Prosím o pomoc

[KachnaCZ]

Dobrý den, mám tu problém s tímto zde jsou fotky: 1) https://fbcdn-sphotos-e-a.akamaihd.net/ ... 3765_n.jpg 2) https://fbcdn-sphotos-c-a.akamaihd.net/ ... 8154_n.jpg Asi mám v pc Trojana prosím o pomoc popřípadně postup,pragramy.Za každý návrh budu rád opravdu moc

[vyosek]

Zdravim a pekny vecer preji

Poprosim o spusteni nasledujiciho

Aplikace ke stažení:

• http://tharifas.sweb.cz/FRSTLauncher.exe
• http://vyosek.ic.cz/pro_usery/FRSTLauncher.exe

Po stažení FRSTLauncher spustte, objevi se mozna varovani od antiviru, ignorujte a nechte FRSTL spustit

Následně dojde ke stažení FRST a inicializaci

• Po spuštění FRST odsouhlasíme licenční podmínky kliknutím na Ano.
• Dooznačíme položku Addition.txt - viz obrázek.
  
• Klikneme na tlačítko Scan čímž spustíme skenování.
• Počkáme na dokončení skenování FRST a vytvoření doplňkových informací naší nástavbou.
• Otevře se nám textový soubor FRST.txt, což je požadovaný log a jehož obsah vložíme do svého tématu na fóru.
• Po uzavření logu se FRSTLauncher.exe ukončí a na ploše nám zbyde utilta FRST a dva logy FRST.txt a Addition.txt - nic z toho zatím nemažeme.

[KachnaCZ]

Děkuji vám také
Jinak toto okno neustále vyskakuje:https://fbcdn-sphotos-d-a.akamaihd.net/ ... 2502_n.jpg
Zde log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-08-2013 02
Ran by Jakub (administrator) on 08-08-2013 22:49:42
Running from C:\Users\Jakub\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac7302\Monitor.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ali) C:\Windows\UMStor\Res.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Windows\System32\WScript.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Dll-FIles.Com) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [PAC7302_Monitor] - C:\Windows\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKCU\...\Run: [Google Update] - C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-02] (Google Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-21] (Facebook Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [Google Update] - C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-02] (Google Inc.)
HKCU\...\Run: [Clownfish] - C:\Program Files (x86)\Clownfish\Clownfish.exe [1276152 2013-07-02] (Bogdan Sharkov)
HKCU\...\Run: [Realtek Audio Manager] - "C:\ProgramData\Realtek0\mtqadjqbe.exe" [x]
HKCU\...\Run: [BrowserChoice] - C:\Windows\System32\browserchoice.exe [294912 2010-02-23] (Microsoft Corporation)
MountPoints2: {44b596e8-4d36-11e2-864f-806e6f6e6963} - D:\cdstart.exe
MountPoints2: {bd21d420-99d3-11e2-898c-50465d0a6cec} - F:\cdstart.exe
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKLM-x32\...\Run: [USB Storage Toolbox] - C:\Windows\UMStor\Res.EXE [65536 2005-09-14] (ali)
HKLM-x32\...\Run: [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe [1219 2013-06-20] ()
Startup: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skype.lnk
ShortcutTarget: Skype.lnk -> C:\Users\Jakub\AppData\Roaming\WindowsHelp\usft_ext.exe.vbs ()
Startup: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.b1.org/?bsrc=hmior&chid=c167991
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?babsrc=HP_ ... 9&tsp=4923
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=1194 ... 0B81853119
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Before = http://www.delta-search.com/?affID=1194 ... 0B81853119
URLSearchHook: (No Name) - {539F76FD-084E-4858-86D5-62F02F54AE86} - No File
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchT ... 9&tsp=4923
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchT ... 9&tsp=4923
SearchScopes: HKCU - {523C1BBA-CB85-4BF0-8B5B-6BBABEA33D56} URL = http://websearch.ask.com/redirect?clien ... 8FBA4D3823
SearchScopes: HKCU - {F14900C8-6A11-4A9F-B6E2-210903C28239} URL = http://search.phpnuke.org/?lang=en&cid= ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Minibar.dll (KangoExtensions)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\w8qzfu5i.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Jakub\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Jakub\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Jakub\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Jakub\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Jakub\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Jakub\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Norton Identity Safe) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0\npcoplgn.dll (Symantec Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Jakub\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Jakub\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Jakub\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Jakub\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Docs) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Skype Click to Call) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.10.0.13089_0
CHR Extension: (Norton Identity Protection) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0
CHR Extension: (Gmail) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [mahgaopgbalgbfohkikbdjfmaapiehaf] - C:\Users\Jakub\AppData\Local\CRE\mahgaopgbalgbfohkikbdjfmaapiehaf.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\Exts\Chrome.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-05-10] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-05-09] ()
R2 Realtek11nCU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)
R2 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [31744 2013-04-12] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] ()
U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\ \...\???\{dd823e03-2fde-7196-b182-afef762ac958}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)

