Torntv Downloader.lnk
2014-09-11 18:36 - 2014-09-11 18:31 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\uTorrent
2014-09-11 18:31 - 2014-09-11 18:31 - 00000893 _____ () C:\Users\Jakub\Desktop\µTorrent.lnk
2014-09-11 18:31 - 2014-09-11 18:31 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2014-09-11 18:30 - 2014-09-11 18:30 - 01939048 _____ (emc) C:\Users\Jakub\Downloads\uTorrent221.exe
2014-09-11 18:27 - 2014-09-11 18:27 - 00225088 _____ () C:\Users\Jakub\Downloads\FLVPlayer_downloader-N2Ntirowb.exe
2014-09-11 17:12 - 2014-09-11 17:12 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-11 17:12 - 2009-07-14 04:34 - 67895296 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-09-11 17:12 - 2009-07-14 04:34 - 18350080 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-09-11 17:12 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-09-11 17:12 - 2009-07-14 04:34 - 00024576 _____ () C:\Windows\system32\config\SECURITY.bak
2014-09-11 17:12 - 2009-07-14 04:34 - 00024576 _____ () C:\Windows\system32\config\SAM.bak
2014-09-11 16:59 - 2014-09-11 16:59 - 00005348 _____ () C:\Users\Jakub\Documents\cc_20140911_165930.reg
2014-09-11 16:51 - 2014-09-11 16:51 - 00003820 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1410447103
2014-09-11 16:51 - 2014-09-11 16:51 - 00001139 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-09-11 16:51 - 2014-09-11 16:51 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-09-11 16:51 - 2014-09-11 16:51 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\Opera Software
2014-09-11 16:51 - 2014-09-11 16:51 - 00000000 ____D () C:\Users\Jakub\AppData\Local\Opera Software
2014-09-11 16:51 - 2014-09-11 16:51 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-11 16:26 - 2014-09-11 16:26 - 00000000 _RSHD () C:\Users\Jakub\AppData\Roaming\CapsLock
2014-09-11 15:43 - 2014-09-11 15:43 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jakub\Downloads\hijackthis.exe
2014-09-11 15:36 - 2014-09-11 15:36 - 00000000 ____D () C:\Program Files (x86)\GS_Booster
2014-09-11 15:35 - 2014-09-11 15:35 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\postgres\AppData\Local\Google
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\postgres\AppData\Local\Comodo
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\Jakub\AppData\Local\Comodo
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\Guest
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-11 15:35 - 2014-09-11 15:35 - 00000000 ____D () C:\Users\Administrator
2014-09-11 15:35 - 2013-01-31 00:11 - 00000000 ____D () C:\Users\Jakub\AppData\Local\Google
2014-09-11 15:35 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-11 15:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-11 15:13 - 2014-09-10 13:32 - 00002500 _____ () C:\Users\Jakub\Downloads\poznamky k videu RD rymarov.txt
2014-09-11 15:07 - 2014-09-11 15:07 - 00836608 _____ (Flight Characteristic) C:\Users\Jakub\Downloads\Crack and Setup.exe
2014-09-11 15:06 - 2014-09-11 15:06 - 00346816 _____ () C:\Users\Jakub\Downloads\Nepotvrzeno 326671.crdownload
2014-09-11 14:59 - 2014-09-11 14:59 - 00050119 _____ () C:\Users\Jakub\Downloads\84BC13E21BAE3CF191C53267B39CD3964A593A8E.torrent
2014-09-11 14:07 - 2014-09-11 14:07 - 00536576 _____ () C:\Users\Jakub\Downloads\Adobe-After-Effects-CC-2014-13.0.1-(64-bit)-(patch)-[ChingLiu].exe
2014-09-11 04:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-11 03:20 - 2014-02-23 04:33 - 01559340 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 03:20 - 2011-04-12 10:34 - 00668882 _____ () C:\Windows\system32\perfh005.dat
2014-09-11 03:20 - 2011-04-12 10:34 - 00141542 _____ () C:\Windows\system32\perfc005.dat
2014-09-11 03:20 - 2009-07-14 07:13 - 01559340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-11 03:19 - 2013-01-31 19:04 - 00002155 _____ () C:\Windows\epplauncher.mif
2014-09-11 03:19 - 2013-01-31 19:03 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-11 03:19 - 2013-01-31 19:02 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-11 03:19 - 2013-01-31 19:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-11 03:18 - 2013-08-09 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 03:03 - 2013-02-01 01:02 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 03:00 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 23:40 - 2013-02-03 22:50 - 00000000 ____D () C:\Users\Jakub\Downloads\bordel
2014-09-10 13:21 - 2014-09-10 13:21 - 00000637 _____ () C:\Users\Jakub\Desktop\trenink_dnska.txt
2014-09-10 07:03 - 2014-09-09 07:28 - 00001270 _____ () C:\Users\Jakub\Downloads\rdr-video-titulky.txt
2014-09-10 04:42 - 2013-07-29 14:09 - 00000000 ____D () C:\Program Files\Adobe
2014-09-09 14:48 - 2014-09-09 14:48 - 00926662 _____ () C:\Users\Jakub\Downloads\IMG_6598 (1).MOV
2014-09-09 09:29 - 2014-09-09 09:29 - 00001236 _____ () C:\Users\Jakub\Downloads\event.ics
2014-09-08 22:02 - 2014-09-08 22:02 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-08 22:02 - 2014-09-08 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-08 22:02 - 2014-09-08 22:01 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-08 22:02 - 2014-09-08 22:01 - 00000000 ____D () C:\Program Files\iTunes
2014-09-08 22:02 - 2014-09-08 22:01 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-08 22:01 - 2014-09-08 22:01 - 00000000 ____D () C:\Program Files\iPod
2014-09-08 08:09 - 2014-09-08 08:08 - 02698456 _____ (Adobe Systems, Incorporated) C:\Users\Jakub\Downloads\amtlib.dll
2014-09-08 08:03 - 2014-09-08 08:03 - 00000000 ____D () C:\Users\Jakub\Downloads\Adobe-After-Effects-CC-12.2.0.52-Final-Multilanguage-www.merefile.com
2014-09-07 22:23 - 2014-09-07 22:22 - 23256236 _____ () C:\Users\Jakub\Downloads\881466462.dem
2014-09-06 09:53 - 2014-09-06 08:58 - 00000000 ____D () C:\Users\Jakub\Desktop\HF_OCTOBER
2014-09-05 04:10 - 2014-09-10 22:52 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-10 22:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-02 20:04 - 2014-09-02 20:03 - 00000043 _____ () C:\Users\Jakub\Desktop\trenink1.txt
2014-09-02 18:35 - 2014-09-02 18:34 - 65488554 _____ () C:\Users\Jakub\Downloads\theeye.aif
2014-09-01 22:50 - 2014-09-01 22:50 - 00521216 _____ (PainteR) C:\Users\Jakub\Downloads\Adobe-Universal-Patcher.exe
2014-09-01 22:49 - 2014-09-01 22:49 - 00521216 _____ (PainteR) C:\Users\Jakub\Downloads\AdobeUniversalPatcher.exe
2014-09-01 11:31 - 2013-02-22 22:57 - 00000000 ____D () C:\Users\Jakub\Desktop\faktury
2014-08-30 12:25 - 2013-06-22 12:33 - 00000000 ____D () C:\sarka
2014-08-29 03:20 - 2009-07-14 06:45 - 12110632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 12:20 - 2014-08-28 12:20 - 00005720 _____ () C:\Users\Jakub\Desktop\tlpanet_kokretury.txt
2014-08-27 21:18 - 2014-08-27 21:18 - 00022120 _____ () C:\Users\Jakub\Downloads\6496ca42a77c6f2893bcf946603f34fd1751e2ea.zip
2014-08-27 15:14 - 2013-02-01 02:13 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\FileZilla
2014-08-27 14:37 - 2014-08-13 16:36 - 00000000 ____D () C:\Users\Jakub\AppData\Local\Battle.net
2014-08-27 14:03 - 2014-08-27 14:03 - 00003537 _____ () C:\Users\Jakub\Downloads\SmartReview.jnlp
2014-08-27 11:39 - 2014-08-27 09:45 - 00000000 ____D () C:\Users\Jakub\Desktop\September_RIP
2014-08-26 18:09 - 2014-08-26 18:08 - 27846358 _____ () C:\Users\Jakub\Downloads\SuspendedInASunbeam(Master).wav
2014-08-26 15:19 - 2014-08-14 15:24 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-26 10:11 - 2014-08-26 10:11 - 00000000 ____D () C:\Users\Jakub\Desktop\PDF_RIP
2014-08-26 07:48 - 2013-02-01 01:24 - 00000000 ____D () C:\ProgramData\Skype
2014-08-25 06:53 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 04:07 - 2014-08-28 04:08 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 04:08 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 04:08 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 04:42 - 2014-08-22 04:42 - 00000967 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-08-22 04:42 - 2014-08-22 04:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-22 03:03 - 2014-08-13 16:35 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-20 21:19 - 2014-08-20 21:19 - 00481367 _____ () C:\Users\Jakub\Downloads\Onefit.cz.rar
2014-08-20 08:47 - 2013-02-01 02:49 - 00000600 _____ () C:\Users\Jakub\AppData\Local\PUTTY.RND
2014-08-19 22:45 - 2014-08-19 22:45 - 00059031 _____ () C:\Users\Jakub\Downloads\Suits.S04E09.PROPER.HDTV.x264-KILLERS.srt
2014-08-19 20:05 - 2014-09-11 03:22 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 19:39 - 2014-09-11 03:22 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 16:11 - 2014-08-19 16:09 - 56402990 _____ () C:\Users\Jakub\Downloads\Sky People M.wav
2014-08-19 01:01 - 2014-09-11 03:22 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:29 - 2014-09-11 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 00:29 - 2014-09-11 03:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 00:26 - 2014-09-11 03:22 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 00:20 - 2014-09-11 03:22 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 00:19 - 2014-09-11 03:22 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 00:15 - 2014-09-11 03:22 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 00:15 - 2014-09-11 03:22 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 00:14 - 2014-09-11 03:22 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 00:14 - 2014-09-11 03:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 00:08 - 2014-09-11 03:22 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 00:08 - 2014-09-11 03:22 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 00:08 - 2014-09-11 03:22 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 00:05 - 2014-09-11 03:22 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 00:03 - 2014-09-11 03:22 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 00:03 - 2014-09-11 03:22 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 00:03 - 2014-09-11 03:22 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 23:57 - 2014-09-11 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 23:56 - 2014-09-11 03:22 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 23:51 - 2014-09-11 03:22 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 23:46 - 2014-09-11 03:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 23:45 - 2014-09-11 03:22 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 23:45 - 2014-09-11 03:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 23:44 - 2014-09-11 03:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 23:44 - 2014-09-11 03:22 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 23:42 - 2014-09-11 03:22 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 23:40 - 2014-09-11 03:22 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 23:39 - 2014-09-11 03:22 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 23:39 - 2014-09-11 03:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 23:39 - 2014-09-11 03:22 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 23:38 - 2014-09-11 03:22 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 23:37 - 2014-09-11 03:22 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 23:36 - 2014-09-11 03:22 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 23:35 - 2014-09-11 03:22 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 23:27 - 2014-09-11 03:22 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 23:25 - 2014-09-11 03:22 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 23:25 - 2014-09-11 03:22 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 23:23 - 2014-09-11 03:22 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 23:23 - 2014-09-11 03:22 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 23:22 - 2014-09-11 03:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 23:19 - 2014-09-11 03:22 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 23:17 - 2014-09-11 03:22 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 23:17 - 2014-09-11 03:22 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 23:16 - 2014-09-11 03:22 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 23:15 - 2014-09-11 03:22 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 23:15 - 2014-09-11 03:22 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 23:09 - 2014-09-11 03:22 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 23:08 - 2014-09-11 03:22 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 23:07 - 2014-09-11 03:22 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 22:55 - 2014-09-11 03:22 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 22:46 - 2014-09-11 03:22 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 22:38 - 2014-09-11 03:22 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 22:38 - 2014-09-11 03:22 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 22:36 - 2014-09-11 03:22 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

