Zdravím,
poslední dobou se mi stává, že mi už od startu PC procesy vytěžují disk na 99%, v hlavní 5 nejžravějších procesů jsou Hostitelé služby např. Hostitel služby: síťové služby, místní systém (omezená síť), místní služby (omezená síť), místní služba (bez sítě). Notebook je starý jen pár měsíců a operační systém používám Windows 8.1. Dříve jsem měl takhle vytížený disk jen při kopírování pomocí USB 3.0 konektoru.
Předpokládám, že v notebooku bude nějaká havěť. Před pár dny na přítelkyni při sledování seriálu vyskočil "policejní vir". Počítač jsem odpojil a samotná stránka s výstrahou šla ukončit jen ukončením procesu. Poté jsem zkontroloval počítač pomocí antiviru a Malvarebytes ten mi odhalil nějakou havěť. Nenásledovali žádné potíže. Zdánlivě.
Poradil by mi někdo co bych měl teď udělat?
Díky
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Hostitel služby vytěžuje disk
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Hostitel služby vytěžuje disk
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: Hostitel služby vytěžuje disk
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by Tom (administrator) on TO-PC on 30-01-2014 14:28:02
Running from C:\Users\Tom\Desktop
Windows 8.1 Pro (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Robert McNeel & Associates) C:\Program Files\Rhinoceros 5 (64-bit)\System\Rhino.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13632216 2013-07-23] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSK DLMSession] - C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] ( (Qualcomm Atheros Commnucations))
HKCU\...\Run: [Akamai NetSession Interface] - "C:\Users\Tom\AppData\Local\Akamai\netsession_win.exe"
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Policies\Explorer: []
AppInit_DLLs: C:\Windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bing.com/
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/stati ... 0.96.0.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.113.139.94 195.113.136.35
FireFox:
========
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\rlndua7f.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\rlndua7f.default\searchplugins\bingp.xml
FF Extension: Battlefield Play4Free - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\rlndua7f.default\Extensions\battlefieldplay4free@ea.com [2013-11-29]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-01-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-01-16]
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
Chrome:
=======
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: http://www.bing.com/search?FORM=UP97DF& ... earchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Skype Click to Call) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-01-06]
CHR Extension: (Peněženka Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2013-10-09]
==================== Services (Whitelisted) =================
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 McNeelUpdate; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-10-28] (Robert McNeel & Associates)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-02-06] (ASUS Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-07-01] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-20] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-30 14:28 - 2014-01-30 14:28 - 00014181 _____ C:\Users\Tom\Desktop\FRST.txt
2014-01-30 14:27 - 2014-01-30 14:28 - 00000000 ____D C:\FRST
2014-01-30 13:27 - 2014-01-30 13:27 - 00112640 _____ (forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher.exe
2014-01-30 13:26 - 2014-01-30 13:26 - 02079744 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe
2014-01-30 12:50 - 2014-01-30 13:23 - 588151820 _____ C:\Users\Tom\Downloads\keyshot-4.zip
2014-01-30 10:15 - 2014-01-30 10:15 - 00000722 _____ C:\Users\Tom\Desktop\KeyShot 4 Resources.lnk
2014-01-30 10:14 - 2014-01-30 10:19 - 00047324 _____ C:\Users\Tom\Documents\pokus1.3dm
2014-01-30 10:14 - 2014-01-30 10:17 - 00052462 _____ C:\Users\Tom\Documents\pokus1.3dmbak
2014-01-30 10:14 - 2014-01-30 10:15 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyShot4 64
2014-01-30 10:14 - 2014-01-30 10:14 - 00000918 _____ C:\Users\Tom\Desktop\KeyShot 4 64.lnk
2014-01-30 09:42 - 2014-01-30 09:51 - 556673232 _____ (Luxion) C:\Users\Tom\Downloads\keyshot_w64_4.3.10.exe
2014-01-30 09:39 - 2014-01-30 09:40 - 00000790 _____ C:\WINDOWS\setupact.log
2014-01-30 09:39 - 2014-01-30 09:39 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-30 02:38 - 2014-01-30 02:38 - 00001868 _____ C:\WINDOWS\PFRO.log
2014-01-30 01:56 - 2014-01-30 13:55 - 00178600 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-30 01:04 - 2014-01-30 01:04 - 00002768 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-01-30 01:04 - 2014-01-30 01:04 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-30 01:04 - 2014-01-30 01:04 - 00000000 ____D C:\Program Files\CCleaner
2014-01-30 01:02 - 2014-01-30 01:03 - 04721920 _____ (Piriform Ltd) C:\Users\Tom\Downloads\ccsetup410.exe
2014-01-29 22:08 - 2014-01-29 22:08 - 00009542 _____ C:\Users\Tom\Desktop\Bez názvu 1.odt
2014-01-29 01:05 - 2014-01-29 01:11 - 103533728 _____ C:\Users\Tom\Downloads\(2011)-The-Path-of-Totality.zip
2014-01-27 04:56 - 2014-01-27 05:58 - 1042536448 _____ C:\Users\Tom\Downloads\Nadany-zak-1998-DVDRip-czdub.avi
2014-01-27 04:05 - 2014-01-27 04:38 - 733159880 _____ C:\Users\Tom\Downloads\Nadany-zak (1).avi
2014-01-27 03:43 - 2014-01-27 03:43 - 347785116 _____ C:\Users\Tom\Downloads\Nadany-zak.avi.1741333.partial
2014-01-27 03:15 - 2014-01-27 03:15 - 00000000 ____D C:\Users\Tom\AppData\Local\Solid State Networks
2014-01-27 03:15 - 2014-01-27 03:15 - 00000000 ____D C:\Program Files (x86)\MeteorEntertainment
2014-01-26 20:04 - 2014-01-26 20:04 - 00260316 _____ C:\Users\Tom\Documents\Untitled3.3dm
2014-01-26 20:00 - 2014-01-26 20:00 - 00269934 _____ C:\Users\Tom\Documents\Untitled2.3dm
2014-01-26 19:33 - 2014-01-26 19:33 - 00283670 _____ C:\Users\Tom\Documents\Untitled.3dm
2014-01-26 19:31 - 2014-01-26 19:31 - 00000000 ____D C:\Users\Tom\AppData\Local\Luxion
2014-01-26 19:30 - 2014-01-30 10:16 - 00000000 ____D C:\Users\Tom\Documents\KeyShot 4
2014-01-26 19:29 - 2014-01-30 10:15 - 00000000 ____D C:\Program Files\KeyShot4
2014-01-26 17:58 - 2014-01-26 17:58 - 00000000 ____D C:\Users\Tom\AppData\Local\3dmouse
2014-01-25 02:02 - 2014-01-25 20:46 - 862865408 _____ C:\Users\Tom\Downloads\Kdo-seje-vĂtr--Kdo-seje-bouĹ™i-Inherit-the-Wind-Kramer-1960.avi
2014-01-24 22:29 - 2014-01-30 01:37 - 00000000 ____D C:\Users\Tom\AppData\Local\CrashDumps
2014-01-24 22:09 - 2014-01-30 00:40 - 00000000 ____D C:\Users\Tom\Desktop\RK_Quarantine
2014-01-23 06:17 - 2014-01-23 06:18 - 938072072 _____ C:\Users\Tom\Downloads\Na_doraz_CZ_dabing.avi.7ce76mg.zip
2014-01-23 04:20 - 2014-01-23 05:49 - 855377920 _____ C:\Users\Tom\Downloads\Braindead---Ĺ˝ivĂ-mrtvĂ-(1992)-cz-dabing-Kubicak.avi.73azvox.partial
2014-01-22 12:56 - 2014-01-22 12:56 - 00010898 _____ C:\Users\Tom\Desktop\text3.odt
2014-01-22 12:53 - 2014-01-22 12:53 - 00011684 _____ C:\Users\Tom\Desktop\text2.odt
2014-01-22 12:48 - 2014-01-22 17:15 - 00010114 _____ C:\Users\Tom\Desktop\text1.odt
2014-01-22 12:12 - 2014-01-22 12:14 - 42250786 _____ C:\Users\Tom\Downloads\Kdo-seje-bouri-Drama-USA-1960.avi.day83j6.partial
2014-01-22 00:26 - 2014-01-22 03:54 - 2189320980 _____ C:\Users\Tom\Downloads\norimbersky-proces-1961-cz-dabing.avi
2014-01-22 00:16 - 2014-01-22 00:16 - 00027751 _____ C:\Users\Tom\Documents\HalLasko ref..odt
