Zdravím, může mi prosím někdo poradit co dál?
Nejde obnova systému, ani nejdou spustit antivirové programy, hlásí to, že soubor nelze najít (přitom tam je)...
přidávám log z combofixu:
ComboFix 14-02-01.01 - Lubyssek 02.02.2014 12:24:02.1.2 - x64 NETWORK
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.4078.3032 [GMT 1:00]
Spuštěný z: c:\users\Lubyssek\Downloads\Combo.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\safesurf
c:\program files (x86)\safesurf\dotnetfx.exe
c:\program files (x86)\safesurf\f\jet.exe
c:\program files (x86)\safesurf\fon.jpg
c:\program files (x86)\safesurf\PrTest.exe
c:\program files (x86)\safesurf\sf.txt
c:\program files (x86)\safesurf\Skybound.Gecko.dll
c:\program files (x86)\safesurf\SurfGuard.exe
c:\program files (x86)\safesurf\unins000.dat
c:\program files (x86)\safesurf\unins000.exe
c:\programdata\9414011.bat
c:\programdata\9414011.pad
c:\programdata\9414011.reg
c:\users\Lubyssek\AppData\Local\assembly\tmp
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cobjigpiealoefbhodfccakbccpfopid
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cobjigpiealoefbhodfccakbccpfopid\1\517fa745a9b8f9.91537438.js
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cobjigpiealoefbhodfccakbccpfopid\1\background.html
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cobjigpiealoefbhodfccakbccpfopid\1\content.js
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cobjigpiealoefbhodfccakbccpfopid\1\lsdb.js
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cobjigpiealoefbhodfccakbccpfopid\1\manifest.json
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cobjigpiealoefbhodfccakbccpfopid\1\sqlite.js
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cobjigpiealoefbhodfccakbccpfopid
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cobjigpiealoefbhodfccakbccpfopid\000031.ldb
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cobjigpiealoefbhodfccakbccpfopid\000033.ldb
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cobjigpiealoefbhodfccakbccpfopid\000036.ldb
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cobjigpiealoefbhodfccakbccpfopid\000037.log
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cobjigpiealoefbhodfccakbccpfopid\CURRENT
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cobjigpiealoefbhodfccakbccpfopid\LOCK
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cobjigpiealoefbhodfccakbccpfopid\LOG
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cobjigpiealoefbhodfccakbccpfopid\LOG.old
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cobjigpiealoefbhodfccakbccpfopid\MANIFEST-000035
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cobjigpiealoefbhodfccakbccpfopid_0.localstorage
c:\users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Lubyssek\AppData\Roaming\DVDSubEditLastFile0.txt
c:\users\Lubyssek\AppData\Roaming\DVDSubEditLastFile1.txt
c:\users\Lubyssek\AppData\Roaming\inst.exe
c:\users\Lubyssek\AppData\Roaming\IntelCommon\csrss.exe
c:\windows\ST6UNST.000
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-02 do 2014-02-02 )))))))))))))))))))))))))))))))
.
.
2014-02-02 11:27 . 2014-02-02 11:27 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-02-02 11:27 . 2014-02-02 11:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-02 10:34 . 2014-02-02 10:34 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-02-02 10:32 . 2014-02-02 10:32 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-02-02 10:18 . 2014-02-02 10:18 -------- d-----w- c:\users\Lubyssek\AppData\Roaming\TeamViewer
2014-02-02 10:06 . 2014-02-02 10:06 -------- d-----w- c:\program files (x86)\TeamViewer
2014-02-02 09:46 . 2014-02-02 11:01 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-02-02 09:46 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-01 17:07 . 2014-02-02 11:27 -------- d-sh--w- c:\users\Lubyssek\AppData\Roaming\IntelCommon
2014-02-01 15:07 . 2014-02-01 15:07 -------- d-sh--w- c:\programdata\wininit64
2014-02-01 07:38 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{05E88F53-02F1-4086-B400-29FC73BF3009}\mpengine.dll
2014-01-30 17:00 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-23 12:35 . 2014-01-23 12:35 -------- d-----w- c:\windows\SysWow64\wbem\Logs
2014-01-23 06:42 . 2013-10-19 06:41 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{38115FA4-A490-482C-9A18-D8E6E16C463F}\gapaengine.dll
2014-01-15 17:32 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 17:32 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 17:32 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 17:32 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 17:32 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 17:32 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 17:32 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-15 17:32 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-15 17:32 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-10 21:37 . 2014-01-24 08:00 -------- d-----w- c:\program files\Google
2014-01-10 21:36 . 2014-01-24 08:00 -------- d-----w- c:\program files (x86)\Google
2014-01-10 21:36 . 2014-01-10 21:36 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-19 07:33 . 2012-02-12 14:07 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-16 02:00 . 2012-02-12 14:49 86054176 ----a-w- c:\windows\system32\MRT.exe
2014-01-10 21:36 . 2012-02-12 15:22 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-28 14:04 . 2013-11-28 14:02 82816 ----a-w- c:\users\Lubyssek\AppData\Roaming\pcouffin.sys
2013-11-23 18:26 . 2013-12-12 19:33 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-12 19:33 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:23 . 2013-12-12 19:33 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-12 19:33 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-04-11 21:57 . 2012-04-11 21:57 36868 ----a-w- c:\program files (x86)\uninst-shine.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"TaskbarNoNotification"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 abquvnkk;abquvnkk;c:\windows\system32\drivers\abquvnkk.sys;c:\windows\SYSNATIVE\drivers\abquvnkk.sys [x]
R1 fepigich;fepigich;c:\windows\system32\drivers\fepigich.sys;c:\windows\SYSNATIVE\drivers\fepigich.sys [x]
R1 kudnapnj;kudnapnj;c:\windows\system32\drivers\kudnapnj.sys;c:\windows\SYSNATIVE\drivers\kudnapnj.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R2 SMARTHelperService;SMART Helper Service;c:\program files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe;c:\program files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTMouseFilterx64.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVHidMiniVistaAmd64.sys [x]
S3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVTabletPCx64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2785469271-466106000-114112601-1000Core.job
- c:\users\Lubyssek\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-10 20:54]
.
2014-02-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2785469271-466106000-114112601-1000UA.job
- c:\users\Lubyssek\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-10 20:54]
.
2014-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-10 21:36]
.
2014-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-10 21:36]
.
2014-02-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2785469271-466106000-114112601-1000Core.job
- c:\users\Lubyssek\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-19 07:32]
.
2014-02-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2785469271-466106000-114112601-1000UA.job
- c:\users\Lubyssek\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-19 07:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-09-11 8114720]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://websearch.coolwebsearch.info/?unqvl=19
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
.
.
------- Asociace souborů -------
.
.txt=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{d6451db9-67e1-4ca3-bfba-4d77fface17f} - (no file)
Wow6432Node-HKLM-RunOnce-<NO NAME> - (no file)
BHO-{d6451db9-67e1-4ca3-bfba-4d77fface17f} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
AddRemove-uTorrent - c:\users\Lubyssek\AppData\Roaming\uTorrent\utorrent.exe\uTorrent.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2785469271-466106000-114112601-1000\Software\Win7zip]
@Denied: (A B 2 3) (Everyone)
"Uuid"=hex:63,74,d7,16,0d,98,a7,4c,a7,47,9e,12,0a,27,43,7b
.
[HKEY_USERS\S-1-5-21-2785469271-466106000-114112601-1000_Classes\CLSID\{6374D716-0D98-A74C-A747-9E120A27437B}]
@Denied: (A 4) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:33,a7,1a,a3,1d,b9,20,8d,7f,e8,46,48,af,02,9d,16,90,86,2f,74,58,
b6,3e,3f,d6,be,28,a4,19,5c,7b,96,63,1c,a0,5c,33,3e,92,b5,ec,e5,9f,57,f6,c2,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-02-02 12:29:20
ComboFix-quarantined-files.txt 2014-02-02 11:29
.
Před spuštěním: Volných bajtů: 20 700 725 248
Po spuštění: Volných bajtů: 20 302 155 776
.