Some content of TEMP:
====================
C:\Users\Jakub\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpftvb84.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-06 00:21

==================== End Of Log ============================

[Márty84]

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[grep0n]

reklama je stale


LOG:

# AdwCleaner v3.310 - Report created 16/09/2014 at 07:37:49
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jakub - JAKUB-PC
# Running from : C:\Users\Jakub\Desktop\adwcleaner_3.310.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\innoApp

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\innoApp

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nr1spd6m.default\prefs.js ]


[ File : C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]\prefs.js ]


-\\ Google Chrome v37.0.2062.120

*************************

AdwCleaner[R5].txt - [2143 octets] - [16/09/2014 07:35:47]
AdwCleaner[S3].txt - [1563 octets] - [16/09/2014 07:37:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1623 octets] ##########

[Márty84]

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[grep0n]

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 16.9.2014
Scan Time: 17:06:15
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.16.05
Rootkit Database: v2014.09.15.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jakub

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 1116595
Time Elapsed: 4 hr, 31 min, 57 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 5
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [32238e60760549ed9002bdc76a989070],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [32238e60760549ed9002bdc76a989070],
PUP.Optional.TornTV.A, HKLM\SOFTWARE\WOW6432NODE\TheTorntv V10-nv, , [9db8707e542761d5d49d501b06fe18e8],
PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TheTorntv V10, , [6ce9d41a6615e84ed99aa3c80ff5956b],
PUP.Optional.FastStart.A, HKU\S-1-5-21-1581021673-1230494117-1272436122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, , [be977a74cbb0023470a7b44de61d619f],

Registry Values: 1
PUP.Optional.FastStart.A, HKU\S-1-5-21-1581021673-1230494117-1272436122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, , [be977a74cbb0023470a7b44de61d619f]

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.Booster.A, C:\Program Files (x86)\GS_Booster, , [83d20fdf59222412cdeacf2fec163ec2],

