C:\Program Files (x86)\Google\Desktop\Install\{44587a02-9060-877c-53df-78540b54659f}\slozka která nemá nazev\ slozka která nemá nazev\...
Mám windows7 a trapí mě viry malware a trojsky koně. Avastem sem zkontroloval celej počítač a smazal 80 nakazenych složek nic jineho nešlo.
Zas se mě pochvili objevila tabulka avast zablokoval 4 útoky znova sem proveřil celej počítač a zas tam byli viry.
Odpojil sem počítač od internetu a po skontrolování avastem smazal něřády, tentokrát už natrvalo a kdyz sem použil avast aby to skontroloval při spuštění počítače tak to nic nenašlo.
Vše je v pořádku, problém nastane, když připojím internet ,to se mě svinstvo zas natáhne do PC.
Složka Google je zavirovaná kliknu na prověřit avastem a smazu neřády ale zas se tam po chvili objevi kdyz se do te složky podívám je v ní několik prázdných složek.
Google nejde odstranit přejmenovat ani přesunout. když dám odstranit tak mě to napíše průzkumnik Windows přestal pracovat, blikne mě monitor zatutá pc a jsem zpátky na ploše.
Když chci otevřít nebo smazat složku: ... odkazuje na umístění které už není k dyspozici umistení může byt na pevném dysku počítače nebo v síti ujistěte se že je disk řádne vložen a ze jste připojeni k internetu nebo k siti a akci opakujte pokud stale nelze umisteni najit je možné že bylo přesunuto jinám
Na internetu sem našel že avanger je dobrej na mazání složek které nejdou odstranit ale nevím jak ho použít co přesně tam mám napsat.
Každou minutu me tuta avast a oznamuje že zablokoval útoky a mě to tutání a tabulky už lezou na nervy !
Také sem našel že avenger není pro 64 bitoví windows tak že mě to nemusí jít kvuli tomu.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Odstranení složky
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odstranení složky
Naposledy upravil(a) Mc_Murphy dne 09 zář 2013 14:56, celkem upraveno 1 x.
Důvod: Nahoře je takový óóóbrovský oranžový obdélník. Tak co kdyby sis jej přečetl společně s pravidly fóra o (ne)používání utilit bez doporučení Rádce?!
Důvod: Nahoře je takový óóóbrovský oranžový obdélník. Tak co kdyby sis jej přečetl společně s pravidly fóra o (ne)používání utilit bez doporučení Rádce?!
Re: Odstranení složky
Zdravim 
Jak psal kolega Murphy do editu, nepouzivejte utility jake si zamanete, jednak vetsina z nich funguje jen po zadani specifickych prikazu a jednak je potreba s nimi umet zachazet
Navic tam tusim pekny bordel 
Dejte log z FRSTL http://forum.viry.cz/viewtopic.php?f=24&t=132509
Jak psal kolega Murphy do editu, nepouzivejte utility jake si zamanete, jednak vetsina z nich funguje jen po zadani specifickych prikazu a jednak je potreba s nimi umet zachazet Navic tam tusim pekny bordel Dejte log z FRSTL http://forum.viry.cz/viewtopic.php?f=24&t=132509"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Odstranení složky
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-09-2013
Ran by admin (administrator) on ADMIN-PC on 09-09-2013 18:18:33
Running from C:\Users\admin\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
() C:\Users\admin\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\admin\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [Advanced SystemCare 6] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [490880 2012-09-24] (IObit)
HKCU\...\Run: [faacaaadffdcc] - C:\ProgramData\faacaaadffdcc.exe [406016 2013-09-09] ()
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Users\admin\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Users\admin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [Google Update*] - <===== ATTENTION (ZeroAccess rootkit hidden path)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Printsrv] - c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs [x]
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] - "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12902
SearchScopes: HKCU - {07CCD0B8-FF37-45C5-9EAA-D024358D0B40} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12902
SearchScopes: HKCU - {1448D276-ED24-45C2-955C-8C6BAEAE1A15} URL = http://search.seznam.cz/?q={searchTerms ... arch_12902
SearchScopes: HKCU - {22348CD5-F1DC-4671-9BB1-D533C390B655} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12902
SearchScopes: HKCU - {512BEB22-B6DC-445E-8A9D-E586E12DBB07} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12902
SearchScopes: HKCU - {99F8CA23-5051-4F54-8BD6-71A3DBCF4B5D} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12902
SearchScopes: HKCU - {A6AFCF0A-5070-46E3-8315-9E8D4C9590F1} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12902
SearchScopes: HKCU - {CEADCF0D-6D47-4236-AEC4-99F0F9223018} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12902
SearchScopes: HKCU - {E9147808-49E9-457F-B70C-C00C3726FD18} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12902
SearchScopes: HKCU - {ECCECFE6-1417-43D1-B793-7F6D728CE266} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12902
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 02 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 03 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 04 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 05 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 06 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 07 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 08 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 09 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 10 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9-x64 01 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 02 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 03 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 04 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 05 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 06 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 07 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 08 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 09 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 10 mswsock.dll File Not found (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\jlukaeka.default
FF user.js: detected! => C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\jlukaeka.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @IObit.com/np_Asc_Plugin - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\jlukaeka.default\Extensions\ascsurfingprotection@iobit.com
FF Extension: KMPlayer Toolbar - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\jlukaeka.default\Extensions\toolbar@ask.com
FF Extension: Seznam lištička - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\jlukaeka.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
==================== Services (Whitelisted) =================
R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2322560 2013-07-16] (PS Media s.r.o.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{44587a02-9060-877c-53df-78540b54659f}\ \...\???\{44587a02-9060-877c-53df-78540b54659f}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
S3 gdrv; No ImagePath
S0 qsngd; system32\drivers\ijrlkh.sys [x]
S0 sixh; system32\drivers\gdpkee.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S0 zyhe; system32\drivers\hxfgeids.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-09 18:17 - 2013-09-09 18:17 - 00000000 ____D C:\FRST
2013-09-09 18:17 - 2013-09-08 23:29 - 01948948 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2013-09-09 14:45 - 2013-09-09 14:45 - 00061440 _____ C:\Windows\SysWOW64\Drivers\gdpkee.sys
2013-09-09 14:45 - 2013-09-09 14:45 - 00000574 _____ C:\trzF930.tmp
2013-09-09 14:45 - 2013-09-09 14:45 - 00000062 _____ C:\ymut.txt
2013-09-09 14:40 - 2013-09-09 14:40 - 00061440 _____ C:\Windows\SysWOW64\Drivers\hxfgeids.sys
2013-09-09 14:40 - 2013-09-09 14:40 - 00000574 _____ C:\trz611B.tmp
2013-09-09 14:40 - 2013-09-09 14:40 - 00000058 _____ C:\Program Files (x86)\dwysfct.txt
2013-09-09 14:33 - 2013-09-09 14:45 - 00135168 _____ C:\zip.exe