- - End Of File - - 7DCEEA7C6A814F2240D8F632CEAFE8C0
A36C5E4F47E84449FF07ED3517B43A31
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problém s ochranou Pc -> nejde obnova ani antivir
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Problém s ochranou Pc -> nejde obnova ani antivir
přidávám LOG z FRST + addition
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04
Ran by Lubyssek (administrator) on LUBYSSEK-PC on 02-02-2014 13:12:23
Running from C:\Users\Lubyssek\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\agcp.exe
(forum.viry.cz) C:\Users\Lubyssek\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8114720 2009-09-11] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2785469271-466106000-114112601-1000\...\Run: [wininit64] - C:\ProgramData\wininit64\hwxtesuug.exe [0 ] ()
HKU\S-1-5-21-2785469271-466106000-114112601-1000\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-2785469271-466106000-114112601-1000\...\Policies\Explorer: [HideSCAHealth] 1
IFEO\mbam.exe: [Debugger] gpms.exe
IFEO\mbamgui.exe: [Debugger] omyl.exe
IFEO\rstrui.exe: [Debugger] ria.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6416898B8FE9CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=co ... 676074&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.coolwebsearch.info/?unqvl=19
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.p ... 676074&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.p ... 676074&ir=
SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.mysearchdial.com/results.p ... 676074&ir=
SearchScopes: HKLM-x32 - {417B7EBE-C577-C478-7F7B-3C28CC9C0669} URL = http://search.sweetim.com/search.asp?sr ... 6D04171E29}
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.coolwebsearch.info/?un ... earchTerms}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.mysearchdial.com/results.p ... 676074&ir=
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://start.mysearchdial.com/results.p ... 676074&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://start.mysearchdial.com/results.p ... 676074&ir=
SearchScopes: HKCU - {6AD185AD-78EA-0A06-DE33-61C0EA1B24B5} URL = http://search.babylon.com/?q={searchTer ... &tt=4812_3
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.coolwebsearch.info/?un ... earchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 6D04171E29}
BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\Win64\NotebookPlugin.dll (SMART Technologies ULC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\Win32\NotebookPlugin.dll (SMART Technologies ULC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name - {d6451db9-67e1-4ca3-bfba-4d77fface17f} - No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Social Extras Plugin - {FF4E1D1D-705B-4379-AB33-22D98C1ABF55} - C:\Program Files (x86)\SocialExtras\socialx.dll (FBSkins.com)
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=724
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Lubyssek\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Lubyssek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Lubyssek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Extension: No Name - C:\Users\Lubyssek\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-05-29]
FF Extension: FTdownloader V4.0 - C:\Users\Lubyssek\AppData\Roaming\Mozilla\Firefox\profiles\extensions\ftdownloader4@ftdownloader.com.xpi [2013-05-28]
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Select all Facebook friends) - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbcjpjecmkjagmnhgfojblhjhnalbda [2013-02-18]
CHR Extension: (SweetIM for Facebook) - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2012-11-22]
CHR Extension: (Facebook Invite All To Event 2014) - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkifjigoeilijkcnpfdjbpdjgnbfibec [2012-08-04]
CHR Extension: (Enhance Views) - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\llgnkbjfcnjfgkgciddcohamdeendcoo [2013-09-20]
CHR Extension: (Google Wallet) - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Facebook Inviter) - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofcnbnhefnmjancehemliplicihbcjjb [2012-04-19]
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2012-11-22]
CHR HKLM-x32\...\Chrome\Extension: [bebnnlollpcjnfpkafhoclljaojgnfok] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx [2012-11-22]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-11-06]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2012-11-06]
CHR StartMenuInternet: Google Chrome - C:\Users\Lubyssek\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-08-22] ()
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [580976 2012-03-21] (SMART Technologies)
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-19] (DT Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 nvrd64; C:\Windows\system32\DRIVERS\nvrd64.sys [175648 2009-06-30] (NVIDIA Corporation)
S3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [13168 2012-03-21] (SMART Technologies ULC)
R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [16368 2012-03-21] (SMART Technologies ULC)
R3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [24944 2012-03-21] (SMART Technologies ULC)
S1 abquvnkk; \??\C:\Windows\system32\drivers\abquvnkk.sys [x]
S3 catchme; \??\C:\Combo\catchme.sys [x]
S1 fepigich; \??\C:\Windows\system32\drivers\fepigich.sys [x]
S3 Huawei; system32\DRIVERS\ewdcsc.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
S1 kudnapnj; \??\C:\Windows\system32\drivers\kudnapnj.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-02 13:12 - 2014-02-02 13:12 - 00029696 _____ () C:\Users\Lubyssek\AppData\Local\MSGBOX.EXE
2014-02-02 13:12 - 2014-02-02 13:12 - 00015813 _____ () C:\Users\Lubyssek\Desktop\FRST.txt
2014-02-02 13:12 - 2014-02-02 13:12 - 00015327 _____ () C:\Users\Lubyssek\Desktop\LM.bat
2014-02-02 13:12 - 2014-02-02 13:12 - 00000000 ____D () C:\FRST
2014-02-02 12:55 - 2014-02-02 12:55 - 00112640 _____ (forum.viry.cz) C:\Users\Lubyssek\Desktop\FRSTLauncher.exe
2014-02-02 12:54 - 2014-02-02 12:55 - 02080256 _____ (Farbar) C:\Users\Lubyssek\Desktop\FRST64.exe
2014-02-02 12:32 - 2014-02-02 12:32 - 00000546 _____ () C:\Windows\PFRO.log
2014-02-02 12:29 - 2014-02-02 12:29 - 00022260 _____ () C:\ComboFix.txt
2014-02-02 12:22 - 2014-02-02 12:29 - 00000000 ____D () C:\Qoobox
2014-02-02 12:22 - 2014-02-02 12:28 - 00000000 ____D () C:\Windows\erdnt
2014-02-02 12:22 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-02 12:22 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-02 12:22 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-02 12:22 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-02 12:22 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-02 12:22 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-02 12:22 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-02 12:22 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-02 12:21 - 2014-02-02 12:22 - 05179159 ____R (Swearware) C:\Users\Lubyssek\Downloads\Combo.exe
2014-02-02 12:14 - 2014-02-02 12:14 - 00000000 ____D () C:\Windows\pss
2014-02-02 12:09 - 2014-02-02 12:32 - 00000112 _____ () C:\Windows\setupact.log
2014-02-02 12:09 - 2014-02-02 12:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-02 12:00 - 2014-02-02 12:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lubyssek\Downloads\mbam-setup-1.75.0.1300 (2).exe
2014-02-02 11:34 - 2014-02-02 11:34 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-02 11:32 - 2014-02-02 11:52 - 00000000 ____D () C:\Users\Lubyssek\Desktop\mbar
2014-02-02 11:32 - 2014-02-02 11:32 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Lubyssek\Downloads\mbar-1.07.0.1009.exe
2014-02-02 11:32 - 2014-02-02 11:32 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-02 11:29 - 2014-02-02 11:32 - 04721920 _____ (Piriform Ltd) C:\Users\Lubyssek\Downloads\ccsetup410.exe
2014-02-02 11:29 - 2014-02-02 11:29 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-02 11:18 - 2014-02-02 11:18 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\TeamViewer
2014-02-02 11:06 - 2014-02-02 11:06 - 05855408 _____ (TeamViewer GmbH) C:\Users\Lubyssek\Downloads\TeamViewer_Setup_cs.exe