Files: 107
PUP.Optional.SweetPacks.A, C:\Program Files (x86)\Qoobox\Quarantine\C\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe.vir, , [500521cd205b8ea8e0c4e82e52afa25e],
Trojan.SProtector, C:\Program Files (x86)\GS_Booster\Assistant.dll, , [3025fbf31467a294d9bc6406af52e41c],
Trojan.SProtector, C:\Program Files (x86)\GS_Booster\AssistantSvc.dll, , [1144de10403be3530c8ab7b316eb7a86],
Trojan.SProtector, C:\Program Files (x86)\GS_Booster\Assistant_x64.dll, , [fb5a6b831368f93d9a739614699838c8],
PUP.Optional.OneClickDownloader.A, C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\File System\001\t\00\00000000, , [94c119d54437b68081941e040df4a45c],
PUP.Optional.OneClickDownloader.A, C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\File System\001\t\00\00000001, , [d0859856fe7de551c5503ae846bbbd43],
PUP.Optional.Somoto.A, C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\File System\002\t\00\00000000, , [04511fcf8eed8fa799e975438978d927],
PUP.RiskwareTool.CK, C:\Users\Jakub\Downloads\Universal-Adobe-_er-1.1-+-All-in-one-X-FORCE-Keygen.rar, , [a3b25d91abd0a59147f15f209f633ac6],
PUP.Optional.MultiPlug, C:\Users\Jakub\Downloads\Crack and Setup.exe, , [361fb63893e8d363a543febe8e735ea2],
PUP.Optional.Downloader, C:\Users\Jakub\Downloads\[NNM-Club.me]_by_D!akov.torrent_downloader.exe, , [9abb2bc31c5fd85e34efa2b255ab649c],
RiskWare.Tool.CK, C:\Users\Jakub\Downloads\Particular-2.1-x64-CS5.rar, , [3e1743ab077465d1dd76190307fbcc34],
PUP.Optional.OneClickDownloader.A, C:\Users\Jakub\Downloads\Nepotvrzeno 130328.crdownload, , [d77e3faf225938fec55029f9f110ed13],
PUP.Optional.OneClickDownloader.A, C:\Users\Jakub\Downloads\Nepotvrzeno 188814.crdownload, , [025328c63447eb4bc15429f948b97987],
PUP.Optional.OneClickDownloader.A, C:\Users\Jakub\Downloads\Nepotvrzeno 272524.crdownload, , [d382c5297803de58070e44de3bc6ed13],
PUP.Optional.Amonetize, C:\Users\Jakub\Downloads\Nepotvrzeno 326671.crdownload, , [1540f8f6abd0d26413b6e7c633ce30d0],
PUP.Optional.OneClickDownloader.A, C:\Users\Jakub\Downloads\Nepotvrzeno 640110.crdownload, , [fb5a1cd26d0e0630769ff82a45bcdd23],
PUP.Optional.OneClickDownloader.A, C:\Users\Jakub\Downloads\Nepotvrzeno 653643.crdownload, , [75e0ae409dde84b250c560c242bfe917],
PUP.Optional.OneClickDownloader.A, C:\Users\Jakub\Downloads\Nepotvrzeno 814367.crdownload, , [61f47579a0dbbc7a75a02af843bedb25],
PUP.Optional.Monetizer, C:\Users\Jakub\Downloads\camera tracker plugin for after effects__3039_i708678334_il1014498.exe, , [a2b37e70ed8e6ec8c450296feb1624dc],
PUP.Optional.Somoto.A, C:\Users\Jakub\Downloads\FLVPlayer_downloader-N2Ntirowb.exe, , [b89d529cb2c973c31a6808b0679a23dd],
PUP.RiskwareTool.CK, C:\Users\Jakub\Downloads\AMTLIB 32 and 64-bit Fix.zip, , [77defaf4cab18aac9e6ff141837f02fe],
PUP.Optional.MultiPlug, C:\Users\Jakub\Downloads\Universal Patcheris Here !!!.exe, , [e47198566912c96d608854686998cd33],
PUP.Optional.MultiPlug, C:\Users\Jakub\Downloads\Universal Patcher.exe, , [76dfd31b8cefcf67be2ac5f7bb4619e7],
Trojan.Agent.VBS, C:\Users\Jakub\Downloads\snr.patch-painter.rar, , [c88d09e52259d95dff66149a34cd3bc5],
PUP.Optional.Amonetize, C:\Users\Jakub\Downloads\crack__5160_i1251315998_il17293.exe, , [da7bcc22e3983df9e9e9cde9eb1640c0],
PUP.RiskwareTool.CK, C:\Users\Jakub\Downloads\Universal-_er-1.1-+-All-in-one-X-FORCE-Keygen\X-FORCE Keygen\xf-.exe, , [282d4f9f99e2ec4ace6a99e650b2ae52],
PUP.RiskwareTool.CK, C:\Users\Jakub\Downloads\bordel\Crack.rar, , [f560dc126f0c102635d9c36fb64ce719],
RiskWare.Tool.CK, C:\Users\Jakub\Downloads\bordel\Sony Vegas PRO 11\Sony Vegas PRO 11.0.511 64 bit Multilanguage with keygen and patch\Sony Vegas Pro 11 Cracking Tools.7z, , [f65f9a54b5c650e6abaaf60b40c2c040],
RiskWare.Tool.CK, C:\Users\Jakub\Downloads\bordel\Sony Vegas PRO 11\Sony Vegas PRO 11.0.511 64 bit Multilanguage with keygen and patch\Sony Vegas Pro 11 Cracking Tools\Keygen.exe, , [20356589710a320497be29d85da53ac6],
RiskWare.Tool.HCK, C:\Users\Jakub\Downloads\bordel\Sony Vegas PRO 11\Sony Vegas PRO 11.0.511 64 bit Multilanguage with keygen and patch\Sony Vegas Pro 11 Cracking Tools\SonyVegasPro Patch.exe, , [193c1fcf750690a68c64c06405fd926e],
RiskWare.Tool.HCK, C:\Users\Jakub\Downloads\bordel\Sony Vegas PRO 11\Sony Vegas PRO 11.0.511 64 bit Multilanguage with keygen and patch\Sony.Products.Multikeygen.v2.0.Keygen.and.Patch.Only.READ.NFO-DI\Keygen.exe, , [282db8363645191d126eea3b3bc7bc44],
RiskWare.Tool.CK, C:\Users\Jakub\Downloads\bordel\Quicktime Pro 7.6.8 + keygen\Keygen.exe, , [11448569473400364f142fd22ad815eb],
RiskWare.Tool.CK, C:\Users\Jakub\Downloads\Particular-2.1-x64-CS5\Particular 2.1 x64 CS5\TCP2 Keygen.exe, , [2d28d519adce6fc7f75c06161ce6b749],
Malware.Tool, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\1- WinRAR 3.80 Beta 5 (Extra)\RAR Slayer v1.1.exe, , [9bba945ac0bba492f261e41c9a68c13f],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Buena Software Au Naturel 1.1.1\Buena Software Au Naturel 1.1.1.rar, , [a1b4eb031b60ff37445e9bc037c955ab],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Buena Software Swatch Buckler 1.0.1\Buena Software Swatch Buckler 1.0.1.rar, , [65f0eb03cdae57dff2b076e558a80000],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum Animatext 3D 1.0 for WinXP\Panopticum Animatext 3D 1.0 for WinXP.rar, , [64f16787dba0e2540999015ad42c45bb],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Trapcode Starglow 1.0.3\Trapcode Starglow 1.0.3.rar, , [11449f4f3645b87e5e44500bb14ffb05],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Fnordware PowerPicker 1.01\Fnordware PowerPicker 1.01.rar, , [ada8539b4a31c96d129094c7bc4437c9],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum Animatext 3D 1.0 for 9xMENT2K\Panopticum Animatext 3D 1.0 for 9xMENT2K.rar, , [f85d7b73007b8aac9c0683d867992dd3],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum Curtains 1.02\Panopticum Curtains 1.02.rar, , [66efa9453b40e2543969203b0cf4d729],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum Custom Speed2 v.1.0\Panopticum Custom Speed2 v.1.0.rar, , [b79e5599d1aad95d5c46afac5ba51fe1],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum IcePattern 1.0\Panopticum IcePattern 1.0.rar, , [aca9b93552299e98a4fe6fecb74912ee],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum Water 1.0\Panopticum Water 1.0.rar, , [3e177c72a9d283b3039fc695fd03d52b],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Profound Effects Useful Assistants 1.0\Profound Effects Useful Assistants 1.0.rar, , [fe571dd1ea913501f6ac62f9ea166c94],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Profound Effects Useful Things 1.5\Profound Effects Useful Things 1.5.rar, , [df76b43adc9f1422ecb6213a55abbe42],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\StageTools MovingPicture 4.4 AE\StageTools MovingPicture 4.4 AE.rar, , [2233648a502bda5ca4fea0bb758b2bd5],
PUP.Optional.MySearchDial.A, C:\Users\Jakub\Downloads\backups\backup-20130621-193404-206.dll, , [1f364f9f4536e254d8d8ee2d877ad927],
PUP.Optional.MultiPlug, C:\Users\Jakub\Downloads\backups\backup-20140911-154553-368.dll, , [c491d81624576cca4248872e25dc41bf],
PUP.Optional.MultiPlug, C:\Users\Jakub\Downloads\backups\backup-20140911-154554-449.dll, , [f1649757b9c20e2892f87243bb4644bc],
Trojan.MSIL.UL, C:\Users\Jakub\Downloads\backups\backup-20140911-154554-935-084c1b8351050a141c82272c6443506b.exe, , [69ec707e85f61f172cf093c645bc24dc],
Trojan.MSIL.UL, C:\Users\Jakub\Downloads\backups\backup-20140911-154554-968-Foxit-Advanced-PDF-Editor v3.0.5 Incl Crack {Ahmed-0312}.exe, , [b79ee905502be254ea32461334cd32ce],
Trojan.Agent.VBS, C:\Users\Jakub\Downloads\adobe.snr.patch-painter\adobe.snr.patch-painter\adobe.snr.patch-painter.exe, , [9eb7fbf3681366d00c59624c8b76ba46],
PUP.RiskwareTool.CK, C:\Users\Jakub\Downloads\amtlib.dll (1)\amtlib.dll\amtlib.dll, , [6ee7da14215a330318f683affe0422de],
PUP.Optional.TornTV.A, C:\zoek_backup\C_Users_Jakub_AppData_Roaming_IOFSQS.exe.vir, , [1d385698aecdf2448d6f594a07fa9a66],
PUP.Optional.TornTV.A, C:\zoek_backup\C_Users_Jakub_AppData_Roaming_WGZUBRF.exe.vir, , [b4a1b539ef8c5cdaa458099a26db9d63],
RiskWare.Tool.HCK, C:\Program Files\Sony\Vegas Pro 11.0\Keygen.exe, , [98bd935bd3a8cd69c9b7fc291ae8dd23],
Trojan.Agent, G:\bordel\instal\Downloads\bordel\Warcraft-III-CZ---Reign-Of-Chaos-+-Frozen-Throne\Warcraft III CZ - Reign Of Chaos + Frozen Throne\warcraft3 keygen.exe, , [b5a007e7691288ae41d1ef1a3ec4c937],
PUP.Optional.InnoApp.A, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\profiles\[ofr2][opt]rs0,[slws][slns]\extensions\{3c3ae2b4-4a36-40c4-a356-ffc1820b7ece}.xpi, , [4510e20c81fa77bfe264a759946f9a66],
PUP.Optional.InnoApp.A, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\profiles\nr1spd6m.default\extensions\{3c3ae2b4-4a36-40c4-a356-ffc1820b7ece}.xpi, , [87cee9052d4e999dfa4c30d07d864cb4],
PUP.Optional.Booster.A, C:\Program Files (x86)\GS_Booster\Assistant.dll, , [83d20fdf59222412cdeacf2fec163ec2],
PUP.Optional.Booster.A, C:\Program Files (x86)\GS_Booster\AssistantSvc.dll, , [83d20fdf59222412cdeacf2fec163ec2],
PUP.Optional.Booster.A, C:\Program Files (x86)\GS_Booster\Assistant_x64.dll, , [83d20fdf59222412cdeacf2fec163ec2],