==================== Drivers (Whitelisted) ====================

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2013-01-06] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R3 CamSuiteVAC; C:\Windows\System32\DRIVERS\CamSuiteVAC.sys [56320 2008-09-18] ()
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-06] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-08-02] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-08-02] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-07-16] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130807.001\IDSvia64.sys [513184 2012-12-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130807.001\IDSvia64.sys [513184 2012-12-21] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-01-06] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130807.022\ENG64.SYS [126040 2013-08-02] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130807.022\ENG64.SYS [126040 2013-08-02] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130807.022\EX64.SYS [2098776 2013-08-02] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130807.022\EX64.SYS [2098776 2013-08-02] (Symantec Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (PixArt Imaging Inc.)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation )
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S1 cbcbveqs; \??\C:\Windows\system32\drivers\cbcbveqs.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-08 22:49 - 2013-08-08 22:49 - 00000000 ____D C:\FRST
2013-08-08 22:49 - 2013-08-08 20:46 - 01790169 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2013-08-08 22:48 - 2013-08-08 22:48 - 00000000 ____D C:\Users\Jakub\AppData\Local\qb4CD3E3.9F
2013-08-08 22:36 - 2013-08-08 22:36 - 00001088 _____ C:\Users\Jakub\Desktop\DLL-Files.com FIXER.lnk
2013-08-08 22:34 - 2013-08-08 22:38 - 00875008 _____ (Ufasoft) C:\Windows\SysWOW64\usft_ext.dll
2013-08-08 22:34 - 2013-08-08 22:34 - 00003018 _____ C:\Windows\System32\Tasks\DLL-Files.Com Fixer_MONTHLY
2013-08-08 22:34 - 2013-08-08 22:34 - 00000276 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2013-08-08 22:30 - 2013-08-08 22:32 - 04241280 _____ (Dll-Files.com ) C:\Users\Jakub\Downloads\dffsetup-usft_ext.exe
2013-08-08 21:55 - 2013-08-08 22:37 - 00003130 _____ C:\Windows\System32\Tasks\DLL-files.com Fixer
2013-08-08 21:46 - 2013-08-08 21:51 - 09115097 _____ C:\Users\Jakub\Downloads\DDL-registry-fixer--+-crack-by-meny-363.rar
2013-08-08 21:46 - 2013-08-08 21:44 - 00200704 _____ (Tencent Technology (Shenzhen) Company Limited) C:\Windows\Miner.dll
2013-08-08 21:44 - 2013-08-08 21:44 - 00200704 _____ (Tencent Technology (Shenzhen) Company Limited) C:\Users\Jakub\Downloads\Miner.dll
2013-08-08 21:39 - 2013-08-08 22:34 - 00003112 _____ C:\Windows\System32\Tasks\RDReminder
2013-08-08 21:39 - 2013-08-08 22:34 - 00003032 _____ C:\Windows\System32\Tasks\DLL-Files.Com Fixer_Updates
2013-08-08 21:39 - 2013-08-08 22:34 - 00000292 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2013-08-08 21:39 - 2013-08-08 21:44 - 00200704 _____ (Tencent Technology (Shenzhen) Company Limited) C:\Windows\SysWOW64\miner.dll
2013-08-08 21:39 - 2013-08-08 21:39 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\dll-files.com
2013-08-08 21:38 - 2013-08-08 22:36 - 00000000 ____D C:\Program Files (x86)\Dll-Files.com Fixer
2013-08-08 21:38 - 2013-08-08 22:34 - 00001088 _____ C:\Users\Public\Desktop\Dll-Files Fixer.lnk
2013-08-08 21:34 - 2013-08-08 21:36 - 04241280 _____ (Dll-Files.com ) C:\Users\Jakub\Downloads\dffsetup-miner.exe
2013-08-08 13:26 - 2013-08-08 13:26 - 00003592 _____ C:\{4682CB97-5CA0-4BED-81E1-2DB6282B2728}
2013-08-08 12:27 - 2013-08-08 12:27 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-08 12:27 - 2013-08-08 12:27 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Malwarebytes
2013-08-08 12:27 - 2013-08-08 12:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-08 12:27 - 2013-08-08 12:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-08 12:27 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-08 12:25 - 2013-08-08 12:27 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\NexusFile
2013-08-08 12:25 - 2013-08-08 12:26 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jakub\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-08 12:25 - 2013-08-08 12:25 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\cryptlib
2013-08-08 12:21 - 2013-08-08 12:21 - 00001019 _____ C:\Users\Public\Desktop\NexusFile.lnk
2013-08-08 12:21 - 2013-08-08 12:21 - 00000000 ____D C:\Program Files (x86)\NexusFile
2013-08-08 12:19 - 2013-08-08 12:19 - 03046270 _____ (xiles ) C:\Users\Jakub\Downloads\NexusFileSetup5.3.1.exe
2013-08-08 09:23 - 2013-08-08 09:25 - 00000000 ____D C:\Users\Jakub\Desktop\Nová složka (2)
2013-08-08 08:22 - 2013-08-08 08:22 - 00004280 _____ C:\{C7F36A59-8335-4F88-8379-484E33D943BF}
2013-08-07 20:39 - 2013-08-07 20:39 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-07 20:28 - 2013-08-08 22:33 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-07 20:28 - 2013-08-08 21:25 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-07 20:28 - 2013-08-07 20:28 - 00003946 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-08-07 20:28 - 2013-08-07 20:28 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-08-07 20:14 - 2013-08-07 20:14 - 00004360 _____ C:\{9A6022A5-1205-4721-81E5-3A15435A46D0}
2013-08-07 14:26 - 2013-08-07 14:26 - 00616960 _____ C:\Users\Jakub\Desktop\generator.exe
2013-08-07 13:41 - 2013-08-07 13:41 - 00000000 ____D C:\Users\Jakub\Documents\Clownfish Avatars
2013-08-07 09:18 - 2013-08-07 09:18 - 00001901 _____ C:\Users\Jakub\Desktop\Clownfish.lnk
2013-08-07 09:18 - 2013-08-07 09:18 - 00000000 ____D C:\Program Files (x86)\Clownfish
2013-08-07 08:25 - 2013-08-07 08:25 - 00001211 _____ C:\Users\Jakub\Desktop\Farming Simulator 2013 .lnk
2013-08-07 08:01 - 2013-08-07 08:01 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\TeamViewer
2013-08-07 07:22 - 2013-08-08 21:23 - 00002842 _____ C:\Windows\WindowsUpdate.log
2013-08-07 06:59 - 2013-08-08 21:24 - 00000392 _____ C:\Windows\setupact.log
2013-08-07 06:59 - 2013-08-07 06:59 - 00000000 _____ C:\Windows\setuperr.log
2013-08-07 06:58 - 2013-08-08 18:04 - 00006592 _____ C:\Windows\PFRO.log
2013-08-06 23:15 - 2013-08-07 06:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-06 23:15 - 2013-08-06 23:45 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-06 22:44 - 2013-07-27 22:22 - 00920245 _____ C:\Users\Jakub\Desktop\ADR.skb
2013-08-04 18:30 - 2013-08-04 18:30 - 00004360 _____ C:\{5ACCB3E3-B0C6-4972-913D-A311EBAA179C}
2013-08-03 17:55 - 2013-08-06 23:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-03 14:27 - 2013-08-08 15:21 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\WindowsHelp
2013-08-03 11:16 - 2013-08-03 11:16 - 00000000 ____D C:\Users\Jakub\AppData\Local\TechSmith
2013-08-03 11:12 - 2013-08-03 11:12 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\TechSmith
2013-08-02 21:25 - 2013-08-02 21:25 - 00000000 ____D C:\ProgramData\Caphyon
2013-08-02 21:24 - 2013-08-02 21:25 - 00000951 _____ C:\Users\Public\Desktop\QuadcoreM2.lnk
2013-08-02 21:22 - 2013-08-06 22:43 - 00000000 ____D C:\Program Files (x86)\QuadCoreM2
2013-08-02 21:07 - 2013-08-02 21:07 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Quadcore Games
2013-08-01 10:43 - 2013-08-06 15:28 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-08-01 09:06 - 2013-08-02 22:00 - 00000000 ____D C:\Users\Jakub\Desktop\Nová složka
2013-07-31 12:15 - 2013-07-31 19:02 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Origin
2013-07-31 12:15 - 2013-07-31 15:37 - 00000000 ____D C:\Users\Jakub\AppData\Local\Origin
2013-07-31 11:46 - 2013-08-08 12:14 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-31 11:46 - 2013-08-02 21:13 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-07-31 11:46 - 2013-07-31 11:46 - 00000979 _____ C:\Users\Public\Desktop\Origin.lnk
2013-07-30 23:04 - 2013-07-30 23:04 - 00001211 _____ C:\Users\Jakub\Desktop\Farming Simulator 2011 Platinum Edition.lnk
2013-07-30 23:02 - 2013-07-30 23:04 - 00000000 ____D C:\Program Files (x86)\Farming Simulator 2011
2013-07-30 21:31 - 2013-08-08 21:12 - 00000000 __SHD C:\ProgramData\Realtek0
2013-07-29 08:58 - 2013-07-29 08:58 - 00000000 ____D C:\Users\Jakub\AppData\Local\Apple Computer
2013-07-29 08:55 - 2013-08-07 21:17 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-07-29 08:52 - 2013-07-29 08:52 - 00000000 ____D C:\Users\Jakub\AppData\Local\Apple
2013-07-29 08:52 - 2013-07-29 08:52 - 00000000 ____D C:\ProgramData\Apple
2013-07-28 19:09 - 2013-08-04 21:24 - 00000000 ____D C:\Users\Jakub\Documents\panasonic
2013-07-28 17:35 - 2013-07-29 08:16 - 00000000 ____D C:\Users\Jakub\Desktop\ADR_CELKOVE
2013-07-28 17:12 - 2013-07-29 08:16 - 00000000 ____D C:\Users\Jakub\Desktop\ADR
2013-07-28 13:23 - 2013-07-28 13:23 - 00001083 _____ C:\Users\Jakub\Desktop\Dokumenty – zástupce.lnk
2013-07-27 22:47 - 2013-07-27 22:47 - 00001031 _____ C:\Users\Jakub\Desktop\PhotoScape.lnk
2013-07-27 22:22 - 2013-08-06 22:44 - 00473090 _____ C:\Users\Jakub\Desktop\ADR.skp
2013-07-27 18:26 - 2013-07-27 18:26 - 00001692 _____ C:\Users\Jakub\Desktop\FarmingSimulator2013.lnk
2013-07-27 10:07 - 2013-07-27 10:07 - 00003124 _____ C:\Windows\System32\Tasks\{338F2149-4DC5-4228-8891-E62F4882FD70}
2013-07-27 09:49 - 2013-07-27 09:49 - 00000000 ____D C:\ProgramData\Studio14Trial
2013-07-27 09:33 - 2013-07-27 09:33 - 00000000 ____D C:\ProgramData\PCTV Systems
2013-07-27 09:33 - 2013-07-27 09:33 - 00000000 ____D C:\Program Files (x86)\Pinnacle
2013-07-26 08:56 - 2013-07-26 08:56 - 00000000 ___RH C:\Users\Jakub\AppData\Roaming\ac40694a3ff1ef22befd55b563297d412
2013-07-26 08:47 - 2013-07-26 08:47 - 00000000 ____D C:\Users\Jakub\Documents\LoiLo
2013-07-25 20:29 - 2013-07-25 20:29 - 00000000 ____D C:\ProgramData\Panasonic
2013-07-25 20:26 - 2013-07-25 20:26 - 00000000 ____D C:\Users\Jakub\AppData\Local\Panasonic
2013-07-25 20:26 - 2011-08-04 11:45 - 00000188 _____ C:\Users\Public\Desktop\Download video editor LoiLoScope.url
2013-07-25 20:18 - 2007-06-22 00:10 - 00501912 _____ (SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\PICSDK2.dll
2013-07-25 20:18 - 2007-06-22 00:10 - 00000097 _____ C:\Windows\SysWOW64\PICSDK.ini
2013-07-25 20:18 - 2006-10-31 00:10 - 00120992 _____ (SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\EpPicPrt.dll
2013-07-25 20:18 - 2006-10-31 00:10 - 00071840 _____ (SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\EPPicMgr.dll
2013-07-25 20:18 - 2006-10-20 00:10 - 00108704 _____ (SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\PICEntry.dll
2013-07-25 20:18 - 2006-10-20 00:10 - 00080024 _____ (SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\PICSDK.dll
2013-07-25 20:18 - 2005-06-01 00:20 - 00111932 _____ C:\Windows\SysWOW64\EPPICPrinterDB.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00031053 _____ C:\Windows\SysWOW64\EPPICPattern131.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00027417 _____ C:\Windows\SysWOW64\EPPICPattern121.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00026154 _____ C:\Windows\SysWOW64\EPPICPattern1.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00024903 _____ C:\Windows\SysWOW64\EPPICPattern3.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00021390 _____ C:\Windows\SysWOW64\EPPICPattern5.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00020148 _____ C:\Windows\SysWOW64\EPPICPattern2.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00013732 _____ C:\Windows\SysWOW64\EPPICLocal_EN.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00011811 _____ C:\Windows\SysWOW64\EPPICPattern4.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00006442 _____ C:\Windows\SysWOW64\EPPICLocal_IT.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00006347 _____ C:\Windows\SysWOW64\EPPICLocal_PT.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00006347 _____ C:\Windows\SysWOW64\EPPICLocal_BP.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00006335 _____ C:\Windows\SysWOW64\EPPICLocal_GE.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00006195 _____ C:\Windows\SysWOW64\EPPICLocal_FR.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00006195 _____ C:\Windows\SysWOW64\EPPICLocal_CF.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00006122 _____ C:\Windows\SysWOW64\EPPICLocal_DU.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00006103 _____ C:\Windows\SysWOW64\EPPICLocal_ES.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00005817 _____ C:\Windows\SysWOW64\EPPICLocal_KO.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00005436 _____ C:\Windows\SysWOW64\EPPICLocal_SC.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00004943 _____ C:\Windows\SysWOW64\EPPICPattern6.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00002889 _____ C:\Windows\SysWOW64\EPPICLocal_RU.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00002426 _____ C:\Windows\SysWOW64\EPPICLocal_TC.cfg
2013-07-25 20:18 - 2004-03-03 06:10 - 00001146 _____ C:\Windows\SysWOW64\EPPICPresetData_DU.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00001139 _____ C:\Windows\SysWOW64\EPPICPresetData_PT.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00001139 _____ C:\Windows\SysWOW64\EPPICPresetData_BP.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00001136 _____ C:\Windows\SysWOW64\EPPICPresetData_ES.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00001129 _____ C:\Windows\SysWOW64\EPPICPresetData_FR.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00001129 _____ C:\Windows\SysWOW64\EPPICPresetData_CF.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00001120 _____ C:\Windows\SysWOW64\EPPICPresetData_IT.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00001107 _____ C:\Windows\SysWOW64\EPPICPresetData_GE.dat
2013-07-25 20:18 - 2004-03-03 06:10 - 00001104 _____ C:\Windows\SysWOW64\EPPICPresetData_EN.dat
2013-07-25 20:14 - 2013-08-01 10:28 - 00000000 ____D C:\Program Files (x86)\Panasonic
2013-07-25 20:14 - 2013-07-25 20:14 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2013-07-25 20:14 - 2013-07-25 20:14 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-07-25 20:14 - 2013-07-25 20:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-25 10:17 - 2013-04-12 13:52 - 00000266 _____ C:\Users\Jakub\Desktop\Dopsat do ModDescu.txt
2013-07-24 21:31 - 2013-07-29 12:15 - 00000000 ____D C:\Users\Jakub\Desktop\MP3
2013-07-24 19:36 - 2013-07-25 13:10 - 00001848 _____ C:\Users\Jakub\Desktop\Minecraft 1.6.2.lnk
2013-07-24 12:49 - 2013-07-24 12:49 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-07-23 10:14 - 2013-07-23 10:14 - 00000000 ____D C:\ProgramData\Pinnacle
2013-07-23 10:13 - 2013-07-23 10:13 - 00000000 ____D C:\Users\Jakub\AppData\Local\CRE
2013-07-23 10:12 - 2013-07-23 10:14 - 00000009 _____ C:\END
2013-07-23 08:58 - 2013-07-27 18:12 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2013-07-23 08:58 - 2013-07-27 18:12 - 00000000 ____D C:\Program Files (x86)\NCH Software
2013-07-23 08:58 - 2013-07-27 18:11 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\NCH Software
2013-07-23 08:58 - 2013-07-27 18:11 - 00000000 ____D C:\ProgramData\NCH Software
2013-07-22 21:51 - 2013-07-22 21:52 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Autodesk
2013-07-22 21:24 - 2013-07-22 21:24 - 00001792 _____ C:\Users\Public\Desktop\Autodesk Maya 2013 64-bit.lnk
2013-07-22 21:24 - 2013-07-22 21:24 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2013-07-22 21:17 - 2013-07-22 21:44 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2013-07-20 21:49 - 2013-07-20 21:49 - 00000000 ____D C:\Users\Jakub\AppData\Local\Minibar
2013-07-20 21:49 - 2013-07-20 21:49 - 00000000 ____D C:\Program Files (x86)\Minibar
2013-07-20 21:48 - 2013-07-20 22:07 - 00000000 ____D C:\Users\Jakub\AppData\Local\WebPlayer
2013-07-20 21:44 - 2013-07-21 09:51 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Seznam.cz
2013-07-20 13:00 - 2013-07-22 21:52 - 00000000 ____D C:\Users\Jakub\Documents\maya
2013-07-19 23:11 - 2013-07-23 10:23 - 00000000 ____D C:\Program Files (x86)\Autodesk
2013-07-19 14:07 - 2013-08-08 08:43 - 00000000 ____D C:\Users\Jakub\Desktop\WIP
2013-07-18 21:02 - 2013-07-20 10:46 - 00000000 ____D C:\Users\Jakub\HellSpy
2013-07-17 12:17 - 2013-07-17 12:17 - 00000000 ____D C:\Users\Jakub\Desktop\mod 1ku1
2013-07-17 09:09 - 2013-07-24 08:47 - 00000000 ____D C:\Users\Jakub\Desktop\Maya,textury
2013-07-16 15:02 - 2013-07-17 07:53 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Audacity
2013-07-15 20:53 - 2013-07-27 17:59 - 00000000 ____D C:\Users\Jakub\Desktop\Žně
2013-07-14 16:40 - 2013-08-07 21:35 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\.minecraft
2013-07-14 16:21 - 2013-07-14 16:21 - 00000000 ____D C:\Users\Jakub\AppData\Local\craften.de
2013-07-14 13:52 - 2013-07-14 13:52 - 00003042 _____ C:\Windows\System32\Tasks\{2E9CD692-7069-4BC4-9C1B-A8E8DAD56E1F}
2013-07-14 11:32 - 2013-07-14 11:32 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-07-13 19:25 - 2013-07-19 21:31 - 00000000 ____D C:\Users\Jakub\AppData\Local\Autodesk
2013-07-13 19:25 - 2013-07-17 08:44 - 00000000 ____D C:\ProgramData\FLEXnet
2013-07-13 18:25 - 2013-07-22 21:30 - 00000000 ____D C:\Program Files\Autodesk
2013-07-13 15:32 - 2013-07-13 15:32 - 00003120 _____ C:\Windows\SysWOW64\ALLFSAF8a.ocx
2013-07-13 09:10 - 2013-07-19 16:01 - 00000000 ____D C:\ProgramData\Autodesk
2013-07-12 00:09 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 00:09 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 00:09 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 00:09 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 00:09 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 00:09 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 00:09 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-12 00:09 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 00:09 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 00:09 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-12 00:09 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-12 00:09 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-12 00:09 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-12 00:09 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 00:09 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 00:09 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-12 00:09 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 00:09 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 00:09 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 00:09 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 00:09 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 00:09 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 00:09 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-12 00:09 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-12 00:09 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-12 00:09 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 00:09 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-12 00:09 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-12 00:09 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-12 00:09 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 00:09 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-11 13:56 - 2013-07-11 13:56 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\TunkDesign
2013-07-11 09:41 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 09:41 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 09:40 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 09:40 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 09:35 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 09:33 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 09:33 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 22:57 - 2013-07-10 23:07 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\HellSpy.cz Download Manager
2013-07-10 22:57 - 2013-07-10 22:57 - 00000000 ____D C:\Windows\UMStor
2013-07-10 22:57 - 2013-07-10 22:57 - 00000000 ____D C:\Program Files (x86)\USB Disk Win98 Driver
2013-07-10 22:57 - 2013-07-10 22:57 - 00000000 ____D C:\Program Files (x86)\HellSpy Klient
2013-07-10 22:57 - 2003-11-21 18:09 - 00201736 ____N (USB Compliance) C:\Windows\SysWOW64\Drivers\UMSTOR.sys

