﻿Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-12-2013
Ran by Marian (administrator) on MARIAN-PC on 09-12-2013 20:03:55
Running from C:\Users\Marian\Desktop
Microsoft Windows 7 Professional  (X86) OS Language: 041B
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Program Files\Vtune\TBPANEL.exe
(MagicISO, Inc.) C:\Program Files\MagicDisc\MagicDisc.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
() D:\Games\Battlefield\BF1942.exe
() D:\Games\Battlefield\BF1942.exe
() D:\Games\Battlefield\BF1942.exe
() D:\Games\Battlefield\BF1942.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
(forum.viry.cz) C:\Users\Marian\Desktop\FRSTLauncher(1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5110672 2013-09-12] (ESET)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10889832 2011-12-27] (Realtek Semiconductor)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKCU\...\Run: [TBPanel] - C:\Program Files\Vtune\TBPANEL.exe [2158592 2008-12-03] ()
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -update plugin [829832 2013-11-06] (Adobe Systems Incorporated)
MountPoints2: {79f25737-4af9-11e3-ad25-002354ceed87} - J:\AUTORUN.EXE
Startup: C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
Startup: C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.sk/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7F1347AC83D8CE01
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 195.80.175.66 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Marian\AppData\Roaming\Mozilla\Firefox\Profiles\1obpx0uq.default
FF Homepage: https://www.google.sk/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

========================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1337752 2013-09-12] (ESET)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 MozillaMaintenance; 
S2 SDScannerService; 
S2 SDUpdateService; 

==================== Drivers (Whitelisted) ====================

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [122376 2013-09-17] (ESET)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R2 TBPanel; C:\Windows\System32\Drivers\TBPanel.sys [12256 2007-03-16] (Windows (R) 2000 DDK provider)
S3 esgiguard; No ImagePath
R4 MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-09 20:03 - 2013-12-09 20:04 - 00006099 _____ C:\Users\Marian\Desktop\FRST.txt
2013-12-09 20:03 - 2013-12-09 20:03 - 00000000 ____D C:\FRST
2013-12-09 20:01 - 2013-12-09 20:03 - 00112640 _____ (forum.viry.cz) C:\Users\Marian\Downloads\FRSTLauncher(2).exe
2013-12-09 20:00 - 2013-12-09 20:00 - 00112640 _____ (forum.viry.cz) C:\Users\Marian\Desktop\FRSTLauncher(1).exe
2013-12-09 19:58 - 2013-12-09 19:58 - 00000010 _____ C:\Windows\system32\BF1942.pid
2013-12-09 19:57 - 2013-12-09 19:58 - 00112640 _____ (forum.viry.cz) C:\Users\Marian\Downloads\FRSTLauncher.exe
2013-12-09 19:56 - 2013-12-09 19:58 - 01060641 _____ (Farbar) C:\Users\Marian\Desktop\FRST.exe
2013-12-09 19:55 - 2013-12-09 19:56 - 00112107 _____ (forum.viry.cz) C:\Users\Marian\Downloads\VerzeOS.exe
2013-12-08 21:03 - 2012-01-07 22:38 - 734986240 _____ C:\Users\Marian\Desktop\Ja,Padouch-CZ.avi
2013-12-08 11:47 - 2013-12-08 11:50 - 10284816 _____ (Malwarebytes Corporation                                    ) C:\Users\Marian\Downloads\mbam-setup.exe
2013-12-08 11:37 - 2013-12-08 11:37 - 00121923 _____ C:\Users\Marian\Downloads\bfcprt.zip
2013-12-08 11:34 - 2013-12-08 11:34 - 00000709 _____ C:\Users\Public\Desktop\Battlefield 1942.lnk
2013-12-08 11:16 - 2013-12-08 11:17 - 08028160 _____ C:\Users\Marian\Downloads\BF1942-crack.exe