2014-01-21 17:50 - 2014-01-21 17:50 - 06092919 _____ C:\Users\Tom\Downloads\Outlook.zip
2014-01-21 17:09 - 2014-01-29 22:08 - 00000000 ____D C:\Users\Tom\Documents\Polanecký
2014-01-21 16:51 - 2014-01-21 17:09 - 155113001 _____ C:\Users\Tom\Downloads\PolaneckĂ˝.zip
2014-01-21 02:44 - 2014-01-21 03:49 - 462882544 _____ C:\Users\Tom\Downloads\Priserky-s.r.o-anim.-92min..avi.fi0xkr6.partial
2014-01-20 22:15 - 2014-01-20 22:56 - 724239534 _____ C:\Users\Tom\Downloads\Architektovo-Břicho-(Drama)-(1987)-cz-dubbing-AVI---Pawlyn.avi.avi
2014-01-20 19:00 - 2014-01-27 05:38 - 00128107 _____ C:\Users\Tom\Desktop\hngsync.log
2014-01-20 16:18 - 2014-01-30 00:41 - 00000000 ____D C:\Program Files (x86)\Heroes & Generals
2014-01-20 03:13 - 2014-01-20 03:25 - 738766126 _____ C:\Users\Tom\Downloads\Univerzita-pro-priserky-cz-dabing..avi.0c0y19b.partial
2014-01-19 22:43 - 2014-01-19 23:06 - 414462553 _____ C:\Users\Tom\Downloads\Pink-Floyd.zip
2014-01-19 20:52 - 2014-01-30 00:41 - 00000000 ____D C:\Program Files\Zune
2014-01-19 20:52 - 2014-01-19 20:52 - 00000000 ____D C:\WINDOWS\PCHEALTH
2014-01-19 20:50 - 2014-01-30 00:41 - 00000000 ____D C:\fa4a311ae3bc09a3edc8fa
2014-01-19 20:48 - 2014-01-19 20:50 - 105664248 _____ (Microsoft Corporation) C:\Users\Tom\Downloads\ZuneSetupPkg.exe
2014-01-19 19:23 - 2014-01-19 19:23 - 01243120 _____ (společnost Microsoft Corporation) C:\Users\Tom\Downloads\wlsetup-web.exe
2014-01-19 01:09 - 2014-01-19 01:25 - 733102080 _____ C:\Users\Tom\Downloads\U-Konce-sveta..cz.avi.736xpl1.partial
2014-01-19 00:14 - 2014-01-19 01:03 - 717841689 _____ C:\Users\Tom\Downloads\Laponská_odysea.zip
2014-01-18 22:11 - 2014-01-18 23:49 - 941774848 _____ C:\Users\Tom\Downloads\Na_doraz_CZ_dabing.avi.7ce76mg.partial
2014-01-18 21:19 - 2014-01-18 22:28 - 1234221341 _____ C:\Users\Tom\Downloads\Podivný-pár-(1968)-CZ.mp4
2014-01-16 23:54 - 2014-01-17 03:32 - 804239968 _____ C:\Users\Tom\Downloads\spravna-dvojka-II-1998_dvdrip_czdub_xvid.avi.qvuze9v.partial
2014-01-16 14:12 - 2014-01-16 14:12 - 00011428 _____ C:\Users\Tom\Documents\Kritika fotografie.odt
2014-01-16 11:20 - 2014-01-16 11:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-16 01:11 - 2014-01-16 02:23 - 691613752 _____ C:\Users\Tom\Downloads\UkradenĂ©-vánoce-Tima-Burtona-CZ-by_ŤavĂ.avi.b349aw1.partial
2014-01-15 04:01 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-15 04:01 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-15 04:01 - 2013-11-27 11:34 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2014-01-15 04:01 - 2013-11-27 10:54 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-15 04:01 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 04:01 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-15 04:01 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 04:01 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-15 04:01 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-15 04:01 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-15 04:00 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-15 03:02 - 2014-01-15 03:07 - 234646941 _____ C:\Users\Tom\Downloads\THE-DOORS---Vsetkych-6-originalnych-albumov.zip
2014-01-15 01:56 - 2014-01-15 02:08 - 572701148 _____ C:\Users\Tom\Downloads\Mrtva-nevesta-Tima-Burtona-cz-dabing.csfd-84-animov.fantasy_xvid.avi
2014-01-13 03:17 - 2014-01-13 03:46 - 1468452864 _____ C:\Users\Tom\Downloads\Jak-vycvicit-draka-2010-CZ.avi
2014-01-12 14:38 - 2014-01-12 14:38 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Firefly Studios
2014-01-12 14:38 - 2014-01-12 14:38 - 00000000 ____D C:\Users\Tom\AppData\Local\Geckofx
2014-01-12 14:37 - 2014-01-12 14:37 - 00000000 ____D C:\Users\Tom\Documents\Stronghold Kingdoms
2014-01-12 14:29 - 2014-01-12 14:29 - 00000000 ____D C:\ProgramData\Firefly Studios
2014-01-12 14:28 - 2014-01-12 14:28 - 00001326 _____ C:\Users\Public\Desktop\Stronghold Kingdoms.lnk
2014-01-12 14:26 - 2014-01-12 14:27 - 20678416 _____ (Firefly Studios ) C:\Users\Tom\Downloads\StrongholdKingdoms-SetupBP.exe
2014-01-12 03:41 - 2014-01-12 03:41 - 08966752 _____ C:\Users\Tom\Downloads\DrakensangOnlineSetup.exe
2014-01-12 03:41 - 2014-01-12 03:41 - 00001976 _____ C:\Users\Tom\Desktop\Drakensang Online.lnk
2014-01-12 03:41 - 2014-01-12 03:41 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2014-01-12 03:41 - 2014-01-12 03:41 - 00000000 ____D C:\Program Files (x86)\Drakensang Online
2014-01-11 01:32 - 2014-01-11 01:32 - 00000000 ____D C:\Users\Tom\AppData\Local\ASUS
2014-01-10 20:52 - 2014-01-10 21:11 - 413317468 _____ C:\Users\Tom\Downloads\Chalupari---03---Operace.avi.1agd7o5.partial
2014-01-09 11:15 - 2014-01-09 11:16 - 00000000 ____D C:\Users\Tom\AppData\Local\Bandizip
2014-01-09 11:15 - 2014-01-09 11:15 - 04321088 _____ C:\Users\Tom\Downloads\bandizip-setup-gl.exe
2014-01-09 10:47 - 2014-01-09 11:13 - 1456336785 _____ C:\Users\Tom\Downloads\Adobe-Flash-Professional-CS6.rar
2014-01-09 10:44 - 2014-01-09 10:44 - 00000107 _____ C:\Users\Tom\Downloads\Adobe-Flash-Professional-CS6-SERIAL.url
2014-01-09 10:30 - 2014-01-09 12:19 - 00000132 _____ C:\Users\Tom\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-01-09 09:26 - 2014-01-09 09:26 - 00003492 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-kalistatomas@live.com
2014-01-09 09:25 - 2014-01-30 09:44 - 00000000 ____D C:\Users\Tom\AppData\Local\Adobe
2014-01-09 01:24 - 2014-01-09 01:36 - 599442814 _____ C:\Users\Tom\Downloads\Chalupari---02---Kapr.avi
2014-01-08 19:14 - 2014-01-08 19:14 - 00050688 _____ (Atribune.org) C:\Users\Tom\Downloads\ATF-Cleaner.exe
2014-01-06 00:45 - 2014-01-18 13:23 - 00000000 ____D C:\Users\Tom\Documents\aničky dokumenty do školičky
2014-01-06 00:00 - 2014-01-08 19:04 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Skype
2014-01-06 00:00 - 2014-01-06 00:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2014-01-06 00:00 - 2014-01-06 00:01 - 00000000 ____D C:\ProgramData\Skype
2014-01-05 23:59 - 2014-01-06 00:00 - 35095200 _____ (Skype Technologies S.A.) C:\Users\Tom\Downloads\SkypeSetupFull.exe
2014-01-05 22:47 - 2014-01-30 00:41 - 00000000 ____D C:\Program Files (x86)\Grinding Gear Games
2014-01-05 22:45 - 2014-01-05 22:45 - 07438336 _____ C:\Users\Tom\Downloads\PathOfExileInstaller.msi
==================== One Month Modified Files and Folders =======
2014-01-30 14:28 - 2014-01-30 14:28 - 00014181 _____ C:\Users\Tom\Desktop\FRST.txt
2014-01-30 14:28 - 2014-01-30 14:27 - 00000000 ____D C:\FRST
2014-01-30 14:26 - 2013-11-29 13:45 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-30 14:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-30 13:55 - 2014-01-30 01:56 - 00178600 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-30 13:49 - 2013-11-20 08:05 - 00003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3167826679-434792771-67642486-1001
2014-01-30 13:45 - 2013-11-21 11:30 - 00000958 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-30 13:44 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-30 13:30 - 2013-11-20 13:24 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-30 13:30 - 2013-09-30 04:56 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2014-01-30 13:30 - 2013-09-30 04:56 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2014-01-30 13:27 - 2014-01-30 13:27 - 00112640 _____ (forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher.exe
2014-01-30 13:26 - 2014-01-30 13:26 - 02079744 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe
2014-01-30 13:23 - 2014-01-30 12:50 - 588151820 _____ C:\Users\Tom\Downloads\keyshot-4.zip