2013-09-09 14:33 - 2013-09-09 14:45 - 00019286 _____ C:\cleanup.exe
2013-09-09 14:33 - 2013-09-09 14:33 - 00061440 _____ C:\Windows\SysWOW64\Drivers\ijrlkh.sys
2013-09-09 14:33 - 2013-09-09 14:33 - 00000574 _____ C:\trz7621.tmp
2013-09-09 14:33 - 2013-09-09 14:33 - 00000082 _____ C:\Program Files (x86)\ilkmc.txt
2013-09-09 14:32 - 2013-09-09 14:32 - 00000712 _____ C:\avenger.txt
2013-09-09 14:26 - 2013-09-09 14:26 - 00731136 _____ C:\Users\admin\Desktop\avenger.exe
2013-09-09 14:16 - 2013-09-09 14:16 - 16822256 _____ C:\Users\admin\Desktop\Mobogenie_Setup_2.1.15_5.exe
2013-09-09 13:59 - 2013-09-09 18:11 - 00000448 _____ C:\Windows\setupact.log
2013-09-09 13:59 - 2013-09-09 13:59 - 00010104 _____ C:\Windows\PFRO.log
2013-09-09 13:59 - 2013-09-09 13:59 - 00000000 _____ C:\Windows\setuperr.log
2013-09-09 11:11 - 2013-09-09 12:53 - 216305990 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part07.rar
2013-09-09 10:03 - 2013-09-09 10:59 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part06.rar
2013-09-08 21:30 - 2013-09-08 21:42 - 204007424 _____ C:\Users\admin\Desktop\[K&I]-Hiiro-no-Kakera-01-CZ.avi
2013-09-08 17:41 - 2013-09-08 17:41 - 00000000 ____D C:\Users\admin\AppData\Local\Google
2013-09-08 17:41 - 2013-09-08 17:41 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-08 17:35 - 2013-09-08 18:31 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part05.rar
2013-09-08 16:06 - 2013-09-08 17:02 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part04.rar
2013-09-08 13:23 - 2013-09-08 15:56 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part03.rar
2013-09-08 12:13 - 2013-09-08 12:13 - 00000000 ____D C:\Users\admin\Documents\Fax
2013-09-08 10:49 - 2013-09-08 11:45 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part02.rar
2013-09-07 20:39 - 2013-09-07 20:39 - 00001396 _____ C:\Users\admin\Desktop\sweaw – zástupce.lnk
2013-09-07 20:38 - 2013-09-08 03:33 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter Nights 2 Platinum CZ.part01.rar
2013-09-07 13:24 - 2013-09-07 13:24 - 00003182 _____ C:\Windows\System32\Tasks\{FAA15AAD-968A-4717-AC22-184DDFFFA405}
2013-09-07 13:15 - 2013-09-07 13:15 - 03153494 _____ C:\Users\admin\Desktop\sw_eaw_cz_eng.zip
2013-09-07 13:15 - 2006-08-12 19:18 - 00000000 ____D C:\Users\admin\Desktop\ENG
2013-09-07 13:11 - 2013-09-07 13:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Petroglyph
2013-09-07 13:08 - 2013-09-07 13:08 - 00000000 ____D C:\star wars
2013-09-07 11:34 - 2013-09-07 11:39 - 35266560 _____ C:\Users\admin\Desktop\Morrowind.zip
2013-09-07 11:26 - 2013-09-07 13:07 - 1801393513 _____ C:\Users\admin\Desktop\Star-Wars-Empire-at-War.rar
2013-09-06 20:12 - 2013-09-06 20:12 - 00000000 ____D C:\Users\admin\Documents\SavedGames
2013-09-06 20:12 - 2013-09-06 20:12 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2013-09-06 20:11 - 2013-09-06 20:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Solar 2
2013-09-06 20:11 - 2013-09-06 20:11 - 00000000 ____D C:\Program Files (x86)\Solar 2
2013-09-06 20:10 - 2013-09-06 20:13 - 00000000 ____D C:\Users\admin\Desktop\Nová složka
2013-09-06 10:17 - 2013-09-06 10:18 - 00000000 ____D C:\Windows\system32\MRT
2013-09-06 09:15 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-09-06 09:15 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-09-06 09:06 - 2013-09-06 09:06 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-06 09:06 - 2013-09-06 09:06 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-06 09:06 - 2013-09-06 09:06 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-06 09:06 - 2013-09-06 09:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-06 09:06 - 2013-09-06 09:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-06 09:06 - 2013-09-06 09:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-09-06 09:05 - 2013-09-06 09:05 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-06 09:04 - 2013-09-06 09:04 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-09-06 09:03 - 2013-09-06 09:03 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-09-06 09:01 - 2013-09-06 09:01 - 67940352 _____ C:\Windows\system32\config\SOFTWARE.iobit
2013-09-06 09:01 - 2013-09-06 09:01 - 14868480 _____ C:\Windows\system32\config\SYSTEM.iobit
2013-09-06 09:01 - 2013-09-06 09:01 - 00323584 _____ C:\Windows\system32\config\DEFAULT.iobit
2013-09-06 09:01 - 2013-09-06 09:01 - 00032768 _____ C:\Windows\system32\config\SAM.iobit
2013-09-06 09:01 - 2013-09-06 09:01 - 00028672 _____ C:\Windows\system32\config\SECURITY.iobit
2013-09-05 18:25 - 2013-09-05 18:25 - 00000000 ____D C:\sr2
2013-09-05 18:10 - 2013-09-05 18:10 - 00001313 _____ C:\Users\admin\Desktop\Space Rangers 2 - Reboot.lnk
2013-09-05 14:01 - 2013-09-05 18:10 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1C Company
2013-09-05 13:55 - 2013-09-05 18:09 - 00000000 ____D C:\Program Files (x86)\1C Company
2013-09-05 13:55 - 2008-09-10 18:19 - 02070016 _____ C:\Windows\setup_rangers_2.exe
2013-09-02 11:55 - 2013-09-02 11:55 - 00001075 _____ C:\Users\admin\Desktop\KMPlayer.lnk
2013-08-30 22:33 - 2013-08-30 22:33 - 00000000 ____D C:\Users\admin\AppData\Roaming\Fatshark
2013-08-30 20:42 - 2013-08-30 20:42 - 00000221 _____ C:\Users\admin\Desktop\War of the Roses.url
2013-08-30 20:42 - 2013-08-30 20:42 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-08-30 20:24 - 2013-09-09 18:11 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-30 20:24 - 2013-08-30 20:24 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-08-30 15:41 - 2013-09-06 18:36 - 00000000 ____D C:\Users\admin\Desktop\Minecraft-----Feed-The-Beast-Warez-Luncher
2013-08-29 14:21 - 2013-08-29 14:21 - 00000000 ____D C:\Users\admin\AppData\Roaming\.minecraft
2013-08-27 14:51 - 2013-08-27 14:51 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\kostickov.eu
2013-08-25 23:16 - 2013-08-25 23:16 - 00000000 ____D C:\Users\admin\AppData\Roaming\andro
2013-08-25 23:15 - 2013-08-25 23:15 - 00000000 ____D C:\Program Files (x86)\XS-Software
2013-08-25 23:14 - 2013-08-25 23:14 - 00000000 ____D C:\Users\admin\AppData\Local\Downloaded Installations
2013-08-22 10:05 - 2013-08-22 10:06 - 00000000 ____D C:\Users\admin\AppData\Local\Ubisoft Game Launcher
2013-08-22 09:56 - 2013-08-22 09:58 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-08-14 17:58 - 2013-08-14 17:58 - 00000000 ____D C:\Scenario
2013-08-13 23:24 - 2013-08-13 23:24 - 00001000 _____ C:\Users\UpdatusUser\Desktop\GameSpy Arcade.lnk
2013-08-13 23:24 - 2013-08-13 23:24 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2013-08-13 23:24 - 2013-08-13 23:24 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft Games
2013-08-13 23:24 - 2013-08-13 23:24 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade
2013-08-13 23:23 - 2013-08-13 23:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2013-08-13 13:18 - 2013-08-13 13:18 - 00032135 _____ C:\Users\admin\Documents\Macross-Zero - 3 [e24266].ass
==================== One Month Modified Files and Folders =======
2013-09-09 18:18 - 2009-07-14 06:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-09 18:18 - 2009-07-14 06:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-09 18:17 - 2013-09-09 18:17 - 00000000 ____D C:\Users\admin\AppData\Local\qb063439.86
2013-09-09 18:17 - 2013-09-09 18:17 - 00000000 ____D C:\FRST
2013-09-09 18:11 - 2013-09-09 13:59 - 00000448 _____ C:\Windows\setupact.log
2013-09-09 18:11 - 2013-08-30 20:24 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-09 18:11 - 2013-07-12 17:09 - 00000000 _____ C:\Windows\SysWOW64\sinstall.log
2013-09-09 18:11 - 2013-04-10 23:32 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-09 18:11 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-09 14:45 - 2013-09-09 14:45 - 00061440 _____ C:\Windows\SysWOW64\Drivers\gdpkee.sys
2013-09-09 14:45 - 2013-09-09 14:45 - 00000574 _____ C:\trzF930.tmp
2013-09-09 14:45 - 2013-09-09 14:45 - 00000062 _____ C:\ymut.txt
2013-09-09 14:45 - 2013-09-09 14:33 - 00135168 _____ C:\zip.exe