2013-12-08 11:02 - 2013-12-08 11:02 - 00193582 _____ C:\Users\Marian\Downloads\1063425558.zip
2013-12-07 16:44 - 2013-12-08 11:34 - 00000532 _____ C:\Windows\eReg.dat
2013-11-28 19:37 - 2013-11-28 19:37 - 00000000 ____D C:\Windows\CSC
2013-11-28 19:37 - 2009-06-10 22:14 - 00053551 _____ C:\Windows\Professional.xml
2013-11-24 13:00 - 2013-11-24 13:00 - 00000969 _____ C:\Users\Marian\Desktop\TAXO-USB.lnk
2013-11-24 13:00 - 2013-11-24 13:00 - 00000000 ____D C:\Program Files\TAXO-USB
2013-11-24 12:57 - 2013-11-24 12:57 - 01595033 _____ (OBDtool.Org                                                 ) C:\Users\Marian\Downloads\TAXOusbSetUp301.exe
2013-11-24 12:38 - 2013-11-24 12:39 - 02098296 _____ (Feitian Technologies Co.,Ltd) C:\Users\Marian\Downloads\driverklucza.exe
2013-11-24 12:38 - 2013-11-24 12:38 - 01821192 _____ (Microsoft Corporation) C:\Users\Marian\Downloads\vcredist_x86.exe
2013-11-21 19:36 - 2013-11-21 19:36 - 00000571 _____ C:\Users\Marian\Desktop\speed2.lnk
2013-11-20 21:56 - 2013-11-20 21:56 - 02953096 _____ (ESET) C:\Windows\system32\%InstallDir%speclean.exe
2013-11-19 21:31 - 2013-11-19 21:33 - 00002562 _____ C:\Windows\diagwrn.xml
2013-11-19 21:31 - 2013-11-19 21:33 - 00001908 _____ C:\Windows\diagerr.xml
2013-11-19 19:59 - 2012-06-02 15:34 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-11-19 19:59 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2013-11-19 19:59 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2013-11-19 19:59 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2013-11-19 19:59 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2013-11-19 19:59 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2013-11-19 19:58 - 2012-07-26 04:39 - 00526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-11-19 19:58 - 2012-07-26 04:39 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-11-19 19:58 - 2012-07-26 03:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-11-19 19:57 - 2012-07-26 04:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-11-19 19:57 - 2012-07-26 04:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-11-19 19:57 - 2012-07-26 04:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-11-19 19:57 - 2012-07-26 04:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-11-19 19:57 - 2012-07-26 04:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-11-19 19:57 - 2012-07-26 03:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-11-19 19:57 - 2012-07-26 03:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-11-19 19:57 - 2012-06-02 15:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-11-19 16:55 - 2013-11-19 17:00 - 00004758 _____ C:\Windows\IE9_main.log
2013-11-19 16:52 - 2010-01-19 00:29 - 00369152 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2013-11-19 16:52 - 2010-01-19 00:29 - 00365568 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2013-11-19 16:52 - 2010-01-19 00:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2013-11-19 16:52 - 2010-01-19 00:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2013-11-19 16:52 - 2010-01-19 00:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2013-11-19 16:52 - 2010-01-19 00:28 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2013-11-19 16:52 - 2010-01-19 00:28 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2013-11-19 16:52 - 2010-01-19 00:28 - 00277504 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2013-11-19 15:11 - 2012-03-01 06:53 - 00019312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2013-11-19 15:11 - 2012-03-01 06:49 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-11-19 15:11 - 2012-03-01 06:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-11-19 15:11 - 2012-03-01 06:40 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2013-11-19 14:34 - 2013-11-19 14:34 - 00000886 _____ C:\Users\Marian\Downloads\exe_fix_w7.zip