2014-01-30 10:31 - 2013-11-21 18:13 - 00000000 __RDO C:\Users\Tom\SkyDrive
2014-01-30 10:19 - 2014-01-30 10:14 - 00047324 _____ C:\Users\Tom\Documents\pokus1.3dm
2014-01-30 10:19 - 2013-12-06 11:44 - 00000400 _____ C:\WINDOWS\i_lfolqn582.ini
2014-01-30 10:17 - 2014-01-30 10:14 - 00052462 _____ C:\Users\Tom\Documents\pokus1.3dmbak
2014-01-30 10:16 - 2014-01-26 19:30 - 00000000 ____D C:\Users\Tom\Documents\KeyShot 4
2014-01-30 10:15 - 2014-01-30 10:15 - 00000722 _____ C:\Users\Tom\Desktop\KeyShot 4 Resources.lnk
2014-01-30 10:15 - 2014-01-30 10:14 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyShot4 64
2014-01-30 10:15 - 2014-01-26 19:29 - 00000000 ____D C:\Program Files\KeyShot4
2014-01-30 10:14 - 2014-01-30 10:14 - 00000918 _____ C:\Users\Tom\Desktop\KeyShot 4 64.lnk
2014-01-30 09:51 - 2014-01-30 09:42 - 556673232 _____ (Luxion) C:\Users\Tom\Downloads\keyshot_w64_4.3.10.exe
2014-01-30 09:44 - 2014-01-09 09:25 - 00000000 ____D C:\Users\Tom\AppData\Local\Adobe
2014-01-30 09:42 - 2013-11-20 13:29 - 00003950 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5E16602A-FC39-4C28-A113-58DFA3999BFF}
2014-01-30 09:40 - 2014-01-30 09:39 - 00000790 _____ C:\WINDOWS\setupact.log
2014-01-30 09:39 - 2014-01-30 09:39 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-30 02:40 - 2013-11-21 11:30 - 00000954 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-30 02:39 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-30 02:38 - 2014-01-30 02:38 - 00001868 _____ C:\WINDOWS\PFRO.log
2014-01-30 02:38 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2014-01-30 01:38 - 2013-11-25 18:39 - 00000000 ____D C:\Users\Tom\AppData\Roaming\uTorrent
2014-01-30 01:37 - 2014-01-24 22:29 - 00000000 ____D C:\Users\Tom\AppData\Local\CrashDumps
2014-01-30 01:37 - 2013-11-21 17:14 - 00000000 ____D C:\WINDOWS\Minidump
2014-01-30 01:37 - 2013-11-20 13:04 - 00000000 ___DC C:\WINDOWS\Panther
2014-01-30 01:04 - 2014-01-30 01:04 - 00002768 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-01-30 01:04 - 2014-01-30 01:04 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-30 01:04 - 2014-01-30 01:04 - 00000000 ____D C:\Program Files\CCleaner
2014-01-30 01:03 - 2014-01-30 01:02 - 04721920 _____ (Piriform Ltd) C:\Users\Tom\Downloads\ccsetup410.exe
2014-01-30 00:49 - 2013-11-20 13:14 - 00000000 ____D C:\Users\Tom
2014-01-30 00:42 - 2013-11-30 20:16 - 00000000 ____D C:\Users\Tom\AppData\Roaming\vlc
2014-01-30 00:42 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2014-01-30 00:41 - 2014-01-20 16:18 - 00000000 ____D C:\Program Files (x86)\Heroes & Generals
2014-01-30 00:41 - 2014-01-19 20:52 - 00000000 ____D C:\Program Files\Zune
2014-01-30 00:41 - 2014-01-19 20:50 - 00000000 ____D C:\fa4a311ae3bc09a3edc8fa
2014-01-30 00:41 - 2014-01-05 22:47 - 00000000 ____D C:\Program Files (x86)\Grinding Gear Games
2014-01-30 00:41 - 2013-11-20 08:50 - 00000000 ____D C:\ProgramData\P4G
2014-01-30 00:40 - 2014-01-24 22:09 - 00000000 ____D C:\Users\Tom\Desktop\RK_Quarantine
2014-01-30 00:27 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\registration
2014-01-30 00:27 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2014-01-30 00:26 - 2013-11-20 07:59 - 00000000 ____D C:\Users\Tom\AppData\Local\Packages
2014-01-29 22:08 - 2014-01-29 22:08 - 00009542 _____ C:\Users\Tom\Desktop\Bez názvu 1.odt
2014-01-29 22:08 - 2014-01-21 17:09 - 00000000 ____D C:\Users\Tom\Documents\Polanecký
2014-01-29 01:11 - 2014-01-29 01:05 - 103533728 _____ C:\Users\Tom\Downloads\(2011)-The-Path-of-Totality.zip
2014-01-28 13:26 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2014-01-27 05:58 - 2014-01-27 04:56 - 1042536448 _____ C:\Users\Tom\Downloads\Nadany-zak-1998-DVDRip-czdub.avi
2014-01-27 05:38 - 2014-01-20 19:00 - 00128107 _____ C:\Users\Tom\Desktop\hngsync.log
2014-01-27 04:38 - 2014-01-27 04:05 - 733159880 _____ C:\Users\Tom\Downloads\Nadany-zak (1).avi
2014-01-27 03:43 - 2014-01-27 03:43 - 347785116 _____ C:\Users\Tom\Downloads\Nadany-zak.avi.1741333.partial
2014-01-27 03:15 - 2014-01-27 03:15 - 00000000 ____D C:\Users\Tom\AppData\Local\Solid State Networks
2014-01-27 03:15 - 2014-01-27 03:15 - 00000000 ____D C:\Program Files (x86)\MeteorEntertainment
2014-01-26 20:04 - 2014-01-26 20:04 - 00260316 _____ C:\Users\Tom\Documents\Untitled3.3dm
2014-01-26 20:00 - 2014-01-26 20:00 - 00269934 _____ C:\Users\Tom\Documents\Untitled2.3dm
2014-01-26 19:33 - 2014-01-26 19:33 - 00283670 _____ C:\Users\Tom\Documents\Untitled.3dm
2014-01-26 19:31 - 2014-01-26 19:31 - 00000000 ____D C:\Users\Tom\AppData\Local\Luxion
2014-01-26 17:58 - 2014-01-26 17:58 - 00000000 ____D C:\Users\Tom\AppData\Local\3dmouse
2014-01-25 20:46 - 2014-01-25 02:02 - 862865408 _____ C:\Users\Tom\Downloads\Kdo-seje-vĂtr--Kdo-seje-bouĹ™i-Inherit-the-Wind-Kramer-1960.avi
2014-01-23 06:18 - 2014-01-23 06:17 - 938072072 _____ C:\Users\Tom\Downloads\Na_doraz_CZ_dabing.avi.7ce76mg.zip
2014-01-23 05:49 - 2014-01-23 04:20 - 855377920 _____ C:\Users\Tom\Downloads\Braindead---Ĺ˝ivĂ-mrtvĂ-(1992)-cz-dabing-Kubicak.avi.73azvox.partial
2014-01-22 17:15 - 2014-01-22 12:48 - 00010114 _____ C:\Users\Tom\Desktop\text1.odt
2014-01-22 12:56 - 2014-01-22 12:56 - 00010898 _____ C:\Users\Tom\Desktop\text3.odt
2014-01-22 12:53 - 2014-01-22 12:53 - 00011684 _____ C:\Users\Tom\Desktop\text2.odt
2014-01-22 12:14 - 2014-01-22 12:12 - 42250786 _____ C:\Users\Tom\Downloads\Kdo-seje-bouri-Drama-USA-1960.avi.day83j6.partial
2014-01-22 03:54 - 2014-01-22 00:26 - 2189320980 _____ C:\Users\Tom\Downloads\norimbersky-proces-1961-cz-dabing.avi
2014-01-22 00:16 - 2014-01-22 00:16 - 00027751 _____ C:\Users\Tom\Documents\HalLasko ref..odt
2014-01-21 17:50 - 2014-01-21 17:50 - 06092919 _____ C:\Users\Tom\Downloads\Outlook.zip
2014-01-21 17:09 - 2014-01-21 16:51 - 155113001 _____ C:\Users\Tom\Downloads\PolaneckĂ˝.zip
2014-01-21 03:49 - 2014-01-21 02:44 - 462882544 _____ C:\Users\Tom\Downloads\Priserky-s.r.o-anim.-92min..avi.fi0xkr6.partial
2014-01-20 22:56 - 2014-01-20 22:15 - 724239534 _____ C:\Users\Tom\Downloads\Architektovo-Břicho-(Drama)-(1987)-cz-dubbing-AVI---Pawlyn.avi.avi
2014-01-20 11:52 - 2013-12-13 12:46 - 00023213 _____ C:\Users\Tom\Documents\Počítačové metody ref..odt
2014-01-20 03:25 - 2014-01-20 03:13 - 738766126 _____ C:\Users\Tom\Downloads\Univerzita-pro-priserky-cz-dabing..avi.0c0y19b.partial
2014-01-19 23:06 - 2014-01-19 22:43 - 414462553 _____ C:\Users\Tom\Downloads\Pink-Floyd.zip
2014-01-19 20:52 - 2014-01-19 20:52 - 00000000 ____D C:\WINDOWS\PCHEALTH
2014-01-19 20:50 - 2014-01-19 20:48 - 105664248 _____ (Microsoft Corporation) C:\Users\Tom\Downloads\ZuneSetupPkg.exe
2014-01-19 19:26 - 2013-11-29 11:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-19 19:26 - 2013-08-22 15:44 - 05083144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-19 19:23 - 2014-01-19 19:23 - 01243120 _____ (společnost Microsoft Corporation) C:\Users\Tom\Downloads\wlsetup-web.exe
2014-01-19 08:38 - 2013-11-20 11:28 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-01-19 01:25 - 2014-01-19 01:09 - 733102080 _____ C:\Users\Tom\Downloads\U-Konce-sveta..cz.avi.736xpl1.partial
2014-01-19 01:03 - 2014-01-19 00:14 - 717841689 _____ C:\Users\Tom\Downloads\Laponská_odysea.zip
2014-01-18 23:49 - 2014-01-18 22:11 - 941774848 _____ C:\Users\Tom\Downloads\Na_doraz_CZ_dabing.avi.7ce76mg.partial
2014-01-18 22:28 - 2014-01-18 21:19 - 1234221341 _____ C:\Users\Tom\Downloads\Podivný-pár-(1968)-CZ.mp4
2014-01-18 13:23 - 2014-01-06 00:45 - 00000000 ____D C:\Users\Tom\Documents\aničky dokumenty do školičky