2013-09-09 14:45 - 2013-09-09 14:33 - 00019286 _____ C:\cleanup.exe
2013-09-09 14:42 - 2013-05-09 11:40 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-09 14:41 - 2013-04-10 23:49 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-09 14:40 - 2013-09-09 14:40 - 00061440 _____ C:\Windows\SysWOW64\Drivers\hxfgeids.sys
2013-09-09 14:40 - 2013-09-09 14:40 - 00000574 _____ C:\trz611B.tmp
2013-09-09 14:40 - 2013-09-09 14:40 - 00000058 _____ C:\Program Files (x86)\dwysfct.txt
2013-09-09 14:33 - 2013-09-09 14:33 - 00061440 _____ C:\Windows\SysWOW64\Drivers\ijrlkh.sys
2013-09-09 14:33 - 2013-09-09 14:33 - 00000574 _____ C:\trz7621.tmp
2013-09-09 14:33 - 2013-09-09 14:33 - 00000082 _____ C:\Program Files (x86)\ilkmc.txt
2013-09-09 14:32 - 2013-09-09 14:32 - 00000712 _____ C:\avenger.txt
2013-09-09 14:26 - 2013-09-09 14:26 - 00731136 _____ C:\Users\admin\Desktop\avenger.exe
2013-09-09 14:16 - 2013-09-09 14:16 - 16822256 _____ C:\Users\admin\Desktop\Mobogenie_Setup_2.1.15_5.exe
2013-09-09 14:03 - 2013-07-11 09:29 - 00010240 _____ (Microsoft Corporation) C:\ProgramData\libnspr4.dll
2013-09-09 14:03 - 2013-07-10 10:10 - 00406016 _____ C:\ProgramData\faacaaadffdcc.exe
2013-09-09 13:59 - 2013-09-09 13:59 - 00010104 _____ C:\Windows\PFRO.log
2013-09-09 13:59 - 2013-09-09 13:59 - 00000000 _____ C:\Windows\setuperr.log
2013-09-09 12:53 - 2013-09-09 11:11 - 216305990 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part07.rar
2013-09-09 11:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-09 10:59 - 2013-09-09 10:03 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part06.rar
2013-09-08 23:29 - 2013-09-09 18:17 - 01948948 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2013-09-08 21:42 - 2013-09-08 21:30 - 204007424 _____ C:\Users\admin\Desktop\[K&I]-Hiiro-no-Kakera-01-CZ.avi
2013-09-08 18:31 - 2013-09-08 17:35 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part05.rar
2013-09-08 17:42 - 2013-04-10 23:15 - 01090093 _____ C:\Windows\WindowsUpdate.log
2013-09-08 17:41 - 2013-09-08 17:41 - 00000000 ____D C:\Users\admin\AppData\Local\Google
2013-09-08 17:41 - 2013-09-08 17:41 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-08 17:02 - 2013-09-08 16:06 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part04.rar
2013-09-08 15:56 - 2013-09-08 13:23 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part03.rar
2013-09-08 12:13 - 2013-09-08 12:13 - 00000000 ____D C:\Users\admin\Documents\Fax
2013-09-08 11:45 - 2013-09-08 10:49 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part02.rar
2013-09-08 03:33 - 2013-09-07 20:38 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter Nights 2 Platinum CZ.part01.rar
2013-09-07 20:39 - 2013-09-07 20:39 - 00001396 _____ C:\Users\admin\Desktop\sweaw – zástupce.lnk
2013-09-07 13:24 - 2013-09-07 13:24 - 00003182 _____ C:\Windows\System32\Tasks\{FAA15AAD-968A-4717-AC22-184DDFFFA405}
2013-09-07 13:15 - 2013-09-07 13:15 - 03153494 _____ C:\Users\admin\Desktop\sw_eaw_cz_eng.zip
2013-09-07 13:11 - 2013-09-07 13:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Petroglyph
2013-09-07 13:10 - 2013-04-14 01:31 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-07 13:10 - 2009-07-14 17:36 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-09-07 13:08 - 2013-09-07 13:08 - 00000000 ____D C:\star wars
2013-09-07 13:07 - 2013-09-07 11:26 - 1801393513 _____ C:\Users\admin\Desktop\Star-Wars-Empire-at-War.rar
2013-09-07 11:39 - 2013-09-07 11:34 - 35266560 _____ C:\Users\admin\Desktop\Morrowind.zip
2013-09-06 20:13 - 2013-09-06 20:10 - 00000000 ____D C:\Users\admin\Desktop\Nová složka
2013-09-06 20:12 - 2013-09-06 20:12 - 00000000 ____D C:\Users\admin\Documents\SavedGames
2013-09-06 20:12 - 2013-09-06 20:12 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2013-09-06 20:11 - 2013-09-06 20:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Solar 2
2013-09-06 20:11 - 2013-09-06 20:11 - 00000000 ____D C:\Program Files (x86)\Solar 2
2013-09-06 18:36 - 2013-08-30 15:41 - 00000000 ____D C:\Users\admin\Desktop\Minecraft-----Feed-The-Beast-Warez-Luncher
2013-09-06 14:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-06 14:19 - 2013-04-10 19:44 - 00000000 ____D C:\Users\admin\Desktop\Plocha
2013-09-06 11:48 - 2013-04-11 00:05 - 00000000 ____D C:\Windows\Panther
2013-09-06 10:19 - 2009-07-14 17:18 - 00666406 _____ C:\Windows\system32\perfh005.dat
2013-09-06 10:19 - 2009-07-14 17:18 - 00140102 _____ C:\Windows\system32\perfc005.dat
2013-09-06 10:19 - 2009-07-14 07:13 - 01596972 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-06 10:18 - 2013-09-06 10:17 - 00000000 ____D C:\Windows\system32\MRT
2013-09-06 09:13 - 2013-04-10 23:55 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-06 09:06 - 2013-09-06 09:06 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-06 09:06 - 2013-09-06 09:06 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-06 09:06 - 2013-09-06 09:06 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-06 09:06 - 2013-09-06 09:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-06 09:06 - 2013-09-06 09:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-06 09:06 - 2013-09-06 09:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-09-06 09:05 - 2013-09-06 09:05 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-06 09:04 - 2013-09-06 09:04 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-09-06 09:03 - 2013-09-06 09:03 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-09-06 09:01 - 2013-09-06 09:01 - 67940352 _____ C:\Windows\system32\config\SOFTWARE.iobit
2013-09-06 09:01 - 2013-09-06 09:01 - 14868480 _____ C:\Windows\system32\config\SYSTEM.iobit
2013-09-06 09:01 - 2013-09-06 09:01 - 00323584 _____ C:\Windows\system32\config\DEFAULT.iobit
2013-09-06 09:01 - 2013-09-06 09:01 - 00032768 _____ C:\Windows\system32\config\SAM.iobit
2013-09-06 09:01 - 2013-09-06 09:01 - 00028672 _____ C:\Windows\system32\config\SECURITY.iobit
2013-09-06 09:01 - 2013-04-10 23:12 - 00000000 ____D C:\Users\admin
2013-09-05 18:25 - 2013-09-05 18:25 - 00000000 ____D C:\sr2
2013-09-05 18:10 - 2013-09-05 18:10 - 00001313 _____ C:\Users\admin\Desktop\Space Rangers 2 - Reboot.lnk
2013-09-05 18:10 - 2013-09-05 14:01 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1C Company
2013-09-05 18:09 - 2013-09-05 13:55 - 00000000 ____D C:\Program Files (x86)\1C Company
2013-09-05 11:37 - 2013-04-10 23:54 - 00000000 ____D C:\Users\admin\AppData\Roaming\vlc
2013-09-02 11:55 - 2013-09-02 11:55 - 00001075 _____ C:\Users\admin\Desktop\KMPlayer.lnk
2013-08-30 22:33 - 2013-08-30 22:33 - 00000000 ____D C:\Users\admin\AppData\Roaming\Fatshark
2013-08-30 20:42 - 2013-08-30 20:42 - 00000221 _____ C:\Users\admin\Desktop\War of the Roses.url
2013-08-30 20:42 - 2013-08-30 20:42 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-08-30 20:24 - 2013-08-30 20:24 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-08-30 09:48 - 2013-05-09 11:40 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-05-09 11:40 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-05-09 11:40 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-05-09 11:40 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-30 09:48 - 2013-05-09 11:40 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2013-05-09 11:40 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-05-09 11:40 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-05-09 11:40 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-30 09:47 - 2013-05-09 11:39 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-30 09:47 - 2013-04-10 23:55 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-29 19:29 - 2013-06-07 19:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\.technic
2013-08-29 14:21 - 2013-08-29 14:21 - 00000000 ____D C:\Users\admin\AppData\Roaming\.minecraft
2013-08-27 14:51 - 2013-08-27 14:51 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\kostickov.eu