Physical Sectors: 0
(No malicious items detected)


(end)

[Márty84]

Vsechny nalezy hodte do karanteny. Po dalsim restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

[grep0n]

Reklamy "Ads by Info" se mi objevujou porad na vsech strankach

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 17.9.2014
Scan Time: 8:47:24
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.17.02
Rootkit Database: v2014.09.15.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jakub

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 1120869
Time Elapsed: 3 hr, 40 min, 19 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 69
PUP.Optional.SweetPacks.A, C:\Program Files (x86)\Qoobox\Quarantine\C\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe.vir, , [e0d6c7274b30b3832d93db3b877afa06],
PUP.Optional.OneClickDownloader.A, C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\File System\001\t\00\00000000, , [dadca34b2655f93d939e031f53ae867a],
PUP.Optional.OneClickDownloader.A, C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\File System\001\t\00\00000001, , [7b3b32bc2655b87e91a0a57d758c22de],
PUP.RiskwareTool.CK, C:\Users\Jakub\Downloads\Universal-Adobe-_er-1.1-+-All-in-one-X-FORCE-Keygen\X-FORCE Keygen\xf-adobecc2014.exe, , [4a6c688665164fe780141f60f70ba060],
PUP.RiskwareTool.CK, C:\Users\Jakub\Downloads\bordel\Crack-Adobe-After-Effects-CS.6.rar, , [2690d31b7407ab8b3b2f36fc887ab54b],
PUP.RiskwareTool.CK, C:\Users\Jakub\Downloads\bordel\Crack\32\amtlib.dll, , [36803ab4077437ffdc8d8da5c63c40c0],
PUP.RiskwareTool.CK, C:\Users\Jakub\Downloads\bordel\Crack\64\amtlib.dll, , [13a328c65f1c02344a2086ac17eb11ef],
RiskWare.Tool.CK, C:\Users\Jakub\Downloads\bordel\Sony Vegas PRO 11\Sony Vegas PRO 11.0.511 64 bit Multilanguage with keygen and patch\Sony Vegas Pro 11 Cracking Tools.7z, , [674f03eb2d4e4ee8d7da37ca788ab64a],
RiskWare.Tool.CK, C:\Users\Jakub\Downloads\bordel\Sony Vegas PRO 11\Sony Vegas PRO 11.0.511 64 bit Multilanguage with keygen and patch\Sony Vegas Pro 11 Cracking Tools\Keygen.exe, , [486e8b630f6c40f66d44c63bfb07b24e],
RiskWare.Tool.HCK, C:\Users\Jakub\Downloads\bordel\Sony Vegas PRO 11\Sony Vegas PRO 11.0.511 64 bit Multilanguage with keygen and patch\Sony Vegas Pro 11 Cracking Tools\SonyVegasPro Patch.exe, , [219523cbe49765d195b79b8a748ecb35],
RiskWare.Tool.HCK, C:\Users\Jakub\Downloads\bordel\Sony Vegas PRO 11\Sony Vegas PRO 11.0.511 64 bit Multilanguage with keygen and patch\Sony.Products.Multikeygen.v2.0.Keygen.and.Patch.Only.READ.NFO-DI\Keygen.exe, , [684ee10d7902e84eb824d84ddf23b34d],
RiskWare.Tool.CK, C:\Users\Jakub\Downloads\bordel\Quicktime Pro 7.6.8 + keygen\Keygen.exe, , [07af07e73d3e191d3c83f70a808226da],
RiskWare.Tool.CK, C:\Users\Jakub\Downloads\Particular-2.1-x64-CS5\Particular 2.1 x64 CS5\TCP2 Keygen.exe, , [09ad4ea0bcbfc4721699da429a68c937],
Malware.Tool, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\1- WinRAR 3.80 Beta 5 (Extra)\RAR Slayer v1.1.exe, , [fbbb24cabac149edded13ac63ec45ba5],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Buena Software Swatch Buckler 1.0.1\Buena Software Swatch Buckler 1.0.1.rar, , [ae089955cbb0989e8638cb90857b52ae],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum Animatext 3D 1.0 for WinXP\Panopticum Animatext 3D 1.0 for WinXP.rar, , [e8ce8e60f18aa591902e0a51a35d3ec2],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Trapcode Starglow 1.0.3\Trapcode Starglow 1.0.3.rar, , [6551b03e98e30f272a940a51000045bb],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Fnordware PowerPicker 1.01\Fnordware PowerPicker 1.01.rar, , [d5e17777a2d93105caf489d207f960a0],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum Animatext 3D 1.0 for 9xMENT2K\Panopticum Animatext 3D 1.0 for 9xMENT2K.rar, , [8a2c9757413a90a6c4fa7dde40c09b65],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum Curtains 1.02\Panopticum Curtains 1.02.rar, , [c4f2c8269be096a0b40a5605788832ce],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum Custom Speed2 v.1.0\Panopticum Custom Speed2 v.1.0.rar, , [7244e90559225fd7c8f6afac02fea957],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum IcePattern 1.0\Panopticum IcePattern 1.0.rar, , [14a2737bf08b2d09833b4b1008f84bb5],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum Water 1.0\Panopticum Water 1.0.rar, , [4175c22c0e6d4cead3eb90cbad53718f],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Profound Effects Useful Assistants 1.0\Profound Effects Useful Assistants 1.0.rar, , [a90d935bc3b801350faf1546976937c9],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Profound Effects Useful Things 1.5\Profound Effects Useful Things 1.5.rar, , [ded8faf48eede0567d413625cf310ff1],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\StageTools MovingPicture 4.4 AE\StageTools MovingPicture 4.4 AE.rar, , [44727a74c3b83ff76856d388966afd03],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Trapcode 3D Stroke 2.0.4\Trapcode 3D Stroke 2.0.4.rar, , [12a455990c6fbf77407e3427aa560bf5],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Trapcode Lux 1.0.1\Trapcode Lux 1.0.1.rar, , [b00696582259bb7b6e50cf8c78884ab6],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Trapcode Particular 1.0.1\Trapcode Particular 1.0.1.rar, , [ddd9e40adf9c79bd2797cc8f43bda25e],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Trapcode Shine 1.0.6\Trapcode Shine 1.0.6.rar, , [d5e19a541f5c3afcd6e8dc7f9b6530d0],
Malware.Packer.Gen, C:\Users\Jakub\Downloads\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Trapcode SoundKeys 1.1.2\Trapcode SoundKeys 1.1.2.rar, , [07af707e9ae155e159650754a25eab55],