2014-01-18 13:13 - 2013-11-20 09:24 - 00000000 ____D C:\Users\Tom\Documents\Flash disk 8gb
2014-01-17 03:32 - 2014-01-16 23:54 - 804239968 _____ C:\Users\Tom\Downloads\spravna-dvojka-II-1998_dvdrip_czdub_xvid.avi.qvuze9v.partial
2014-01-16 15:27 - 2013-11-20 12:45 - 00016149 _____ C:\Users\Tom\Documents\obraz1.odt
2014-01-16 14:12 - 2014-01-16 14:12 - 00011428 _____ C:\Users\Tom\Documents\Kritika fotografie.odt
2014-01-16 11:20 - 2014-01-16 11:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-16 02:23 - 2014-01-16 01:11 - 691613752 _____ C:\Users\Tom\Downloads\UkradenĂ©-vánoce-Tima-Burtona-CZ-by_ŤavĂ.avi.b349aw1.partial
2014-01-15 06:51 - 2013-11-20 11:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-15 06:49 - 2013-11-20 11:22 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-15 03:07 - 2014-01-15 03:02 - 234646941 _____ C:\Users\Tom\Downloads\THE-DOORS---Vsetkych-6-originalnych-albumov.zip
2014-01-15 02:08 - 2014-01-15 01:56 - 572701148 _____ C:\Users\Tom\Downloads\Mrtva-nevesta-Tima-Burtona-cz-dabing.csfd-84-animov.fantasy_xvid.avi
2014-01-15 00:20 - 2013-11-29 11:42 - 00000000 ____D C:\Users\Tom\AppData\Local\Mozilla
2014-01-13 03:46 - 2014-01-13 03:17 - 1468452864 _____ C:\Users\Tom\Downloads\Jak-vycvicit-draka-2010-CZ.avi
2014-01-12 14:38 - 2014-01-12 14:38 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Firefly Studios
2014-01-12 14:38 - 2014-01-12 14:38 - 00000000 ____D C:\Users\Tom\AppData\Local\Geckofx
2014-01-12 14:37 - 2014-01-12 14:37 - 00000000 ____D C:\Users\Tom\Documents\Stronghold Kingdoms
2014-01-12 14:29 - 2014-01-12 14:29 - 00000000 ____D C:\ProgramData\Firefly Studios
2014-01-12 14:28 - 2014-01-12 14:28 - 00001326 _____ C:\Users\Public\Desktop\Stronghold Kingdoms.lnk
2014-01-12 14:27 - 2014-01-12 14:26 - 20678416 _____ (Firefly Studios ) C:\Users\Tom\Downloads\StrongholdKingdoms-SetupBP.exe
2014-01-12 14:27 - 2013-11-21 18:50 - 00000000 ____D C:\Program Files (x86)\Firefly Studios
2014-01-12 03:41 - 2014-01-12 03:41 - 08966752 _____ C:\Users\Tom\Downloads\DrakensangOnlineSetup.exe
2014-01-12 03:41 - 2014-01-12 03:41 - 00001976 _____ C:\Users\Tom\Desktop\Drakensang Online.lnk
2014-01-12 03:41 - 2014-01-12 03:41 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2014-01-12 03:41 - 2014-01-12 03:41 - 00000000 ____D C:\Program Files (x86)\Drakensang Online
2014-01-11 01:32 - 2014-01-11 01:32 - 00000000 ____D C:\Users\Tom\AppData\Local\ASUS
2014-01-10 21:11 - 2014-01-10 20:52 - 413317468 _____ C:\Users\Tom\Downloads\Chalupari---03---Operace.avi.1agd7o5.partial
2014-01-09 12:19 - 2014-01-09 10:30 - 00000132 _____ C:\Users\Tom\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-01-09 11:30 - 2013-11-20 08:00 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Adobe
2014-01-09 11:16 - 2014-01-09 11:15 - 00000000 ____D C:\Users\Tom\AppData\Local\Bandizip
2014-01-09 11:16 - 2013-11-30 10:58 - 00000000 ____D C:\Users\Tom\Downloads\Adobe Photoshop CS6 13.0 Final CZ
2014-01-09 11:15 - 2014-01-09 11:15 - 04321088 _____ C:\Users\Tom\Downloads\bandizip-setup-gl.exe
2014-01-09 11:13 - 2014-01-09 10:47 - 1456336785 _____ C:\Users\Tom\Downloads\Adobe-Flash-Professional-CS6.rar
2014-01-09 10:44 - 2014-01-09 10:44 - 00000107 _____ C:\Users\Tom\Downloads\Adobe-Flash-Professional-CS6-SERIAL.url
2014-01-09 10:23 - 2013-11-20 18:01 - 00000000 ____D C:\Program Files\Common Files\Adobe
2014-01-09 10:23 - 2013-11-20 18:01 - 00000000 ____D C:\Program Files\Adobe
2014-01-09 10:21 - 2013-11-20 18:00 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-09 10:16 - 2013-11-20 17:58 - 00000000 ____D C:\ProgramData\Adobe
2014-01-09 09:26 - 2014-01-09 09:26 - 00003492 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-kalistatomas@live.com
2014-01-09 01:36 - 2014-01-09 01:24 - 599442814 _____ C:\Users\Tom\Downloads\Chalupari---02---Kapr.avi
2014-01-08 19:14 - 2014-01-08 19:14 - 00050688 _____ (Atribune.org) C:\Users\Tom\Downloads\ATF-Cleaner.exe
2014-01-08 19:04 - 2014-01-06 00:00 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Skype
2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-06 00:01 - 2014-01-06 00:00 - 00000000 ___RD C:\Program Files (x86)\Skype
2014-01-06 00:01 - 2014-01-06 00:00 - 00000000 ____D C:\ProgramData\Skype
2014-01-06 00:00 - 2014-01-05 23:59 - 35095200 _____ (Skype Technologies S.A.) C:\Users\Tom\Downloads\SkypeSetupFull.exe
2014-01-05 22:47 - 2013-12-03 09:25 - 00000000 ____D C:\Users\Tom\Documents\My Games
2014-01-05 22:45 - 2014-01-05 22:45 - 07438336 _____ C:\Users\Tom\Downloads\PathOfExileInstaller.msi
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Users\Tom\Local Settings:BPcZC3OhFMZqaM6pRaBUiB0g0ZW8
AlternateDataStreams: C:\Users\Tom\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Tom\SkyDrive.old:ms-properties
AlternateDataStreams: C:\Users\Tom\AppData\Local:BPcZC3OhFMZqaM6pRaBUiB0g0ZW8
AlternateDataStreams: C:\Users\Tom\AppData\Local\Data aplikací:BPcZC3OhFMZqaM6pRaBUiB0g0ZW8
AlternateDataStreams: C:\Users\Tom\AppData\Local\Temp:Ab6uao8Pnt7hn4jes3FJUG07D
AlternateDataStreams: C:\Users\Tom\AppData\Local\Temporary Internet Files:2Ht0a64ZpEW1J6jt6I
==================== Security Center ==================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Tom\Desktop" je 30140 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Tom (administrator) on TO-PC on 30-01-2014 14:28:02
Running from C:\Users\Tom\Desktop
Windows 8.1 Pro (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Robert McNeel & Associates) C:\Program Files\Rhinoceros 5 (64-bit)\System\Rhino.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13632216 2013-07-23] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSK DLMSession] - C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] ( (Qualcomm Atheros Commnucations))
HKCU\...\Run: [Akamai NetSession Interface] - "C:\Users\Tom\AppData\Local\Akamai\netsession_win.exe"
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Policies\Explorer: []
AppInit_DLLs: C:\Windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bing.com/
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/stati ... 0.96.0.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.113.139.94 195.113.136.35
FireFox:
========
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\rlndua7f.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\rlndua7f.default\searchplugins\bingp.xml
FF Extension: Battlefield Play4Free - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\rlndua7f.default\Extensions\battlefieldplay4free@ea.com [2013-11-29]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-01-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-01-16]
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
Chrome:
=======
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: http://www.bing.com/search?FORM=UP97DF& ... earchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Skype Click to Call) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-01-06]
CHR Extension: (Peněženka Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2013-10-09]
==================== Services (Whitelisted) =================
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 McNeelUpdate; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-10-28] (Robert McNeel & Associates)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-02-06] (ASUS Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-07-01] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-20] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-30 14:28 - 2014-01-30 14:28 - 00014181 _____ C:\Users\Tom\Desktop\FRST.txt