==================== One Month Modified Files and Folders =======

2013-08-08 22:49 - 2013-08-08 22:49 - 00000000 ____D C:\Users\Jakub\AppData\Local\qb4DB471.84
2013-08-08 22:49 - 2013-08-08 22:49 - 00000000 ____D C:\FRST
2013-08-08 22:48 - 2013-08-08 22:48 - 00000000 ____D C:\Users\Jakub\AppData\Local\qb4CD3E3.9F
2013-08-08 22:38 - 2013-08-08 22:34 - 00875008 _____ (Ufasoft) C:\Windows\SysWOW64\usft_ext.dll
2013-08-08 22:37 - 2013-08-08 21:55 - 00003130 _____ C:\Windows\System32\Tasks\DLL-files.com Fixer
2013-08-08 22:36 - 2013-08-08 22:36 - 00001088 _____ C:\Users\Jakub\Desktop\DLL-Files.com FIXER.lnk
2013-08-08 22:36 - 2013-08-08 21:38 - 00000000 ____D C:\Program Files (x86)\Dll-Files.com Fixer
2013-08-08 22:34 - 2013-08-08 22:34 - 00003018 _____ C:\Windows\System32\Tasks\DLL-Files.Com Fixer_MONTHLY
2013-08-08 22:34 - 2013-08-08 22:34 - 00000276 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2013-08-08 22:34 - 2013-08-08 21:39 - 00003112 _____ C:\Windows\System32\Tasks\RDReminder
2013-08-08 22:34 - 2013-08-08 21:39 - 00003032 _____ C:\Windows\System32\Tasks\DLL-Files.Com Fixer_Updates
2013-08-08 22:34 - 2013-08-08 21:39 - 00000292 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2013-08-08 22:34 - 2013-08-08 21:38 - 00001088 _____ C:\Users\Public\Desktop\Dll-Files Fixer.lnk
2013-08-08 22:33 - 2013-08-07 20:28 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-08 22:32 - 2013-08-08 22:30 - 04241280 _____ (Dll-Files.com ) C:\Users\Jakub\Downloads\dffsetup-usft_ext.exe
2013-08-08 22:17 - 2013-03-23 19:41 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA.job
2013-08-08 22:12 - 2012-12-27 20:27 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-08 22:07 - 2012-12-27 20:35 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Skype
2013-08-08 21:56 - 2013-06-23 18:26 - 00000000 ____D C:\Users\Jakub\Desktop\Hry
2013-08-08 21:54 - 2013-05-11 21:06 - 00029696 ____H C:\Users\Jakub\Desktop\photothumb.db
2013-08-08 21:51 - 2013-08-08 21:46 - 09115097 _____ C:\Users\Jakub\Downloads\DDL-registry-fixer--+-crack-by-meny-363.rar
2013-08-08 21:44 - 2013-08-08 21:46 - 00200704 _____ (Tencent Technology (Shenzhen) Company Limited) C:\Windows\Miner.dll
2013-08-08 21:44 - 2013-08-08 21:44 - 00200704 _____ (Tencent Technology (Shenzhen) Company Limited) C:\Users\Jakub\Downloads\Miner.dll
2013-08-08 21:44 - 2013-08-08 21:39 - 00200704 _____ (Tencent Technology (Shenzhen) Company Limited) C:\Windows\SysWOW64\miner.dll
2013-08-08 21:39 - 2013-08-08 21:39 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\dll-files.com
2013-08-08 21:36 - 2013-08-08 21:34 - 04241280 _____ (Dll-Files.com ) C:\Users\Jakub\Downloads\dffsetup-miner.exe
2013-08-08 21:33 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-08 21:33 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-08 21:25 - 2013-08-07 20:28 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-08 21:25 - 2013-01-02 11:15 - 00000000 ____D C:\Users\Jakub\AppData\Local\LogMeIn Hamachi
2013-08-08 21:24 - 2013-08-07 06:59 - 00000392 _____ C:\Windows\setupact.log
2013-08-08 21:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-08 21:23 - 2013-08-07 07:22 - 00002842 _____ C:\Windows\WindowsUpdate.log
2013-08-08 21:12 - 2013-07-30 21:31 - 00000000 __SHD C:\ProgramData\Realtek0
2013-08-08 21:12 - 2013-01-14 21:56 - 00000000 ____D C:\Users\Jakub\AppData\Local\Adobe
2013-08-08 20:46 - 2013-08-08 22:49 - 01790169 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2013-08-08 18:04 - 2013-08-07 06:58 - 00006592 _____ C:\Windows\PFRO.log
2013-08-08 15:29 - 2011-04-12 10:34 - 00631276 _____ C:\Windows\system32\perfh005.dat
2013-08-08 15:29 - 2011-04-12 10:34 - 00121930 _____ C:\Windows\system32\perfc005.dat
2013-08-08 15:29 - 2009-07-14 07:13 - 01470124 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-08 15:26 - 2012-12-23 21:31 - 00000000 ____D C:\Users\Jakub
2013-08-08 15:21 - 2013-08-03 14:27 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\WindowsHelp
2013-08-08 15:06 - 2013-05-09 17:16 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA.job
2013-08-08 13:26 - 2013-08-08 13:26 - 00003592 _____ C:\{4682CB97-5CA0-4BED-81E1-2DB6282B2728}
2013-08-08 13:16 - 2013-01-16 10:35 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{322A0D83-6404-49A6-868A-3920450831EE}
2013-08-08 12:27 - 2013-08-08 12:27 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-08 12:27 - 2013-08-08 12:27 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Malwarebytes
2013-08-08 12:27 - 2013-08-08 12:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-08 12:27 - 2013-08-08 12:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-08 12:27 - 2013-08-08 12:25 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\NexusFile
2013-08-08 12:26 - 2013-08-08 12:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jakub\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-08 12:25 - 2013-08-08 12:25 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\cryptlib
2013-08-08 12:25 - 2012-12-29 19:38 - 00000000 ____D C:\Users\Jakub\AppData\Local\CrashDumps
2013-08-08 12:21 - 2013-08-08 12:21 - 00001019 _____ C:\Users\Public\Desktop\NexusFile.lnk
2013-08-08 12:21 - 2013-08-08 12:21 - 00000000 ____D C:\Program Files (x86)\NexusFile
2013-08-08 12:19 - 2013-08-08 12:19 - 03046270 _____ (xiles ) C:\Users\Jakub\Downloads\NexusFileSetup5.3.1.exe
2013-08-08 12:14 - 2013-07-31 11:46 - 00000000 ____D C:\Program Files (x86)\Origin
2013-08-08 09:25 - 2013-08-08 09:23 - 00000000 ____D C:\Users\Jakub\Desktop\Nová složka (2)
2013-08-08 08:43 - 2013-07-19 14:07 - 00000000 ____D C:\Users\Jakub\Desktop\WIP
2013-08-08 08:22 - 2013-08-08 08:22 - 00004280 _____ C:\{C7F36A59-8335-4F88-8379-484E33D943BF}
2013-08-07 21:35 - 2013-07-14 16:40 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\.minecraft
2013-08-07 21:17 - 2013-07-29 08:55 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-08-07 21:11 - 2012-12-23 21:32 - 00000000 ___RD C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-07 21:06 - 2013-05-09 17:16 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core.job
2013-08-07 20:39 - 2013-08-07 20:39 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-07 20:39 - 2013-02-02 09:50 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-07 20:39 - 2012-12-29 15:37 - 00000000 ____D C:\Users\Jakub\AppData\Local\Google
2013-08-07 20:28 - 2013-08-07 20:28 - 00003946 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-08-07 20:28 - 2013-08-07 20:28 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-08-07 20:14 - 2013-08-07 20:14 - 00004360 _____ C:\{9A6022A5-1205-4721-81E5-3A15435A46D0}
2013-08-07 19:12 - 2013-01-16 11:08 - 00000000 ____D C:\Users\Jakub\AppData\Local\Paint.NET
2013-08-07 14:26 - 2013-08-07 14:26 - 00616960 _____ C:\Users\Jakub\Desktop\generator.exe
2013-08-07 13:41 - 2013-08-07 13:41 - 00000000 ____D C:\Users\Jakub\Documents\Clownfish Avatars
2013-08-07 09:19 - 2013-05-18 19:08 - 00000000 ____D C:\Program Files (x86)\Farming Simulator 2013
2013-08-07 09:18 - 2013-08-07 09:18 - 00001901 _____ C:\Users\Jakub\Desktop\Clownfish.lnk
2013-08-07 09:18 - 2013-08-07 09:18 - 00000000 ____D C:\Program Files (x86)\Clownfish
2013-08-07 09:18 - 2012-12-25 16:20 - 00000000 ____D C:\Users\Jakub\Documents\My Games
2013-08-07 08:25 - 2013-08-07 08:25 - 00001211 _____ C:\Users\Jakub\Desktop\Farming Simulator 2013 .lnk
2013-08-07 08:01 - 2013-08-07 08:01 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\TeamViewer
2013-08-07 07:08 - 2012-12-27 20:27 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-07 07:08 - 2012-12-27 20:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-07 07:08 - 2012-12-27 20:27 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-07 06:59 - 2013-08-07 06:59 - 00000000 _____ C:\Windows\setuperr.log
2013-08-07 06:58 - 2013-08-06 23:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-06 23:45 - 2013-08-06 23:15 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-06 23:45 - 2013-08-03 17:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-06 23:16 - 2012-12-27 20:13 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Mozilla
2013-08-06 23:15 - 2013-05-04 09:52 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\TS3Client
2013-08-06 23:15 - 2013-03-27 18:00 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\uTorrent
2013-08-06 23:15 - 2012-12-25 15:52 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\DAEMON Tools Lite
2013-08-06 23:15 - 2012-12-23 21:23 - 00000000 ____D C:\Windows\Panther
2013-08-06 23:12 - 2012-12-23 21:55 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-06 22:44 - 2013-07-27 22:22 - 00473090 _____ C:\Users\Jakub\Desktop\ADR.skp
2013-08-06 22:43 - 2013-08-02 21:22 - 00000000 ____D C:\Program Files (x86)\QuadCoreM2
2013-08-06 19:26 - 2013-06-23 18:25 - 00000000 ___RD C:\Users\Jakub\Desktop\Programy
2013-08-06 15:28 - 2013-08-01 10:43 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-08-04 21:24 - 2013-07-28 19:09 - 00000000 ____D C:\Users\Jakub\Documents\panasonic
2013-08-04 18:30 - 2013-08-04 18:30 - 00004360 _____ C:\{5ACCB3E3-B0C6-4972-913D-A311EBAA179C}
2013-08-03 11:16 - 2013-08-03 11:16 - 00000000 ____D C:\Users\Jakub\AppData\Local\TechSmith