PUP.RiskwareTool.CK, C:\Users\Jakub\Downloads\Adobe CS6 AMTLIB 32 and 64-bit Fix\Adobe CS6 AMTLIB 32 and 64-bit Fix\AMTLIB for 32-bit\amtlib.dll, , [75418965e19a70c6f376e34fbe443cc4],
PUP.RiskwareTool.CK, C:\Users\Jakub\Downloads\Adobe CS6 AMTLIB 32 and 64-bit Fix\Adobe CS6 AMTLIB 32 and 64-bit Fix\AMTLIB for 64-bit\amtlib.dll, , [cee8efff027974c265050d25b1511de3],
PUP.Riskware.Patcher, C:\Users\Jakub\Downloads\After Effects CC Plugin Pack\Adobe After Effects CC Plugins\RSMB.zip, , [9d19effffe7d171f98bf79a340c160a0],
PUP.Riskware.Patcher, C:\Users\Jakub\Downloads\After Effects CC Plugin Pack\Adobe After Effects CC Plugins\Twixtor.zip, , [7f37f1fda8d370c6e671f82430d1e818],
PUP.Riskware.Patcher, C:\Users\Jakub\Downloads\After Effects CC Plugin Pack\Adobe After Effects CC Plugins\RSMB\rsmb.4.1.2b.for.ae-cc-patch.exe, , [35818a642f4c979fcc8b3eded62b659b],
PUP.Riskware.Patcher, C:\Users\Jakub\Downloads\After Effects CC Plugin Pack\Adobe After Effects CC Plugins\Twixtor\twixtor.5.1.5b.for.ae-cc-patch.exe, , [aa0c2dc12d4ea492f85fe33912efc53b],
PUP.Optional.MySearchDial.A, C:\Users\Jakub\Downloads\backups\backup-20130621-193404-206.dll, , [10a67b73f78488ae59733be0f1109b65],
PUP.RiskwareTool.CK, C:\Users\Jakub\Downloads\amtlib.dll (1)\amtlib.dll\amtlib.dll, , [caece20c4f2cd066ff6b5bd7d32f857b],
Malware.Packer.Gen, C:\Windows\Temp\iocD0E4.tmp, , [8f27d717f388fc3affbf65f60cf414ec],
Malware.Packer.Gen, C:\Windows\Temp\iocD0E7.tmp, , [8c2a896584f766d0625c38235da3ff01],
RiskWare.Tool.HCK, C:\Program Files\Sony\Vegas Pro 11.0\Keygen.exe, , [7c3a37b77cffd36304d84dd8cb371ce4],
Malware.Tool, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\1- WinRAR 3.80 Beta 5 (Extra)\RAR Slayer v1.1.exe, , [ac0ae10d7308a6909e11758ba55d54ac],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Buena Software Swatch Buckler 1.0.1\Buena Software Swatch Buckler 1.0.1.rar, , [5561529c245794a2239b213a58a8a957],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum Animatext 3D 1.0 for WinXP\Panopticum Animatext 3D 1.0 for WinXP.rar, , [ebcb36b8aecdd95d9a24acaf9868e818],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Trapcode Starglow 1.0.3\Trapcode Starglow 1.0.3.rar, , [c2f4e00e750682b4ba04be9d42beb34d],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Fnordware PowerPicker 1.01\Fnordware PowerPicker 1.01.rar, , [d3e3935b3a419e98744a80db24dc748c],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum Animatext 3D 1.0 for 9xMENT2K\Panopticum Animatext 3D 1.0 for 9xMENT2K.rar, , [f1c58e60423996a07d41a3b8d42c9e62],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum Curtains 1.02\Panopticum Curtains 1.02.rar, , [1e987876512a6cca9628d9820cf4a55b],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum Custom Speed2 v.1.0\Panopticum Custom Speed2 v.1.0.rar, , [3f77836b96e5d462cbf3392213ed946c],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum IcePattern 1.0\Panopticum IcePattern 1.0.rar, , [6551e7075c1fe0568a3493c83ec2d030],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Panopticum Water 1.0\Panopticum Water 1.0.rar, , [eacc915dcdae73c3fbc35b0054ac2ed2],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Profound Effects Useful Assistants 1.0\Profound Effects Useful Assistants 1.0.rar, , [189e00eeb3c8e15526982c2f7a86db25],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Profound Effects Useful Things 1.5\Profound Effects Useful Things 1.5.rar, , [5e58f3fbceadb6804e70c299ef1146ba],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\StageTools MovingPicture 4.4 AE\StageTools MovingPicture 4.4 AE.rar, , [f4c2896597e4c2745d6165f6f40c6a96],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Trapcode 3D Stroke 2.0.4\Trapcode 3D Stroke 2.0.4.rar, , [3d79de105f1cf640bd01fa611de3aa56],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Trapcode Lux 1.0.1\Trapcode Lux 1.0.1.rar, , [bdf9945a7ffc76c0ae106cef3dc39868],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Trapcode Particular 1.0.1\Trapcode Particular 1.0.1.rar, , [971fda14bfbcc274576790cb847ccd33],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Trapcode Shine 1.0.6\Trapcode Shine 1.0.6.rar, , [ecca8d61fa81e650289669f2f40ca858],
Malware.Packer.Gen, G:\bordel\instal\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Trapcode SoundKeys 1.1.2\Trapcode SoundKeys 1.1.2.rar, , [9c1adf0fe79454e211ad8fcc817f1be5],
CrackTool.Agent, G:\bordel\instal\all-arnold83-bashamasr-com\Arnold83@bashamasr.com-- activation here\Arnold83---EGYPT FOR EVER\read the note before install. By arnold83.exe, , [8a2c2ec0740714224da51e11f20f42be],
PUP.Hacktool.Patcher, G:\bordel\instal\Downloads\bordel\AE CS5 Plugins Collection x64 v2.1\Video Co-Pilot Software CS5\Video-Co-Pilot Optical Flares CS5\Optical_Flares_v1.2.124_-_x64_x32\x64\Crack WinX64.exe, , [447243ab90ebb1852b9e14f150b0e11f],
CrackTool.Agent, G:\bordel\instal\Downloads\bordel\rar\all-arnold83-bashamasr-com.rar, , [4f6747a72358c07616dc2c03a16015eb],
PUP.Hacktool.Patcher, G:\bordel\instal\Downloads\bordel\Sony-Vegas-Pro-11_32bit\Sony Vegas Pro 11_32bit\32bit-patch.rar, , [764009e52a5147ef2d9cc441f010c43c],
PUP.Hacktool.Patcher, G:\bordel\instal\Downloads\bordel\Sony-Vegas-Pro-11_32bit\Sony Vegas Pro 11_32bit\32bit-patch\32bit-patch.exe, , [3284648a0c6f84b21faad82dfe0227d9],
Trojan.Agent, G:\bordel\instal\Downloads\bordel\Warcraft-III-CZ---Reign-Of-Chaos-+-Frozen-Throne\Warcraft III CZ - Reign Of Chaos + Frozen Throne\warcraft3 keygen.exe, , [e8ce3faf2c4f3ef81f4f91784ab89b65],

Physical Sectors: 0
(No malicious items detected)


(end)

[Márty84]

Nalezy nechte opet odstranit.



Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[grep0n]

ComboFix 14-09-16.01 - Jakub 18.09.2014 3:00.6.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.16066.13762 [GMT 2:00]
Spuštěný z: c:\users\Jakub\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-18 do 2014-09-18 )))))))))))))))))))))))))))))))
.
.
2014-09-18 01:12 . 2014-09-18 01:12 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-09-18 01:12 . 2014-09-18 01:12 -------- d-----w- c:\users\postgres\AppData\Local\temp
2014-09-18 01:12 . 2014-09-18 01:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-17 07:56 . 2014-09-17 17:08 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C2D34AC8-EF5A-45A8-9642-1ADEA09A9491}\offreg.dll
2014-09-17 07:43 . 2014-09-09 02:05 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C2D34AC8-EF5A-45A8-9642-1ADEA09A9491}\mpengine.dll
2014-09-17 06:10 . 2014-09-17 06:10 122584 ----a-w- c:\windows\system32\drivers\389C5208.sys
2014-09-17 00:37 . 2014-09-17 00:37 122584 ----a-w- c:\windows\system32\drivers\417F72B8.sys
2014-09-17 00:25 . 2013-05-06 07:13 110176 ----a-w- c:\windows\system32\klfphc.dll
2014-09-17 00:23 . 2014-09-17 00:23 -------- d-----w- c:\windows\ELAMBKUP
2014-09-17 00:23 . 2014-09-17 00:23 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2014-09-17 00:23 . 2014-09-17 17:00 -------- d-----w- c:\programdata\Kaspersky Lab
2014-09-17 00:22 . 2014-07-25 16:23 792128 ----a-w- c:\windows\system32\drivers\klif.sys
2014-09-17 00:22 . 2014-07-25 16:23 140352 ----a-w- c:\windows\system32\drivers\klflt.sys
2014-09-17 00:22 . 2014-04-10 15:25 243808 ----a-w- c:\windows\system32\drivers\klhk.sys
2014-09-16 15:03 . 2014-09-17 22:56 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-16 15:03 . 2014-09-16 15:03 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-09-16 15:03 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-09-16 15:03 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-09-16 15:03 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-16 05:35 . 2014-09-16 05:37 -------- d-----w- C:\AdwCleaner
2014-09-15 21:27 . 2014-09-15 21:29 -------- d-----w- C:\FRST
2014-09-12 07:33 . 2014-09-12 07:33 -------- d-----r- c:\users\Jakub\Creative Cloud Files
2014-09-11 16:31 . 2014-09-11 16:36 -------- d-----w- c:\users\Jakub\AppData\Roaming\uTorrent
2014-09-11 15:49 . 2014-09-18 01:12 -------- d-----w- c:\users\Jakub\AppData\Local\Temp
2014-09-11 14:51 . 2014-09-11 14:51 -------- d-----w- c:\users\Jakub\AppData\Roaming\Opera Software
2014-09-11 14:51 . 2014-09-11 14:51 -------- d-----w- c:\users\Jakub\AppData\Local\Opera Software
2014-09-11 14:51 . 2014-09-17 14:52 -------- d-----w- c:\program files (x86)\Opera
2014-09-11 14:26 . 2014-09-11 14:26 -------- d-sh--r- c:\users\Jakub\AppData\Roaming\CapsLock
2014-09-11 13:35 . 2014-09-11 13:35 -------- d-----w- c:\users\postgres\AppData\Local\Google
2014-09-11 13:35 . 2014-09-11 13:35 -------- d-----w- c:\users\postgres\AppData\Local\Comodo
2014-09-11 13:35 . 2014-09-11 13:35 -------- d-----w- c:\users\Jakub\AppData\Local\Comodo
2014-09-11 13:35 . 2014-09-11 13:35 -------- d-----w- c:\users\Guest
2014-09-11 13:35 . 2014-09-11 13:35 -------- d-----w- c:\users\Administrator
2014-09-11 01:01 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-11 01:01 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-10 20:54 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-10 20:54 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-09-10 20:53 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-10 20:53 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-09-10 20:52 . 2014-07-07 02:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-09-10 20:52 . 2014-07-07 01:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-09-10 20:52 . 2014-07-07 02:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-10 20:52 . 2014-07-07 01:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-09-10 20:52 . 2014-07-07 01:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-09-10 20:52 . 2014-09-05 02:10 578048 ----a-w- c:\windows\system32\aepdu.dll
2014-09-10 20:52 . 2014-09-05 02:05 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-09-08 20:01 . 2014-09-08 20:02 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-08 20:01 . 2014-09-08 20:02 -------- d-----w- c:\program files\iTunes
2014-09-08 20:01 . 2014-09-08 20:02 -------- d-----w- c:\program files (x86)\iTunes
2014-09-08 20:01 . 2014-09-08 20:01 -------- d-----w- c:\program files\iPod
2014-08-28 02:08 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-28 02:08 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-28 02:08 . 2014-08-23 00:59 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-26 05:48 . 2014-08-26 05:48 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-08-19 11:31 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-08-19 11:31 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-08-19 11:31 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-08-19 11:31 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-08-19 11:31 . 2014-05-14 16:23 38880 ----a-w- c:\windows\system32\wups.dll
2014-08-19 11:31 . 2014-05-14 16:23 700384 ----a-w- c:\windows\system32\wuapi.dll
2014-08-19 11:31 . 2014-05-14 16:20 97792 ----a-w- c:\windows\system32\wudriver.dll
2014-08-19 11:31 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-08-19 11:31 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll
2014-08-19 11:31 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-08-19 11:30 . 2014-05-14 07:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-08-19 11:30 . 2014-05-14 07:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-08-19 11:30 . 2014-05-14 07:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-08-19 11:30 . 2014-05-14 07:20 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-11 01:03 . 2013-01-31 23:02 101694776 ----a-w- c:\windows\system32\MRT.exe
2014-08-25 04:53 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-16 03:23 . 2014-08-14 22:42 2048 ----a-w- c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-14 22:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-07-14 02:02 . 2014-08-14 22:40 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-14 22:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-07-09 02:03 . 2014-08-14 22:42 7168 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-07-09 02:03 . 2014-08-14 22:42 7168 ----a-w- c:\windows\system32\KBDTAT.DLL
2014-07-09 02:03 . 2014-08-14 22:42 7168 ----a-w- c:\windows\system32\KBDRU1.DLL
2014-07-09 02:03 . 2014-08-14 22:42 6656 ----a-w- c:\windows\system32\KBDRU.DLL
2014-07-09 02:03 . 2014-08-14 22:42 7168 ----a-w- c:\windows\system32\KBDBASH.DLL
2014-07-09 01:31 . 2014-08-14 22:42 7168 ----a-w- c:\windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31 . 2014-08-14 22:42 6656 ----a-w- c:\windows\SysWow64\KBDBASH.DLL
2014-06-30 22:24 . 2014-08-15 01:01 8856 ----a-w- c:\windows\system32\icardres.dll
2014-06-30 22:14 . 2014-08-15 01:01 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-06-25 02:05 . 2014-08-14 22:42 14175744 ----a-w- c:\windows\system32\shell32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 152392]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-07-22 2694040]
.
c:\users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-7-30 36414496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 4d349a54;GS_Sustainer;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R2 AVP15.0.0;Služba Kaspersky Anti-Virus 15.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Flexlm Service 1;Flexlm Service 1;c:\flexlm\Lmgrd.exe;c:\flexlm\Lmgrd.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 trntv;Torntv Downloader;c:\users\Jakub\AppData\Roaming\TornTV.com\TornTVSvc.exe;c:\users\Jakub\AppData\Roaming\TornTV.com\TornTVSvc.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 postgresql-x64-9.2;postgresql-x64-9.2 - PostgreSQL Server 9.2;C:/Program Files/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N postgresql-x64-9.2 -D C:/Program Files/PostgreSQL/9.2/data -w;C:/Program Files/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N postgresql-x64-9.2 -D C:/Program Files/PostgreSQL/9.2/data -w [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-10 21:12 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-09-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-14 20:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-07-16 09:06 672416 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-07-16 09:06 672416 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-07-16 09:06 672416 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\profiles\nr1spd6m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - ExtSQL: 2014-09-11 16:33; firefox-hotfix@mozilla.org; c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nr1spd6m.default\extensions\firefox-hotfix@mozilla.org.xpi
FF - ExtSQL: 2014-09-17 02:23; anti_banner@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF - ExtSQL: 2014-09-17 02:23; url_advisor@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF - ExtSQL: 2014-09-17 02:25; content_blocker@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF - ExtSQL: 2014-09-17 02:25; virtual_keyboard@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF - ExtSQL: 2014-09-17 02:25; online_banking@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF - ExtSQL: !HIDDEN! 2013-02-16 13:58; {7F737E3E-993D-43AB-9109-90C4E82752CC}; c:\program files (x86)\iSkysoft\Free Video Downloader\SVRFirefoxExt
FF - user.js: plugin.state.npcontentblocker - 2
FF - user.js: plugin.state.nponlinebanking - 2
FF - user.js: plugin.state.npvkplugin - 2
FF - user.js: plugin.state.anti_banner_native_proxy - 2
FF - user.js: plugin.state.url_advisor - 2
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
BHO-{2f8a6adc-78a8-4091-aece-dd933e9d77d1} - c:\program files (x86)\GOSavee\arP9rgBH3VUDtf.x64.dll
BHO-{69deaea4-521e-474a-8ff0-4272d7caf23a} - c:\program files (x86)\YoutuBeAduBlockue\v93O0ag5LJ1FoB.x64.dll
AddRemove-CoreAAC Audio Decoder - c:\windows\system32\CoreAAC-uninstall.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{C87834EB-A2A0-B9D4-AA9A-C263D1191051} - c:\programdata\GOSavee\h8r0EorALMT9zuf.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-x64-9.2]
"ImagePath"="C:/Program Files/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N \"postgresql-x64-9.2\" -D \"C:/Program Files/PostgreSQL/9.2/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-x64-9.2]
"ImagePath"="C:/Program Files/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N \"postgresql-x64-9.2\" -D \"C:/Program Files/PostgreSQL/9.2/data\" -w"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-09-18 03:14:39
ComboFix-quarantined-files.txt 2014-09-18 01:14
.
Před spuštěním: Volných bajtů: 34 625 892 352
Po spuštění: Volných bajtů: 34 297 122 816
.
- - End Of File - - 79451A8549DD4D631DDF90AB96D275FE
A36C5E4F47E84449FF07ED3517B43A31