2014-02-02 11:06 - 2014-02-02 11:06 - 00001162 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-02 11:06 - 2014-02-02 11:06 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-02 10:46 - 2014-02-02 12:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-02 10:46 - 2014-02-02 12:00 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-02 10:46 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-02 10:45 - 2014-02-02 10:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lubyssek\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-01 18:07 - 2014-02-02 12:27 - 00000000 __SHD () C:\Users\Lubyssek\AppData\Roaming\IntelCommon
2014-02-01 16:19 - 2014-02-01 16:19 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Michael Jackson - Live In Brunei CD 1
2014-02-01 16:17 - 2014-02-01 17:40 - 1976243195 _____ () C:\Users\Lubyssek\Downloads\[Lucas Raunch] London Showers.mp4
2014-02-01 16:16 - 2014-02-01 16:16 - 00038057 _____ () C:\Users\Lubyssek\Downloads\[Lucas Raunch] London Showers.torrent
2014-02-01 16:10 - 2014-02-01 16:19 - 401208483 _____ () C:\Users\Lubyssek\Downloads\Michael Jackson - Live In Brunei CD 1.rar
2014-02-01 16:07 - 2014-02-01 16:07 - 00003224 _____ () C:\Windows\System32\Tasks\Windows Update Check - 0x1C710430
2014-01-30 23:08 - 2014-01-30 23:39 - 43443583 _____ () C:\Users\Lubyssek\Desktop\OPRAH DVD OBAL.psd
2014-01-30 21:51 - 2014-01-30 22:27 - 00000000 ____D () C:\Users\Lubyssek\Desktop\Michael Jackson Talks... To Oprah
2014-01-30 11:05 - 2014-02-01 13:42 - 00000000 ____D () C:\Users\Lubyssek\Downloads\FB
2014-01-29 09:11 - 2014-01-29 09:13 - 00000000 ____D () C:\Users\Lubyssek\Downloads\retz
2014-01-26 12:21 - 2014-01-26 12:27 - 421484544 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x09.avi
2014-01-26 12:15 - 2014-01-26 12:18 - 421722112 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x08.avi
2014-01-25 20:14 - 2014-01-25 20:17 - 416679936 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x07.avi
2014-01-25 20:10 - 2014-01-25 20:13 - 416618496 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x06.avi
2014-01-25 20:03 - 2014-01-25 20:07 - 422477824 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x05.avi
2014-01-25 19:33 - 2014-01-25 19:37 - 419321856 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x04.avi
2014-01-25 19:29 - 2014-01-25 19:32 - 419477504 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x03.avi
2014-01-25 18:11 - 2014-01-25 18:13 - 418146304 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x02.avi
2014-01-25 09:13 - 2014-01-25 09:13 - 00001898 _____ () C:\Users\Public\Desktop\Tomb Raider Chronicles.lnk
2014-01-24 09:13 - 2014-01-24 09:13 - 68035594 _____ () C:\Users\Lubyssek\Downloads\Rock With You - Michael Jackson (Unplugged IMWhizzle Rendition).wav
2014-01-23 13:39 - 2014-01-23 13:39 - 00000000 ____D () C:\Users\Lubyssek\Downloads\RWY(multitracks)
2014-01-22 18:06 - 2014-01-24 11:50 - 00000000 ____D () C:\Users\Lubyssek\Downloads\MNAGA A ZDORP - Platinum Collection (CZ 3CD 2008)
2014-01-20 23:36 - 2014-01-20 23:38 - 50957359 _____ () C:\Users\Lubyssek\Documents\Title 02.mp4
2014-01-19 20:23 - 2014-01-19 20:23 - 00029165 _____ () C:\Users\Lubyssek\Downloads\ Fear.torrent
2014-01-17 21:17 - 2014-01-17 21:17 - 66791436 _____ () C:\Users\Lubyssek\Downloads\Michael Jackson - Ghosts (Alternate, 2nd version - LDRip - Real lossless).wav
2014-01-15 18:32 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:32 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:32 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:32 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:32 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:32 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:32 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:32 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:32 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 08:44 - 2014-01-15 08:48 - 00000000 ____D () C:\Users\Lubyssek\Desktop\Nová složka
2014-01-14 21:04 - 2014-01-14 21:11 - 53388386 _____ () C:\Users\Lubyssek\Downloads\Ice Cube, Shaquille O'Neal & Michael Jackson - We Be Ballin' (Master Mix - A&M Post Production Acetate CD - Real lossless).wav
2014-01-14 08:49 - 2014-01-14 08:50 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Michael Jackson - Who Is It (12 Single)
2014-01-13 11:56 - 2014-01-13 11:56 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Gymnázium-Podbořany---20.12.2013_Petr-Průša-Photo
2014-01-11 21:57 - 2014-01-25 23:45 - 00025585 _____ () C:\Users\Lubyssek\Documents\OPRAH titulky.srt
2014-01-10 23:22 - 2014-01-10 23:22 - 00034359 _____ () C:\Users\Lubyssek\Downloads\♺ Rascal - Water Logged (2013 mp4).torrent
2014-01-10 22:37 - 2014-01-24 09:00 - 00000000 ____D () C:\Program Files\Google
2014-01-10 22:36 - 2014-02-02 12:47 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 22:36 - 2014-02-02 12:32 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 22:36 - 2014-01-24 09:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-10 22:36 - 2014-01-10 22:42 - 00003952 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-10 22:36 - 2014-01-10 22:42 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-10 22:36 - 2014-01-10 22:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-10 12:53 - 2014-01-10 12:53 - 00000000 ____D () C:\Users\Lubyssek\Documents\Ashampoo Burning Studio 14
2014-01-09 20:15 - 2014-01-09 20:15 - 00018096 _____ () C:\Users\Lubyssek\Downloads\Warehouse (2008) mp4.torrent
2014-01-08 18:25 - 2014-01-13 11:28 - 00000000 ____D () C:\Users\Lubyssek\Desktop\čtvrtek
2014-01-07 11:07 - 2014-01-07 11:07 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Vladis---Diamant-(2013)
2014-01-06 13:37 - 2014-01-06 13:37 - 00002255 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio 14 Compact Mode.lnk
2014-01-06 13:37 - 2014-01-06 13:37 - 00001299 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio 14.lnk
2014-01-06 13:37 - 2014-01-06 13:37 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-01-06 13:35 - 2014-01-06 13:35 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Ashampoo.Burning.Studio.14.v14.0.1.12-TE
2014-01-06 13:24 - 2014-01-06 13:34 - 174128366 _____ () C:\Users\Lubyssek\Downloads\Ashampoo.Burning.Studio.14.v14.0.1.12-TE.rar
2014-01-06 06:58 - 2014-01-06 06:58 - 00001982 _____ () C:\Users\Public\Desktop\Tomb Raider - The Last Revelation.lnk
2014-01-03 15:51 - 2014-01-03 15:51 - 01727037 _____ (emc) C:\Users\Lubyssek\Downloads\uTorrent221.exe
2014-01-03 15:51 - 2014-01-03 15:51 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2014-01-03 08:13 - 2014-01-03 08:13 - 00000034 _____ () C:\Users\Lubyssek\Documents\Untitled.avi.sfl
==================== One Month Modified Files and Folders =======
2014-02-02 13:12 - 2014-02-02 13:12 - 00029696 _____ () C:\Users\Lubyssek\AppData\Local\MSGBOX.EXE
2014-02-02 13:12 - 2014-02-02 13:12 - 00015813 _____ () C:\Users\Lubyssek\Desktop\FRST.txt
2014-02-02 13:12 - 2014-02-02 13:12 - 00015327 _____ () C:\Users\Lubyssek\Desktop\LM.bat
2014-02-02 13:12 - 2014-02-02 13:12 - 00000000 ____D () C:\FRST
2014-02-02 13:11 - 2012-02-12 15:16 - 00632888 _____ () C:\Windows\system32\perfh005.dat
2014-02-02 13:11 - 2012-02-12 15:16 - 00122532 _____ () C:\Windows\system32\perfc005.dat
2014-02-02 13:11 - 2009-07-14 06:13 - 01470298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-02 12:55 - 2014-02-02 12:55 - 00112640 _____ (forum.viry.cz) C:\Users\Lubyssek\Desktop\FRSTLauncher.exe
2014-02-02 12:55 - 2014-02-02 12:54 - 02080256 _____ (Farbar) C:\Users\Lubyssek\Desktop\FRST64.exe
2014-02-02 12:47 - 2014-01-10 22:36 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-02 12:37 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-02 12:37 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-02 12:32 - 2014-02-02 12:32 - 00000546 _____ () C:\Windows\PFRO.log
2014-02-02 12:32 - 2014-02-02 12:09 - 00000112 _____ () C:\Windows\setupact.log
2014-02-02 12:32 - 2014-01-10 22:36 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-02 12:32 - 2012-02-12 17:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-02 12:32 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-02 12:29 - 2014-02-02 12:29 - 00022260 _____ () C:\ComboFix.txt
2014-02-02 12:29 - 2014-02-02 12:22 - 00000000 ____D () C:\Qoobox
