Zdravím. Už delší dobou se mi naskytuje problém se stránkou gameharbor.org která se mi automaticky při nalogování do systému spustí přes CMD.
Nevím z jakého zdroje se tento malware dostal a nevím ani jak ho odebrat. Proto píši zde.
Výpis z FRST je zde: http://hastebin.com/afoxamotal.tex
a druhý výpis addition je zde: http://hastebin.com/pajufoduyo.tex
Už vážně to chci odebrat jelikož mě to dost vytáčí a kdykoli se přes to můžou nahrnout další potvůrky.
Děkuji.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Naskakování nevyžadané stránky přes CMD
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Naskakování nevyžadané stránky přes CMD
Zdravim 
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Naskakování nevyžadané stránky přes CMD
Davejte logy primo do tematu Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Naskakování nevyžadané stránky přes CMD
Nějak mi ten program nejde otevřít.. když to spustím jako adm. tak se vůbec nic neotevře
Re: Naskakování nevyžadané stránky přes CMD
Poprosim tedy o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Naskakování nevyžadané stránky přes CMD
Omlouvám se že to tu dávám tak pozdě ale dřív jsem nemohl.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-06-2014
Ran by JerryCZZ (administrator) on JERRYCZZ1 on 15-06-2014 21:55:55
Running from C:\Users\JerryCZZ\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Electronic Arts) D:\Programy\Origin\Origin.exe
(matt.malensek.net) D:\Programy\3RVX\3RVX.exe
(Overwolf LTD) D:\Programy\Overwolf\Overwolf.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\JerryCZZ\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.53.394.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.53.394.0\OverwolfHelper64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\JerryCZZ\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4031152 2013-11-26] (Stardock Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5617432 2013-08-19] (ESET)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-3147574288-179147957-1026596567-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3147574288-179147957-1026596567-1000\...\Run: [EADM] => D:\Programy\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-3147574288-179147957-1026596567-1000\...\Run: [3RVX] => D:\Programy\3RVX\3RVX.exe [159232 2008-10-14] (matt.malensek.net)
HKU\S-1-5-21-3147574288-179147957-1026596567-1000\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
HKU\S-1-5-21-3147574288-179147957-1026596567-1000\...\Run: [Overwolf] => D:\Programy\Overwolf\Overwolf.exe [39200 2014-05-28] (Overwolf LTD)
Startup: C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\JerryCZZ\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
SSODL-x32: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - D:\Programy\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
==================== Internet (Whitelisted) ====================
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\JerryCZZ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-04-29]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-04-29]
Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/?clid=12
CHR Extension: (Dark Stash [FVD]) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjhacjfeinnldnjgchiadamlnacohkh [2014-03-22]
CHR Extension: (Dokumenty Google) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-21]
CHR Extension: (Disk Google) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-21]
CHR Extension: (YouTube) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-21]
CHR Extension: (Vyhledávání Google) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-21]
CHR Extension: (Stylish) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-03-21]
CHR Extension: (AdBlock) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-21]
CHR Extension: (Don't Starve) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc [2014-03-21]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-03-24]
CHR Extension: (New Tab Page for FVD Speed Dial) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgeoanibcknhniccgaoaiolihidecjn [2014-03-21]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2014-03-21]