2013-08-03 11:12 - 2013-08-03 11:12 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\TechSmith
2013-08-02 22:00 - 2013-08-01 09:06 - 00000000 ____D C:\Users\Jakub\Desktop\Nová složka
2013-08-02 21:25 - 2013-08-02 21:25 - 00000000 ____D C:\ProgramData\Caphyon
2013-08-02 21:25 - 2013-08-02 21:24 - 00000951 _____ C:\Users\Public\Desktop\QuadcoreM2.lnk
2013-08-02 21:13 - 2013-07-31 11:46 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-08-02 21:07 - 2013-08-02 21:07 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Quadcore Games
2013-08-01 22:58 - 2012-12-23 23:55 - 00000000 ____D C:\ProgramData\Norton
2013-08-01 22:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-08-01 10:28 - 2013-07-25 20:14 - 00000000 ____D C:\Program Files (x86)\Panasonic
2013-07-31 19:02 - 2013-07-31 12:15 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Origin
2013-07-31 15:37 - 2013-07-31 12:15 - 00000000 ____D C:\Users\Jakub\AppData\Local\Origin
2013-07-31 12:17 - 2013-02-23 19:47 - 00000000 ____D C:\ProgramData\Origin
2013-07-31 11:46 - 2013-07-31 11:46 - 00000979 _____ C:\Users\Public\Desktop\Origin.lnk
2013-07-31 11:19 - 2013-04-25 08:31 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-07-31 07:40 - 2013-03-20 19:36 - 00000000 ____D C:\ProgramData\Sony
2013-07-30 23:49 - 2013-03-11 22:02 - 00000000 ____D C:\FFOutput
2013-07-30 23:04 - 2013-07-30 23:04 - 00001211 _____ C:\Users\Jakub\Desktop\Farming Simulator 2011 Platinum Edition.lnk
2013-07-30 23:04 - 2013-07-30 23:02 - 00000000 ____D C:\Program Files (x86)\Farming Simulator 2011
2013-07-30 09:18 - 2012-12-29 14:50 - 00000000 ____D C:\Users\Jakub\AppData\Local\Windows Live
2013-07-29 12:15 - 2013-07-24 21:31 - 00000000 ____D C:\Users\Jakub\Desktop\MP3
2013-07-29 10:20 - 2013-04-27 10:48 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Apple Computer
2013-07-29 08:58 - 2013-07-29 08:58 - 00000000 ____D C:\Users\Jakub\AppData\Local\Apple Computer
2013-07-29 08:52 - 2013-07-29 08:52 - 00000000 ____D C:\Users\Jakub\AppData\Local\Apple
2013-07-29 08:52 - 2013-07-29 08:52 - 00000000 ____D C:\ProgramData\Apple
2013-07-29 08:16 - 2013-07-28 17:35 - 00000000 ____D C:\Users\Jakub\Desktop\ADR_CELKOVE
2013-07-29 08:16 - 2013-07-28 17:12 - 00000000 ____D C:\Users\Jakub\Desktop\ADR
2013-07-28 20:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-28 13:47 - 2013-05-11 15:41 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\.technic
2013-07-28 13:23 - 2013-07-28 13:23 - 00001083 _____ C:\Users\Jakub\Desktop\Dokumenty – zástupce.lnk
2013-07-27 22:48 - 2013-06-08 22:13 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2013-07-27 22:47 - 2013-07-27 22:47 - 00001031 _____ C:\Users\Jakub\Desktop\PhotoScape.lnk
2013-07-27 22:22 - 2013-08-06 22:44 - 00920245 _____ C:\Users\Jakub\Desktop\ADR.skb
2013-07-27 19:56 - 2013-03-20 19:35 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Sony
2013-07-27 18:26 - 2013-07-27 18:26 - 00001692 _____ C:\Users\Jakub\Desktop\FarmingSimulator2013.lnk
2013-07-27 18:12 - 2013-07-23 08:58 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2013-07-27 18:12 - 2013-07-23 08:58 - 00000000 ____D C:\Program Files (x86)\NCH Software
2013-07-27 18:11 - 2013-07-23 08:58 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\NCH Software
2013-07-27 18:11 - 2013-07-23 08:58 - 00000000 ____D C:\ProgramData\NCH Software
2013-07-27 17:59 - 2013-07-15 20:53 - 00000000 ____D C:\Users\Jakub\Desktop\Žně
2013-07-27 10:07 - 2013-07-27 10:07 - 00003124 _____ C:\Windows\System32\Tasks\{338F2149-4DC5-4228-8891-E62F4882FD70}
2013-07-27 09:49 - 2013-07-27 09:49 - 00000000 ____D C:\ProgramData\Studio14Trial
2013-07-27 09:33 - 2013-07-27 09:33 - 00000000 ____D C:\ProgramData\PCTV Systems
2013-07-27 09:33 - 2013-07-27 09:33 - 00000000 ____D C:\Program Files (x86)\Pinnacle
2013-07-26 08:56 - 2013-07-26 08:56 - 00000000 ___RH C:\Users\Jakub\AppData\Roaming\ac40694a3ff1ef22befd55b563297d412
2013-07-26 08:47 - 2013-07-26 08:47 - 00000000 ____D C:\Users\Jakub\Documents\LoiLo
2013-07-26 07:37 - 2012-12-25 15:59 - 00070304 _____ C:\Users\Jakub\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-26 07:36 - 2009-07-14 06:45 - 00293648 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-25 20:29 - 2013-07-25 20:29 - 00000000 ____D C:\ProgramData\Panasonic
2013-07-25 20:26 - 2013-07-25 20:26 - 00000000 ____D C:\Users\Jakub\AppData\Local\Panasonic
2013-07-25 20:14 - 2013-07-25 20:14 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2013-07-25 20:14 - 2013-07-25 20:14 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-07-25 20:14 - 2013-07-25 20:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-25 20:14 - 2012-12-29 15:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-25 13:10 - 2013-07-24 19:36 - 00001848 _____ C:\Users\Jakub\Desktop\Minecraft 1.6.2.lnk
2013-07-24 12:49 - 2013-07-24 12:49 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-07-24 08:47 - 2013-07-17 09:09 - 00000000 ____D C:\Users\Jakub\Desktop\Maya,textury
2013-07-23 10:23 - 2013-07-19 23:11 - 00000000 ____D C:\Program Files (x86)\Autodesk
2013-07-23 10:14 - 2013-07-23 10:14 - 00000000 ____D C:\ProgramData\Pinnacle
2013-07-23 10:14 - 2013-07-23 10:12 - 00000009 _____ C:\END
2013-07-23 10:13 - 2013-07-23 10:13 - 00000000 ____D C:\Users\Jakub\AppData\Local\CRE
2013-07-23 10:13 - 2013-02-15 18:49 - 00000000 ____D C:\Users\Jakub\AppData\Local\Downloaded Installations
2013-07-22 21:52 - 2013-07-22 21:51 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Autodesk
2013-07-22 21:52 - 2013-07-20 13:00 - 00000000 ____D C:\Users\Jakub\Documents\maya
2013-07-22 21:44 - 2013-07-22 21:17 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2013-07-22 21:30 - 2013-07-13 18:25 - 00000000 ____D C:\Program Files\Autodesk
2013-07-22 21:24 - 2013-07-22 21:24 - 00001792 _____ C:\Users\Public\Desktop\Autodesk Maya 2013 64-bit.lnk
2013-07-22 21:24 - 2013-07-22 21:24 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2013-07-21 09:51 - 2013-07-20 21:44 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Seznam.cz
2013-07-20 22:07 - 2013-07-20 21:48 - 00000000 ____D C:\Users\Jakub\AppData\Local\WebPlayer
2013-07-20 21:49 - 2013-07-20 21:49 - 00000000 ____D C:\Users\Jakub\AppData\Local\Minibar
2013-07-20 21:49 - 2013-07-20 21:49 - 00000000 ____D C:\Program Files (x86)\Minibar
2013-07-20 12:17 - 2013-01-06 19:52 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-20 10:46 - 2013-07-18 21:02 - 00000000 ____D C:\Users\Jakub\HellSpy
2013-07-19 21:31 - 2013-07-13 19:25 - 00000000 ____D C:\Users\Jakub\AppData\Local\Autodesk
2013-07-19 16:01 - 2013-07-13 09:10 - 00000000 ____D C:\ProgramData\Autodesk
2013-07-18 17:46 - 2012-12-27 20:35 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-17 12:17 - 2013-07-17 12:17 - 00000000 ____D C:\Users\Jakub\Desktop\mod 1ku1
2013-07-17 09:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-17 08:44 - 2013-07-13 19:25 - 00000000 ____D C:\ProgramData\FLEXnet
2013-07-17 08:44 - 2013-05-11 21:05 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\PhotoScape
2013-07-17 08:44 - 2012-12-25 15:51 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-07-17 07:53 - 2013-07-16 15:02 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Audacity
2013-07-15 13:36 - 2013-01-08 17:30 - 00000000 ____D C:\Fraps
2013-07-14 16:39 - 2013-05-20 21:27 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Minecraft Version Changer
2013-07-14 16:21 - 2013-07-14 16:21 - 00000000 ____D C:\Users\Jakub\AppData\Local\craften.de
2013-07-14 14:03 - 2012-12-29 13:16 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-07-14 13:52 - 2013-07-14 13:52 - 00003042 _____ C:\Windows\System32\Tasks\{2E9CD692-7069-4BC4-9C1B-A8E8DAD56E1F}
2013-07-14 11:32 - 2013-07-14 11:32 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-07-13 21:36 - 2013-03-19 09:32 - 00000000 ____D C:\Program Files (x86)\GIANTS Software
2013-07-13 15:32 - 2013-07-13 15:32 - 00003120 _____ C:\Windows\SysWOW64\ALLFSAF8a.ocx
2013-07-13 03:16 - 2013-03-23 19:41 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core.job
2013-07-13 03:12 - 2013-03-23 19:41 - 00003932 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA
2013-07-13 03:12 - 2013-03-23 19:41 - 00003536 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core
2013-07-12 11:20 - 2013-03-14 04:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 11:20 - 2013-03-14 04:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 11:20 - 2011-04-12 10:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 11:20 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 11:20 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-11 13:56 - 2013-07-11 13:56 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\TunkDesign
2013-07-10 23:07 - 2013-07-10 22:57 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\HellSpy.cz Download Manager
2013-07-10 22:57 - 2013-07-10 22:57 - 00000000 ____D C:\Windows\UMStor
2013-07-10 22:57 - 2013-07-10 22:57 - 00000000 ____D C:\Program Files (x86)\USB Disk Win98 Driver
2013-07-10 22:57 - 2013-07-10 22:57 - 00000000 ____D C:\Program Files (x86)\HellSpy Klient
2013-07-10 22:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system
2013-07-10 21:46 - 2012-12-27 20:35 - 00000000 ____D C:\ProgramData\Skype