2013-08-26 10:57 - 2013-04-11 18:15 - 00000099 _____ C:\Users\Public\LMDebug.log
2013-08-25 23:16 - 2013-08-25 23:16 - 00000000 ____D C:\Users\admin\AppData\Roaming\andro
2013-08-25 23:15 - 2013-08-25 23:15 - 00000000 ____D C:\Program Files (x86)\XS-Software
2013-08-25 23:14 - 2013-08-25 23:14 - 00000000 ____D C:\Users\admin\AppData\Local\Downloaded Installations
2013-08-25 22:43 - 2009-07-14 07:08 - 00032568 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-23 11:36 - 2013-04-11 13:46 - 00000000 ____D C:\Program Files (x86)\War Thunder
2013-08-22 10:12 - 2013-06-16 19:02 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-08-22 10:06 - 2013-08-22 10:05 - 00000000 ____D C:\Users\admin\AppData\Local\Ubisoft Game Launcher
2013-08-22 09:58 - 2013-08-22 09:56 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-08-22 09:58 - 2013-04-10 23:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-14 17:58 - 2013-08-14 17:58 - 00000000 ____D C:\Scenario
2013-08-13 23:27 - 2013-04-11 13:46 - 00000000 ____D C:\Users\admin\Documents\My Games
2013-08-13 23:24 - 2013-08-13 23:24 - 00001000 _____ C:\Users\UpdatusUser\Desktop\GameSpy Arcade.lnk
2013-08-13 23:24 - 2013-08-13 23:24 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2013-08-13 23:24 - 2013-08-13 23:24 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft Games
2013-08-13 23:24 - 2013-08-13 23:24 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade
2013-08-13 23:23 - 2013-08-13 23:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2013-08-13 13:18 - 2013-08-13 13:18 - 00032135 _____ C:\Users\admin\Documents\Macross-Zero - 3 [e24266].ass
2013-08-10 02:26 - 2009-07-14 06:45 - 00419872 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-10 01:38 - 2009-07-14 17:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-08-10 01:38 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-10 01:38 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini
ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini
Files to move or delete:
====================
ZeroAccess:
C:\Users\admin\AppData\Local\Google\Desktop\Install\{44587a02-9060-877c-53df-78540b54659f}
ZeroAccess:
C:\Program Files (x86)\Google\Desktop\Install\{44587a02-9060-877c-53df-78540b54659f}
C:\ProgramData\faacaaadffdcc.exe
C:\ProgramData\libnspr4.dll
C:\Users\admin\AppData\Local\Temp\i4jdel0.exe
C:\Users\admin\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\admin\AppData\Local\Temp\KMP_3.6.0.87.exe
C:\Users\admin\AppData\Local\Temp\setup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
==================== Alternate Data Streams (whitelisted) ====
==================== Loaded Modules (whitelisted) ============
Task: {5DE7F20E-2CF4-4826-9762-84EBC482D230} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-20] (Microsoft Corporation)
2013-07-12 17:10 - 2013-04-15 13:32 - 00060416 _____ () C:\Users\admin\AppData\Roaming\Seznam.cz\bin\26438libfoxloader-x64.dll
2013-02-26 00:32 - 2013-02-26 00:32 - 15053264 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-04-10 23:39 - 2012-08-09 12:55 - 00078480 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-04-10 23:39 - 2012-08-09 12:55 - 00386192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2013-04-10 23:39 - 2012-08-09 12:55 - 02792592 ____R (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2013-04-10 23:39 - 2012-08-09 12:56 - 04469392 ____R (TODO: <Company name>) C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin6.dll
2013-05-10 11:50 - 2012-10-11 20:23 - 00327040 _____ (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\taskMgr.dll
2013-05-10 11:50 - 2012-08-02 18:38 - 00065408 _____ (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\datastate.dll
2013-05-10 11:48 - 2011-12-15 15:16 - 00516440 _____ () C:\Program Files (x86)\IObit\Game Booster 3\sqlite3.dll
2013-05-10 11:48 - 2011-12-15 15:16 - 00061784 _____ (IObit) C:\Program Files (x86)\IObit\Game Booster 3\PowerConfig.dll
2013-08-30 20:24 - 2013-08-28 23:47 - 00288680 _____ (Valve Corporation) C:\Program Files (x86)\Steam\crashhandler.dll
2013-07-12 17:10 - 2013-03-29 13:37 - 00059384 _____ () C:\Users\admin\AppData\Roaming\Seznam.cz\bin\26438libfoxloader.dll
2013-07-15 14:32 - 2013-07-16 00:32 - 02895272 _____ (Valve Corporation) C:\Program Files (x86)\Steam\steam.dll
2013-08-28 13:47 - 2013-08-28 23:47 - 10654632 _____ (Valve Corporation) C:\Program Files (x86)\Steam\steamui.dll
2013-08-21 14:18 - 2013-08-22 00:18 - 00687104 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-08-28 13:47 - 2013-08-28 23:47 - 00263080 _____ (Valve Corporation) C:\Program Files (x86)\Steam\tier0_s.dll
2013-08-28 13:47 - 2013-08-28 23:47 - 00236456 _____ (Valve Corporation) C:\Program Files (x86)\Steam\vstdlib_s.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 00122864 _____ (Valve) C:\Program Files (x86)\Steam\CSERHelper.dll
2013-08-28 13:47 - 2013-08-28 23:47 - 00169384 _____ (Valve Corporation) C:\Program Files (x86)\Steam\bin\filesystem_stdio.DLL
2013-08-28 13:47 - 2013-08-28 23:47 - 00694696 _____ (Valve Corporation) C:\Program Files (x86)\Steam\bin\vgui2_s.DLL
2013-08-28 13:47 - 2013-08-28 23:47 - 01120680 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-08-07 11:31 - 2013-08-07 21:31 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 09955112 _____ (The ICU Project) C:\Program Files (x86)\Steam\bin\icudt.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-08-28 13:47 - 2013-08-28 23:47 - 07745960 _____ (Valve Corporation) C:\Program Files (x86)\Steam\steamclient.dll
2013-08-28 13:47 - 2013-08-28 23:47 - 02449832 _____ (Valve Corporation) c:\program files (x86)\steam\bin\friendsui.DLL
2013-08-28 13:47 - 2013-08-28 23:47 - 01804712 _____ (Valve Corporation) c:\program files (x86)\steam\bin\serverbrowser.DLL
2013-07-12 17:10 - 2013-03-25 16:39 - 00894968 _____ () C:\Users\admin\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2013-07-12 17:10 - 2012-07-26 11:44 - 00773968 _____ (Microsoft Corporation) C:\Users\admin\AppData\Roaming\Seznam.cz\bin\MSVCR100.dll
2013-07-12 17:10 - 2012-07-26 11:44 - 00421200 _____ (Microsoft Corporation) C:\Users\admin\AppData\Roaming\Seznam.cz\bin\MSVCP100.dll
2013-07-12 17:10 - 2013-04-24 12:31 - 00081992 _____ () C:\Users\admin\AppData\Roaming\Seznam.cz\bin\libchinst.dll
2013-04-10 19:49 - 2013-07-06 15:40 - 16192864 _____ (Opera Software) C:\Program Files (x86)\Opera\Opera.dll
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18205, časové razítko: 0x51dba4e7
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18205, časové razítko: 0x51dba4e7
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18205, časové razítko: 0x51dba4e7
Název chybujícího modulu: snxhk64.dll, verze: 8.0.1497.376, časové razítko: 0x52204cde
Název chybujícího modulu: snxhk64.dll, verze: 8.0.1497.376, časové razítko: 0x52204cde
Název chybujícího modulu: snxhk64.dll, verze: 8.0.1497.376, časové razítko: 0x52204cde
==================== Scheduled Tasks (whitelisted) ===========
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Supplementary Scan (All) ================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000005
"ConsentPromptBehaviorUser"=dword:00000003
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000001
"EnableSecureUIAPaths"=dword:00000001
"EnableUIADesktopToggle"=dword:00000000
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=dword:00000001
"NoActiveDesktopChanges"=dword:00000001
"ForceActiveDesktopOn"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=dword:00000000
"AntiVirusOverride"=dword:00000000
"AntiSpywareOverride"=dword:00000000
"FirewallOverride"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.msadpcm"="msadp32.acm"
"midimapper"="midimap.dll"
"wavemapper"="msacm32.drv"
"vidc.uyvy"="msyuv.dll"
"vidc.yuy2"="msyuv.dll"
"vidc.yvyu"="msyuv.dll"
"vidc.iyuv"="iyuv_32.dll"
"vidc.i420"="iyuv_32.dll"
"vidc.yvu9"="tsbyuv.dll"
"msacm.l3acm"="C:\\Windows\\System32\\l3codeca.acm"
"wave1"="wdmaud.drv"
"midi1"="wdmaud.drv"