CHR Extension: (Peněženka Google) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-21]
CHR Extension: (Gmail) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-21]
CHR HKCU\...\Chrome\Extension: [lpgjmggepafkhenaeknpnjiceakbedpi] - C:\Users\JerryCZZ\AppData\Local\CRE\lpgjmggepafkhenaeknpnjiceakbedpi.crx [2014-03-21]
CHR HKLM-x32\...\Chrome\Extension: [lpgjmggepafkhenaeknpnjiceakbedpi] - C:\Users\JerryCZZ\AppData\Local\CRE\lpgjmggepafkhenaeknpnjiceakbedpi.crx [2014-03-21]
==================== Services (Whitelisted) =================
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337240 2013-08-19] (ESET)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
S3 OverwolfUpdater; D:\Programy\Overwolf\OverwolfUpdater.exe [1864480 2014-05-28] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-03-26] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-03-25] ()
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-06-05] (Microsoft Corporation) [File not signed]
S3 TunngleService; D:\Programy\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
==================== Drivers (Whitelisted) ====================
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-08-20] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-08-26] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-08-20] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-08-20] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-08-20] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-08-20] (ESET)
S3 NTIOLib_1_0_4; D:\Programy\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-15 21:55 - 2014-06-15 21:56 - 00013048 _____ () C:\Users\JerryCZZ\Desktop\FRST.txt
2014-06-15 21:53 - 2014-06-15 21:53 - 02081280 _____ (Farbar) C:\Users\JerryCZZ\Desktop\FRST64.exe
2014-06-15 21:53 - 2014-06-15 21:53 - 00112640 _____ (forum.viry.cz) C:\Users\JerryCZZ\Desktop\FRSTLauncher.exe
2014-06-15 16:09 - 2014-06-15 16:09 - 00000000 ____D () C:\Users\JerryCZZ\Desktop\Nová složka
2014-06-13 19:54 - 2014-06-13 19:54 - 00000000 ____D () C:\zoek_backup
2014-06-13 10:41 - 2014-06-13 10:41 - 00000000 ____D () C:\Windows\ERUNT
2014-06-13 01:18 - 2014-06-15 21:55 - 00000000 ____D () C:\FRST
2014-06-13 01:05 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-13 01:04 - 2014-06-13 01:06 - 00000000 ____D () C:\AdwCleaner
2014-06-12 20:37 - 2014-06-12 20:37 - 00000000 ____D () C:\Users\JerryCZZ\Documents\JERRYCZZ1
2014-06-12 20:33 - 2014-06-12 20:33 - 00000790 _____ () C:\Users\Public\Desktop\Enemy Front.lnk
2014-06-12 20:33 - 2014-06-12 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enemy Front
2014-06-12 18:23 - 2014-06-12 18:23 - 00001304 _____ () C:\Users\JerryCZZ\Desktop\Borderlands 2.lnk
2014-06-12 18:21 - 2014-06-12 18:21 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Borderlands.2.Incl.All.24.DLC.[1.7].W.B.Repack
2014-06-11 21:22 - 2014-06-11 21:22 - 00000211 _____ () C:\Users\JerryCZZ\Desktop\Pid.url
2014-06-07 00:19 - 2014-06-07 00:25 - 00000442 _____ () C:\Users\JerryCZZ\Desktop\Nový textový dokument.txt
2014-06-05 17:34 - 2014-06-05 17:34 - 00000211 _____ () C:\Users\JerryCZZ\Desktop\Anomaly 2.url
2014-06-05 16:27 - 2014-06-05 16:27 - 00000000 __HDC () C:\ProgramData\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643}
2014-06-05 16:27 - 2014-06-05 16:27 - 00000000 ____D () C:\Users\Public\Documents\Stardock
2014-06-05 16:10 - 2010-11-21 05:23 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll.backup
2014-06-05 16:10 - 2009-07-14 03:41 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll.backup
2014-06-05 16:10 - 2009-07-14 03:41 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll.backup
2014-06-05 15:38 - 2014-06-05 15:38 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Theme Resource Changer X64 v1.0
2014-06-05 15:38 - 2014-06-05 15:38 - 00000000 ____D () C:\Program Files\Theme Resource Changer
2014-06-05 15:35 - 2011-06-23 14:26 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-06-05 15:25 - 2014-06-07 14:07 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\Adobe