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

Files to move or delete:
====================
ZeroAccess:
C:\Users\Jakub\AppData\Local\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}
ZeroAccess:
C:\Program Files (x86)\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender


LastRegBack: 2013-07-28 20:27

==================== Scheduled Tasks (whitelisted) ===========

Task: {0D61D2AC-5B53-49AC-96B3-6BFE262A7569} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {23866F9C-B8E9-4815-A7AA-5CC7E2D8A9B1} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com No File
Task: {2E88A665-5848-4D4A-9B80-C82CD174A089} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-07] (Google Inc.)
Task: {35BCA493-B186-4F32-ABD3-446DA597530F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {572CA613-858D-44BA-AF98-8BF2FE330CB5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-25] (Piriform Ltd)
Task: {5A44F451-5544-43ED-A43D-C6314BD1F549} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {5FD785A8-6EC7-4A34-8C65-F83F29E836F4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA => C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-02] (Google Inc.)
Task: {6C5A4A5F-AA64-48C7-A2AF-0D09B1FDE63E} - System32\Tasks\DLL-files.com Fixer => C:\Program Files (x86)\Dll-Files.com No File
Task: {6C9F6112-BFC1-43FD-A1FA-88A36D1E6A03} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com No File
Task: {8E68D10A-482B-4620-B60B-60A95BD285CA} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {9938B4AD-1B48-4AD0-A46F-0EA160E3B0E7} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe No File
Task: {A63837F5-D896-45EA-AF4D-8E07AAF0C66B} - System32\Tasks\ASUS\i-Setup203720 => C:\Windows\SNB\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: {AC8329A8-60BF-4757-A282-01AC703EE75A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA => C:\Users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-21] (Facebook Inc.)
Task: {AFB71979-A7ED-4948-9164-3785539DE3A2} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: {B7E62EF3-A927-4E4C-BC6B-B6B85CE60E65} - System32\Tasks\{230889EB-BF19-4D07-9948-F9D95434B189} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {B948D72C-CBBD-42C5-B0EF-2A4FDA28DF52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-07] (Google Inc.)
Task: {D75DC2B7-F62B-44C3-8F24-16C968661B26} - System32\Tasks\{F7F69058-F66A-4E22-A41B-F644C74274A0} => C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\Silverlight.Configuration.exe No File
Task: {DB598478-7F19-4DDA-B5AE-68B5E0A06136} - System32\Tasks\User_Feed_Synchronization-{322A0D83-6404-49A6-868A-3920450831EE} => C:\Windows\system32\msfeedssync.exe [2013-03-30] (Microsoft Corporation)
Task: {DE2A26D8-14D4-4673-8D72-C22BC895D9A8} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {E50D0BF3-EF28-413A-8F54-2B3A0CC5A248} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com No File
Task: {F722C8AB-7719-4859-AE0D-730A4C77B065} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-07] (Adobe Systems Incorporated)
Task: {F753E190-9A07-484D-9F30-5112DFE2694F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core => C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-02] (Google Inc.)
Task: {FFA22697-144A-4EB0-9FD5-CDAB757D6019} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core => C:\Users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-21] (Facebook Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core.job => C:\Users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA.job => C:\Users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core.job => C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA.job => C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Supplementary Scan (All) ================



[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000005
"ConsentPromptBehaviorUser"=dword:00000003
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000001
"EnableSecureUIAPaths"=dword:00000001
"EnableUIADesktopToggle"=dword:00000000
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=dword:00000001
"NoActiveDesktopChanges"=dword:00000001
"ForceActiveDesktopOn"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=dword:00000001
"AntiVirusOverride"=dword:00000000
"AntiSpywareOverride"=dword:00000000
"FirewallOverride"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.msadpcm"="msadp32.acm"
"midimapper"="midimap.dll"
"wavemapper"="msacm32.drv"
"VIDC.UYVY"="msyuv.dll"
"VIDC.YUY2"="msyuv.dll"
"VIDC.YVYU"="msyuv.dll"
"VIDC.IYUV"="iyuv_32.dll"
"vidc.i420"="iyuv_32.dll"
"VIDC.YVU9"="tsbyuv.dll"
"msacm.l3acm"="C:\\Windows\\System32\\l3codeca.acm"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"
"VIDC.FPS1"="frapsv64.dll"
"MSVideo8"="VfWWDM32.dll"
"wave1"="wdmaud.drv"
"mixer1"="wdmaud.drv"
"wave2"="wdmaud.drv"
"midi1"="wdmaud.drv"
"mixer2"="wdmaud.drv"
"aux1"="wdmaud.drv"
"wave3"="wdmaud.drv"
"midi2"="wdmaud.drv"
"mixer3"="wdmaud.drv"
"aux2"="wdmaud.drv"
"wave4"="wdmaud.drv"
"midi3"="wdmaud.drv"
"mixer4"="wdmaud.drv"
"aux3"="wdmaud.drv"
"vidc.tscc"="C:\\Windows\\SysWOW64\\tsccvid64.dll"
"vidc.tsc2"="C:\\Windows\\SysWOW64\\tsc2_codec64.dll"


==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:74.43 GB) (Free:31.32 GB) NTFS (Disk=0 Partition=2)
Drive d: (FMS2013) (CDROM) (Total:1.51 GB) (Free:0 GB) CDFS
Drive e: () (Removable) (Total:0.96 GB) (Free:0.53 GB) FAT (Disk=1 Partition=1)

Available physical RAM: 1691.09 MB
Total physical RAM: 3785.84 MB
Percentage of memory in use: 55%

==================== End Of Log ==============================

Log ke stažení zde:http://www.uschovna.cz/zasilka/P87BPMF2T3DW24WK-GCY

[vyosek]

No nic, vezmem to cestou nejmensiho odporu a rychleho reseni

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[KachnaCZ]

Dobré ráno Vám přeji
Tady je log:Rkill 2.6.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/09/2013 10:17:33 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\UMStor\Res.exe (PID: 1428) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Jakub\Desktop\rkill\rkill-08-09-2013-10-17-42.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* C:\Program Files (x86)\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\ [ZA Dir]
* C:\Program Files (x86)\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\ \ [ZA Dir]
* C:\Program Files (x86)\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\ \...\ [ZA Dir]
* C:\Program Files (x86)\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\ \...\ﯹ๛\ [ZA Dir]
* C:\Program Files (x86)\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\ \...\ﯹ๛\{dd823e03-2fde-7196-b182-afef762ac958}\ [ZA Dir]
* C:\Users\Jakub\AppData\Local\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\ [ZA Dir]
* C:\Users\Jakub\AppData\Local\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\❤≸⋙\ [ZA Dir]
* C:\Users\Jakub\AppData\Local\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\❤≸⋙\Ⱒ☠⍨\ [ZA Dir]
* C:\Users\Jakub\AppData\Local\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\ [ZA Dir]
* C:\Users\Jakub\AppData\Local\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{dd823e03-2fde-7196-b182-afef762ac958}\ [ZA Dir]
* C:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
* C:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

* ALERT: ZEROACCESS Reparse Point/Junction found!

* C:\Program Files\Windows Defender\cs-CZ => c:\windows\system32\config\ [Dir]
* C:\Program Files\Windows Defender\MpAsDesc.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MpClient.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MpCmdRun.exe => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MpCommu.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MpEvMsg.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MpOAV.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MpRTP.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MpSvc.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MSASCui.exe => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MsMpCom.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MsMpLics.dll => c:\windows\system32\config [File]
* C:\Program Files\Windows Defender\MsMpRes.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender-events_31bf3856ad364e35_6.1.7600.16385_none_118cf1dcd54a3dea\MpEvMsg.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MpAsDesc.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MpCmdRun.exe => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MpOAV.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MpRTP.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MSASCui.exe => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MsMpCom.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MsMpLics.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MsMpRes.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpAsDesc.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpClient.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpCmdRun.exe => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpCommu.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpOAV.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpRTP.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpSvc.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MSASCui.exe => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MsMpCom.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MsMpLics.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MsMpRes.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MpAsDesc.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MpCmdRun.exe => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MpOAV.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MpRTP.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MSASCui.exe => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MsMpCom.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MsMpLics.dll => c:\windows\system32\config [File]
* C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MsMpRes.dll => c:\windows\system32\config [File]

Checking Windows Service Integrity:

* WinDefend (WinDefend) is not Running.
Startup Type set to: Automatic (Delayed Start)

* BITS [Missing Service]
* PcaSvc [Missing Service]
* wuauserv [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 08/09/2013 10:18:38 AM
Execution time: 0 hours(s), 1 minute(s), and 4 seconds(s)

[vyosek]

No parada Vzhuru do ComboFixu, ten s tim zatoci

[KachnaCZ]