"mixer1"="wdmaud.drv"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:931.41 GB) (Free:674.43 GB) NTFS
Available physical RAM: 6543.51 MB
Total physical RAM: 8150.2 MB
Percentage of memory in use: 19%
LastRegBack: 2013-09-01 16:09
==================== End Of Log ==============================
Ran by admin (administrator) on ADMIN-PC on 09-09-2013 18:18:33
Running from C:\Users\admin\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
() C:\Users\admin\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\admin\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [Advanced SystemCare 6] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [490880 2012-09-24] (IObit)
HKCU\...\Run: [faacaaadffdcc] - C:\ProgramData\faacaaadffdcc.exe [406016 2013-09-09] ()
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Users\admin\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Users\admin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [Google Update*] - <===== ATTENTION (ZeroAccess rootkit hidden path)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Printsrv] - c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs [x]
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] - "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12902
SearchScopes: HKCU - {07CCD0B8-FF37-45C5-9EAA-D024358D0B40} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12902
SearchScopes: HKCU - {1448D276-ED24-45C2-955C-8C6BAEAE1A15} URL = http://search.seznam.cz/?q={searchTerms ... arch_12902
SearchScopes: HKCU - {22348CD5-F1DC-4671-9BB1-D533C390B655} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12902
SearchScopes: HKCU - {512BEB22-B6DC-445E-8A9D-E586E12DBB07} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12902
SearchScopes: HKCU - {99F8CA23-5051-4F54-8BD6-71A3DBCF4B5D} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12902
SearchScopes: HKCU - {A6AFCF0A-5070-46E3-8315-9E8D4C9590F1} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12902
SearchScopes: HKCU - {CEADCF0D-6D47-4236-AEC4-99F0F9223018} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12902
SearchScopes: HKCU - {E9147808-49E9-457F-B70C-C00C3726FD18} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12902
SearchScopes: HKCU - {ECCECFE6-1417-43D1-B793-7F6D728CE266} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12902
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 02 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 03 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 04 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 05 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 06 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 07 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 08 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 09 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 10 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9-x64 01 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 02 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 03 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 04 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 05 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 06 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 07 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 08 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 09 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 10 mswsock.dll File Not found (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\jlukaeka.default
FF user.js: detected! => C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\jlukaeka.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @IObit.com/np_Asc_Plugin - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\jlukaeka.default\Extensions\ascsurfingprotection@iobit.com
FF Extension: KMPlayer Toolbar - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\jlukaeka.default\Extensions\toolbar@ask.com
FF Extension: Seznam lištička - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\jlukaeka.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
==================== Services (Whitelisted) =================
R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2322560 2013-07-16] (PS Media s.r.o.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{44587a02-9060-877c-53df-78540b54659f}\ \...\???\{44587a02-9060-877c-53df-78540b54659f}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
S3 gdrv; No ImagePath
S0 qsngd; system32\drivers\ijrlkh.sys [x]
S0 sixh; system32\drivers\gdpkee.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S0 zyhe; system32\drivers\hxfgeids.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-09 18:17 - 2013-09-09 18:17 - 00000000 ____D C:\FRST
2013-09-09 18:17 - 2013-09-08 23:29 - 01948948 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2013-09-09 14:45 - 2013-09-09 14:45 - 00061440 _____ C:\Windows\SysWOW64\Drivers\gdpkee.sys
2013-09-09 14:45 - 2013-09-09 14:45 - 00000574 _____ C:\trzF930.tmp
2013-09-09 14:45 - 2013-09-09 14:45 - 00000062 _____ C:\ymut.txt
2013-09-09 14:40 - 2013-09-09 14:40 - 00061440 _____ C:\Windows\SysWOW64\Drivers\hxfgeids.sys
2013-09-09 14:40 - 2013-09-09 14:40 - 00000574 _____ C:\trz611B.tmp
2013-09-09 14:40 - 2013-09-09 14:40 - 00000058 _____ C:\Program Files (x86)\dwysfct.txt
2013-09-09 14:33 - 2013-09-09 14:45 - 00135168 _____ C:\zip.exe
2013-09-09 14:33 - 2013-09-09 14:45 - 00019286 _____ C:\cleanup.exe
2013-09-09 14:33 - 2013-09-09 14:33 - 00061440 _____ C:\Windows\SysWOW64\Drivers\ijrlkh.sys
2013-09-09 14:33 - 2013-09-09 14:33 - 00000574 _____ C:\trz7621.tmp
2013-09-09 14:33 - 2013-09-09 14:33 - 00000082 _____ C:\Program Files (x86)\ilkmc.txt
2013-09-09 14:32 - 2013-09-09 14:32 - 00000712 _____ C:\avenger.txt
2013-09-09 14:26 - 2013-09-09 14:26 - 00731136 _____ C:\Users\admin\Desktop\avenger.exe
2013-09-09 14:16 - 2013-09-09 14:16 - 16822256 _____ C:\Users\admin\Desktop\Mobogenie_Setup_2.1.15_5.exe
2013-09-09 13:59 - 2013-09-09 18:11 - 00000448 _____ C:\Windows\setupact.log
2013-09-09 13:59 - 2013-09-09 13:59 - 00010104 _____ C:\Windows\PFRO.log
2013-09-09 13:59 - 2013-09-09 13:59 - 00000000 _____ C:\Windows\setuperr.log
2013-09-09 11:11 - 2013-09-09 12:53 - 216305990 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part07.rar
2013-09-09 10:03 - 2013-09-09 10:59 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part06.rar
2013-09-08 21:30 - 2013-09-08 21:42 - 204007424 _____ C:\Users\admin\Desktop\[K&I]-Hiiro-no-Kakera-01-CZ.avi
2013-09-08 17:41 - 2013-09-08 17:41 - 00000000 ____D C:\Users\admin\AppData\Local\Google
2013-09-08 17:41 - 2013-09-08 17:41 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-08 17:35 - 2013-09-08 18:31 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part05.rar
2013-09-08 16:06 - 2013-09-08 17:02 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part04.rar
2013-09-08 13:23 - 2013-09-08 15:56 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part03.rar
2013-09-08 12:13 - 2013-09-08 12:13 - 00000000 ____D C:\Users\admin\Documents\Fax
2013-09-08 10:49 - 2013-09-08 11:45 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part02.rar
2013-09-07 20:39 - 2013-09-07 20:39 - 00001396 _____ C:\Users\admin\Desktop\sweaw – zástupce.lnk
2013-09-07 20:38 - 2013-09-08 03:33 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter Nights 2 Platinum CZ.part01.rar
2013-09-07 13:24 - 2013-09-07 13:24 - 00003182 _____ C:\Windows\System32\Tasks\{FAA15AAD-968A-4717-AC22-184DDFFFA405}
2013-09-07 13:15 - 2013-09-07 13:15 - 03153494 _____ C:\Users\admin\Desktop\sw_eaw_cz_eng.zip
2013-09-07 13:15 - 2006-08-12 19:18 - 00000000 ____D C:\Users\admin\Desktop\ENG
2013-09-07 13:11 - 2013-09-07 13:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Petroglyph
2013-09-07 13:08 - 2013-09-07 13:08 - 00000000 ____D C:\star wars
2013-09-07 11:34 - 2013-09-07 11:39 - 35266560 _____ C:\Users\admin\Desktop\Morrowind.zip
2013-09-07 11:26 - 2013-09-07 13:07 - 1801393513 _____ C:\Users\admin\Desktop\Star-Wars-Empire-at-War.rar