2014-01-30 14:27 - 2014-01-30 14:28 - 00000000 ____D C:\FRST
2014-01-30 13:27 - 2014-01-30 13:27 - 00112640 _____ (forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher.exe
2014-01-30 13:26 - 2014-01-30 13:26 - 02079744 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe
2014-01-30 12:50 - 2014-01-30 13:23 - 588151820 _____ C:\Users\Tom\Downloads\keyshot-4.zip
2014-01-30 10:15 - 2014-01-30 10:15 - 00000722 _____ C:\Users\Tom\Desktop\KeyShot 4 Resources.lnk
2014-01-30 10:14 - 2014-01-30 10:19 - 00047324 _____ C:\Users\Tom\Documents\pokus1.3dm
2014-01-30 10:14 - 2014-01-30 10:17 - 00052462 _____ C:\Users\Tom\Documents\pokus1.3dmbak
2014-01-30 10:14 - 2014-01-30 10:15 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyShot4 64
2014-01-30 10:14 - 2014-01-30 10:14 - 00000918 _____ C:\Users\Tom\Desktop\KeyShot 4 64.lnk
2014-01-30 09:42 - 2014-01-30 09:51 - 556673232 _____ (Luxion) C:\Users\Tom\Downloads\keyshot_w64_4.3.10.exe
2014-01-30 09:39 - 2014-01-30 09:40 - 00000790 _____ C:\WINDOWS\setupact.log
2014-01-30 09:39 - 2014-01-30 09:39 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-30 02:38 - 2014-01-30 02:38 - 00001868 _____ C:\WINDOWS\PFRO.log
2014-01-30 01:56 - 2014-01-30 13:55 - 00178600 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-30 01:04 - 2014-01-30 01:04 - 00002768 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-01-30 01:04 - 2014-01-30 01:04 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-30 01:04 - 2014-01-30 01:04 - 00000000 ____D C:\Program Files\CCleaner
2014-01-30 01:02 - 2014-01-30 01:03 - 04721920 _____ (Piriform Ltd) C:\Users\Tom\Downloads\ccsetup410.exe
2014-01-29 22:08 - 2014-01-29 22:08 - 00009542 _____ C:\Users\Tom\Desktop\Bez názvu 1.odt
2014-01-29 01:05 - 2014-01-29 01:11 - 103533728 _____ C:\Users\Tom\Downloads\(2011)-The-Path-of-Totality.zip
2014-01-27 04:56 - 2014-01-27 05:58 - 1042536448 _____ C:\Users\Tom\Downloads\Nadany-zak-1998-DVDRip-czdub.avi
2014-01-27 04:05 - 2014-01-27 04:38 - 733159880 _____ C:\Users\Tom\Downloads\Nadany-zak (1).avi
2014-01-27 03:43 - 2014-01-27 03:43 - 347785116 _____ C:\Users\Tom\Downloads\Nadany-zak.avi.1741333.partial
2014-01-27 03:15 - 2014-01-27 03:15 - 00000000 ____D C:\Users\Tom\AppData\Local\Solid State Networks
2014-01-27 03:15 - 2014-01-27 03:15 - 00000000 ____D C:\Program Files (x86)\MeteorEntertainment
2014-01-26 20:04 - 2014-01-26 20:04 - 00260316 _____ C:\Users\Tom\Documents\Untitled3.3dm
2014-01-26 20:00 - 2014-01-26 20:00 - 00269934 _____ C:\Users\Tom\Documents\Untitled2.3dm
2014-01-26 19:33 - 2014-01-26 19:33 - 00283670 _____ C:\Users\Tom\Documents\Untitled.3dm
2014-01-26 19:31 - 2014-01-26 19:31 - 00000000 ____D C:\Users\Tom\AppData\Local\Luxion
2014-01-26 19:30 - 2014-01-30 10:16 - 00000000 ____D C:\Users\Tom\Documents\KeyShot 4
2014-01-26 19:29 - 2014-01-30 10:15 - 00000000 ____D C:\Program Files\KeyShot4
2014-01-26 17:58 - 2014-01-26 17:58 - 00000000 ____D C:\Users\Tom\AppData\Local\3dmouse
2014-01-25 02:02 - 2014-01-25 20:46 - 862865408 _____ C:\Users\Tom\Downloads\Kdo-seje-vĂtr--Kdo-seje-bouĹ™i-Inherit-the-Wind-Kramer-1960.avi
2014-01-24 22:29 - 2014-01-30 01:37 - 00000000 ____D C:\Users\Tom\AppData\Local\CrashDumps
2014-01-24 22:09 - 2014-01-30 00:40 - 00000000 ____D C:\Users\Tom\Desktop\RK_Quarantine
2014-01-23 06:17 - 2014-01-23 06:18 - 938072072 _____ C:\Users\Tom\Downloads\Na_doraz_CZ_dabing.avi.7ce76mg.zip
2014-01-23 04:20 - 2014-01-23 05:49 - 855377920 _____ C:\Users\Tom\Downloads\Braindead---Ĺ˝ivĂ-mrtvĂ-(1992)-cz-dabing-Kubicak.avi.73azvox.partial
2014-01-22 12:56 - 2014-01-22 12:56 - 00010898 _____ C:\Users\Tom\Desktop\text3.odt
2014-01-22 12:53 - 2014-01-22 12:53 - 00011684 _____ C:\Users\Tom\Desktop\text2.odt
2014-01-22 12:48 - 2014-01-22 17:15 - 00010114 _____ C:\Users\Tom\Desktop\text1.odt
2014-01-22 12:12 - 2014-01-22 12:14 - 42250786 _____ C:\Users\Tom\Downloads\Kdo-seje-bouri-Drama-USA-1960.avi.day83j6.partial
2014-01-22 00:26 - 2014-01-22 03:54 - 2189320980 _____ C:\Users\Tom\Downloads\norimbersky-proces-1961-cz-dabing.avi
2014-01-22 00:16 - 2014-01-22 00:16 - 00027751 _____ C:\Users\Tom\Documents\HalLasko ref..odt
2014-01-21 17:50 - 2014-01-21 17:50 - 06092919 _____ C:\Users\Tom\Downloads\Outlook.zip
2014-01-21 17:09 - 2014-01-29 22:08 - 00000000 ____D C:\Users\Tom\Documents\Polanecký
2014-01-21 16:51 - 2014-01-21 17:09 - 155113001 _____ C:\Users\Tom\Downloads\PolaneckĂ˝.zip
2014-01-21 02:44 - 2014-01-21 03:49 - 462882544 _____ C:\Users\Tom\Downloads\Priserky-s.r.o-anim.-92min..avi.fi0xkr6.partial
2014-01-20 22:15 - 2014-01-20 22:56 - 724239534 _____ C:\Users\Tom\Downloads\Architektovo-Břicho-(Drama)-(1987)-cz-dubbing-AVI---Pawlyn.avi.avi
2014-01-20 19:00 - 2014-01-27 05:38 - 00128107 _____ C:\Users\Tom\Desktop\hngsync.log
2014-01-20 16:18 - 2014-01-30 00:41 - 00000000 ____D C:\Program Files (x86)\Heroes & Generals
2014-01-20 03:13 - 2014-01-20 03:25 - 738766126 _____ C:\Users\Tom\Downloads\Univerzita-pro-priserky-cz-dabing..avi.0c0y19b.partial
2014-01-19 22:43 - 2014-01-19 23:06 - 414462553 _____ C:\Users\Tom\Downloads\Pink-Floyd.zip
2014-01-19 20:52 - 2014-01-30 00:41 - 00000000 ____D C:\Program Files\Zune
2014-01-19 20:52 - 2014-01-19 20:52 - 00000000 ____D C:\WINDOWS\PCHEALTH
2014-01-19 20:50 - 2014-01-30 00:41 - 00000000 ____D C:\fa4a311ae3bc09a3edc8fa
2014-01-19 20:48 - 2014-01-19 20:50 - 105664248 _____ (Microsoft Corporation) C:\Users\Tom\Downloads\ZuneSetupPkg.exe
2014-01-19 19:23 - 2014-01-19 19:23 - 01243120 _____ (společnost Microsoft Corporation) C:\Users\Tom\Downloads\wlsetup-web.exe
2014-01-19 01:09 - 2014-01-19 01:25 - 733102080 _____ C:\Users\Tom\Downloads\U-Konce-sveta..cz.avi.736xpl1.partial
2014-01-19 00:14 - 2014-01-19 01:03 - 717841689 _____ C:\Users\Tom\Downloads\Laponská_odysea.zip
2014-01-18 22:11 - 2014-01-18 23:49 - 941774848 _____ C:\Users\Tom\Downloads\Na_doraz_CZ_dabing.avi.7ce76mg.partial
2014-01-18 21:19 - 2014-01-18 22:28 - 1234221341 _____ C:\Users\Tom\Downloads\Podivný-pár-(1968)-CZ.mp4
2014-01-16 23:54 - 2014-01-17 03:32 - 804239968 _____ C:\Users\Tom\Downloads\spravna-dvojka-II-1998_dvdrip_czdub_xvid.avi.qvuze9v.partial
2014-01-16 14:12 - 2014-01-16 14:12 - 00011428 _____ C:\Users\Tom\Documents\Kritika fotografie.odt
2014-01-16 11:20 - 2014-01-16 11:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-16 01:11 - 2014-01-16 02:23 - 691613752 _____ C:\Users\Tom\Downloads\UkradenĂ©-vánoce-Tima-Burtona-CZ-by_ŤavĂ.avi.b349aw1.partial
2014-01-15 04:01 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-15 04:01 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-15 04:01 - 2013-11-27 11:34 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2014-01-15 04:01 - 2013-11-27 10:54 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-15 04:01 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 04:01 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-15 04:01 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 04:01 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-15 04:01 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-15 04:01 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-15 04:00 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-15 03:02 - 2014-01-15 03:07 - 234646941 _____ C:\Users\Tom\Downloads\THE-DOORS---Vsetkych-6-originalnych-albumov.zip
2014-01-15 01:56 - 2014-01-15 02:08 - 572701148 _____ C:\Users\Tom\Downloads\Mrtva-nevesta-Tima-Burtona-cz-dabing.csfd-84-animov.fantasy_xvid.avi
2014-01-13 03:17 - 2014-01-13 03:46 - 1468452864 _____ C:\Users\Tom\Downloads\Jak-vycvicit-draka-2010-CZ.avi