Log z Combofixu:
ComboFix 13-08-07.01 - Jakub 09.08.2013 11:08:20.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3786.2399 [GMT 2:00]
Spuštěný z: c:\users\Jakub\Desktop\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
C:\install.exe
c:\program files (x86)\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\9519~1\A535~1\E628~1\{dd823e03-2fde-7196-b182-afef762ac958}\@
c:\program files (x86)\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\9519~1\A535~1\E628~1\{dd823e03-2fde-7196-b182-afef762ac958}\L\201d3dde
c:\program files (x86)\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\9519~1\A535~1\E628~1\{dd823e03-2fde-7196-b182-afef762ac958}\L\6715e287
c:\program files (x86)\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\9519~1\A535~1\E628~1\{dd823e03-2fde-7196-b182-afef762ac958}\L\76603ac3
c:\program files (x86)\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\9519~1\A535~1\E628~1\{dd823e03-2fde-7196-b182-afef762ac958}\U\00000008.@
c:\program files (x86)\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\9519~1\A535~1\E628~1\{dd823e03-2fde-7196-b182-afef762ac958}\U\80000000.@
c:\program files (x86)\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\9519~1\A535~1\E628~1\{dd823e03-2fde-7196-b182-afef762ac958}\U\80000032.@
c:\program files (x86)\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\9519~1\A535~1\E628~1\{dd823e03-2fde-7196-b182-afef762ac958}\U\80000064.@
c:\programdata\Realtek0\qxjkxkfrd.exe
c:\users\Jakub\AppData\Local\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\2E2F~1\28F0~1\E628~1\{dd823e03-2fde-7196-b182-afef762ac958}\@
c:\users\Jakub\AppData\Local\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\2E2F~1\28F0~1\E628~1\{dd823e03-2fde-7196-b182-afef762ac958}\U\00000008.@
c:\users\Jakub\AppData\Local\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\2E2F~1\28F0~1\E628~1\{dd823e03-2fde-7196-b182-afef762ac958}\U\80000000.@
c:\users\Jakub\AppData\Local\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\2E2F~1\28F0~1\E628~1\{dd823e03-2fde-7196-b182-afef762ac958}\U\80000032.@
c:\users\Jakub\AppData\Local\Google\Desktop\Install\{dd823e03-2fde-7196-b182-afef762ac958}\2E2F~1\28F0~1\E628~1\{dd823e03-2fde-7196-b182-afef762ac958}\U\80000064.@
c:\users\Jakub\AppData\Local\Minibar\common.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome.manifest
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\content.xul
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\extension_info.json
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\icons\icon128.png
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\icons\icon19.png
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\icons\icon32.png
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\icons\icon48.png
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\initial_config.json
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\button.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\popup.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\popup_window.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\popup_window.xul
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\bottom-left.png
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\bottom-middle.png
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\bottom-right.png
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\middle-left.png
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\middle-right.png
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\style.css
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\tail-bottom.png
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\tail-left.png
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\tail-right.png
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\tail-top.png
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\top-left.png
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\top-middle.png
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\top-right.png
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\toolbar.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\toolbar_stub.html
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango-ui\ui.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango\browser.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango\console.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango\event_listener.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango\initialize.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango\io.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango\jsonstorage.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango\kango.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango\lang.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango\messaging.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango\storage.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango\uninstall_observer.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango\userscript_engine.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\kango\xhr.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\main.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\minibar\actions.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\minibar\cachedxhr.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\minibar\config.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\minibar\homepage_helper.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\minibar\macros.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\minibar\minibar.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\minibar\search_helper.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\minibar\search_hook.js
c:\users\Jakub\AppData\Local\Minibar\firefox\chrome\content\minibar\tabpage_helper.js
c:\users\Jakub\AppData\Local\Minibar\firefox\install.rdf
c:\users\Jakub\AppData\Local\Minibar\firefox\plugins\npMinibarPlugin.dll
c:\users\Jakub\AppData\Local\Minibar\firefox_installer.js
c:\users\Jakub\AppData\Local\Minibar\chrome.crx
c:\users\Jakub\AppData\Local\Minibar\chrome.pem
c:\users\Jakub\AppData\Local\Minibar\chrome\background.html
c:\users\Jakub\AppData\Local\Minibar\chrome\cached_http_request.js
c:\users\Jakub\AppData\Local\Minibar\chrome\extension_info.json
c:\users\Jakub\AppData\Local\Minibar\chrome\icons\icon128.png
c:\users\Jakub\AppData\Local\Minibar\chrome\icons\icon19.png
c:\users\Jakub\AppData\Local\Minibar\chrome\icons\icon32.png
c:\users\Jakub\AppData\Local\Minibar\chrome\icons\icon48.png
c:\users\Jakub\AppData\Local\Minibar\chrome\includes\content.js
c:\users\Jakub\AppData\Local\Minibar\chrome\includes\content_kango.js
c:\users\Jakub\AppData\Local\Minibar\chrome\includes\content_menu.js
c:\users\Jakub\AppData\Local\Minibar\chrome\includes\content_messaging.js
c:\users\Jakub\AppData\Local\Minibar\chrome\includes\content_pageutils.js
c:\users\Jakub\AppData\Local\Minibar\chrome\includes\content_popup.js
c:\users\Jakub\AppData\Local\Minibar\chrome\includes\content_toolbar.js
c:\users\Jakub\AppData\Local\Minibar\chrome\includes\content_toolbar_customfixes.js
c:\users\Jakub\AppData\Local\Minibar\chrome\includes\content_userscript.js
c:\users\Jakub\AppData\Local\Minibar\chrome\initial_config.json
c:\users\Jakub\AppData\Local\Minibar\chrome\kango-ui\button.js
c:\users\Jakub\AppData\Local\Minibar\chrome\kango-ui\toolbar.js
c:\users\Jakub\AppData\Local\Minibar\chrome\kango-ui\ui.js
c:\users\Jakub\AppData\Local\Minibar\chrome\kango\browser.js
c:\users\Jakub\AppData\Local\Minibar\chrome\kango\console.js
c:\users\Jakub\AppData\Local\Minibar\chrome\kango\event_listener.js
c:\users\Jakub\AppData\Local\Minibar\chrome\kango\initialize.js
c:\users\Jakub\AppData\Local\Minibar\chrome\kango\io.js
c:\users\Jakub\AppData\Local\Minibar\chrome\kango\jsonstorage.js
c:\users\Jakub\AppData\Local\Minibar\chrome\kango\kango.js
c:\users\Jakub\AppData\Local\Minibar\chrome\kango\lang.js
c:\users\Jakub\AppData\Local\Minibar\chrome\kango\messaging.js
c:\users\Jakub\AppData\Local\Minibar\chrome\kango\userscript_engine.js
c:\users\Jakub\AppData\Local\Minibar\chrome\kango\xhr.js
c:\users\Jakub\AppData\Local\Minibar\chrome\main.js
c:\users\Jakub\AppData\Local\Minibar\chrome\manifest.json
c:\users\Jakub\AppData\Local\Minibar\chrome\minibar\actions.js
c:\users\Jakub\AppData\Local\Minibar\chrome\minibar\cachedxhr.js
c:\users\Jakub\AppData\Local\Minibar\chrome\minibar\config.js
c:\users\Jakub\AppData\Local\Minibar\chrome\minibar\macros.js
c:\users\Jakub\AppData\Local\Minibar\chrome\minibar\minibar.js
c:\users\Jakub\AppData\Local\Minibar\chrome\MinibarPlugin.dll
c:\users\Jakub\AppData\Local\Minibar\chrome\popup.html
c:\users\Jakub\AppData\Local\Minibar\chrome\popup.js
c:\users\Jakub\AppData\Local\Minibar\chrome\tab.html
c:\users\Jakub\AppData\Local\Minibar\chrome\tab.js
c:\users\Jakub\AppData\Local\Minibar\chrome_installer.js
c:\users\Jakub\AppData\Local\Minibar\ie_installer.js
c:\users\Jakub\AppData\Local\Minibar\minibar.crx
c:\users\Jakub\AppData\Local\Minibar\minibar.xpi
c:\users\Jakub\AppData\Local\Minibar\SettingsHelper.exe
c:\users\Jakub\AppData\Local\Minibar\Uninstall.exe
c:\users\Jakub\AppData\Local\Minibar\update_chrome.xml
c:\users\Jakub\AppData\Local\TempDIR\downloader.exe
c:\users\Jakub\AppData\Local\TempDIR\PIP2672_NDV_.exe
c:\users\Jakub\AppData\Roaming\ac40694a3ff1ef22befd55b563297d412
c:\users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skype.lnk
c:\users\Jakub\AppData\Roaming\WindowsHelp\coinutil.dll
c:\users\Jakub\AppData\Roaming\WindowsHelp\killer.bat
c:\users\Jakub\AppData\Roaming\WindowsHelp\macro\compile.bat
c:\users\Jakub\AppData\Roaming\WindowsHelp\macro\macromedia.exe
c:\users\Jakub\AppData\Roaming\WindowsHelp\macro\macromedia.exe_part1
c:\users\Jakub\AppData\Roaming\WindowsHelp\macro\macromedia.exe_part2
c:\users\Jakub\AppData\Roaming\WindowsHelp\macro\macromedia.exe_part3
c:\users\Jakub\AppData\Roaming\WindowsHelp\macro\macromedia.exe_part4
c:\users\Jakub\AppData\Roaming\WindowsHelp\macro\macromedia.exe_part5
c:\users\Jakub\AppData\Roaming\WindowsHelp\macro\macromedia.exe_part6
c:\users\Jakub\AppData\Roaming\WindowsHelp\macro\macromedia.exe_part7
c:\users\Jakub\AppData\Roaming\WindowsHelp\macro\macromedia.exe_part8
c:\users\Jakub\AppData\Roaming\WindowsHelp\macromedia.exe
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\compile.bat
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part10
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part11
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part12
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part13
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part14
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part15
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part16
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part17
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part18
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part19
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part2
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part20
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part21
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part22
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part23
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part24
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part25
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part26
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part27
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part28
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part3
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part4
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part5
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part6
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part7
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part8
c:\users\Jakub\AppData\Roaming\WindowsHelp\min\miner.dll_part9
c:\users\Jakub\AppData\Roaming\WindowsHelp\openssl.dll
c:\users\Jakub\AppData\Roaming\WindowsHelp\phatk.cl
c:\users\Jakub\AppData\Roaming\WindowsHelp\phatk.ptx
c:\users\Jakub\AppData\Roaming\WindowsHelp\puts.vbs
c:\users\Jakub\AppData\Roaming\WindowsHelp\shel\compile.bat
c:\users\Jakub\AppData\Roaming\WindowsHelp\shel\shell.exe
c:\users\Jakub\AppData\Roaming\WindowsHelp\shel\shell.exe_part1
c:\users\Jakub\AppData\Roaming\WindowsHelp\shel\shell.exe_part2
c:\users\Jakub\AppData\Roaming\WindowsHelp\shel\shell.exe_part3
c:\users\Jakub\AppData\Roaming\WindowsHelp\shel\shell.exe_part4
c:\users\Jakub\AppData\Roaming\WindowsHelp\shel\shell.exe_part5
c:\users\Jakub\AppData\Roaming\WindowsHelp\shel\shell.exe_part6
c:\users\Jakub\AppData\Roaming\WindowsHelp\shel\shell.exe_part7
c:\users\Jakub\AppData\Roaming\WindowsHelp\shel\shell.exe_part8
c:\users\Jakub\AppData\Roaming\WindowsHelp\shell.exe
c:\users\Jakub\AppData\Roaming\WindowsHelp\usft_ext.dll
c:\users\Jakub\AppData\Roaming\WindowsHelp\usft_ext.exe.vbs
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\inf\ntvdm.vbe
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\frapsvid.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SrvUpdater
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-09 do 2013-08-09 )))))))))))))))))))))))))))))))
.
.
2013-08-09 09:14 . 2013-08-09 09:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-08 20:49 . 2013-08-08 20:49 -------- d-----w- C:\FRST
2013-08-08 20:48 . 2013-08-08 20:48 -------- d-----w- c:\users\Jakub\AppData\Local\qb4CD3E3.9F
2013-08-08 20:34 . 2013-08-08 20:38 875008 ----a-w- c:\windows\SysWow64\usft_ext.dll
2013-08-08 19:46 . 2013-08-08 19:44 200704 ----a-w- c:\windows\Miner.dll
2013-08-08 19:39 . 2013-08-08 19:44 200704 ----a-w- c:\windows\SysWow64\miner.dll
2013-08-08 19:38 . 2013-08-08 19:38 -------- d-----w- c:\programdata\Logs
2013-08-08 10:27 . 2013-08-08 10:27 -------- d-----w- c:\users\Jakub\AppData\Roaming\Malwarebytes
2013-08-08 10:27 . 2013-08-08 10:27 -------- d-----w- c:\programdata\Malwarebytes
2013-08-08 10:27 . 2013-08-08 10:27 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-08 10:27 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-08 10:25 . 2013-08-08 10:27 -------- d-----w- c:\users\Jakub\AppData\Roaming\NexusFile
2013-08-08 10:25 . 2013-08-08 10:25 -------- d-----w- c:\users\Jakub\AppData\Roaming\cryptlib
2013-08-08 10:21 . 2013-08-08 10:21 -------- d-----w- c:\program files (x86)\NexusFile
2013-08-07 06:01 . 2013-08-07 06:01 -------- d-----w- c:\users\Jakub\AppData\Roaming\TeamViewer