2014-02-02 12:28 - 2014-02-02 12:22 - 00000000 ____D () C:\Windows\erdnt
2014-02-02 12:27 - 2014-02-01 18:07 - 00000000 __SHD () C:\Users\Lubyssek\AppData\Roaming\IntelCommon
2014-02-02 12:27 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-02 12:22 - 2014-02-02 12:21 - 05179159 ____R (Swearware) C:\Users\Lubyssek\Downloads\Combo.exe
2014-02-02 12:14 - 2014-02-02 12:14 - 00000000 ____D () C:\Windows\pss
2014-02-02 12:09 - 2014-02-02 12:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-02 12:05 - 2013-11-21 23:05 - 00000000 ____D () C:\ProgramData\VSO
2014-02-02 12:03 - 2012-02-12 16:42 - 00070960 _____ () C:\Users\Lubyssek\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-02 12:01 - 2014-02-02 10:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-02 12:00 - 2014-02-02 12:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lubyssek\Downloads\mbam-setup-1.75.0.1300 (2).exe
2014-02-02 12:00 - 2014-02-02 10:46 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-02 11:54 - 2009-07-14 05:45 - 04871904 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-02 11:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Cursors
2014-02-02 11:52 - 2014-02-02 11:32 - 00000000 ____D () C:\Users\Lubyssek\Desktop\mbar
2014-02-02 11:34 - 2014-02-02 11:34 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-02 11:32 - 2014-02-02 11:32 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Lubyssek\Downloads\mbar-1.07.0.1009.exe
2014-02-02 11:32 - 2014-02-02 11:32 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-02 11:32 - 2014-02-02 11:29 - 04721920 _____ (Piriform Ltd) C:\Users\Lubyssek\Downloads\ccsetup410.exe
2014-02-02 11:29 - 2014-02-02 11:29 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-02 11:29 - 2012-09-02 17:29 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-02 11:24 - 2012-02-12 14:51 - 00000000 ___RD () C:\Users\Lubyssek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-02 11:20 - 2012-04-19 08:32 - 00000974 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2785469271-466106000-114112601-1000UA.job
2014-02-02 11:18 - 2014-02-02 11:18 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\TeamViewer
2014-02-02 11:06 - 2014-02-02 11:06 - 05855408 _____ (TeamViewer GmbH) C:\Users\Lubyssek\Downloads\TeamViewer_Setup_cs.exe
2014-02-02 11:06 - 2014-02-02 11:06 - 00001162 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-02 11:06 - 2014-02-02 11:06 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-02 11:04 - 2012-03-04 15:01 - 00000000 ____D () C:\Users\Lubyssek\Desktop\fotky
2014-02-02 10:59 - 2012-05-10 18:49 - 00000994 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2785469271-466106000-114112601-1000UA.job
2014-02-02 10:58 - 2012-02-12 14:57 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C8F54388-628C-4234-AADE-8CC4B5F707E4}
2014-02-02 10:45 - 2014-02-02 10:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lubyssek\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-02 10:43 - 2012-02-12 19:14 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Media Player Classic
2014-02-02 10:42 - 2012-02-12 14:51 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\uTorrent
2014-02-01 18:16 - 2012-02-12 16:42 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-02-01 17:40 - 2014-02-01 16:17 - 1976243195 _____ () C:\Users\Lubyssek\Downloads\[Lucas Raunch] London Showers.mp4
2014-02-01 17:20 - 2012-04-19 08:32 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2785469271-466106000-114112601-1000Core.job
2014-02-01 16:19 - 2014-02-01 16:19 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Michael Jackson - Live In Brunei CD 1
2014-02-01 16:19 - 2014-02-01 16:10 - 401208483 _____ () C:\Users\Lubyssek\Downloads\Michael Jackson - Live In Brunei CD 1.rar
2014-02-01 16:16 - 2014-02-01 16:16 - 00038057 _____ () C:\Users\Lubyssek\Downloads\[Lucas Raunch] London Showers.torrent
2014-02-01 16:07 - 2014-02-01 16:07 - 00003224 _____ () C:\Windows\System32\Tasks\Windows Update Check - 0x1C710430
2014-02-01 13:42 - 2014-01-30 11:05 - 00000000 ____D () C:\Users\Lubyssek\Downloads\FB
2014-01-30 23:39 - 2014-01-30 23:08 - 43443583 _____ () C:\Users\Lubyssek\Desktop\OPRAH DVD OBAL.psd
2014-01-30 22:59 - 2012-05-10 18:49 - 00000972 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2785469271-466106000-114112601-1000Core.job
2014-01-30 22:27 - 2014-01-30 21:51 - 00000000 ____D () C:\Users\Lubyssek\Desktop\Michael Jackson Talks... To Oprah
2014-01-29 09:13 - 2014-01-29 09:11 - 00000000 ____D () C:\Users\Lubyssek\Downloads\retz
2014-01-27 07:13 - 2012-02-12 15:40 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Adobe
2014-01-26 12:27 - 2014-01-26 12:21 - 421484544 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x09.avi
2014-01-26 12:18 - 2014-01-26 12:15 - 421722112 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x08.avi
2014-01-25 23:45 - 2014-01-11 21:57 - 00025585 _____ () C:\Users\Lubyssek\Documents\OPRAH titulky.srt
2014-01-25 20:17 - 2014-01-25 20:14 - 416679936 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x07.avi
2014-01-25 20:13 - 2014-01-25 20:10 - 416618496 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x06.avi
2014-01-25 20:07 - 2014-01-25 20:03 - 422477824 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x05.avi
2014-01-25 19:37 - 2014-01-25 19:33 - 419321856 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x04.avi
2014-01-25 19:32 - 2014-01-25 19:29 - 419477504 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x03.avi
2014-01-25 18:13 - 2014-01-25 18:11 - 418146304 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x02.avi
2014-01-25 09:18 - 2012-03-03 13:53 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-25 09:13 - 2014-01-25 09:13 - 00001898 _____ () C:\Users\Public\Desktop\Tomb Raider Chronicles.lnk
2014-01-25 09:13 - 2013-11-15 12:41 - 00000000 ____D () C:\Program Files (x86)\Eidos
2014-01-25 09:13 - 2012-02-12 16:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-24 11:50 - 2014-01-22 18:06 - 00000000 ____D () C:\Users\Lubyssek\Downloads\MNAGA A ZDORP - Platinum Collection (CZ 3CD 2008)
2014-01-24 09:23 - 2012-06-17 11:06 - 00000000 ____D () C:\Users\Lubyssek\Desktop\tvorba
2014-01-24 09:13 - 2014-01-24 09:13 - 68035594 _____ () C:\Users\Lubyssek\Downloads\Rock With You - Michael Jackson (Unplugged IMWhizzle Rendition).wav
2014-01-24 09:00 - 2014-01-10 22:37 - 00000000 ____D () C:\Program Files\Google
2014-01-24 09:00 - 2014-01-10 22:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-23 13:39 - 2014-01-23 13:39 - 00000000 ____D () C:\Users\Lubyssek\Downloads\RWY(multitracks)
2014-01-23 13:36 - 2012-02-12 16:32 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2014-01-23 13:35 - 2012-06-19 09:44 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Xilisoft
2014-01-23 13:34 - 2012-02-12 16:22 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-01-23 13:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-01-23 13:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-01-23 13:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-01-23 13:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-01-23 13:31 - 2012-04-19 08:32 - 00000000 ____D () C:\Users\Lubyssek\AppData\Local\Google
2014-01-23 13:30 - 2012-06-20 08:08 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-01-23 13:30 - 2012-02-13 11:12 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Mozilla
2014-01-20 23:38 - 2014-01-20 23:36 - 50957359 _____ () C:\Users\Lubyssek\Documents\Title 02.mp4
2014-01-19 20:23 - 2014-01-19 20:23 - 00029165 _____ () C:\Users\Lubyssek\Downloads\ Fear.torrent
2014-01-19 08:33 - 2012-02-12 15:07 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-17 21:17 - 2014-01-17 21:17 - 66791436 _____ () C:\Users\Lubyssek\Downloads\Michael Jackson - Ghosts (Alternate, 2nd version - LDRip - Real lossless).wav
2014-01-16 03:03 - 2013-08-14 22:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 03:00 - 2012-02-12 15:49 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 08:48 - 2014-01-15 08:44 - 00000000 ____D () C:\Users\Lubyssek\Desktop\Nová složka
2014-01-14 21:11 - 2014-01-14 21:04 - 53388386 _____ () C:\Users\Lubyssek\Downloads\Ice Cube, Shaquille O'Neal & Michael Jackson - We Be Ballin' (Master Mix - A&M Post Production Acetate CD - Real lossless).wav