2014-06-05 15:24 - 2014-06-05 15:47 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-05 15:24 - 2014-06-05 15:24 - 00002028 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-05 15:23 - 2014-06-05 15:23 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-05 15:19 - 2014-06-05 15:19 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\Korbin_Bickel
2014-06-05 15:14 - 2014-06-05 15:14 - 00000000 ____D () C:\Windows\W7SBC
2014-06-05 15:14 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer_edit_w7sbc.exe
2014-06-05 15:14 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer_backup_w7sbc.exe
2014-06-05 15:14 - 2011-02-25 08:19 - 02388992 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-06-05 15:13 - 2014-06-05 15:13 - 00000748 _____ () C:\Users\Public\Desktop\Theme Manager.lnk
2014-06-05 15:13 - 2014-06-05 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theme Manager
2014-06-05 14:57 - 2014-06-05 14:57 - 00000211 _____ () C:\Users\JerryCZZ\Desktop\Afterfall InSanity Extended Edition.url
2014-06-04 20:08 - 2014-06-04 20:08 - 00000210 _____ () C:\Users\JerryCZZ\Desktop\Sniper Elite V2.url
2014-06-04 13:35 - 2014-06-04 13:35 - 00003684 _____ () C:\Windows\System32\Tasks\Overwolf Updater Task
2014-06-04 13:35 - 2014-06-04 13:35 - 00000802 _____ () C:\Users\Public\Desktop\Overwolf.lnk
2014-06-04 13:35 - 2014-06-04 13:35 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-06-04 13:34 - 2014-06-04 13:35 - 00000000 ____D () C:\ProgramData\Overwolf
2014-06-04 13:33 - 2014-06-15 21:52 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\Overwolf
2014-06-03 22:46 - 2014-06-03 22:46 - 00000000 ____D () C:\ProgramData\Orbit
2014-05-31 22:31 - 2014-05-31 22:31 - 00000804 _____ () C:\Users\JerryCZZ\Desktop\AIDA64 Extreme.lnk
2014-05-31 22:31 - 2014-05-31 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2014-05-31 22:29 - 2014-06-06 21:11 - 00007606 _____ () C:\Users\JerryCZZ\AppData\Local\Resmon.ResmonCfg
2014-05-31 17:34 - 2014-05-31 18:49 - 1007707327 _____ () C:\Users\JerryCZZ\Documents\Separ.wmv
2014-05-29 22:20 - 2014-06-15 15:57 - 00000000 ____D () C:\Users\JerryCZZ\Documents\FIFA World
2014-05-27 00:27 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-27 00:22 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-27 00:22 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-27 00:15 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-27 00:15 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-27 00:09 - 2014-06-12 22:48 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\ftblauncher
2014-05-25 22:17 - 2014-05-25 22:17 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\StunlockStudios
2014-05-25 21:47 - 2014-06-03 22:46 - 00000721 _____ () C:\Users\Public\Desktop\Watch_Dogs.lnk
2014-05-25 21:47 - 2014-05-25 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2014-05-25 19:03 - 2014-05-25 19:03 - 00000211 _____ () C:\Users\JerryCZZ\Desktop\Dead Island Epidemic.url
2014-05-23 00:36 - 2014-05-23 00:36 - 00000210 _____ () C:\Users\JerryCZZ\Desktop\Anomaly Warzone Earth.url
2014-05-22 10:36 - 2014-05-22 10:36 - 00000000 __SHD () C:\Users\JerryCZZ\AppData\Local\EmieUserList
2014-05-22 10:36 - 2014-05-22 10:36 - 00000000 __SHD () C:\Users\JerryCZZ\AppData\Local\EmieSiteList
2014-05-22 10:33 - 2014-05-22 10:33 - 00000646 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk
2014-05-22 10:33 - 2014-05-22 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
2014-05-21 09:37 - 2014-05-21 09:37 - 00000828 _____ () C:\Users\Public\Desktop\Wolfenstein The New Order.lnk
2014-05-21 09:37 - 2014-05-21 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein The New Order
2014-05-17 11:37 - 2014-06-12 18:24 - 00000132 _____ () C:\Users\JerryCZZ\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
==================== One Month Modified Files and Folders =======
2014-06-15 21:56 - 2014-06-15 21:55 - 00013048 _____ () C:\Users\JerryCZZ\Desktop\FRST.txt
2014-06-15 21:56 - 2014-03-21 23:52 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\Temp