2013-11-19 14:13 - 2013-11-19 14:13 - 00000707 _____ C:\Users\Marian\Desktop\F1 2012.lnk
2013-11-19 13:58 - 2013-11-19 14:01 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-11-19 13:58 - 2013-11-19 13:59 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-11-19 13:58 - 2013-11-19 13:58 - 00002123 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-11-19 13:58 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2013-11-19 13:52 - 2013-11-19 13:52 - 00001184 _____ C:\Users\Marian\Desktop\AML Free Registry Cleaner.lnk
2013-11-19 13:52 - 2013-11-19 13:52 - 00000000 ____D C:\Program Files\AML Products
2013-11-19 13:52 - 2002-06-06 16:13 - 01077344 _____ (Microsoft Corporation) C:\Windows\system32\mscomctl.ocx
2013-11-19 13:52 - 2002-01-05 11:37 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msvcr70.dll
2013-11-19 13:52 - 2002-01-05 06:48 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\mfc70.dll
2013-11-19 13:52 - 2002-01-05 05:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\system32\msvcp70.dll
2013-11-19 13:52 - 2000-05-22 16:58 - 00608448 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.ocx
2013-11-19 13:50 - 2013-11-19 13:51 - 02885600 _____ (AML SOFTWARE                                                ) C:\Users\Marian\Downloads\regcleaner.exe
2013-11-19 13:47 - 2013-11-19 13:57 - 46988968 _____ C:\Users\Marian\Downloads\spybot-2.2.exe
2013-11-19 13:38 - 2013-11-19 13:38 - 00001205 _____ C:\Users\Marian\Downloads\FixNCR.reg
2013-11-19 13:37 - 2013-11-19 13:37 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Marian\Downloads\rkill.com
2013-11-19 13:33 - 2013-11-19 13:33 - 00000000 _____ C:\Users\Marian\Downloads\Serial_Box_05.2013_downloader_sk_99519.exe
2013-11-19 12:36 - 2013-11-19 12:36 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-19 12:35 - 2013-11-19 13:45 - 00000000 ____D C:\Windows\220FB0354744483A9A0B41DF77061583.TMP
2013-11-19 12:35 - 2013-11-19 12:35 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-19 12:17 - 2013-11-19 12:17 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-19 12:17 - 2013-11-19 12:17 - 00000000 ____D C:\Users\Marian\AppData\Roaming\Malwarebytes
2013-11-19 12:17 - 2013-11-19 12:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-19 12:17 - 2013-11-19 12:17 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-19 12:17 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-19 12:14 - 2013-11-19 12:17 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Marian\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-19 12:11 - 2013-11-19 12:12 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Marian\Downloads\SpyHunter-Installer.exe
2013-11-18 20:35 - 2013-11-20 11:40 - 00000000 ____D C:\Users\Marian\Desktop\Untitled Export
2013-11-18 19:18 - 2013-12-09 16:07 - 00000000 ____D C:\Users\Marian\AppData\Local\NFS Underground 2
2013-11-18 19:17 - 2013-11-18 19:17 - 00000000 ____D C:\Users\Marian\Nový priečinok
2013-11-18 19:12 - 2013-11-18 19:12 - 00389495 _____ C:\Users\Marian\Downloads\msidcrl40.zip
2013-11-18 19:09 - 2013-11-18 19:10 - 05480084 _____ C:\Users\Marian\Downloads\xlive.dll.zip