2014-01-14 08:50 - 2014-01-14 08:49 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Michael Jackson - Who Is It (12 Single)
2014-01-13 11:56 - 2014-01-13 11:56 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Gymnázium-Podbořany---20.12.2013_Petr-Průša-Photo
2014-01-13 11:28 - 2014-01-08 18:25 - 00000000 ____D () C:\Users\Lubyssek\Desktop\čtvrtek
2014-01-10 23:22 - 2014-01-10 23:22 - 00034359 _____ () C:\Users\Lubyssek\Downloads\♺ Rascal - Water Logged (2013 mp4).torrent
2014-01-10 22:42 - 2014-01-10 22:36 - 00003952 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-10 22:42 - 2014-01-10 22:36 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-10 22:36 - 2014-01-10 22:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-10 22:36 - 2012-02-12 16:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-10 22:35 - 2012-02-12 15:40 - 00000000 ____D () C:\Users\Lubyssek\AppData\Local\Adobe
2014-01-10 22:18 - 2012-05-19 21:24 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\DAEMON Tools Lite
2014-01-10 12:53 - 2014-01-10 12:53 - 00000000 ____D () C:\Users\Lubyssek\Documents\Ashampoo Burning Studio 14
2014-01-10 12:34 - 2009-07-14 06:08 - 00032550 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-09 20:15 - 2014-01-09 20:15 - 00018096 _____ () C:\Users\Lubyssek\Downloads\Warehouse (2008) mp4.torrent
2014-01-07 11:07 - 2014-01-07 11:07 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Vladis---Diamant-(2013)
2014-01-06 13:37 - 2014-01-06 13:37 - 00002255 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio 14 Compact Mode.lnk
2014-01-06 13:37 - 2014-01-06 13:37 - 00001299 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio 14.lnk
2014-01-06 13:37 - 2014-01-06 13:37 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-01-06 13:37 - 2012-02-12 16:42 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Ashampoo
2014-01-06 13:37 - 2012-02-12 16:32 - 00000000 ____D () C:\Users\Lubyssek\AppData\Local\ashampoo
2014-01-06 13:36 - 2012-02-12 16:32 - 00000000 ____D () C:\ProgramData\ashampoo
2014-01-06 13:35 - 2014-01-06 13:35 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Ashampoo.Burning.Studio.14.v14.0.1.12-TE
2014-01-06 13:34 - 2014-01-06 13:24 - 174128366 _____ () C:\Users\Lubyssek\Downloads\Ashampoo.Burning.Studio.14.v14.0.1.12-TE.rar
2014-01-06 06:58 - 2014-01-06 06:58 - 00001982 _____ () C:\Users\Public\Desktop\Tomb Raider - The Last Revelation.lnk
2014-01-04 13:21 - 2013-07-15 14:46 - 00000000 ____D () C:\Users\Lubyssek\Downloads\HIP HAP HOP
2014-01-03 20:42 - 2013-11-08 12:24 - 00000000 ____D () C:\Users\Lubyssek\Desktop\ARTPOP
2014-01-03 15:51 - 2014-01-03 15:51 - 01727037 _____ (emc) C:\Users\Lubyssek\Downloads\uTorrent221.exe
2014-01-03 15:51 - 2014-01-03 15:51 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2014-01-03 08:13 - 2014-01-03 08:13 - 00000034 _____ () C:\Users\Lubyssek\Documents\Untitled.avi.sfl
Files to move or delete:
====================
C:\ProgramData\0otlod.reg
C:\ProgramData\1R5Gq14ns.dat
C:\ProgramData\8veq1.reg
C:\ProgramData\ofqar.reg
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-30 12:30
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04
Ran by Lubyssek (administrator) on LUBYSSEK-PC on 02-02-2014 13:12:23
Running from C:\Users\Lubyssek\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\agcp.exe
(forum.viry.cz) C:\Users\Lubyssek\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8114720 2009-09-11] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2785469271-466106000-114112601-1000\...\Run: [wininit64] - C:\ProgramData\wininit64\hwxtesuug.exe [0 ] ()
HKU\S-1-5-21-2785469271-466106000-114112601-1000\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-2785469271-466106000-114112601-1000\...\Policies\Explorer: [HideSCAHealth] 1
IFEO\mbam.exe: [Debugger] gpms.exe
IFEO\mbamgui.exe: [Debugger] omyl.exe
IFEO\rstrui.exe: [Debugger] ria.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6416898B8FE9CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=co ... 676074&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.coolwebsearch.info/?unqvl=19
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.p ... 676074&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.p ... 676074&ir=
SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.mysearchdial.com/results.p ... 676074&ir=
SearchScopes: HKLM-x32 - {417B7EBE-C577-C478-7F7B-3C28CC9C0669} URL = http://search.sweetim.com/search.asp?sr ... 6D04171E29}
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.coolwebsearch.info/?un ... earchTerms}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.mysearchdial.com/results.p ... 676074&ir=
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://start.mysearchdial.com/results.p ... 676074&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://start.mysearchdial.com/results.p ... 676074&ir=
SearchScopes: HKCU - {6AD185AD-78EA-0A06-DE33-61C0EA1B24B5} URL = http://search.babylon.com/?q={searchTer ... &tt=4812_3
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.coolwebsearch.info/?un ... earchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 6D04171E29}
BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\Win64\NotebookPlugin.dll (SMART Technologies ULC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\Win32\NotebookPlugin.dll (SMART Technologies ULC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name - {d6451db9-67e1-4ca3-bfba-4d77fface17f} - No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Social Extras Plugin - {FF4E1D1D-705B-4379-AB33-22D98C1ABF55} - C:\Program Files (x86)\SocialExtras\socialx.dll (FBSkins.com)
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=724
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Lubyssek\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Lubyssek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Lubyssek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Extension: No Name - C:\Users\Lubyssek\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-05-29]
FF Extension: FTdownloader V4.0 - C:\Users\Lubyssek\AppData\Roaming\Mozilla\Firefox\profiles\extensions\ftdownloader4@ftdownloader.com.xpi [2013-05-28]
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Select all Facebook friends) - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbcjpjecmkjagmnhgfojblhjhnalbda [2013-02-18]
CHR Extension: (SweetIM for Facebook) - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2012-11-22]
CHR Extension: (Facebook Invite All To Event 2014) - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkifjigoeilijkcnpfdjbpdjgnbfibec [2012-08-04]
CHR Extension: (Enhance Views) - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\llgnkbjfcnjfgkgciddcohamdeendcoo [2013-09-20]
CHR Extension: (Google Wallet) - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Facebook Inviter) - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofcnbnhefnmjancehemliplicihbcjjb [2012-04-19]
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2012-11-22]
CHR HKLM-x32\...\Chrome\Extension: [bebnnlollpcjnfpkafhoclljaojgnfok] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx [2012-11-22]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-11-06]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Lubyssek\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2012-11-06]
CHR StartMenuInternet: Google Chrome - C:\Users\Lubyssek\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-08-22] ()
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [580976 2012-03-21] (SMART Technologies)
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-19] (DT Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 nvrd64; C:\Windows\system32\DRIVERS\nvrd64.sys [175648 2009-06-30] (NVIDIA Corporation)
S3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [13168 2012-03-21] (SMART Technologies ULC)
R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [16368 2012-03-21] (SMART Technologies ULC)
R3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [24944 2012-03-21] (SMART Technologies ULC)
S1 abquvnkk; \??\C:\Windows\system32\drivers\abquvnkk.sys [x]
S3 catchme; \??\C:\Combo\catchme.sys [x]