2014-01-12 14:38 - 2014-01-12 14:38 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Firefly Studios
2014-01-12 14:38 - 2014-01-12 14:38 - 00000000 ____D C:\Users\Tom\AppData\Local\Geckofx
2014-01-12 14:37 - 2014-01-12 14:37 - 00000000 ____D C:\Users\Tom\Documents\Stronghold Kingdoms
2014-01-12 14:29 - 2014-01-12 14:29 - 00000000 ____D C:\ProgramData\Firefly Studios
2014-01-12 14:28 - 2014-01-12 14:28 - 00001326 _____ C:\Users\Public\Desktop\Stronghold Kingdoms.lnk
2014-01-12 14:26 - 2014-01-12 14:27 - 20678416 _____ (Firefly Studios ) C:\Users\Tom\Downloads\StrongholdKingdoms-SetupBP.exe
2014-01-12 03:41 - 2014-01-12 03:41 - 08966752 _____ C:\Users\Tom\Downloads\DrakensangOnlineSetup.exe
2014-01-12 03:41 - 2014-01-12 03:41 - 00001976 _____ C:\Users\Tom\Desktop\Drakensang Online.lnk
2014-01-12 03:41 - 2014-01-12 03:41 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2014-01-12 03:41 - 2014-01-12 03:41 - 00000000 ____D C:\Program Files (x86)\Drakensang Online
2014-01-11 01:32 - 2014-01-11 01:32 - 00000000 ____D C:\Users\Tom\AppData\Local\ASUS
2014-01-10 20:52 - 2014-01-10 21:11 - 413317468 _____ C:\Users\Tom\Downloads\Chalupari---03---Operace.avi.1agd7o5.partial
2014-01-09 11:15 - 2014-01-09 11:16 - 00000000 ____D C:\Users\Tom\AppData\Local\Bandizip
2014-01-09 11:15 - 2014-01-09 11:15 - 04321088 _____ C:\Users\Tom\Downloads\bandizip-setup-gl.exe
2014-01-09 10:47 - 2014-01-09 11:13 - 1456336785 _____ C:\Users\Tom\Downloads\Adobe-Flash-Professional-CS6.rar
2014-01-09 10:44 - 2014-01-09 10:44 - 00000107 _____ C:\Users\Tom\Downloads\Adobe-Flash-Professional-CS6-SERIAL.url
2014-01-09 10:30 - 2014-01-09 12:19 - 00000132 _____ C:\Users\Tom\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-01-09 09:26 - 2014-01-09 09:26 - 00003492 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-kalistatomas@live.com
2014-01-09 09:25 - 2014-01-30 09:44 - 00000000 ____D C:\Users\Tom\AppData\Local\Adobe
2014-01-09 01:24 - 2014-01-09 01:36 - 599442814 _____ C:\Users\Tom\Downloads\Chalupari---02---Kapr.avi
2014-01-08 19:14 - 2014-01-08 19:14 - 00050688 _____ (Atribune.org) C:\Users\Tom\Downloads\ATF-Cleaner.exe
2014-01-06 00:45 - 2014-01-18 13:23 - 00000000 ____D C:\Users\Tom\Documents\aničky dokumenty do školičky
2014-01-06 00:00 - 2014-01-08 19:04 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Skype
2014-01-06 00:00 - 2014-01-06 00:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2014-01-06 00:00 - 2014-01-06 00:01 - 00000000 ____D C:\ProgramData\Skype
2014-01-05 23:59 - 2014-01-06 00:00 - 35095200 _____ (Skype Technologies S.A.) C:\Users\Tom\Downloads\SkypeSetupFull.exe
2014-01-05 22:47 - 2014-01-30 00:41 - 00000000 ____D C:\Program Files (x86)\Grinding Gear Games
2014-01-05 22:45 - 2014-01-05 22:45 - 07438336 _____ C:\Users\Tom\Downloads\PathOfExileInstaller.msi
==================== One Month Modified Files and Folders =======
2014-01-30 14:28 - 2014-01-30 14:28 - 00014181 _____ C:\Users\Tom\Desktop\FRST.txt
2014-01-30 14:28 - 2014-01-30 14:27 - 00000000 ____D C:\FRST
2014-01-30 14:26 - 2013-11-29 13:45 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-30 14:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-30 13:55 - 2014-01-30 01:56 - 00178600 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-30 13:49 - 2013-11-20 08:05 - 00003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3167826679-434792771-67642486-1001
2014-01-30 13:45 - 2013-11-21 11:30 - 00000958 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-30 13:44 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-30 13:30 - 2013-11-20 13:24 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-30 13:30 - 2013-09-30 04:56 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2014-01-30 13:30 - 2013-09-30 04:56 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2014-01-30 13:27 - 2014-01-30 13:27 - 00112640 _____ (forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher.exe
2014-01-30 13:26 - 2014-01-30 13:26 - 02079744 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe
2014-01-30 13:23 - 2014-01-30 12:50 - 588151820 _____ C:\Users\Tom\Downloads\keyshot-4.zip
2014-01-30 10:31 - 2013-11-21 18:13 - 00000000 __RDO C:\Users\Tom\SkyDrive
2014-01-30 10:19 - 2014-01-30 10:14 - 00047324 _____ C:\Users\Tom\Documents\pokus1.3dm
2014-01-30 10:19 - 2013-12-06 11:44 - 00000400 _____ C:\WINDOWS\i_lfolqn582.ini
2014-01-30 10:17 - 2014-01-30 10:14 - 00052462 _____ C:\Users\Tom\Documents\pokus1.3dmbak
2014-01-30 10:16 - 2014-01-26 19:30 - 00000000 ____D C:\Users\Tom\Documents\KeyShot 4
2014-01-30 10:15 - 2014-01-30 10:15 - 00000722 _____ C:\Users\Tom\Desktop\KeyShot 4 Resources.lnk
2014-01-30 10:15 - 2014-01-30 10:14 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyShot4 64
2014-01-30 10:15 - 2014-01-26 19:29 - 00000000 ____D C:\Program Files\KeyShot4
2014-01-30 10:14 - 2014-01-30 10:14 - 00000918 _____ C:\Users\Tom\Desktop\KeyShot 4 64.lnk
2014-01-30 09:51 - 2014-01-30 09:42 - 556673232 _____ (Luxion) C:\Users\Tom\Downloads\keyshot_w64_4.3.10.exe
2014-01-30 09:44 - 2014-01-09 09:25 - 00000000 ____D C:\Users\Tom\AppData\Local\Adobe
2014-01-30 09:42 - 2013-11-20 13:29 - 00003950 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5E16602A-FC39-4C28-A113-58DFA3999BFF}
2014-01-30 09:40 - 2014-01-30 09:39 - 00000790 _____ C:\WINDOWS\setupact.log
2014-01-30 09:39 - 2014-01-30 09:39 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-30 02:40 - 2013-11-21 11:30 - 00000954 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-30 02:39 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-30 02:38 - 2014-01-30 02:38 - 00001868 _____ C:\WINDOWS\PFRO.log
2014-01-30 02:38 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2014-01-30 01:38 - 2013-11-25 18:39 - 00000000 ____D C:\Users\Tom\AppData\Roaming\uTorrent
2014-01-30 01:37 - 2014-01-24 22:29 - 00000000 ____D C:\Users\Tom\AppData\Local\CrashDumps
2014-01-30 01:37 - 2013-11-21 17:14 - 00000000 ____D C:\WINDOWS\Minidump
2014-01-30 01:37 - 2013-11-20 13:04 - 00000000 ___DC C:\WINDOWS\Panther
2014-01-30 01:04 - 2014-01-30 01:04 - 00002768 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-01-30 01:04 - 2014-01-30 01:04 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-30 01:04 - 2014-01-30 01:04 - 00000000 ____D C:\Program Files\CCleaner
2014-01-30 01:03 - 2014-01-30 01:02 - 04721920 _____ (Piriform Ltd) C:\Users\Tom\Downloads\ccsetup410.exe
2014-01-30 00:49 - 2013-11-20 13:14 - 00000000 ____D C:\Users\Tom
2014-01-30 00:42 - 2013-11-30 20:16 - 00000000 ____D C:\Users\Tom\AppData\Roaming\vlc
2014-01-30 00:42 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2014-01-30 00:41 - 2014-01-20 16:18 - 00000000 ____D C:\Program Files (x86)\Heroes & Generals
2014-01-30 00:41 - 2014-01-19 20:52 - 00000000 ____D C:\Program Files\Zune
2014-01-30 00:41 - 2014-01-19 20:50 - 00000000 ____D C:\fa4a311ae3bc09a3edc8fa
2014-01-30 00:41 - 2014-01-05 22:47 - 00000000 ____D C:\Program Files (x86)\Grinding Gear Games
2014-01-30 00:41 - 2013-11-20 08:50 - 00000000 ____D C:\ProgramData\P4G
2014-01-30 00:40 - 2014-01-24 22:09 - 00000000 ____D C:\Users\Tom\Desktop\RK_Quarantine
2014-01-30 00:27 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\registration
2014-01-30 00:27 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2014-01-30 00:26 - 2013-11-20 07:59 - 00000000 ____D C:\Users\Tom\AppData\Local\Packages
2014-01-29 22:08 - 2014-01-29 22:08 - 00009542 _____ C:\Users\Tom\Desktop\Bez názvu 1.odt