2014-06-15 21:55 - 2014-06-13 01:18 - 00000000 ____D () C:\FRST
2014-06-15 21:53 - 2014-06-15 21:53 - 02081280 _____ (Farbar) C:\Users\JerryCZZ\Desktop\FRST64.exe
2014-06-15 21:53 - 2014-06-15 21:53 - 00112640 _____ (forum.viry.cz) C:\Users\JerryCZZ\Desktop\FRSTLauncher.exe
2014-06-15 21:53 - 2014-03-22 11:25 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Skype
2014-06-15 21:52 - 2014-06-04 13:33 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\Overwolf
2014-06-15 21:52 - 2014-03-24 21:25 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Dropbox
2014-06-15 21:52 - 2014-03-22 11:26 - 00000000 ____D () C:\ProgramData\Origin
2014-06-15 21:51 - 2014-03-24 21:31 - 00000000 ___RD () C:\Users\JerryCZZ\Dropbox
2014-06-15 21:51 - 2014-03-24 21:29 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\DropboxMaster
2014-06-15 21:50 - 2014-03-21 23:55 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-15 21:50 - 2014-03-21 23:47 - 01373156 _____ () C:\Windows\WindowsUpdate.log
2014-06-15 21:48 - 2014-03-22 00:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-15 21:48 - 2014-03-21 23:55 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-15 21:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-15 21:48 - 2009-07-14 06:51 - 01131272 _____ () C:\Windows\setupact.log
2014-06-15 16:09 - 2014-06-15 16:09 - 00000000 ____D () C:\Users\JerryCZZ\Desktop\Nová složka
2014-06-15 16:09 - 2011-04-12 10:34 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-06-15 16:09 - 2011-04-12 10:34 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-06-15 16:09 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-15 15:57 - 2014-05-29 22:20 - 00000000 ____D () C:\Users\JerryCZZ\Documents\FIFA World
2014-06-14 20:14 - 2014-03-21 23:56 - 00002192 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-13 19:54 - 2014-06-13 19:54 - 00000000 ____D () C:\zoek_backup
2014-06-13 10:41 - 2014-06-13 10:41 - 00000000 ____D () C:\Windows\ERUNT
2014-06-13 01:07 - 2010-11-21 05:47 - 00027172 _____ () C:\Windows\PFRO.log
2014-06-13 01:06 - 2014-06-13 01:04 - 00000000 ____D () C:\AdwCleaner
2014-06-13 01:06 - 2009-07-14 06:45 - 00026000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-13 01:06 - 2009-07-14 06:45 - 00026000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-13 01:04 - 2014-03-23 12:18 - 00194073 _____ () C:\Windows\DirectX.log
2014-06-13 00:56 - 2009-07-14 06:45 - 00287048 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-12 22:48 - 2014-05-27 00:09 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\ftblauncher
2014-06-12 20:37 - 2014-06-12 20:37 - 00000000 ____D () C:\Users\JerryCZZ\Documents\JERRYCZZ1
2014-06-12 20:34 - 2014-03-25 00:37 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-12 20:34 - 2014-03-23 12:19 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-12 20:33 - 2014-06-12 20:33 - 00000790 _____ () C:\Users\Public\Desktop\Enemy Front.lnk
2014-06-12 20:33 - 2014-06-12 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enemy Front
2014-06-12 20:20 - 2014-03-22 11:19 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\uTorrent
2014-06-12 18:48 - 2014-03-27 22:46 - 00000000 ____D () C:\Users\JerryCZZ\Documents\My Games
2014-06-12 18:48 - 2014-03-27 22:46 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\SKIDROW
2014-06-12 18:24 - 2014-05-17 11:37 - 00000132 _____ () C:\Users\JerryCZZ\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-06-12 18:23 - 2014-06-12 18:23 - 00001304 _____ () C:\Users\JerryCZZ\Desktop\Borderlands 2.lnk
2014-06-12 18:21 - 2014-06-12 18:21 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Borderlands.2.Incl.All.24.DLC.[1.7].W.B.Repack
2014-06-12 18:15 - 2014-03-21 23:55 - 00062048 _____ () C:\Users\JerryCZZ\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-11 21:22 - 2014-06-11 21:22 - 00000211 _____ () C:\Users\JerryCZZ\Desktop\Pid.url
2014-06-11 15:01 - 2014-03-23 12:20 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-09 12:09 - 2014-03-23 12:20 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-08 18:06 - 2014-03-27 00:21 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-06-07 14:07 - 2014-06-05 15:25 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\Adobe