2013-11-18 19:05 - 2013-11-18 19:06 - 04019525 _____ C:\Users\Marian\Downloads\Win-7-activator.zip
2013-11-18 19:01 - 2013-11-18 19:00 - 00171136 __RSH C:\grldr
2013-11-18 18:59 - 2013-11-18 18:59 - 03414223 _____ C:\Users\Marian\Downloads\Windows-7-Ultimate-Activator-[ALL-VERSIONS].rar
2013-11-18 18:10 - 2013-11-18 18:11 - 00000000 ____D C:\Program Files\BRS
2013-11-18 18:10 - 2013-11-18 18:10 - 00444952 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2013-11-18 18:10 - 2013-11-18 18:10 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2013-11-18 18:10 - 2013-11-18 18:10 - 00000000 ____D C:\Program Files\OpenAL
2013-11-18 18:10 - 2011-03-19 15:16 - 01417216 _____ (Blue Ripple Sound Limited) C:\Windows\system32\rapture3d_oal.dll
2013-11-18 18:10 - 2010-09-22 13:12 - 19087360 _____ (Intel Corporation / Blue Ripple Sound Limited) C:\Windows\system32\mkl_blueripple.dll
2013-11-18 18:10 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-11-18 18:10 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-11-18 18:10 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-11-18 18:10 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-11-18 18:10 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-11-18 18:10 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-11-18 18:10 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-11-18 17:59 - 2013-11-18 17:59 - 00000062 _____ C:\Users\Marian\Downloads\DiRT3-cd-key.txt
2013-11-18 15:36 - 2013-12-09 11:52 - 00003695 _____ C:\Windows\setupact.log
2013-11-18 15:36 - 2013-11-19 21:31 - 00000000 _____ C:\Windows\setuperr.log
2013-11-18 11:39 - 2013-11-18 20:39 - 00000000 ____D C:\Users\Marian\Documents\Adobe
2013-11-18 11:34 - 2013-11-18 11:34 - 00002055 _____ C:\Users\Public\Desktop\Lightroom 4.lnk
2013-11-17 19:18 - 2013-11-17 19:19 - 00000000 ____D C:\Users\Marian\Downloads\Adobe Photoshop Lightroom 4.0 Final Multilingual (keygen-CORE) [ChingLiu]
2013-11-17 19:16 - 2013-11-19 13:56 - 00000000 ____D C:\Users\Marian\AppData\Roaming\BitTorrent Sync
2013-11-17 19:16 - 2013-11-17 19:16 - 00000873 _____ C:\Users\Public\Desktop\µTorrent.lnk
2013-11-17 19:15 - 2013-11-19 13:56 - 00000000 ____D C:\Users\Marian\AppData\Roaming\uTorrent
2013-11-17 15:24 - 2013-11-19 13:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-17 15:02 - 2013-12-01 18:05 - 00000000 ____D C:\Users\Marian\Desktop\svadba foto
2013-11-15 13:09 - 2013-11-15 13:21 - 00000000 ____D C:\Program Files\MP3Gain
2013-11-15 13:09 - 2013-11-15 13:09 - 00000000 ____D C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2013-11-13 13:37 - 2013-11-13 13:37 - 00000000 ____D C:\Users\Marian\Documents\Xilisoft Corporation
2013-11-13 13:33 - 2013-11-13 13:33 - 00002087 _____ C:\Users\Marian\Desktop\Xilisoft Video Converter Ultimate.lnk
2013-11-13 13:33 - 2013-11-13 13:33 - 00000000 ____D C:\Program Files\Xilisoft
2013-11-13 11:49 - 2013-12-08 20:33 - 00011260 _____ C:\Windows\PFRO.log
2013-11-12 21:16 - 2013-11-12 21:16 - 00001251 _____ C:\Users\Public\Desktop\YTD Video Downloader.lnk
2013-11-12 21:16 - 2013-11-12 21:16 - 00000000 ____D C:\ProgramData\YTD Video Downloader
2013-11-12 21:16 - 2013-11-12 21:16 - 00000000 ____D C:\Program Files\GreenTree Applications
2013-11-12 21:16 - 2013-11-12 21:16 - 00000000 _____ C:\Users\Marian\Documents\winziprosetup.exe
2013-11-12 21:16 - 2013-10-04 22:50 - 00509872 _____ (Ask Partner Network) C:\Users\Marian\Documents\APNSetup.exe
2013-11-11 20:47 - 2013-11-11 20:50 - 00000000 ____D C:\Program Files\MagicDisc