2013-09-06 20:12 - 2013-09-06 20:12 - 00000000 ____D C:\Users\admin\Documents\SavedGames
2013-09-06 20:12 - 2013-09-06 20:12 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2013-09-06 20:11 - 2013-09-06 20:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Solar 2
2013-09-06 20:11 - 2013-09-06 20:11 - 00000000 ____D C:\Program Files (x86)\Solar 2
2013-09-06 20:10 - 2013-09-06 20:13 - 00000000 ____D C:\Users\admin\Desktop\Nová složka
2013-09-06 10:17 - 2013-09-06 10:18 - 00000000 ____D C:\Windows\system32\MRT
2013-09-06 09:15 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-09-06 09:15 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-09-06 09:06 - 2013-09-06 09:06 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-06 09:06 - 2013-09-06 09:06 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-06 09:06 - 2013-09-06 09:06 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-06 09:06 - 2013-09-06 09:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-06 09:06 - 2013-09-06 09:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-06 09:06 - 2013-09-06 09:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-09-06 09:05 - 2013-09-06 09:05 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-06 09:04 - 2013-09-06 09:04 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-09-06 09:03 - 2013-09-06 09:03 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-09-06 09:01 - 2013-09-06 09:01 - 67940352 _____ C:\Windows\system32\config\SOFTWARE.iobit
2013-09-06 09:01 - 2013-09-06 09:01 - 14868480 _____ C:\Windows\system32\config\SYSTEM.iobit
2013-09-06 09:01 - 2013-09-06 09:01 - 00323584 _____ C:\Windows\system32\config\DEFAULT.iobit
2013-09-06 09:01 - 2013-09-06 09:01 - 00032768 _____ C:\Windows\system32\config\SAM.iobit
2013-09-06 09:01 - 2013-09-06 09:01 - 00028672 _____ C:\Windows\system32\config\SECURITY.iobit
2013-09-05 18:25 - 2013-09-05 18:25 - 00000000 ____D C:\sr2
2013-09-05 18:10 - 2013-09-05 18:10 - 00001313 _____ C:\Users\admin\Desktop\Space Rangers 2 - Reboot.lnk
2013-09-05 14:01 - 2013-09-05 18:10 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1C Company
2013-09-05 13:55 - 2013-09-05 18:09 - 00000000 ____D C:\Program Files (x86)\1C Company
2013-09-05 13:55 - 2008-09-10 18:19 - 02070016 _____ C:\Windows\setup_rangers_2.exe
2013-09-02 11:55 - 2013-09-02 11:55 - 00001075 _____ C:\Users\admin\Desktop\KMPlayer.lnk
2013-08-30 22:33 - 2013-08-30 22:33 - 00000000 ____D C:\Users\admin\AppData\Roaming\Fatshark
2013-08-30 20:42 - 2013-08-30 20:42 - 00000221 _____ C:\Users\admin\Desktop\War of the Roses.url
2013-08-30 20:42 - 2013-08-30 20:42 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-08-30 20:24 - 2013-09-09 18:11 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-30 20:24 - 2013-08-30 20:24 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-08-30 15:41 - 2013-09-06 18:36 - 00000000 ____D C:\Users\admin\Desktop\Minecraft-----Feed-The-Beast-Warez-Luncher
2013-08-29 14:21 - 2013-08-29 14:21 - 00000000 ____D C:\Users\admin\AppData\Roaming\.minecraft
2013-08-27 14:51 - 2013-08-27 14:51 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\kostickov.eu
2013-08-25 23:16 - 2013-08-25 23:16 - 00000000 ____D C:\Users\admin\AppData\Roaming\andro
2013-08-25 23:15 - 2013-08-25 23:15 - 00000000 ____D C:\Program Files (x86)\XS-Software
2013-08-25 23:14 - 2013-08-25 23:14 - 00000000 ____D C:\Users\admin\AppData\Local\Downloaded Installations
2013-08-22 10:05 - 2013-08-22 10:06 - 00000000 ____D C:\Users\admin\AppData\Local\Ubisoft Game Launcher
2013-08-22 09:56 - 2013-08-22 09:58 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-08-14 17:58 - 2013-08-14 17:58 - 00000000 ____D C:\Scenario
2013-08-13 23:24 - 2013-08-13 23:24 - 00001000 _____ C:\Users\UpdatusUser\Desktop\GameSpy Arcade.lnk
2013-08-13 23:24 - 2013-08-13 23:24 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2013-08-13 23:24 - 2013-08-13 23:24 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft Games
2013-08-13 23:24 - 2013-08-13 23:24 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade
2013-08-13 23:23 - 2013-08-13 23:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2013-08-13 13:18 - 2013-08-13 13:18 - 00032135 _____ C:\Users\admin\Documents\Macross-Zero - 3 [e24266].ass
==================== One Month Modified Files and Folders =======
2013-09-09 18:18 - 2009-07-14 06:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-09 18:18 - 2009-07-14 06:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-09 18:17 - 2013-09-09 18:17 - 00000000 ____D C:\Users\admin\AppData\Local\qb063439.86
2013-09-09 18:17 - 2013-09-09 18:17 - 00000000 ____D C:\FRST
2013-09-09 18:11 - 2013-09-09 13:59 - 00000448 _____ C:\Windows\setupact.log
2013-09-09 18:11 - 2013-08-30 20:24 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-09 18:11 - 2013-07-12 17:09 - 00000000 _____ C:\Windows\SysWOW64\sinstall.log
2013-09-09 18:11 - 2013-04-10 23:32 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-09 18:11 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-09 14:45 - 2013-09-09 14:45 - 00061440 _____ C:\Windows\SysWOW64\Drivers\gdpkee.sys
2013-09-09 14:45 - 2013-09-09 14:45 - 00000574 _____ C:\trzF930.tmp
2013-09-09 14:45 - 2013-09-09 14:45 - 00000062 _____ C:\ymut.txt
2013-09-09 14:45 - 2013-09-09 14:33 - 00135168 _____ C:\zip.exe
2013-09-09 14:45 - 2013-09-09 14:33 - 00019286 _____ C:\cleanup.exe
2013-09-09 14:42 - 2013-05-09 11:40 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-09 14:41 - 2013-04-10 23:49 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-09 14:40 - 2013-09-09 14:40 - 00061440 _____ C:\Windows\SysWOW64\Drivers\hxfgeids.sys
2013-09-09 14:40 - 2013-09-09 14:40 - 00000574 _____ C:\trz611B.tmp
2013-09-09 14:40 - 2013-09-09 14:40 - 00000058 _____ C:\Program Files (x86)\dwysfct.txt
2013-09-09 14:33 - 2013-09-09 14:33 - 00061440 _____ C:\Windows\SysWOW64\Drivers\ijrlkh.sys
2013-09-09 14:33 - 2013-09-09 14:33 - 00000574 _____ C:\trz7621.tmp
2013-09-09 14:33 - 2013-09-09 14:33 - 00000082 _____ C:\Program Files (x86)\ilkmc.txt
2013-09-09 14:32 - 2013-09-09 14:32 - 00000712 _____ C:\avenger.txt
2013-09-09 14:26 - 2013-09-09 14:26 - 00731136 _____ C:\Users\admin\Desktop\avenger.exe
2013-09-09 14:16 - 2013-09-09 14:16 - 16822256 _____ C:\Users\admin\Desktop\Mobogenie_Setup_2.1.15_5.exe
2013-09-09 14:03 - 2013-07-11 09:29 - 00010240 _____ (Microsoft Corporation) C:\ProgramData\libnspr4.dll
2013-09-09 14:03 - 2013-07-10 10:10 - 00406016 _____ C:\ProgramData\faacaaadffdcc.exe
2013-09-09 13:59 - 2013-09-09 13:59 - 00010104 _____ C:\Windows\PFRO.log
2013-09-09 13:59 - 2013-09-09 13:59 - 00000000 _____ C:\Windows\setuperr.log
2013-09-09 12:53 - 2013-09-09 11:11 - 216305990 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part07.rar
2013-09-09 11:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-09 10:59 - 2013-09-09 10:03 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part06.rar
2013-09-08 23:29 - 2013-09-09 18:17 - 01948948 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2013-09-08 21:42 - 2013-09-08 21:30 - 204007424 _____ C:\Users\admin\Desktop\[K&I]-Hiiro-no-Kakera-01-CZ.avi
2013-09-08 18:31 - 2013-09-08 17:35 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part05.rar
2013-09-08 17:42 - 2013-04-10 23:15 - 01090093 _____ C:\Windows\WindowsUpdate.log
2013-09-08 17:41 - 2013-09-08 17:41 - 00000000 ____D C:\Users\admin\AppData\Local\Google
2013-09-08 17:41 - 2013-09-08 17:41 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-08 17:02 - 2013-09-08 16:06 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part04.rar
2013-09-08 15:56 - 2013-09-08 13:23 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part03.rar
2013-09-08 12:13 - 2013-09-08 12:13 - 00000000 ____D C:\Users\admin\Documents\Fax
2013-09-08 11:45 - 2013-09-08 10:49 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter-Nights-2-Platinum-CZ.part02.rar