[Márty84]

Vypnete trvale Windows Defender


Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Regnull::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
4d349a54
SkypeUpdate
c2cautoupdatesvc
c2cpnrsvc

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[grep0n]

ComboFix 14-09-18.01 - Jakub 18.09.2014 9:36.7.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.16066.14384 [GMT 2:00]
Spuštěný z: c:\users\Jakub\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jakub\Desktop\CFScript.txt
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_4d349a54
-------\Service_c2cautoupdatesvc
-------\Service_c2cpnrsvc
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-18 do 2014-09-18 )))))))))))))))))))))))))))))))
.
.
2014-09-17 15:15 . 2014-09-17 15:15 873352 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\uninstall\helper.exe
2014-09-17 07:43 . 2014-09-09 02:05 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C2D34AC8-EF5A-45A8-9642-1ADEA09A9491}\mpengine.dll
2014-09-17 06:10 . 2014-09-17 06:10 122584 ----a-w- c:\windows\system32\drivers\389C5208.sys
2014-09-17 00:37 . 2014-09-17 00:37 122584 ----a-w- c:\windows\system32\drivers\417F72B8.sys
2014-09-17 00:25 . 2013-05-06 07:13 110176 ----a-w- c:\windows\system32\klfphc.dll
2014-09-17 00:23 . 2014-09-17 00:23 -------- d-----w- c:\windows\ELAMBKUP
2014-09-17 00:23 . 2014-09-17 00:23 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2014-09-17 00:23 . 2014-09-18 07:41 -------- d-----w- c:\programdata\Kaspersky Lab
2014-09-17 00:22 . 2014-07-25 16:23 792128 ----a-w- c:\windows\system32\drivers\klif.sys
2014-09-17 00:22 . 2014-07-25 16:23 140352 ----a-w- c:\windows\system32\drivers\klflt.sys
2014-09-17 00:22 . 2014-04-10 15:25 243808 ----a-w- c:\windows\system32\drivers\klhk.sys
2014-09-16 15:03 . 2014-09-18 07:41 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-16 15:03 . 2014-09-16 15:03 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-09-16 15:03 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-09-16 15:03 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-09-16 15:03 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-16 05:35 . 2014-09-16 05:37 -------- d-----w- C:\AdwCleaner
2014-09-15 21:27 . 2014-09-15 21:29 -------- d-----w- C:\FRST
2014-09-12 07:33 . 2014-09-12 07:33 -------- d-----r- c:\users\Jakub\Creative Cloud Files
2014-09-11 16:31 . 2014-09-11 16:36 -------- d-----w- c:\users\Jakub\AppData\Roaming\uTorrent
2014-09-11 15:49 . 2014-09-11 15:37 24064 ----a-w- c:\windows\zoek-delete.exe
2014-09-11 15:49 . 2014-09-18 07:39 -------- d-----w- c:\users\Jakub\AppData\Local\Temp
2014-09-11 15:37 . 2014-09-17 06:13 -------- d-----w- C:\zoek_backup
2014-09-11 15:26 . 2014-09-11 15:26 -------- d-----w- c:\windows\ERUNT
2014-09-11 14:51 . 2014-09-11 14:51 -------- d-----w- c:\users\Jakub\AppData\Roaming\Opera Software
2014-09-11 14:51 . 2014-09-11 14:51 -------- d-----w- c:\users\Jakub\AppData\Local\Opera Software
2014-09-11 14:51 . 2014-09-17 14:52 -------- d-----w- c:\program files (x86)\Opera
2014-09-11 14:26 . 2014-09-11 14:26 -------- d-sh--r- c:\users\Jakub\AppData\Roaming\CapsLock
2014-09-11 13:35 . 2014-09-11 13:35 -------- d-----w- c:\users\postgres\AppData\Local\Google
2014-09-11 13:35 . 2014-09-11 13:35 -------- d-----w- c:\users\postgres\AppData\Local\Comodo
2014-09-11 13:35 . 2014-09-11 13:35 -------- d-----w- c:\users\Jakub\AppData\Local\Comodo
2014-09-11 13:35 . 2014-09-11 13:35 -------- d-----w- c:\users\Guest
2014-09-11 13:35 . 2014-09-11 13:35 -------- d-----w- c:\users\Administrator
2014-09-11 01:01 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-11 01:01 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-10 20:54 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-10 20:54 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-09-10 20:53 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-10 20:53 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-09-10 20:52 . 2014-07-07 02:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-09-10 20:52 . 2014-07-07 01:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-09-10 20:52 . 2014-07-07 02:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-10 20:52 . 2014-07-07 01:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-09-10 20:52 . 2014-07-07 01:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-09-10 20:52 . 2014-09-05 02:10 578048 ----a-w- c:\windows\system32\aepdu.dll
2014-09-10 20:52 . 2014-09-05 02:05 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-09-08 20:01 . 2014-09-08 20:02 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-08 20:01 . 2014-09-08 20:02 -------- d-----w- c:\program files\iTunes
2014-09-08 20:01 . 2014-09-08 20:02 -------- d-----w- c:\program files (x86)\iTunes
2014-09-08 20:01 . 2014-09-08 20:01 -------- d-----w- c:\program files\iPod
2014-08-28 02:08 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-28 02:08 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-28 02:08 . 2014-08-23 00:59 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-26 05:48 . 2014-08-26 05:48 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-08-19 11:31 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-08-19 11:31 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-08-19 11:31 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-08-19 11:31 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-08-19 11:31 . 2014-05-14 16:23 38880 ----a-w- c:\windows\system32\wups.dll
2014-08-19 11:31 . 2014-05-14 16:23 700384 ----a-w- c:\windows\system32\wuapi.dll
2014-08-19 11:31 . 2014-05-14 16:20 97792 ----a-w- c:\windows\system32\wudriver.dll
2014-08-19 11:31 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-08-19 11:31 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll
2014-08-19 11:31 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-08-19 11:30 . 2014-05-14 07:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-08-19 11:30 . 2014-05-14 07:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-08-19 11:30 . 2014-05-14 07:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-08-19 11:30 . 2014-05-14 07:20 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-11 01:03 . 2013-01-31 23:02 101694776 ----a-w- c:\windows\system32\MRT.exe
2014-08-25 04:53 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-16 03:23 . 2014-08-14 22:42 2048 ----a-w- c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-14 22:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-07-14 02:02 . 2014-08-14 22:40 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-14 22:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-07-09 02:03 . 2014-08-14 22:42 7168 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-07-09 02:03 . 2014-08-14 22:42 7168 ----a-w- c:\windows\system32\KBDTAT.DLL
2014-07-09 02:03 . 2014-08-14 22:42 7168 ----a-w- c:\windows\system32\KBDRU1.DLL
2014-07-09 02:03 . 2014-08-14 22:42 6656 ----a-w- c:\windows\system32\KBDRU.DLL
2014-07-09 02:03 . 2014-08-14 22:42 7168 ----a-w- c:\windows\system32\KBDBASH.DLL
2014-07-09 01:31 . 2014-08-14 22:42 7168 ----a-w- c:\windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31 . 2014-08-14 22:42 6656 ----a-w- c:\windows\SysWow64\KBDBASH.DLL
2014-06-30 22:24 . 2014-08-15 01:01 8856 ----a-w- c:\windows\system32\icardres.dll