2013-11-11 20:47 - 2013-11-11 20:47 - 00000000 ____D C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc
2013-11-11 20:47 - 2009-02-24 18:42 - 00116736 _____ (MagicISO, Inc.) C:\Windows\system32\Drivers\mcdbus.sys

==================== One Month Modified Files and Folders =======

2013-12-09 20:04 - 2013-12-09 20:03 - 00006099 _____ C:\Users\Marian\Desktop\FRST.txt
2013-12-09 20:03 - 2013-12-09 20:03 - 00000000 ____D C:\FRST
2013-12-09 20:03 - 2013-12-09 20:01 - 00112640 _____ (forum.viry.cz) C:\Users\Marian\Downloads\FRSTLauncher(2).exe
2013-12-09 20:00 - 2013-12-09 20:00 - 00112640 _____ (forum.viry.cz) C:\Users\Marian\Desktop\FRSTLauncher(1).exe
2013-12-09 19:58 - 2013-12-09 19:58 - 00000010 _____ C:\Windows\system32\BF1942.pid
2013-12-09 19:58 - 2013-12-09 19:57 - 00112640 _____ (forum.viry.cz) C:\Users\Marian\Downloads\FRSTLauncher.exe
2013-12-09 19:58 - 2013-12-09 19:56 - 01060641 _____ (Farbar) C:\Users\Marian\Desktop\FRST.exe
2013-12-09 19:56 - 2013-12-09 19:55 - 00112107 _____ (forum.viry.cz) C:\Users\Marian\Downloads\VerzeOS.exe
2013-12-09 19:53 - 2009-07-14 05:34 - 00023632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-09 19:53 - 2009-07-14 05:34 - 00023632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-09 19:33 - 2013-11-01 21:37 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-09 16:07 - 2013-11-18 19:18 - 00000000 ____D C:\Users\Marian\AppData\Local\NFS Underground 2
2013-12-09 11:58 - 2013-11-01 21:06 - 00713888 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-09 11:54 - 2013-11-01 07:57 - 01630429 _____ C:\Windows\WindowsUpdate.log
2013-12-09 11:52 - 2013-11-18 15:36 - 00003695 _____ C:\Windows\setupact.log
2013-12-09 11:52 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-08 20:33 - 2013-11-13 11:49 - 00011260 _____ C:\Windows\PFRO.log
2013-12-08 11:50 - 2013-12-08 11:47 - 10284816 _____ (Malwarebytes Corporation                                    ) C:\Users\Marian\Downloads\mbam-setup.exe
2013-12-08 11:37 - 2013-12-08 11:37 - 00121923 _____ C:\Users\Marian\Downloads\bfcprt.zip
2013-12-08 11:34 - 2013-12-08 11:34 - 00000709 _____ C:\Users\Public\Desktop\Battlefield 1942.lnk
2013-12-08 11:34 - 2013-12-07 16:44 - 00000532 _____ C:\Windows\eReg.dat
2013-12-08 11:32 - 2013-11-01 21:11 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-08 11:17 - 2013-12-08 11:16 - 08028160 _____ C:\Users\Marian\Downloads\BF1942-crack.exe
2013-12-08 11:02 - 2013-12-08 11:02 - 00193582 _____ C:\Users\Marian\Downloads\1063425558.zip
2013-12-07 19:40 - 2013-11-03 16:28 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-07 16:44 - 2013-11-05 21:08 - 00000000 ____D C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-12-04 16:25 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-01 18:05 - 2013-11-17 15:02 - 00000000 ____D C:\Users\Marian\Desktop\svadba foto
2013-11-28 20:09 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-11-28 19:37 - 2013-11-28 19:37 - 00000000 ____D C:\Windows\CSC
2013-11-28 19:37 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\system32\restore
2013-11-28 19:37 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sk-SK
2013-11-28 19:37 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\security
2013-11-24 13:00 - 2013-11-24 13:00 - 00000969 _____ C:\Users\Marian\Desktop\TAXO-USB.lnk
2013-11-24 13:00 - 2013-11-24 13:00 - 00000000 ____D C:\Program Files\TAXO-USB
2013-11-24 12:57 - 2013-11-24 12:57 - 01595033 _____ (OBDtool.Org                                                 ) C:\Users\Marian\Downloads\TAXOusbSetUp301.exe