S1 fepigich; \??\C:\Windows\system32\drivers\fepigich.sys [x]
S3 Huawei; system32\DRIVERS\ewdcsc.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
S1 kudnapnj; \??\C:\Windows\system32\drivers\kudnapnj.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-02 13:12 - 2014-02-02 13:12 - 00029696 _____ () C:\Users\Lubyssek\AppData\Local\MSGBOX.EXE
2014-02-02 13:12 - 2014-02-02 13:12 - 00015813 _____ () C:\Users\Lubyssek\Desktop\FRST.txt
2014-02-02 13:12 - 2014-02-02 13:12 - 00015327 _____ () C:\Users\Lubyssek\Desktop\LM.bat
2014-02-02 13:12 - 2014-02-02 13:12 - 00000000 ____D () C:\FRST
2014-02-02 12:55 - 2014-02-02 12:55 - 00112640 _____ (forum.viry.cz) C:\Users\Lubyssek\Desktop\FRSTLauncher.exe
2014-02-02 12:54 - 2014-02-02 12:55 - 02080256 _____ (Farbar) C:\Users\Lubyssek\Desktop\FRST64.exe
2014-02-02 12:32 - 2014-02-02 12:32 - 00000546 _____ () C:\Windows\PFRO.log
2014-02-02 12:29 - 2014-02-02 12:29 - 00022260 _____ () C:\ComboFix.txt
2014-02-02 12:22 - 2014-02-02 12:29 - 00000000 ____D () C:\Qoobox
2014-02-02 12:22 - 2014-02-02 12:28 - 00000000 ____D () C:\Windows\erdnt
2014-02-02 12:22 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-02 12:22 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-02 12:22 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-02 12:22 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-02 12:22 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-02 12:22 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-02 12:22 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-02 12:22 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-02 12:21 - 2014-02-02 12:22 - 05179159 ____R (Swearware) C:\Users\Lubyssek\Downloads\Combo.exe
2014-02-02 12:14 - 2014-02-02 12:14 - 00000000 ____D () C:\Windows\pss
2014-02-02 12:09 - 2014-02-02 12:32 - 00000112 _____ () C:\Windows\setupact.log
2014-02-02 12:09 - 2014-02-02 12:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-02 12:00 - 2014-02-02 12:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lubyssek\Downloads\mbam-setup-1.75.0.1300 (2).exe
2014-02-02 11:34 - 2014-02-02 11:34 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-02 11:32 - 2014-02-02 11:52 - 00000000 ____D () C:\Users\Lubyssek\Desktop\mbar
2014-02-02 11:32 - 2014-02-02 11:32 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Lubyssek\Downloads\mbar-1.07.0.1009.exe
2014-02-02 11:32 - 2014-02-02 11:32 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-02 11:29 - 2014-02-02 11:32 - 04721920 _____ (Piriform Ltd) C:\Users\Lubyssek\Downloads\ccsetup410.exe
2014-02-02 11:29 - 2014-02-02 11:29 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-02 11:18 - 2014-02-02 11:18 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\TeamViewer
2014-02-02 11:06 - 2014-02-02 11:06 - 05855408 _____ (TeamViewer GmbH) C:\Users\Lubyssek\Downloads\TeamViewer_Setup_cs.exe
2014-02-02 11:06 - 2014-02-02 11:06 - 00001162 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-02 11:06 - 2014-02-02 11:06 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-02 10:46 - 2014-02-02 12:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-02 10:46 - 2014-02-02 12:00 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-02 10:46 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-02 10:45 - 2014-02-02 10:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lubyssek\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-01 18:07 - 2014-02-02 12:27 - 00000000 __SHD () C:\Users\Lubyssek\AppData\Roaming\IntelCommon
2014-02-01 16:19 - 2014-02-01 16:19 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Michael Jackson - Live In Brunei CD 1
2014-02-01 16:17 - 2014-02-01 17:40 - 1976243195 _____ () C:\Users\Lubyssek\Downloads\[Lucas Raunch] London Showers.mp4
2014-02-01 16:16 - 2014-02-01 16:16 - 00038057 _____ () C:\Users\Lubyssek\Downloads\[Lucas Raunch] London Showers.torrent
2014-02-01 16:10 - 2014-02-01 16:19 - 401208483 _____ () C:\Users\Lubyssek\Downloads\Michael Jackson - Live In Brunei CD 1.rar
2014-02-01 16:07 - 2014-02-01 16:07 - 00003224 _____ () C:\Windows\System32\Tasks\Windows Update Check - 0x1C710430
2014-01-30 23:08 - 2014-01-30 23:39 - 43443583 _____ () C:\Users\Lubyssek\Desktop\OPRAH DVD OBAL.psd
2014-01-30 21:51 - 2014-01-30 22:27 - 00000000 ____D () C:\Users\Lubyssek\Desktop\Michael Jackson Talks... To Oprah
2014-01-30 11:05 - 2014-02-01 13:42 - 00000000 ____D () C:\Users\Lubyssek\Downloads\FB
2014-01-29 09:11 - 2014-01-29 09:13 - 00000000 ____D () C:\Users\Lubyssek\Downloads\retz
2014-01-26 12:21 - 2014-01-26 12:27 - 421484544 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x09.avi
2014-01-26 12:15 - 2014-01-26 12:18 - 421722112 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x08.avi
2014-01-25 20:14 - 2014-01-25 20:17 - 416679936 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x07.avi
2014-01-25 20:10 - 2014-01-25 20:13 - 416618496 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x06.avi
2014-01-25 20:03 - 2014-01-25 20:07 - 422477824 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x05.avi
2014-01-25 19:33 - 2014-01-25 19:37 - 419321856 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x04.avi
2014-01-25 19:29 - 2014-01-25 19:32 - 419477504 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x03.avi
2014-01-25 18:11 - 2014-01-25 18:13 - 418146304 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x02.avi
2014-01-25 09:13 - 2014-01-25 09:13 - 00001898 _____ () C:\Users\Public\Desktop\Tomb Raider Chronicles.lnk
2014-01-24 09:13 - 2014-01-24 09:13 - 68035594 _____ () C:\Users\Lubyssek\Downloads\Rock With You - Michael Jackson (Unplugged IMWhizzle Rendition).wav
2014-01-23 13:39 - 2014-01-23 13:39 - 00000000 ____D () C:\Users\Lubyssek\Downloads\RWY(multitracks)
2014-01-22 18:06 - 2014-01-24 11:50 - 00000000 ____D () C:\Users\Lubyssek\Downloads\MNAGA A ZDORP - Platinum Collection (CZ 3CD 2008)
2014-01-20 23:36 - 2014-01-20 23:38 - 50957359 _____ () C:\Users\Lubyssek\Documents\Title 02.mp4
2014-01-19 20:23 - 2014-01-19 20:23 - 00029165 _____ () C:\Users\Lubyssek\Downloads\ Fear.torrent
2014-01-17 21:17 - 2014-01-17 21:17 - 66791436 _____ () C:\Users\Lubyssek\Downloads\Michael Jackson - Ghosts (Alternate, 2nd version - LDRip - Real lossless).wav
2014-01-15 18:32 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:32 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:32 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:32 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:32 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:32 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:32 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:32 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:32 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 08:44 - 2014-01-15 08:48 - 00000000 ____D () C:\Users\Lubyssek\Desktop\Nová složka
2014-01-14 21:04 - 2014-01-14 21:11 - 53388386 _____ () C:\Users\Lubyssek\Downloads\Ice Cube, Shaquille O'Neal & Michael Jackson - We Be Ballin' (Master Mix - A&M Post Production Acetate CD - Real lossless).wav
2014-01-14 08:49 - 2014-01-14 08:50 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Michael Jackson - Who Is It (12 Single)
2014-01-13 11:56 - 2014-01-13 11:56 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Gymnázium-Podbořany---20.12.2013_Petr-Průša-Photo
2014-01-11 21:57 - 2014-01-25 23:45 - 00025585 _____ () C:\Users\Lubyssek\Documents\OPRAH titulky.srt
2014-01-10 23:22 - 2014-01-10 23:22 - 00034359 _____ () C:\Users\Lubyssek\Downloads\♺ Rascal - Water Logged (2013 mp4).torrent
2014-01-10 22:37 - 2014-01-24 09:00 - 00000000 ____D () C:\Program Files\Google
2014-01-10 22:36 - 2014-02-02 12:47 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 22:36 - 2014-02-02 12:32 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 22:36 - 2014-01-24 09:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-10 22:36 - 2014-01-10 22:42 - 00003952 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-10 22:36 - 2014-01-10 22:42 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-10 22:36 - 2014-01-10 22:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-10 12:53 - 2014-01-10 12:53 - 00000000 ____D () C:\Users\Lubyssek\Documents\Ashampoo Burning Studio 14