2013-09-08 03:33 - 2013-09-07 20:38 - 996147200 _____ C:\Users\admin\Desktop\Neverwinter Nights 2 Platinum CZ.part01.rar
2013-09-07 20:39 - 2013-09-07 20:39 - 00001396 _____ C:\Users\admin\Desktop\sweaw – zástupce.lnk
2013-09-07 13:24 - 2013-09-07 13:24 - 00003182 _____ C:\Windows\System32\Tasks\{FAA15AAD-968A-4717-AC22-184DDFFFA405}
2013-09-07 13:15 - 2013-09-07 13:15 - 03153494 _____ C:\Users\admin\Desktop\sw_eaw_cz_eng.zip
2013-09-07 13:11 - 2013-09-07 13:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Petroglyph
2013-09-07 13:10 - 2013-04-14 01:31 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-07 13:10 - 2009-07-14 17:36 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-09-07 13:08 - 2013-09-07 13:08 - 00000000 ____D C:\star wars
2013-09-07 13:07 - 2013-09-07 11:26 - 1801393513 _____ C:\Users\admin\Desktop\Star-Wars-Empire-at-War.rar
2013-09-07 11:39 - 2013-09-07 11:34 - 35266560 _____ C:\Users\admin\Desktop\Morrowind.zip
2013-09-06 20:13 - 2013-09-06 20:10 - 00000000 ____D C:\Users\admin\Desktop\Nová složka
2013-09-06 20:12 - 2013-09-06 20:12 - 00000000 ____D C:\Users\admin\Documents\SavedGames
2013-09-06 20:12 - 2013-09-06 20:12 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2013-09-06 20:11 - 2013-09-06 20:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Solar 2
2013-09-06 20:11 - 2013-09-06 20:11 - 00000000 ____D C:\Program Files (x86)\Solar 2
2013-09-06 18:36 - 2013-08-30 15:41 - 00000000 ____D C:\Users\admin\Desktop\Minecraft-----Feed-The-Beast-Warez-Luncher
2013-09-06 14:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-06 14:19 - 2013-04-10 19:44 - 00000000 ____D C:\Users\admin\Desktop\Plocha
2013-09-06 11:48 - 2013-04-11 00:05 - 00000000 ____D C:\Windows\Panther
2013-09-06 10:19 - 2009-07-14 17:18 - 00666406 _____ C:\Windows\system32\perfh005.dat
2013-09-06 10:19 - 2009-07-14 17:18 - 00140102 _____ C:\Windows\system32\perfc005.dat
2013-09-06 10:19 - 2009-07-14 07:13 - 01596972 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-06 10:18 - 2013-09-06 10:17 - 00000000 ____D C:\Windows\system32\MRT
2013-09-06 09:13 - 2013-04-10 23:55 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-06 09:06 - 2013-09-06 09:06 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-06 09:06 - 2013-09-06 09:06 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-06 09:06 - 2013-09-06 09:06 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-06 09:06 - 2013-09-06 09:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-06 09:06 - 2013-09-06 09:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-06 09:06 - 2013-09-06 09:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-09-06 09:06 - 2013-09-06 09:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-09-06 09:05 - 2013-09-06 09:05 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-06 09:05 - 2013-09-06 09:05 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-06 09:05 - 2013-09-06 09:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-06 09:04 - 2013-09-06 09:04 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-09-06 09:04 - 2013-09-06 09:04 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-09-06 09:03 - 2013-09-06 09:03 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-09-06 09:01 - 2013-09-06 09:01 - 67940352 _____ C:\Windows\system32\config\SOFTWARE.iobit
2013-09-06 09:01 - 2013-09-06 09:01 - 14868480 _____ C:\Windows\system32\config\SYSTEM.iobit
2013-09-06 09:01 - 2013-09-06 09:01 - 00323584 _____ C:\Windows\system32\config\DEFAULT.iobit
2013-09-06 09:01 - 2013-09-06 09:01 - 00032768 _____ C:\Windows\system32\config\SAM.iobit
2013-09-06 09:01 - 2013-09-06 09:01 - 00028672 _____ C:\Windows\system32\config\SECURITY.iobit
2013-09-06 09:01 - 2013-04-10 23:12 - 00000000 ____D C:\Users\admin
2013-09-05 18:25 - 2013-09-05 18:25 - 00000000 ____D C:\sr2
2013-09-05 18:10 - 2013-09-05 18:10 - 00001313 _____ C:\Users\admin\Desktop\Space Rangers 2 - Reboot.lnk
2013-09-05 18:10 - 2013-09-05 14:01 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1C Company
2013-09-05 18:09 - 2013-09-05 13:55 - 00000000 ____D C:\Program Files (x86)\1C Company
2013-09-05 11:37 - 2013-04-10 23:54 - 00000000 ____D C:\Users\admin\AppData\Roaming\vlc
2013-09-02 11:55 - 2013-09-02 11:55 - 00001075 _____ C:\Users\admin\Desktop\KMPlayer.lnk
2013-08-30 22:33 - 2013-08-30 22:33 - 00000000 ____D C:\Users\admin\AppData\Roaming\Fatshark
2013-08-30 20:42 - 2013-08-30 20:42 - 00000221 _____ C:\Users\admin\Desktop\War of the Roses.url
2013-08-30 20:42 - 2013-08-30 20:42 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-08-30 20:24 - 2013-08-30 20:24 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-08-30 09:48 - 2013-05-09 11:40 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-05-09 11:40 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-05-09 11:40 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-05-09 11:40 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-30 09:48 - 2013-05-09 11:40 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2013-05-09 11:40 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-05-09 11:40 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-05-09 11:40 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-30 09:47 - 2013-05-09 11:39 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-30 09:47 - 2013-04-10 23:55 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-29 19:29 - 2013-06-07 19:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\.technic
2013-08-29 14:21 - 2013-08-29 14:21 - 00000000 ____D C:\Users\admin\AppData\Roaming\.minecraft
2013-08-27 14:51 - 2013-08-27 14:51 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\kostickov.eu
2013-08-26 10:57 - 2013-04-11 18:15 - 00000099 _____ C:\Users\Public\LMDebug.log
2013-08-25 23:16 - 2013-08-25 23:16 - 00000000 ____D C:\Users\admin\AppData\Roaming\andro
2013-08-25 23:15 - 2013-08-25 23:15 - 00000000 ____D C:\Program Files (x86)\XS-Software
2013-08-25 23:14 - 2013-08-25 23:14 - 00000000 ____D C:\Users\admin\AppData\Local\Downloaded Installations
2013-08-25 22:43 - 2009-07-14 07:08 - 00032568 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-23 11:36 - 2013-04-11 13:46 - 00000000 ____D C:\Program Files (x86)\War Thunder
2013-08-22 10:12 - 2013-06-16 19:02 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-08-22 10:06 - 2013-08-22 10:05 - 00000000 ____D C:\Users\admin\AppData\Local\Ubisoft Game Launcher
2013-08-22 09:58 - 2013-08-22 09:56 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-08-22 09:58 - 2013-04-10 23:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-14 17:58 - 2013-08-14 17:58 - 00000000 ____D C:\Scenario
2013-08-13 23:27 - 2013-04-11 13:46 - 00000000 ____D C:\Users\admin\Documents\My Games
2013-08-13 23:24 - 2013-08-13 23:24 - 00001000 _____ C:\Users\UpdatusUser\Desktop\GameSpy Arcade.lnk
2013-08-13 23:24 - 2013-08-13 23:24 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2013-08-13 23:24 - 2013-08-13 23:24 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft Games
2013-08-13 23:24 - 2013-08-13 23:24 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade
2013-08-13 23:23 - 2013-08-13 23:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2013-08-13 13:18 - 2013-08-13 13:18 - 00032135 _____ C:\Users\admin\Documents\Macross-Zero - 3 [e24266].ass
2013-08-10 02:26 - 2009-07-14 06:45 - 00419872 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-10 01:38 - 2009-07-14 17:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-08-10 01:38 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-10 01:38 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini
ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini
Files to move or delete:
====================
ZeroAccess:
C:\Users\admin\AppData\Local\Google\Desktop\Install\{44587a02-9060-877c-53df-78540b54659f}
ZeroAccess:
C:\Program Files (x86)\Google\Desktop\Install\{44587a02-9060-877c-53df-78540b54659f}
C:\ProgramData\faacaaadffdcc.exe