2014-01-29 22:08 - 2014-01-21 17:09 - 00000000 ____D C:\Users\Tom\Documents\Polanecký
2014-01-29 01:11 - 2014-01-29 01:05 - 103533728 _____ C:\Users\Tom\Downloads\(2011)-The-Path-of-Totality.zip
2014-01-28 13:26 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2014-01-27 05:58 - 2014-01-27 04:56 - 1042536448 _____ C:\Users\Tom\Downloads\Nadany-zak-1998-DVDRip-czdub.avi
2014-01-27 05:38 - 2014-01-20 19:00 - 00128107 _____ C:\Users\Tom\Desktop\hngsync.log
2014-01-27 04:38 - 2014-01-27 04:05 - 733159880 _____ C:\Users\Tom\Downloads\Nadany-zak (1).avi
2014-01-27 03:43 - 2014-01-27 03:43 - 347785116 _____ C:\Users\Tom\Downloads\Nadany-zak.avi.1741333.partial
2014-01-27 03:15 - 2014-01-27 03:15 - 00000000 ____D C:\Users\Tom\AppData\Local\Solid State Networks
2014-01-27 03:15 - 2014-01-27 03:15 - 00000000 ____D C:\Program Files (x86)\MeteorEntertainment
2014-01-26 20:04 - 2014-01-26 20:04 - 00260316 _____ C:\Users\Tom\Documents\Untitled3.3dm
2014-01-26 20:00 - 2014-01-26 20:00 - 00269934 _____ C:\Users\Tom\Documents\Untitled2.3dm
2014-01-26 19:33 - 2014-01-26 19:33 - 00283670 _____ C:\Users\Tom\Documents\Untitled.3dm
2014-01-26 19:31 - 2014-01-26 19:31 - 00000000 ____D C:\Users\Tom\AppData\Local\Luxion
2014-01-26 17:58 - 2014-01-26 17:58 - 00000000 ____D C:\Users\Tom\AppData\Local\3dmouse
2014-01-25 20:46 - 2014-01-25 02:02 - 862865408 _____ C:\Users\Tom\Downloads\Kdo-seje-vĂtr--Kdo-seje-bouĹ™i-Inherit-the-Wind-Kramer-1960.avi
2014-01-23 06:18 - 2014-01-23 06:17 - 938072072 _____ C:\Users\Tom\Downloads\Na_doraz_CZ_dabing.avi.7ce76mg.zip
2014-01-23 05:49 - 2014-01-23 04:20 - 855377920 _____ C:\Users\Tom\Downloads\Braindead---Ĺ˝ivĂ-mrtvĂ-(1992)-cz-dabing-Kubicak.avi.73azvox.partial
2014-01-22 17:15 - 2014-01-22 12:48 - 00010114 _____ C:\Users\Tom\Desktop\text1.odt
2014-01-22 12:56 - 2014-01-22 12:56 - 00010898 _____ C:\Users\Tom\Desktop\text3.odt
2014-01-22 12:53 - 2014-01-22 12:53 - 00011684 _____ C:\Users\Tom\Desktop\text2.odt
2014-01-22 12:14 - 2014-01-22 12:12 - 42250786 _____ C:\Users\Tom\Downloads\Kdo-seje-bouri-Drama-USA-1960.avi.day83j6.partial
2014-01-22 03:54 - 2014-01-22 00:26 - 2189320980 _____ C:\Users\Tom\Downloads\norimbersky-proces-1961-cz-dabing.avi
2014-01-22 00:16 - 2014-01-22 00:16 - 00027751 _____ C:\Users\Tom\Documents\HalLasko ref..odt
2014-01-21 17:50 - 2014-01-21 17:50 - 06092919 _____ C:\Users\Tom\Downloads\Outlook.zip
2014-01-21 17:09 - 2014-01-21 16:51 - 155113001 _____ C:\Users\Tom\Downloads\PolaneckĂ˝.zip
2014-01-21 03:49 - 2014-01-21 02:44 - 462882544 _____ C:\Users\Tom\Downloads\Priserky-s.r.o-anim.-92min..avi.fi0xkr6.partial
2014-01-20 22:56 - 2014-01-20 22:15 - 724239534 _____ C:\Users\Tom\Downloads\Architektovo-Břicho-(Drama)-(1987)-cz-dubbing-AVI---Pawlyn.avi.avi
2014-01-20 11:52 - 2013-12-13 12:46 - 00023213 _____ C:\Users\Tom\Documents\Počítačové metody ref..odt
2014-01-20 03:25 - 2014-01-20 03:13 - 738766126 _____ C:\Users\Tom\Downloads\Univerzita-pro-priserky-cz-dabing..avi.0c0y19b.partial
2014-01-19 23:06 - 2014-01-19 22:43 - 414462553 _____ C:\Users\Tom\Downloads\Pink-Floyd.zip
2014-01-19 20:52 - 2014-01-19 20:52 - 00000000 ____D C:\WINDOWS\PCHEALTH
2014-01-19 20:50 - 2014-01-19 20:48 - 105664248 _____ (Microsoft Corporation) C:\Users\Tom\Downloads\ZuneSetupPkg.exe
2014-01-19 19:26 - 2013-11-29 11:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-19 19:26 - 2013-08-22 15:44 - 05083144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-19 19:23 - 2014-01-19 19:23 - 01243120 _____ (společnost Microsoft Corporation) C:\Users\Tom\Downloads\wlsetup-web.exe
2014-01-19 08:38 - 2013-11-20 11:28 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-01-19 01:25 - 2014-01-19 01:09 - 733102080 _____ C:\Users\Tom\Downloads\U-Konce-sveta..cz.avi.736xpl1.partial
2014-01-19 01:03 - 2014-01-19 00:14 - 717841689 _____ C:\Users\Tom\Downloads\Laponská_odysea.zip
2014-01-18 23:49 - 2014-01-18 22:11 - 941774848 _____ C:\Users\Tom\Downloads\Na_doraz_CZ_dabing.avi.7ce76mg.partial
2014-01-18 22:28 - 2014-01-18 21:19 - 1234221341 _____ C:\Users\Tom\Downloads\Podivný-pár-(1968)-CZ.mp4
2014-01-18 13:23 - 2014-01-06 00:45 - 00000000 ____D C:\Users\Tom\Documents\aničky dokumenty do školičky
2014-01-18 13:13 - 2013-11-20 09:24 - 00000000 ____D C:\Users\Tom\Documents\Flash disk 8gb
2014-01-17 03:32 - 2014-01-16 23:54 - 804239968 _____ C:\Users\Tom\Downloads\spravna-dvojka-II-1998_dvdrip_czdub_xvid.avi.qvuze9v.partial
2014-01-16 15:27 - 2013-11-20 12:45 - 00016149 _____ C:\Users\Tom\Documents\obraz1.odt
2014-01-16 14:12 - 2014-01-16 14:12 - 00011428 _____ C:\Users\Tom\Documents\Kritika fotografie.odt
2014-01-16 11:20 - 2014-01-16 11:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-16 02:23 - 2014-01-16 01:11 - 691613752 _____ C:\Users\Tom\Downloads\UkradenĂ©-vánoce-Tima-Burtona-CZ-by_ŤavĂ.avi.b349aw1.partial
2014-01-15 06:51 - 2013-11-20 11:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-15 06:49 - 2013-11-20 11:22 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-15 03:07 - 2014-01-15 03:02 - 234646941 _____ C:\Users\Tom\Downloads\THE-DOORS---Vsetkych-6-originalnych-albumov.zip
2014-01-15 02:08 - 2014-01-15 01:56 - 572701148 _____ C:\Users\Tom\Downloads\Mrtva-nevesta-Tima-Burtona-cz-dabing.csfd-84-animov.fantasy_xvid.avi
2014-01-15 00:20 - 2013-11-29 11:42 - 00000000 ____D C:\Users\Tom\AppData\Local\Mozilla
2014-01-13 03:46 - 2014-01-13 03:17 - 1468452864 _____ C:\Users\Tom\Downloads\Jak-vycvicit-draka-2010-CZ.avi
2014-01-12 14:38 - 2014-01-12 14:38 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Firefly Studios
2014-01-12 14:38 - 2014-01-12 14:38 - 00000000 ____D C:\Users\Tom\AppData\Local\Geckofx
2014-01-12 14:37 - 2014-01-12 14:37 - 00000000 ____D C:\Users\Tom\Documents\Stronghold Kingdoms
2014-01-12 14:29 - 2014-01-12 14:29 - 00000000 ____D C:\ProgramData\Firefly Studios
2014-01-12 14:28 - 2014-01-12 14:28 - 00001326 _____ C:\Users\Public\Desktop\Stronghold Kingdoms.lnk
2014-01-12 14:27 - 2014-01-12 14:26 - 20678416 _____ (Firefly Studios ) C:\Users\Tom\Downloads\StrongholdKingdoms-SetupBP.exe
2014-01-12 14:27 - 2013-11-21 18:50 - 00000000 ____D C:\Program Files (x86)\Firefly Studios
2014-01-12 03:41 - 2014-01-12 03:41 - 08966752 _____ C:\Users\Tom\Downloads\DrakensangOnlineSetup.exe
2014-01-12 03:41 - 2014-01-12 03:41 - 00001976 _____ C:\Users\Tom\Desktop\Drakensang Online.lnk
2014-01-12 03:41 - 2014-01-12 03:41 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2014-01-12 03:41 - 2014-01-12 03:41 - 00000000 ____D C:\Program Files (x86)\Drakensang Online
2014-01-11 01:32 - 2014-01-11 01:32 - 00000000 ____D C:\Users\Tom\AppData\Local\ASUS
2014-01-10 21:11 - 2014-01-10 20:52 - 413317468 _____ C:\Users\Tom\Downloads\Chalupari---03---Operace.avi.1agd7o5.partial
2014-01-09 12:19 - 2014-01-09 10:30 - 00000132 _____ C:\Users\Tom\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-01-09 11:30 - 2013-11-20 08:00 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Adobe
2014-01-09 11:16 - 2014-01-09 11:15 - 00000000 ____D C:\Users\Tom\AppData\Local\Bandizip
2014-01-09 11:16 - 2013-11-30 10:58 - 00000000 ____D C:\Users\Tom\Downloads\Adobe Photoshop CS6 13.0 Final CZ
2014-01-09 11:15 - 2014-01-09 11:15 - 04321088 _____ C:\Users\Tom\Downloads\bandizip-setup-gl.exe
2014-01-09 11:13 - 2014-01-09 10:47 - 1456336785 _____ C:\Users\Tom\Downloads\Adobe-Flash-Professional-CS6.rar
2014-01-09 10:44 - 2014-01-09 10:44 - 00000107 _____ C:\Users\Tom\Downloads\Adobe-Flash-Professional-CS6-SERIAL.url
2014-01-09 10:23 - 2013-11-20 18:01 - 00000000 ____D C:\Program Files\Common Files\Adobe