2014-06-30 22:14 . 2014-08-15 01:01 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-06-25 02:05 . 2014-08-14 22:42 14175744 ----a-w- c:\windows\system32\shell32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 152392]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-07-22 2694040]
.
c:\users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-7-30 36414496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Flexlm Service 1;Flexlm Service 1;c:\flexlm\Lmgrd.exe;c:\flexlm\Lmgrd.exe [x]
R2 trntv;Torntv Downloader;c:\users\Jakub\AppData\Roaming\TornTV.com\TornTVSvc.exe;c:\users\Jakub\AppData\Roaming\TornTV.com\TornTVSvc.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AVP15.0.0;Služba Kaspersky Anti-Virus 15.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 postgresql-x64-9.2;postgresql-x64-9.2 - PostgreSQL Server 9.2;C:/Program Files/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N postgresql-x64-9.2 -D C:/Program Files/PostgreSQL/9.2/data -w;C:/Program Files/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N postgresql-x64-9.2 -D C:/Program Files/PostgreSQL/9.2/data -w [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-10 21:12 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-09-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-14 20:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2f8a6adc-78a8-4091-aece-dd933e9d77d1}]
c:\program files (x86)\GOSavee\arP9rgBH3VUDtf.x64.dll [BU]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{69deaea4-521e-474a-8ff0-4272d7caf23a}]
c:\program files (x86)\YoutuBeAduBlockue\v93O0ag5LJ1FoB.x64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-07-16 09:06 672416 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-07-16 09:06 672416 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-07-16 09:06 672416 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
IE: Přidat do součásti Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\ie_banner_deny.htm
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\profiles\nr1spd6m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - ExtSQL: 2014-09-11 16:33; firefox-hotfix@mozilla.org; c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nr1spd6m.default\extensions\firefox-hotfix@mozilla.org.xpi
FF - ExtSQL: 2014-09-17 02:23; anti_banner@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF - ExtSQL: 2014-09-17 02:23; url_advisor@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF - ExtSQL: 2014-09-17 02:25; content_blocker@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF - ExtSQL: 2014-09-17 02:25; virtual_keyboard@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF - ExtSQL: 2014-09-17 02:25; online_banking@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF - ExtSQL: !HIDDEN! 2013-02-16 13:58; {7F737E3E-993D-43AB-9109-90C4E82752CC}; c:\program files (x86)\iSkysoft\Free Video Downloader\SVRFirefoxExt
FF - user.js: plugin.state.npcontentblocker - 2
FF - user.js: plugin.state.nponlinebanking - 2
FF - user.js: plugin.state.npvkplugin - 2
FF - user.js: plugin.state.anti_banner_native_proxy - 2
FF - user.js: plugin.state.url_advisor - 2
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-CoreAAC Audio Decoder - c:\windows\system32\CoreAAC-uninstall.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{C87834EB-A2A0-B9D4-AA9A-C263D1191051} - c:\programdata\GOSavee\h8r0EorALMT9zuf.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-x64-9.2]
"ImagePath"="C:/Program Files/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N \"postgresql-x64-9.2\" -D \"C:/Program Files/PostgreSQL/9.2/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-x64-9.2]
"ImagePath"="C:/Program Files/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N \"postgresql-x64-9.2\" -D \"C:/Program Files/PostgreSQL/9.2/data\" -w"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\flexlm\SCIA.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-09-18 09:47:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-09-18 07:47
ComboFix2.txt 2014-09-18 01:14
.
Před spuštěním: Volných bajtů: 33 999 343 616
Po spuštění: Volných bajtů: 33 777 799 168
.
- - End Of File - - 0A75527D0AB208B599825D9BFAAF535C
A36C5E4F47E84449FF07ED3517B43A31

[Márty84]

Postupujte podle navodu kolegy

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Postupujte podle navodu kolegy

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[grep0n]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.6 (09.18.2014:1)
OS: Windows 7 Home Premium x64
Ran by Jakub on źt 18.09.2014 at 13:22:27,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Users\Jakub\AppData\Roaming\mozilla\firefox\profiles\nr1spd6m.default\user.js



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 18.09.2014 at 13:29:13,64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[grep0n]

Zoek.exe v5.0.0.0 Updated 14-September-2014
Tool run by Jakub on źt 18.09.2014 at 15:25:05,85.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jakub\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-09-18-124020.log 10757 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\profiles\nr1spd6m.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\profiles\nr1spd6m.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\profiles\[ofr2][opt]rs0,[slws][slns]\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\profiles\[ofr2][opt]rs0,[slws][slns]\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com" [17.09.2014 02:23]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{7F737E3E-993D-43AB-9109-90C4E82752CC}"="C:\Program Files (x86)\iSkysoft\Free Video Downloader\SVRFirefoxExt" [16.02.2013 14:58]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\profiles\nr1spd6m.default
- Firefox Old Version Update Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nr1spd6m.default
CF25FDD7CA6BC88442A58F74DBB6CFA6 - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
afapmikcgbhfkecdhiokcgledjcpfbfd - C:\Program Files (x86)\iSkysoft\Free Video Downloader\SVRChromePlugin.crx[30.12.2012 17:57]
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[08.05.2014 15:49]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14.07.2014 18:22]

ISkysoft Allmytube download - Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\afapmikcgbhfkecdhiokcgledjcpfbfd
AdBlock - Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Set New Tab To Google - Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jdjbledkahnanmoekcemgbbpeihcgmbp
Skype Click to Call - Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{02BD18CB-237D-44CB-8086-F345D6FEAFFA} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_12454"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jakub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jakub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Jakub\AppData\Local\Mozilla\Firefox\Profiles\nr1spd6m.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Jakub\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=219 folders=98 15491509 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Guest\AppData\Local\temp emptied successfully
C:\Users\Jakub\AppData\Local\Temp will be emptied at reboot
C:\Users\postgres\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Jakub\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on źt 18.09.2014 at 16:57:45,83 ======================

[Márty84]

Dejte log z RSITx64 http://forum.viry.cz/viewtopic.php?f=13&t=130786