2014-01-09 20:15 - 2014-01-09 20:15 - 00018096 _____ () C:\Users\Lubyssek\Downloads\Warehouse (2008) mp4.torrent
2014-01-08 18:25 - 2014-01-13 11:28 - 00000000 ____D () C:\Users\Lubyssek\Desktop\čtvrtek
2014-01-07 11:07 - 2014-01-07 11:07 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Vladis---Diamant-(2013)
2014-01-06 13:37 - 2014-01-06 13:37 - 00002255 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio 14 Compact Mode.lnk
2014-01-06 13:37 - 2014-01-06 13:37 - 00001299 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio 14.lnk
2014-01-06 13:37 - 2014-01-06 13:37 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-01-06 13:35 - 2014-01-06 13:35 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Ashampoo.Burning.Studio.14.v14.0.1.12-TE
2014-01-06 13:24 - 2014-01-06 13:34 - 174128366 _____ () C:\Users\Lubyssek\Downloads\Ashampoo.Burning.Studio.14.v14.0.1.12-TE.rar
2014-01-06 06:58 - 2014-01-06 06:58 - 00001982 _____ () C:\Users\Public\Desktop\Tomb Raider - The Last Revelation.lnk
2014-01-03 15:51 - 2014-01-03 15:51 - 01727037 _____ (emc) C:\Users\Lubyssek\Downloads\uTorrent221.exe
2014-01-03 15:51 - 2014-01-03 15:51 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2014-01-03 08:13 - 2014-01-03 08:13 - 00000034 _____ () C:\Users\Lubyssek\Documents\Untitled.avi.sfl
==================== One Month Modified Files and Folders =======
2014-02-02 13:12 - 2014-02-02 13:12 - 00029696 _____ () C:\Users\Lubyssek\AppData\Local\MSGBOX.EXE
2014-02-02 13:12 - 2014-02-02 13:12 - 00015813 _____ () C:\Users\Lubyssek\Desktop\FRST.txt
2014-02-02 13:12 - 2014-02-02 13:12 - 00015327 _____ () C:\Users\Lubyssek\Desktop\LM.bat
2014-02-02 13:12 - 2014-02-02 13:12 - 00000000 ____D () C:\FRST
2014-02-02 13:11 - 2012-02-12 15:16 - 00632888 _____ () C:\Windows\system32\perfh005.dat
2014-02-02 13:11 - 2012-02-12 15:16 - 00122532 _____ () C:\Windows\system32\perfc005.dat
2014-02-02 13:11 - 2009-07-14 06:13 - 01470298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-02 12:55 - 2014-02-02 12:55 - 00112640 _____ (forum.viry.cz) C:\Users\Lubyssek\Desktop\FRSTLauncher.exe
2014-02-02 12:55 - 2014-02-02 12:54 - 02080256 _____ (Farbar) C:\Users\Lubyssek\Desktop\FRST64.exe
2014-02-02 12:47 - 2014-01-10 22:36 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-02 12:37 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-02 12:37 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-02 12:32 - 2014-02-02 12:32 - 00000546 _____ () C:\Windows\PFRO.log
2014-02-02 12:32 - 2014-02-02 12:09 - 00000112 _____ () C:\Windows\setupact.log
2014-02-02 12:32 - 2014-01-10 22:36 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-02 12:32 - 2012-02-12 17:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-02 12:32 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-02 12:29 - 2014-02-02 12:29 - 00022260 _____ () C:\ComboFix.txt
2014-02-02 12:29 - 2014-02-02 12:22 - 00000000 ____D () C:\Qoobox
2014-02-02 12:28 - 2014-02-02 12:22 - 00000000 ____D () C:\Windows\erdnt
2014-02-02 12:27 - 2014-02-01 18:07 - 00000000 __SHD () C:\Users\Lubyssek\AppData\Roaming\IntelCommon
2014-02-02 12:27 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-02 12:22 - 2014-02-02 12:21 - 05179159 ____R (Swearware) C:\Users\Lubyssek\Downloads\Combo.exe
2014-02-02 12:14 - 2014-02-02 12:14 - 00000000 ____D () C:\Windows\pss
2014-02-02 12:09 - 2014-02-02 12:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-02 12:05 - 2013-11-21 23:05 - 00000000 ____D () C:\ProgramData\VSO
2014-02-02 12:03 - 2012-02-12 16:42 - 00070960 _____ () C:\Users\Lubyssek\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-02 12:01 - 2014-02-02 10:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-02 12:00 - 2014-02-02 12:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lubyssek\Downloads\mbam-setup-1.75.0.1300 (2).exe
2014-02-02 12:00 - 2014-02-02 10:46 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-02 11:54 - 2009-07-14 05:45 - 04871904 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-02 11:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Cursors
2014-02-02 11:52 - 2014-02-02 11:32 - 00000000 ____D () C:\Users\Lubyssek\Desktop\mbar
2014-02-02 11:34 - 2014-02-02 11:34 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-02 11:32 - 2014-02-02 11:32 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Lubyssek\Downloads\mbar-1.07.0.1009.exe
2014-02-02 11:32 - 2014-02-02 11:32 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-02 11:32 - 2014-02-02 11:29 - 04721920 _____ (Piriform Ltd) C:\Users\Lubyssek\Downloads\ccsetup410.exe
2014-02-02 11:29 - 2014-02-02 11:29 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-02 11:29 - 2012-09-02 17:29 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-02 11:24 - 2012-02-12 14:51 - 00000000 ___RD () C:\Users\Lubyssek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-02 11:20 - 2012-04-19 08:32 - 00000974 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2785469271-466106000-114112601-1000UA.job
2014-02-02 11:18 - 2014-02-02 11:18 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\TeamViewer
2014-02-02 11:06 - 2014-02-02 11:06 - 05855408 _____ (TeamViewer GmbH) C:\Users\Lubyssek\Downloads\TeamViewer_Setup_cs.exe
2014-02-02 11:06 - 2014-02-02 11:06 - 00001162 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-02 11:06 - 2014-02-02 11:06 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-02 11:04 - 2012-03-04 15:01 - 00000000 ____D () C:\Users\Lubyssek\Desktop\fotky
2014-02-02 10:59 - 2012-05-10 18:49 - 00000994 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2785469271-466106000-114112601-1000UA.job
2014-02-02 10:58 - 2012-02-12 14:57 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C8F54388-628C-4234-AADE-8CC4B5F707E4}
2014-02-02 10:45 - 2014-02-02 10:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lubyssek\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-02 10:43 - 2012-02-12 19:14 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Media Player Classic
2014-02-02 10:42 - 2012-02-12 14:51 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\uTorrent
2014-02-01 18:16 - 2012-02-12 16:42 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-02-01 17:40 - 2014-02-01 16:17 - 1976243195 _____ () C:\Users\Lubyssek\Downloads\[Lucas Raunch] London Showers.mp4
2014-02-01 17:20 - 2012-04-19 08:32 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2785469271-466106000-114112601-1000Core.job
2014-02-01 16:19 - 2014-02-01 16:19 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Michael Jackson - Live In Brunei CD 1
2014-02-01 16:19 - 2014-02-01 16:10 - 401208483 _____ () C:\Users\Lubyssek\Downloads\Michael Jackson - Live In Brunei CD 1.rar
2014-02-01 16:16 - 2014-02-01 16:16 - 00038057 _____ () C:\Users\Lubyssek\Downloads\[Lucas Raunch] London Showers.torrent
2014-02-01 16:07 - 2014-02-01 16:07 - 00003224 _____ () C:\Windows\System32\Tasks\Windows Update Check - 0x1C710430
2014-02-01 13:42 - 2014-01-30 11:05 - 00000000 ____D () C:\Users\Lubyssek\Downloads\FB
2014-01-30 23:39 - 2014-01-30 23:08 - 43443583 _____ () C:\Users\Lubyssek\Desktop\OPRAH DVD OBAL.psd
2014-01-30 22:59 - 2012-05-10 18:49 - 00000972 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2785469271-466106000-114112601-1000Core.job
2014-01-30 22:27 - 2014-01-30 21:51 - 00000000 ____D () C:\Users\Lubyssek\Desktop\Michael Jackson Talks... To Oprah
2014-01-29 09:13 - 2014-01-29 09:11 - 00000000 ____D () C:\Users\Lubyssek\Downloads\retz
2014-01-27 07:13 - 2012-02-12 15:40 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Adobe
2014-01-26 12:27 - 2014-01-26 12:21 - 421484544 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x09.avi
2014-01-26 12:18 - 2014-01-26 12:15 - 421722112 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x08.avi
2014-01-25 23:45 - 2014-01-11 21:57 - 00025585 _____ () C:\Users\Lubyssek\Documents\OPRAH titulky.srt
2014-01-25 20:17 - 2014-01-25 20:14 - 416679936 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x07.avi
2014-01-25 20:13 - 2014-01-25 20:10 - 416618496 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x06.avi
2014-01-25 20:07 - 2014-01-25 20:03 - 422477824 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x05.avi