2013-11-24 12:39 - 2013-11-24 12:38 - 02098296 _____ (Feitian Technologies Co.,Ltd) C:\Users\Marian\Downloads\driverklucza.exe
2013-11-24 12:38 - 2013-11-24 12:38 - 01821192 _____ (Microsoft Corporation) C:\Users\Marian\Downloads\vcredist_x86.exe
2013-11-21 19:36 - 2013-11-21 19:36 - 00000571 _____ C:\Users\Marian\Desktop\speed2.lnk
2013-11-20 21:56 - 2013-11-20 21:56 - 02953096 _____ (ESET) C:\Windows\system32\%InstallDir%speclean.exe
2013-11-20 11:40 - 2013-11-18 20:35 - 00000000 ____D C:\Users\Marian\Desktop\Untitled Export
2013-11-19 21:33 - 2013-11-19 21:31 - 00002562 _____ C:\Windows\diagwrn.xml
2013-11-19 21:33 - 2013-11-19 21:31 - 00001908 _____ C:\Windows\diagerr.xml
2013-11-19 21:31 - 2013-11-18 15:36 - 00000000 _____ C:\Windows\setuperr.log
2013-11-19 17:00 - 2013-11-19 16:55 - 00004758 _____ C:\Windows\IE9_main.log
2013-11-19 14:34 - 2013-11-19 14:34 - 00000886 _____ C:\Users\Marian\Downloads\exe_fix_w7.zip
2013-11-19 14:13 - 2013-11-19 14:13 - 00000707 _____ C:\Users\Marian\Desktop\F1 2012.lnk
2013-11-19 14:01 - 2013-11-19 13:58 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-11-19 13:59 - 2013-11-19 13:58 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-11-19 13:58 - 2013-11-19 13:58 - 00002123 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-11-19 13:57 - 2013-11-19 13:47 - 46988968 _____ C:\Users\Marian\Downloads\spybot-2.2.exe
2013-11-19 13:56 - 2013-11-17 19:16 - 00000000 ____D C:\Users\Marian\AppData\Roaming\BitTorrent Sync
2013-11-19 13:56 - 2013-11-17 19:15 - 00000000 ____D C:\Users\Marian\AppData\Roaming\uTorrent
2013-11-19 13:56 - 2013-11-17 15:24 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-19 13:52 - 2013-11-19 13:52 - 00001184 _____ C:\Users\Marian\Desktop\AML Free Registry Cleaner.lnk
2013-11-19 13:52 - 2013-11-19 13:52 - 00000000 ____D C:\Program Files\AML Products
2013-11-19 13:51 - 2013-11-19 13:50 - 02885600 _____ (AML SOFTWARE                                                ) C:\Users\Marian\Downloads\regcleaner.exe
2013-11-19 13:45 - 2013-11-19 12:35 - 00000000 ____D C:\Windows\220FB0354744483A9A0B41DF77061583.TMP
2013-11-19 13:38 - 2013-11-19 13:38 - 00001205 _____ C:\Users\Marian\Downloads\FixNCR.reg
2013-11-19 13:37 - 2013-11-19 13:37 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Marian\Downloads\rkill.com
2013-11-19 13:33 - 2013-11-19 13:33 - 00000000 _____ C:\Users\Marian\Downloads\Serial_Box_05.2013_downloader_sk_99519.exe
2013-11-19 12:36 - 2013-11-19 12:36 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-19 12:35 - 2013-11-19 12:35 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-19 12:17 - 2013-11-19 12:17 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-19 12:17 - 2013-11-19 12:17 - 00000000 ____D C:\Users\Marian\AppData\Roaming\Malwarebytes
2013-11-19 12:17 - 2013-11-19 12:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-19 12:17 - 2013-11-19 12:17 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-19 12:17 - 2013-11-19 12:14 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Marian\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-19 12:12 - 2013-11-19 12:11 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Marian\Downloads\SpyHunter-Installer.exe
2013-11-18 20:39 - 2013-11-18 11:39 - 00000000 ____D C:\Users\Marian\Documents\Adobe
2013-11-18 20:39 - 2013-11-01 21:37 - 00000000 ____D C:\Users\Marian\AppData\Roaming\Adobe
2013-11-18 19:17 - 2013-11-18 19:17 - 00000000 ____D C:\Users\Marian\Nový priečinok