2013-08-06 21:15 . 2013-08-07 04:58 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-08-04 07:36 . 2013-08-04 07:37 -------- d-----w- c:\users\Jakub\AppData\Roaming\Update Drivers
2013-08-03 09:16 . 2013-08-03 09:16 -------- d-----w- c:\users\Jakub\AppData\Local\TechSmith
2013-08-03 09:12 . 2013-08-03 09:12 -------- d-----w- c:\users\Jakub\AppData\Roaming\TechSmith
2013-08-02 19:25 . 2013-08-02 19:25 -------- d-----w- c:\programdata\Caphyon
2013-08-02 19:22 . 2013-08-06 20:43 -------- d-----w- c:\program files (x86)\QuadCoreM2
2013-08-02 19:07 . 2013-08-02 19:07 -------- d-----w- c:\users\Jakub\AppData\Roaming\Quadcore Games
2013-08-01 08:43 . 2013-08-06 13:28 -------- d-----w- c:\program files (x86)\Origin Games
2013-07-31 10:15 . 2013-07-31 17:02 -------- d-----w- c:\users\Jakub\AppData\Roaming\Origin
2013-07-31 10:15 . 2013-07-31 13:37 -------- d-----w- c:\users\Jakub\AppData\Local\Origin
2013-07-31 09:46 . 2013-08-02 19:13 -------- d-----w- c:\programdata\Electronic Arts
2013-07-31 09:46 . 2013-08-08 10:14 -------- d-----w- c:\program files (x86)\Origin
2013-07-30 21:02 . 2013-07-30 21:04 -------- d-----w- c:\program files (x86)\Farming Simulator 2011
2013-07-29 06:58 . 2013-07-29 06:58 -------- d-----w- c:\users\Jakub\AppData\Local\Apple Computer
2013-07-29 06:55 . 2013-07-29 06:55 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-07-29 06:55 . 2013-07-29 06:55 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-07-29 06:55 . 2013-07-29 06:55 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-07-29 06:55 . 2013-07-29 06:55 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-07-29 06:55 . 2013-07-29 06:55 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-07-29 06:55 . 2013-08-07 19:17 -------- d-----w- c:\program files (x86)\QuickTime
2013-07-29 06:52 . 2013-07-29 06:52 -------- d-----w- c:\users\Jakub\AppData\Local\Apple
2013-07-29 06:52 . 2013-07-29 06:52 -------- d-----w- c:\programdata\Apple
2013-07-27 07:49 . 2013-07-27 07:49 -------- d-----w- c:\programdata\Studio14Trial
2013-07-27 07:33 . 2013-07-27 07:33 -------- d-----w- c:\programdata\PCTV Systems
2013-07-27 07:33 . 2013-07-27 07:33 -------- d-----w- c:\program files (x86)\Pinnacle
2013-07-26 06:46 . 2013-08-01 08:26 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2013-07-25 18:29 . 2013-07-25 18:29 -------- d-----w- c:\programdata\Panasonic
2013-07-25 18:26 . 2013-07-25 18:26 -------- d-----w- c:\users\Jakub\AppData\Local\Panasonic
2013-07-25 18:18 . 2007-06-21 22:10 501912 ----a-w- c:\windows\SysWow64\PICSDK2.dll
2013-07-25 18:18 . 2006-10-30 22:10 71840 ----a-w- c:\windows\SysWow64\EPPicMgr.dll
2013-07-25 18:18 . 2006-10-30 22:10 120992 ----a-w- c:\windows\SysWow64\EpPicPrt.dll
2013-07-25 18:18 . 2006-10-19 22:10 80024 ----a-w- c:\windows\SysWow64\PICSDK.dll
2013-07-25 18:18 . 2006-10-19 22:10 108704 ----a-w- c:\windows\SysWow64\PICEntry.dll
2013-07-25 18:14 . 2013-07-25 18:16 -------- d-----w- c:\program files (x86)\Common Files\Panasonic
2013-07-25 18:14 . 2013-08-01 08:28 -------- d-----w- c:\program files (x86)\Panasonic
2013-07-25 18:14 . 2013-07-25 18:14 -------- d-----w- c:\program files\Microsoft Synchronization Services
2013-07-25 18:14 . 2013-07-25 18:14 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-07-25 18:14 . 2013-07-25 18:14 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2013-07-24 10:49 . 2013-07-24 10:49 -------- d-----w- c:\program files (x86)\MSXML 4.0
2013-07-23 08:14 . 2013-07-23 08:14 -------- d-----w- c:\programdata\Pinnacle
2013-07-23 08:13 . 2013-07-23 08:13 -------- d-----w- c:\users\Jakub\AppData\Local\CRE
2013-07-23 06:58 . 2013-07-27 16:11 -------- d-----w- c:\users\Jakub\AppData\Roaming\NCH Software
2013-07-23 06:58 . 2013-07-27 16:11 -------- d-----w- c:\programdata\NCH Software
2013-07-23 06:58 . 2013-07-27 16:12 -------- d-----w- c:\program files (x86)\NCH Software
2013-07-22 19:51 . 2013-07-22 19:52 -------- d-----w- c:\users\Jakub\AppData\Roaming\Autodesk
2013-07-22 19:24 . 2013-07-22 19:24 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2013-07-22 19:17 . 2013-07-22 19:44 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2013-07-20 19:49 . 2013-07-20 19:49 -------- d-----w- c:\program files (x86)\Minibar
2013-07-20 19:48 . 2013-07-20 20:07 -------- d-----w- c:\users\Jakub\AppData\Local\WebPlayer
2013-07-20 19:48 . 2013-07-20 19:48 -------- d-----w- c:\users\Jakub\AppData\Local\Application Data
2013-07-20 19:44 . 2013-07-21 07:51 -------- d-----w- c:\users\Jakub\AppData\Roaming\Seznam.cz
2013-07-19 21:11 . 2013-07-23 08:23 -------- d-----w- c:\program files (x86)\Autodesk
2013-07-18 19:02 . 2013-07-20 08:46 -------- d-----w- c:\users\Jakub\HellSpy
2013-07-16 13:02 . 2013-07-17 05:53 -------- d-----w- c:\users\Jakub\AppData\Roaming\Audacity
2013-07-14 14:40 . 2013-08-07 19:35 -------- d-----w- c:\users\Jakub\AppData\Roaming\.minecraft
2013-07-14 14:21 . 2013-07-14 14:21 -------- d-----w- c:\users\Jakub\AppData\Local\craften.de
2013-07-14 09:32 . 2013-07-14 09:32 -------- d-----w- c:\program files (x86)\TeamViewer
2013-07-13 17:25 . 2013-07-17 06:44 -------- d-----w- c:\programdata\FLEXnet
2013-07-13 17:25 . 2013-07-19 19:31 -------- d-----w- c:\users\Jakub\AppData\Local\Autodesk
2013-07-13 16:25 . 2013-07-22 19:30 -------- d-----w- c:\program files\Autodesk
2013-07-13 07:10 . 2013-07-19 14:01 -------- d-----w- c:\programdata\Autodesk
2013-07-11 11:56 . 2013-07-11 11:56 -------- d-----w- c:\users\Jakub\AppData\Roaming\TunkDesign
2013-07-11 07:41 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 07:41 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-11 07:41 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-11 07:41 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 07:41 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
2013-07-11 07:41 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-11 07:40 . 2013-05-06 06:03 1887744 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-11 07:40 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-11 07:35 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-07-11 07:34 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-11 07:34 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-11 07:34 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-11 07:34 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 07:34 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 07:33 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-11 07:33 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-07-10 20:58 . 2013-07-10 20:58 -------- d-----w- c:\program files (x86)\Common Files\SWF Studio
2013-07-10 20:57 . 2013-07-10 20:57 -------- d-----w- c:\windows\UMStor
2013-07-10 20:57 . 2013-07-10 20:57 -------- d-----w- c:\windows\system\iosubsys
2013-07-10 20:57 . 2003-11-21 16:09 201736 ------w- c:\windows\SysWow64\drivers\UMSTOR.sys
2013-07-10 20:57 . 2013-07-10 21:07 -------- d-----w- c:\users\Jakub\AppData\Roaming\HellSpy.cz Download Manager
2013-07-10 20:57 . 2013-07-10 20:57 -------- d-----w- c:\program files (x86)\USB Disk Win98 Driver
2013-07-10 20:57 . 2001-09-05 02:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-07-10 20:57 . 2001-09-05 02:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-07-10 20:57 . 2001-09-05 02:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-07-10 20:57 . 2001-09-05 02:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-07-10 20:57 . 2002-07-25 15:07 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2013-07-10 20:57 . 2013-07-10 20:57 -------- d-----w- c:\program files (x86)\HellSpy Klient
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-07 05:08 . 2012-12-27 18:27 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-07 05:08 . 2012-12-27 18:27 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-24 12:11 . 2013-06-24 12:11 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-24 12:11 . 2012-12-28 11:56 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-24 12:11 . 2012-12-28 11:56 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-23 22:57 . 2012-12-23 20:43 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-19 04:54 . 2012-12-23 21:56 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-06-07 11:45 . 2013-07-27 07:53 84992 --s-a-w- c:\windows\inf\msaifet\zlib1.dll
2013-06-07 11:45 . 2013-07-27 07:53 568334 --s-a-w- c:\windows\inf\msaifet\msaifet.exe
2013-06-07 11:45 . 2013-07-27 07:53 612352 --s-a-w- c:\windows\inf\msaifet\libcurl.dll
2013-06-07 11:45 . 2013-07-27 07:53 364544 --s-a-w- c:\windows\inf\msaifet\ssleay32.dll
2013-06-07 11:45 . 2013-07-27 07:53 279955 --s-a-w- c:\windows\inf\msaifet\libidn-11.dll
2013-06-07 11:45 . 2013-07-27 07:53 183382 --s-a-w- c:\windows\inf\msaifet\librtmp.dll
2013-06-07 11:45 . 2013-07-27 07:53 171008 --s-a-w- c:\windows\inf\msaifet\libssh2.dll
2013-06-07 11:45 . 2013-07-27 07:53 1704448 --s-a-w- c:\windows\inf\msaifet\libeay32.dll
2013-06-07 11:45 . 2013-07-27 07:53 110094 --s-a-w- c:\windows\inf\msaifet\libusb-1.0.dll
2013-06-07 11:45 . 2013-07-27 07:33 84992 --s-a-w- c:\windows\inf\msyxdpr\zlib1.dll
2013-06-07 11:45 . 2013-07-27 07:33 568334 --s-a-w- c:\windows\inf\msyxdpr\msyxdpr.exe
2013-06-07 11:45 . 2013-07-27 07:33 364544 --s-a-w- c:\windows\inf\msyxdpr\ssleay32.dll
2013-06-07 11:45 . 2013-07-27 07:33 183382 --s-a-w- c:\windows\inf\msyxdpr\librtmp.dll
2013-06-07 11:45 . 2013-07-27 07:33 171008 --s-a-w- c:\windows\inf\msyxdpr\libssh2.dll
2013-06-07 11:45 . 2013-07-27 07:33 110094 --s-a-w- c:\windows\inf\msyxdpr\libusb-1.0.dll
2013-06-07 11:45 . 2013-07-27 07:33 612352 --s-a-w- c:\windows\inf\msyxdpr\libcurl.dll
2013-06-07 11:45 . 2013-07-27 07:33 279955 --s-a-w- c:\windows\inf\msyxdpr\libidn-11.dll
2013-06-07 11:45 . 2013-07-27 07:33 1704448 --s-a-w- c:\windows\inf\msyxdpr\libeay32.dll
2013-06-06 03:22 . 2013-06-06 03:21 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-05-23 05:25 . 2013-06-09 15:09 1139800 ----a-w- c:\windows\system32\drivers\N360x64\1404000.028\symefa64.sys
2013-05-21 05:02 . 2013-06-09 15:09 493656 ----a-w- c:\windows\system32\drivers\N360x64\1404000.028\symds64.sys
2013-05-16 05:02 . 2013-06-09 15:09 796760 ----a-w- c:\windows\system32\drivers\N360x64\1404000.028\srtsp64.sys
2013-05-13 05:51 . 2013-06-12 15:43 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 15:43 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 15:43 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 15:43 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 15:43 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 15:43 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 15:43 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 15:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 15:43 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 15:43 43008 ----a-w- c:\windows\SysWow64\certenc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}]
2013-02-26 09:35 331264 ----a-w- c:\program files (x86)\Minibar\Minibar.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-06-21 138096]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-02-09 5015040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]
"USB Storage Toolbox"="c:\windows\UMStor\Res.EXE" [2005-09-14 65536]
.
c:\users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN0922N54X05HW;CONNECTION=USB;MONITOR=1; [2009-7-14 45568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
R1 cbcbveqs;cbcbveqs;c:\windows\system32\drivers\cbcbveqs.sys;c:\windows\SYSNATIVE\drivers\cbcbveqs.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [x]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\ccSetx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130807.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130807.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1404000.028\SYMNETS.SYS [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [x]
S2 Realtek11nCU;Realtek11nCU;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\DRIVERS\CamSuiteVAC.sys;c:\windows\SYSNATIVE\DRIVERS\CamSuiteVAC.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192cu.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-07 18:39 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-08-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-27 05:08]
.
2013-08-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core.job
- c:\users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-09 19:01]
.
2013-08-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA.job
- c:\users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-09 19:01]
.
2013-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-07 18:28]
.
2013-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-07 18:28]
.
2013-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000Core.job
- c:\users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-23 15:53]
.
2013-08-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3789760284-987831240-3306680941-1000UA.job
- c:\users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-23 15:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-03-21 472992]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-07-01 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-07-01 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-07-01 416024]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntr ... 9&tsp=4923
IE: {{AAA38851-3CFF-475F-B5E0-720D3645E4A5} - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - c:\program files (x86)\Minibar\Minibar.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\w8qzfu5i.default\
FF - ExtSQL: 2013-08-03 17:55; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2013-08-06 11:47; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn
FF - ExtSQL: 2013-08-06 12:10; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-Realtek Audio Manager - c:\programdata\Realtek0\mtqadjqbe.exe
Wow6432Node-HKLM-Run-NtVdmSrv - c:\windows\inf\ntvdm.vbe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Dll-Files.com Fixer_is1 - c:\program files (x86)\Dll-Files.com Fixer\unins001.exe
AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3789760284-987831240-3306680941-1000_Classes\CLSID\{5CB6B8A4-F7C8-A845-A2EF-62168454AAF4}]
@Denied: (A 4) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-08-09 11:15:47
ComboFix-quarantined-files.txt 2013-08-09 09:15
.
Před spuštěním: Volných bajtů: 33 100 763 136
Po spuštění: Volných bajtů: 32 903 487 488
.
- - End Of File - - 2076DE4EC35A5E7109EADD9EABBC9C52
A36C5E4F47E84449FF07ED3517B43A31