2014-01-25 19:37 - 2014-01-25 19:33 - 419321856 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x04.avi
2014-01-25 19:32 - 2014-01-25 19:29 - 419477504 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x03.avi
2014-01-25 18:13 - 2014-01-25 18:11 - 418146304 _____ () C:\Users\Lubyssek\Downloads\Odpocivej v pokoji 3x02.avi
2014-01-25 09:18 - 2012-03-03 13:53 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-25 09:13 - 2014-01-25 09:13 - 00001898 _____ () C:\Users\Public\Desktop\Tomb Raider Chronicles.lnk
2014-01-25 09:13 - 2013-11-15 12:41 - 00000000 ____D () C:\Program Files (x86)\Eidos
2014-01-25 09:13 - 2012-02-12 16:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-24 11:50 - 2014-01-22 18:06 - 00000000 ____D () C:\Users\Lubyssek\Downloads\MNAGA A ZDORP - Platinum Collection (CZ 3CD 2008)
2014-01-24 09:23 - 2012-06-17 11:06 - 00000000 ____D () C:\Users\Lubyssek\Desktop\tvorba
2014-01-24 09:13 - 2014-01-24 09:13 - 68035594 _____ () C:\Users\Lubyssek\Downloads\Rock With You - Michael Jackson (Unplugged IMWhizzle Rendition).wav
2014-01-24 09:00 - 2014-01-10 22:37 - 00000000 ____D () C:\Program Files\Google
2014-01-24 09:00 - 2014-01-10 22:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-23 13:39 - 2014-01-23 13:39 - 00000000 ____D () C:\Users\Lubyssek\Downloads\RWY(multitracks)
2014-01-23 13:36 - 2012-02-12 16:32 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2014-01-23 13:35 - 2012-06-19 09:44 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Xilisoft
2014-01-23 13:34 - 2012-02-12 16:22 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-01-23 13:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-01-23 13:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-01-23 13:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-01-23 13:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-01-23 13:31 - 2012-04-19 08:32 - 00000000 ____D () C:\Users\Lubyssek\AppData\Local\Google
2014-01-23 13:30 - 2012-06-20 08:08 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-01-23 13:30 - 2012-02-13 11:12 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Mozilla
2014-01-20 23:38 - 2014-01-20 23:36 - 50957359 _____ () C:\Users\Lubyssek\Documents\Title 02.mp4
2014-01-19 20:23 - 2014-01-19 20:23 - 00029165 _____ () C:\Users\Lubyssek\Downloads\ Fear.torrent
2014-01-19 08:33 - 2012-02-12 15:07 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-17 21:17 - 2014-01-17 21:17 - 66791436 _____ () C:\Users\Lubyssek\Downloads\Michael Jackson - Ghosts (Alternate, 2nd version - LDRip - Real lossless).wav
2014-01-16 03:03 - 2013-08-14 22:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 03:00 - 2012-02-12 15:49 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 08:48 - 2014-01-15 08:44 - 00000000 ____D () C:\Users\Lubyssek\Desktop\Nová složka
2014-01-14 21:11 - 2014-01-14 21:04 - 53388386 _____ () C:\Users\Lubyssek\Downloads\Ice Cube, Shaquille O'Neal & Michael Jackson - We Be Ballin' (Master Mix - A&M Post Production Acetate CD - Real lossless).wav
2014-01-14 08:50 - 2014-01-14 08:49 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Michael Jackson - Who Is It (12 Single)
2014-01-13 11:56 - 2014-01-13 11:56 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Gymnázium-Podbořany---20.12.2013_Petr-Průša-Photo
2014-01-13 11:28 - 2014-01-08 18:25 - 00000000 ____D () C:\Users\Lubyssek\Desktop\čtvrtek
2014-01-10 23:22 - 2014-01-10 23:22 - 00034359 _____ () C:\Users\Lubyssek\Downloads\♺ Rascal - Water Logged (2013 mp4).torrent
2014-01-10 22:42 - 2014-01-10 22:36 - 00003952 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-10 22:42 - 2014-01-10 22:36 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-10 22:36 - 2014-01-10 22:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-10 22:36 - 2012-02-12 16:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-10 22:35 - 2012-02-12 15:40 - 00000000 ____D () C:\Users\Lubyssek\AppData\Local\Adobe
2014-01-10 22:18 - 2012-05-19 21:24 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\DAEMON Tools Lite
2014-01-10 12:53 - 2014-01-10 12:53 - 00000000 ____D () C:\Users\Lubyssek\Documents\Ashampoo Burning Studio 14
2014-01-10 12:34 - 2009-07-14 06:08 - 00032550 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-09 20:15 - 2014-01-09 20:15 - 00018096 _____ () C:\Users\Lubyssek\Downloads\Warehouse (2008) mp4.torrent
2014-01-07 11:07 - 2014-01-07 11:07 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Vladis---Diamant-(2013)
2014-01-06 13:37 - 2014-01-06 13:37 - 00002255 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio 14 Compact Mode.lnk
2014-01-06 13:37 - 2014-01-06 13:37 - 00001299 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio 14.lnk
2014-01-06 13:37 - 2014-01-06 13:37 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-01-06 13:37 - 2012-02-12 16:42 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Ashampoo
2014-01-06 13:37 - 2012-02-12 16:32 - 00000000 ____D () C:\Users\Lubyssek\AppData\Local\ashampoo
2014-01-06 13:36 - 2012-02-12 16:32 - 00000000 ____D () C:\ProgramData\ashampoo
2014-01-06 13:35 - 2014-01-06 13:35 - 00000000 ____D () C:\Users\Lubyssek\Downloads\Ashampoo.Burning.Studio.14.v14.0.1.12-TE
2014-01-06 13:34 - 2014-01-06 13:24 - 174128366 _____ () C:\Users\Lubyssek\Downloads\Ashampoo.Burning.Studio.14.v14.0.1.12-TE.rar
2014-01-06 06:58 - 2014-01-06 06:58 - 00001982 _____ () C:\Users\Public\Desktop\Tomb Raider - The Last Revelation.lnk
2014-01-04 13:21 - 2013-07-15 14:46 - 00000000 ____D () C:\Users\Lubyssek\Downloads\HIP HAP HOP
2014-01-03 20:42 - 2013-11-08 12:24 - 00000000 ____D () C:\Users\Lubyssek\Desktop\ARTPOP
2014-01-03 15:51 - 2014-01-03 15:51 - 01727037 _____ (emc) C:\Users\Lubyssek\Downloads\uTorrent221.exe
2014-01-03 15:51 - 2014-01-03 15:51 - 00000000 ____D () C:\Users\Lubyssek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2014-01-03 08:13 - 2014-01-03 08:13 - 00000034 _____ () C:\Users\Lubyssek\Documents\Untitled.avi.sfl
Files to move or delete:
====================
C:\ProgramData\0otlod.reg
C:\ProgramData\1R5Gq14ns.dat
C:\ProgramData\8veq1.reg
C:\ProgramData\ofqar.reg
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-30 12:30
==================== End Of Log ============================
- Přílohy
-
- Addition.zip
- (7.25 KiB) Staženo 39 x
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s ochranou Pc -> nejde obnova ani antivir
Zdravím!
Četl jste vůbec pravidla? Proč spouštíte ComboFix, utilitu určenou pouze profesionálům? Hodláte si nabořit systém, nebo některou z aplikací? A za další: jak je na tom váš oper. systém s legalitou?
Četl jste vůbec pravidla? Proč spouštíte ComboFix, utilitu určenou pouze profesionálům? Hodláte si nabořit systém, nebo některou z aplikací? A za další: jak je na tom váš oper. systém s legalitou?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém s ochranou Pc -> nejde obnova ani antivir
Zdravím,
nemám s Pc moc zkušeností a tak mi to dělal na dálku přes TeamViewer kamarád IT technik. Poradil mi toto forum,protože už nevěděl kam dál a tak sem píši.
Jedná se o osobní pc v rukách studenta.
nemám s Pc moc zkušeností a tak mi to dělal na dálku přes TeamViewer kamarád IT technik. Poradil mi toto forum,protože už nevěděl kam dál a tak sem píši.
Jedná se o osobní pc v rukách studenta.
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s ochranou Pc -> nejde obnova ani antivir
OK. Pomohl bych vám, ale váš oper. systém pravděpodobně není legální. A to by bylo proti pravdlům.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém s ochranou Pc -> nejde obnova ani antivir
Abych se přiznal, vůbec netuším, zda je či není, jelikož mi to dával dohromady pře pár lety právě zmíněný dávný přítel, se kterým nejsme nějak v kontaktu.
Už bohužel nevím kudy kam a každé pomoci si velmi vážím a obdivuji schopnosti těch, co se v tom orientují.
Už bohužel nevím kudy kam a každé pomoci si velmi vážím a obdivuji schopnosti těch, co se v tom orientují.
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s ochranou Pc -> nejde obnova ani antivir
Já také ne. Pravidla hovoří jasně: http://forum.viry.cz/viewtopic.php?f=4&t=108664 . Základem je vědět, co v PC mám legálně a co ne. Lituji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?