C:\ProgramData\libnspr4.dll
C:\Users\admin\AppData\Local\Temp\i4jdel0.exe
C:\Users\admin\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\admin\AppData\Local\Temp\KMP_3.6.0.87.exe
C:\Users\admin\AppData\Local\Temp\setup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
==================== Alternate Data Streams (whitelisted) ====
==================== Loaded Modules (whitelisted) ============
Task: {5DE7F20E-2CF4-4826-9762-84EBC482D230} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-20] (Microsoft Corporation)
2013-07-12 17:10 - 2013-04-15 13:32 - 00060416 _____ () C:\Users\admin\AppData\Roaming\Seznam.cz\bin\26438libfoxloader-x64.dll
2013-02-26 00:32 - 2013-02-26 00:32 - 15053264 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-04-10 23:39 - 2012-08-09 12:55 - 00078480 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-04-10 23:39 - 2012-08-09 12:55 - 00386192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2013-04-10 23:39 - 2012-08-09 12:55 - 02792592 ____R (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2013-04-10 23:39 - 2012-08-09 12:56 - 04469392 ____R (TODO: <Company name>) C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin6.dll
2013-05-10 11:50 - 2012-10-11 20:23 - 00327040 _____ (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\taskMgr.dll
2013-05-10 11:50 - 2012-08-02 18:38 - 00065408 _____ (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\datastate.dll
2013-05-10 11:48 - 2011-12-15 15:16 - 00516440 _____ () C:\Program Files (x86)\IObit\Game Booster 3\sqlite3.dll
2013-05-10 11:48 - 2011-12-15 15:16 - 00061784 _____ (IObit) C:\Program Files (x86)\IObit\Game Booster 3\PowerConfig.dll
2013-08-30 20:24 - 2013-08-28 23:47 - 00288680 _____ (Valve Corporation) C:\Program Files (x86)\Steam\crashhandler.dll
2013-07-12 17:10 - 2013-03-29 13:37 - 00059384 _____ () C:\Users\admin\AppData\Roaming\Seznam.cz\bin\26438libfoxloader.dll
2013-07-15 14:32 - 2013-07-16 00:32 - 02895272 _____ (Valve Corporation) C:\Program Files (x86)\Steam\steam.dll
2013-08-28 13:47 - 2013-08-28 23:47 - 10654632 _____ (Valve Corporation) C:\Program Files (x86)\Steam\steamui.dll
2013-08-21 14:18 - 2013-08-22 00:18 - 00687104 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-08-28 13:47 - 2013-08-28 23:47 - 00263080 _____ (Valve Corporation) C:\Program Files (x86)\Steam\tier0_s.dll
2013-08-28 13:47 - 2013-08-28 23:47 - 00236456 _____ (Valve Corporation) C:\Program Files (x86)\Steam\vstdlib_s.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 00122864 _____ (Valve) C:\Program Files (x86)\Steam\CSERHelper.dll
2013-08-28 13:47 - 2013-08-28 23:47 - 00169384 _____ (Valve Corporation) C:\Program Files (x86)\Steam\bin\filesystem_stdio.DLL
2013-08-28 13:47 - 2013-08-28 23:47 - 00694696 _____ (Valve Corporation) C:\Program Files (x86)\Steam\bin\vgui2_s.DLL
2013-08-28 13:47 - 2013-08-28 23:47 - 01120680 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-08-07 11:31 - 2013-08-07 21:31 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 09955112 _____ (The ICU Project) C:\Program Files (x86)\Steam\bin\icudt.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-08-28 13:47 - 2013-08-28 23:47 - 07745960 _____ (Valve Corporation) C:\Program Files (x86)\Steam\steamclient.dll
2013-08-28 13:47 - 2013-08-28 23:47 - 02449832 _____ (Valve Corporation) c:\program files (x86)\steam\bin\friendsui.DLL
2013-08-28 13:47 - 2013-08-28 23:47 - 01804712 _____ (Valve Corporation) c:\program files (x86)\steam\bin\serverbrowser.DLL
2013-07-12 17:10 - 2013-03-25 16:39 - 00894968 _____ () C:\Users\admin\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2013-07-12 17:10 - 2012-07-26 11:44 - 00773968 _____ (Microsoft Corporation) C:\Users\admin\AppData\Roaming\Seznam.cz\bin\MSVCR100.dll
2013-07-12 17:10 - 2012-07-26 11:44 - 00421200 _____ (Microsoft Corporation) C:\Users\admin\AppData\Roaming\Seznam.cz\bin\MSVCP100.dll
2013-07-12 17:10 - 2013-04-24 12:31 - 00081992 _____ () C:\Users\admin\AppData\Roaming\Seznam.cz\bin\libchinst.dll
2013-04-10 19:49 - 2013-07-06 15:40 - 16192864 _____ (Opera Software) C:\Program Files (x86)\Opera\Opera.dll
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18205, časové razítko: 0x51dba4e7
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18205, časové razítko: 0x51dba4e7
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18205, časové razítko: 0x51dba4e7
Název chybujícího modulu: snxhk64.dll, verze: 8.0.1497.376, časové razítko: 0x52204cde
Název chybujícího modulu: snxhk64.dll, verze: 8.0.1497.376, časové razítko: 0x52204cde
Název chybujícího modulu: snxhk64.dll, verze: 8.0.1497.376, časové razítko: 0x52204cde
==================== Scheduled Tasks (whitelisted) ===========
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Supplementary Scan (All) ================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000005
"ConsentPromptBehaviorUser"=dword:00000003
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000001
"EnableSecureUIAPaths"=dword:00000001
"EnableUIADesktopToggle"=dword:00000000
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=dword:00000001
"NoActiveDesktopChanges"=dword:00000001
"ForceActiveDesktopOn"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=dword:00000000
"AntiVirusOverride"=dword:00000000
"AntiSpywareOverride"=dword:00000000
"FirewallOverride"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.msadpcm"="msadp32.acm"
"midimapper"="midimap.dll"
"wavemapper"="msacm32.drv"
"vidc.uyvy"="msyuv.dll"
"vidc.yuy2"="msyuv.dll"
"vidc.yvyu"="msyuv.dll"
"vidc.iyuv"="iyuv_32.dll"
"vidc.i420"="iyuv_32.dll"
"vidc.yvu9"="tsbyuv.dll"
"msacm.l3acm"="C:\\Windows\\System32\\l3codeca.acm"
"wave1"="wdmaud.drv"
"midi1"="wdmaud.drv"
"mixer1"="wdmaud.drv"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:931.41 GB) (Free:674.43 GB) NTFS
Available physical RAM: 6543.51 MB
Total physical RAM: 8150.2 MB
Percentage of memory in use: 19%
LastRegBack: 2013-09-01 16:09
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (5.2 KiB) Staženo 18 x
Re: Odstranení složky
Smarja, vy jste opravdu kouzelnik s Avengerem 
Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna. 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Odstranení složky
Ano mam legální windows 7 sestavoval me to známej na zakázku. Jinak co to znamená ?
Re: Odstranení složky
Takze mate instalacni DVD se seriovym cislem nebo na PC COA stitek se seriovym cislem?? Muzu vedet proc platite nehoraznou castku za verzi Ultimate, kdyz stejne nevyuzijete jine funkce nez nabizi verze Home Premium, ktera je cca 4x levnejsi??"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Odstranení složky
Sem se domluvil na častce a on mě sestavil PC. Podle tvích slov to vipadá že mě pořádně natáhl.
Re: Odstranení složky
Tak jako licence na Ultimate je za nejakych cca 6000 minimalne, zalezi kde nakupujete Tak si udelejte obrazek sam... Tentokrat to poresime, ale schvalne se znameho zeptejte...Nehlede na to, ze vam instalacni DVD ci COA stitek dat musi, jak jinak ted treba obchodni inspekci prokazete, ze licenci mate, kdyz by prisli na kontrolu...Jinak se totiz vystavujete nekolika tisicove pokute (radove i desetitisice), takze si myslim, ze cca 2000 Kc za licenci Home Premium je docela smesna castka... Jinak je to tedy asi "dobry" znamy, ze Vam tam da takovou verzi, ktere se mimochodem nejvice hlidaji, ze Vas vedomne vystavi riziku trestniho stihani a naslednym postihum Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
- Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe
Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe
Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe - Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
- Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
- RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
- Na plose vznikne log Rkill.txt ten mi sem vlozte
- Ted nerestartujte PC - prisli byste o ucinek RKillu
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?