2014-01-09 10:23 - 2013-11-20 18:01 - 00000000 ____D C:\Program Files\Adobe
2014-01-09 10:21 - 2013-11-20 18:00 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-09 10:16 - 2013-11-20 17:58 - 00000000 ____D C:\ProgramData\Adobe
2014-01-09 09:26 - 2014-01-09 09:26 - 00003492 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-kalistatomas@live.com
2014-01-09 01:36 - 2014-01-09 01:24 - 599442814 _____ C:\Users\Tom\Downloads\Chalupari---02---Kapr.avi
2014-01-08 19:14 - 2014-01-08 19:14 - 00050688 _____ (Atribune.org) C:\Users\Tom\Downloads\ATF-Cleaner.exe
2014-01-08 19:04 - 2014-01-06 00:00 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Skype
2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-06 00:01 - 2014-01-06 00:00 - 00000000 ___RD C:\Program Files (x86)\Skype
2014-01-06 00:01 - 2014-01-06 00:00 - 00000000 ____D C:\ProgramData\Skype
2014-01-06 00:00 - 2014-01-05 23:59 - 35095200 _____ (Skype Technologies S.A.) C:\Users\Tom\Downloads\SkypeSetupFull.exe
2014-01-05 22:47 - 2013-12-03 09:25 - 00000000 ____D C:\Users\Tom\Documents\My Games
2014-01-05 22:45 - 2014-01-05 22:45 - 07438336 _____ C:\Users\Tom\Downloads\PathOfExileInstaller.msi
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Users\Tom\Local Settings:BPcZC3OhFMZqaM6pRaBUiB0g0ZW8
AlternateDataStreams: C:\Users\Tom\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Tom\SkyDrive.old:ms-properties
AlternateDataStreams: C:\Users\Tom\AppData\Local:BPcZC3OhFMZqaM6pRaBUiB0g0ZW8
AlternateDataStreams: C:\Users\Tom\AppData\Local\Data aplikací:BPcZC3OhFMZqaM6pRaBUiB0g0ZW8
AlternateDataStreams: C:\Users\Tom\AppData\Local\Temp:Ab6uao8Pnt7hn4jes3FJUG07D
AlternateDataStreams: C:\Users\Tom\AppData\Local\Temporary Internet Files:2Ht0a64ZpEW1J6jt6I
==================== Security Center ==================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Tom\Desktop" je 30140 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.zip
- (5.36 KiB) Staženo 174 x
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Hostitel služby vytěžuje disk
Otvor Notepad (Poznámkový blok) a zkopíruj do nehocelý tex:
Potom klik na Subor -> Uložiť ako.. .-> Ako je Názov souboru tak do toho riadku napiš:fixlist.txt
Typ súboru tak tam vyberies *]všetky súbory
A ulož ho na plochu, , tam kde mas FRST.exe
spustis FRST, ale teraz kliknes na gombik,
Fix.
Na plochu teraz sa ti ulozi log, Fixlog.txt
Obsah Fixlog.txt vloz sem.
Ja dnes uz koncim, takze po FIXLIST.>>FIXLOG
Sprav este kontrolu Anti-rootkit programom.
ak bude nalez tak CleanUp
Navod, log vloz sem,
CleanUp
http://www.viruskasino.com/2010/12/prog ... lwarebytes Anti-Rootkit
Kód: Vybrat vše
Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Policies\Explorer: []
AlternateDataStreams: C:\Users\Tom\Local Settings:BPcZC3OhFMZqaM6pRaBUiB0g0ZW8
AlternateDataStreams: C:\Users\Tom\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Tom\SkyDrive.old:ms-properties
AlternateDataStreams: C:\Users\Tom\AppData\Local:BPcZC3OhFMZqaM6pRaBUiB0g0ZW8
AlternateDataStreams: C:\Users\Tom\AppData\Local\Data aplikací:BPcZC3OhFMZqaM6pRaBUiB0g0ZW8
AlternateDataStreams: C:\Users\Tom\AppData\Local\Temp:Ab6uao8Pnt7hn4jes3FJUG07D
AlternateDataStreams: C:\Users\Tom\AppData\Local\Temporary Internet Files:2Ht0a64ZpEW1J6jt6I
Hosts:
EndTyp súboru tak tam vyberies *]všetky súbory
A ulož ho na plochu, , tam kde mas FRST.exe
spustis FRST, ale teraz kliknes na gombik,
Fix.
Na plochu teraz sa ti ulozi log, Fixlog.txt
Obsah Fixlog.txt vloz sem.
Ja dnes uz koncim, takze po FIXLIST.>>FIXLOG
Sprav este kontrolu Anti-rootkit programom.
ak bude nalez tak CleanUp
Navod, log vloz sem,
CleanUp
http://www.viruskasino.com/2010/12/prog ... lwarebytes Anti-Rootkit
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: Hostitel služby vytěžuje disk
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-01-2014 01
Ran by Tom at 2014-01-31 21:29:55 Run:1
Running from C:\Users\Tom\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Policies\Explorer: []
AlternateDataStreams: C:\Users\Tom\Local Settings:BPcZC3OhFMZqaM6pRaBUiB0g0ZW8
AlternateDataStreams: C:\Users\Tom\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Tom\SkyDrive.old:ms-properties
AlternateDataStreams: C:\Users\Tom\AppData\Local:BPcZC3OhFMZqaM6pRaBUiB0g0ZW8
AlternateDataStreams: C:\Users\Tom\AppData\Local\Data aplikací:BPcZC3OhFMZqaM6pRaBUiB0g0ZW8
AlternateDataStreams: C:\Users\Tom\AppData\Local\Temp:Ab6uao8Pnt7hn4jes3FJUG07D
AlternateDataStreams: C:\Users\Tom\AppData\Local\Temporary Internet Files:2Ht0a64ZpEW1J6jt6I
Hosts:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => Value deleted successfully.
"C:\Users\Tom\Local Settings" => ":BPcZC3OhFMZqaM6pRaBUiB0g0ZW8" ADS not found.
"C:\Users\Tom\SkyDrive" => ":ms-properties" ADS not found.
"C:\Users\Tom\SkyDrive.old" => ":ms-properties" ADS not found.
C:\Users\Tom\AppData\Local => ":BPcZC3OhFMZqaM6pRaBUiB0g0ZW8" ADS removed successfully.
"C:\Users\Tom\AppData\Local\Data aplikací" => ":BPcZC3OhFMZqaM6pRaBUiB0g0ZW8" ADS not found.
C:\Users\Tom\AppData\Local\Temp => ":Ab6uao8Pnt7hn4jes3FJUG07D" ADS removed successfully.
"C:\Users\Tom\AppData\Local\Temporary Internet Files" => ":2Ht0a64ZpEW1J6jt6I" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
==== End of Fixlog ====
Ran by Tom at 2014-01-31 21:29:55 Run:1
Running from C:\Users\Tom\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Policies\Explorer: []
AlternateDataStreams: C:\Users\Tom\Local Settings:BPcZC3OhFMZqaM6pRaBUiB0g0ZW8
AlternateDataStreams: C:\Users\Tom\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Tom\SkyDrive.old:ms-properties
AlternateDataStreams: C:\Users\Tom\AppData\Local:BPcZC3OhFMZqaM6pRaBUiB0g0ZW8
AlternateDataStreams: C:\Users\Tom\AppData\Local\Data aplikací:BPcZC3OhFMZqaM6pRaBUiB0g0ZW8
AlternateDataStreams: C:\Users\Tom\AppData\Local\Temp:Ab6uao8Pnt7hn4jes3FJUG07D
AlternateDataStreams: C:\Users\Tom\AppData\Local\Temporary Internet Files:2Ht0a64ZpEW1J6jt6I
Hosts:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => Value deleted successfully.
"C:\Users\Tom\Local Settings" => ":BPcZC3OhFMZqaM6pRaBUiB0g0ZW8" ADS not found.
"C:\Users\Tom\SkyDrive" => ":ms-properties" ADS not found.
"C:\Users\Tom\SkyDrive.old" => ":ms-properties" ADS not found.
C:\Users\Tom\AppData\Local => ":BPcZC3OhFMZqaM6pRaBUiB0g0ZW8" ADS removed successfully.
"C:\Users\Tom\AppData\Local\Data aplikací" => ":BPcZC3OhFMZqaM6pRaBUiB0g0ZW8" ADS not found.
C:\Users\Tom\AppData\Local\Temp => ":Ab6uao8Pnt7hn4jes3FJUG07D" ADS removed successfully.
"C:\Users\Tom\AppData\Local\Temporary Internet Files" => ":2Ht0a64ZpEW1J6jt6I" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
==== End of Fixlog ====
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Hostitel služby vytěžuje disk
ok, Sprav este kontrolu Anti-rootkit programom, tak ako som napisal, a odskusaj pc,ci problem pretrvava.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: Hostitel služby vytěžuje disk
Zkusil jsme to projet jak programem malvarebytes anti-rootkit tak programem tdsskiller. Nalezena byla jen jedna věc a to v průběhu spouštění Malvarebytes, tedy ještě než jsme zapnul samotný scan. A pak už nebylo nalezeno nic. Ale problém je vyřešen. Disk není vytížen a procesy, které dřív dohromady dokázali disk zcela zasekat nyní berou průměrně jen 0.1mb.
Děkuji za pomoc.
Děkuji za pomoc.
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Hostitel služby vytěžuje disk
Ok, ak problem zmizol, tak to ukoncime.
Nemas zaco.
Nemas zaco.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Přispějete na provoz fóra?