2013-11-18 19:17 - 2013-11-01 08:02 - 00000000 ____D C:\Users\Marian
2013-11-18 19:12 - 2013-11-18 19:12 - 00389495 _____ C:\Users\Marian\Downloads\msidcrl40.zip
2013-11-18 19:10 - 2013-11-18 19:09 - 05480084 _____ C:\Users\Marian\Downloads\xlive.dll.zip
2013-11-18 19:06 - 2013-11-18 19:05 - 04019525 _____ C:\Users\Marian\Downloads\Win-7-activator.zip
2013-11-18 19:00 - 2013-11-18 19:01 - 00171136 __RSH C:\grldr
2013-11-18 18:59 - 2013-11-18 18:59 - 03414223 _____ C:\Users\Marian\Downloads\Windows-7-Ultimate-Activator-[ALL-VERSIONS].rar
2013-11-18 18:11 - 2013-11-18 18:10 - 00000000 ____D C:\Program Files\BRS
2013-11-18 18:11 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-11-18 18:10 - 2013-11-18 18:10 - 00444952 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2013-11-18 18:10 - 2013-11-18 18:10 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2013-11-18 18:10 - 2013-11-18 18:10 - 00000000 ____D C:\Program Files\OpenAL
2013-11-18 17:59 - 2013-11-18 17:59 - 00000062 _____ C:\Users\Marian\Downloads\DiRT3-cd-key.txt
2013-11-18 11:39 - 2013-11-01 21:33 - 00000000 ____D C:\Users\Marian\AppData\Local\Adobe
2013-11-18 11:34 - 2013-11-18 11:34 - 00002055 _____ C:\Users\Public\Desktop\Lightroom 4.lnk
2013-11-18 11:34 - 2013-11-03 17:29 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-11-18 11:34 - 2013-11-03 16:59 - 00000000 ____D C:\ProgramData\Adobe
2013-11-18 11:32 - 2013-11-03 17:29 - 00000000 ____D C:\Program Files\Adobe
2013-11-18 11:24 - 2013-11-06 21:38 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-17 19:19 - 2013-11-17 19:18 - 00000000 ____D C:\Users\Marian\Downloads\Adobe Photoshop Lightroom 4.0 Final Multilingual (keygen-CORE) [ChingLiu]
2013-11-17 19:16 - 2013-11-17 19:16 - 00000873 _____ C:\Users\Public\Desktop\µTorrent.lnk
2013-11-15 13:21 - 2013-11-15 13:09 - 00000000 ____D C:\Program Files\MP3Gain
2013-11-15 13:09 - 2013-11-15 13:09 - 00000000 ____D C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2013-11-13 13:37 - 2013-11-13 13:37 - 00000000 ____D C:\Users\Marian\Documents\Xilisoft Corporation
2013-11-13 13:33 - 2013-11-13 13:33 - 00002087 _____ C:\Users\Marian\Desktop\Xilisoft Video Converter Ultimate.lnk
2013-11-13 13:33 - 2013-11-13 13:33 - 00000000 ____D C:\Program Files\Xilisoft
2013-11-12 21:16 - 2013-11-12 21:16 - 00001251 _____ C:\Users\Public\Desktop\YTD Video Downloader.lnk
2013-11-12 21:16 - 2013-11-12 21:16 - 00000000 ____D C:\ProgramData\YTD Video Downloader
2013-11-12 21:16 - 2013-11-12 21:16 - 00000000 ____D C:\Program Files\GreenTree Applications
2013-11-12 21:16 - 2013-11-12 21:16 - 00000000 _____ C:\Users\Marian\Documents\winziprosetup.exe
2013-11-11 20:50 - 2013-11-11 20:47 - 00000000 ____D C:\Program Files\MagicDisc
2013-11-11 20:47 - 2013-11-11 20:47 - 00000000 ____D C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc
2013-11-10 17:08 - 2013-11-03 13:39 - 00061736 _____ C:\Users\Marian\AppData\Local\GDIPFONTCACHEV1.DAT

Some content of TEMP:
====================
C:\Users\Marian\AppData\Local\Temp\v4.0.2.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Marian\Desktop" je 5491 MB.
 
 
***** Startup Programs *****
 
 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    DisableNotifications    REG_DWORD    0x0
    EnableFirewall    REG_DWORD    0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    DisableNotifications    REG_DWORD    0x0
    EnableFirewall    REG_DWORD    0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================