[vyosek]

Tak jdeme dale, je tam toho doooost

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Prohledat
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

[KachnaCZ]

Zde log:
# AdwCleaner v2.306 - Log vytvooen 09/08/2013 v 15:55:52
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Jakub - JAKUB-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Jakub\Downloads\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\Minibar
Složka Nalezeno : C:\Program Files (x86)\SoftwareUpdater
Složka Nalezeno : C:\ProgramData\Tarma Installer
Složka Nalezeno : C:\Users\Jakub\AppData\Local\B1E
Složka Nalezeno : C:\Users\Jakub\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\Jakub\AppData\LocalLow\Minibar
Složka Nalezeno : C:\Users\Jakub\AppData\Roaming\OpenCandy
Složka Nalezeno : C:\Users\Jakub\AppData\Roaming\PerformerSoft
Soubor Nalezeno : C:\END
Soubor Nalezeno : C:\user.js

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\BabSolution
Klíe Nalezeno : HKCU\Software\BI
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKCU\Software\OCS
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKCU\Software\a55dedbe66dea49
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\DataMngr
Klíe Nalezeno : HKLM\Software\ICQ\ICQToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Klíe Nalezeno : HKLM\Software\Minibar
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\Software\SoftwareUpdater
Klíe Nalezeno : HKLM\Software\systweak
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\a55dedbe66dea49
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Software
Klíe Nalezeno : HKU\S-1-5-21-3789760284-987831240-3306680941-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16635

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?babsrc=HP_ss&mntr ... 9&tsp=4923
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www.delta-search.com/?affID=119401&babs ... 0B81853119
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page Before] = hxxp://www.delta-search.com/?affID=119401&babs ... 0B81853119

-\\ Mozilla Firefox v23.0 (cs)

Soubor : C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\w8qzfu5i.default\prefs.js

[OK] Soubor je eistý.

-\\ Chromium vage:false

Soubor : C:\Users\Jakub\AppData\Local\Chromium\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [5330 octets] - [09/08/2013 15:55:52]

########## EOF - C:\AdwCleaner[R1].txt - [5390 octets] ##########

[vyosek]

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Smazat
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

[KachnaCZ]

Log zde:
# AdwCleaner v2.306 - Log vytvooen 09/08/2013 v 17:02:32
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Jakub - JAKUB-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Jakub\Desktop\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files (x86)\Minibar
Složka Vymazáno : C:\Program Files (x86)\SoftwareUpdater
Složka Vymazáno : C:\ProgramData\Tarma Installer
Složka Vymazáno : C:\Users\Jakub\AppData\Local\B1E
Složka Vymazáno : C:\Users\Jakub\AppData\LocalLow\Conduit
Složka Vymazáno : C:\Users\Jakub\AppData\LocalLow\Minibar
Složka Vymazáno : C:\Users\Jakub\AppData\Roaming\OpenCandy
Složka Vymazáno : C:\Users\Jakub\AppData\Roaming\PerformerSoft
Soubor Vymazáno : C:\END
Soubor Vymazáno : C:\user.js

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Vymazáno : HKCU\Software\BabSolution
Klíe Vymazáno : HKCU\Software\BI
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKCU\Software\OCS
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKCU\Software\a55dedbe66dea49
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\DataMngr
Klíe Vymazáno : HKLM\Software\ICQ\ICQToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Klíe Vymazáno : HKLM\Software\Minibar
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\Software\SoftwareUpdater
Klíe Vymazáno : HKLM\Software\systweak
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\a55dedbe66dea49
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Software

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16635

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?babsrc=HP_ss&mntr ... 9&tsp=4923 --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page Before] = hxxp://www.delta-search.com/?affID=119401&babs ... 0B81853119 --> hxxp://www.google.com

-\\ Mozilla Firefox v23.0 (cs)

Soubor : C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\w8qzfu5i.default\prefs.js

[OK] Soubor je eistý.

-\\ Chromium vage:false

Soubor : C:\Users\Jakub\AppData\Local\Chromium\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [5447 octets] - [09/08/2013 15:55:52]
AdwCleaner[R2].txt - [5505 octets] - [09/08/2013 17:02:10]
AdwCleaner[S1].txt - [5209 octets] - [09/08/2013 17:02:32]

########## EOF - C:\AdwCleaner[S1].txt - [5269 octets] ##########

[vyosek]

Stahnete Farbar Service Scanner http://download.bleepingcomputer.com/farbar/FSS.exe

• Ulozte nejlepe na Plochu
• U vsech polozek udelejte zatrzitko (tim je oznacite pro skenovani)
• Kliknete na Scan
• Po dokonceni skenu se objevi log FSS.txt ten sem vlozte

[KachnaCZ]

Zde log:
Farbar Service Scanner Version: 04-08-2013
Ran by Jakub (administrator) on 12-08-2013 at 15:00:05
Running from "C:\Users\Jakub\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Attempt to access Google.com returned error: Google.com is offline
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

[vyosek]

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

• Ulozte nejlepe na Plochu a rozbalte
• Spustte kliknutim na mbanr
• Nyni postupne kliknete na Next a Update
• Po dokonceni update (aktualizace) databaze kliknete opet na Next
• Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
• Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
• Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
• Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
• PC bude restartovan
• Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

[KachnaCZ]

zde log:
Malwarebytes Anti-Rootkit BETA 1.06.1.1005
www.malwarebytes.org

Database version: v2013.08.16.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Jakub :: JAKUB-PC [administrator]

16.8.2013 9:01:04
mbar-log-2013-08-16 (09-01-04).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 273944
Time elapsed: 15 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)