2014-06-07 12:19 - 2014-03-23 12:21 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-07 00:25 - 2014-06-07 00:19 - 00000442 _____ () C:\Users\JerryCZZ\Desktop\Nový textový dokument.txt
2014-06-06 22:07 - 2014-03-27 00:21 - 00000000 ____D () C:\Users\JerryCZZ\Documents\Battlefield 3
2014-06-06 21:11 - 2014-05-31 22:29 - 00007606 _____ () C:\Users\JerryCZZ\AppData\Local\Resmon.ResmonCfg
2014-06-05 17:34 - 2014-06-05 17:34 - 00000211 _____ () C:\Users\JerryCZZ\Desktop\Anomaly 2.url
2014-06-05 16:48 - 2014-03-22 11:58 - 00000000 ___RD () C:\Users\JerryCZZ\Desktop\Hudba
2014-06-05 16:46 - 2009-07-14 01:57 - 20266496 _____ (Microsoft Corporation) C:\Windows\system32\imageres.dll
2014-06-05 16:30 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-05 16:27 - 2014-06-05 16:27 - 00000000 __HDC () C:\ProgramData\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643}
2014-06-05 16:27 - 2014-06-05 16:27 - 00000000 ____D () C:\Users\Public\Documents\Stardock
2014-06-05 16:27 - 2014-04-21 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-06-05 16:10 - 2010-11-21 05:23 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-06-05 16:10 - 2009-07-14 01:55 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-06-05 16:10 - 2009-07-14 01:54 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll
2014-06-05 15:47 - 2014-06-05 15:24 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-05 15:38 - 2014-06-05 15:38 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Theme Resource Changer X64 v1.0
2014-06-05 15:38 - 2014-06-05 15:38 - 00000000 ____D () C:\Program Files\Theme Resource Changer
2014-06-05 15:26 - 2014-04-18 17:52 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-05 15:25 - 2014-03-24 12:21 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Adobe
2014-06-05 15:24 - 2014-06-05 15:24 - 00002028 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-05 15:23 - 2014-06-05 15:23 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-05 15:19 - 2014-06-05 15:19 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\Korbin_Bickel
2014-06-05 15:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-06-05 15:14 - 2014-06-05 15:14 - 00000000 ____D () C:\Windows\W7SBC
2014-06-05 15:13 - 2014-06-05 15:13 - 00000748 _____ () C:\Users\Public\Desktop\Theme Manager.lnk
2014-06-05 15:13 - 2014-06-05 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theme Manager
2014-06-05 14:57 - 2014-06-05 14:57 - 00000211 _____ () C:\Users\JerryCZZ\Desktop\Afterfall InSanity Extended Edition.url
2014-06-04 20:08 - 2014-06-04 20:08 - 00000210 _____ () C:\Users\JerryCZZ\Desktop\Sniper Elite V2.url
2014-06-04 13:35 - 2014-06-04 13:35 - 00003684 _____ () C:\Windows\System32\Tasks\Overwolf Updater Task
2014-06-04 13:35 - 2014-06-04 13:35 - 00000802 _____ () C:\Users\Public\Desktop\Overwolf.lnk
2014-06-04 13:35 - 2014-06-04 13:35 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-06-04 13:35 - 2014-06-04 13:34 - 00000000 ____D () C:\ProgramData\Overwolf
2014-06-03 22:46 - 2014-06-03 22:46 - 00000000 ____D () C:\ProgramData\Orbit
2014-06-03 22:46 - 2014-05-25 21:47 - 00000721 _____ () C:\Users\Public\Desktop\Watch_Dogs.lnk
2014-06-03 08:43 - 2014-03-24 10:56 - 00027918 _____ () C:\Windows\system32\lvcoinst.log
2014-05-31 22:31 - 2014-05-31 22:31 - 00000804 _____ () C:\Users\JerryCZZ\Desktop\AIDA64 Extreme.lnk
2014-05-31 22:31 - 2014-05-31 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2014-05-31 18:49 - 2014-05-31 17:34 - 1007707327 _____ () C:\Users\JerryCZZ\Documents\Separ.wmv
2014-05-28 11:18 - 2014-04-16 17:15 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\CRE
2014-05-27 00:27 - 2014-03-22 00:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-27 00:09 - 2014-04-04 15:27 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\ftblauncher
2014-05-25 22:17 - 2014-05-25 22:17 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\StunlockStudios
2014-05-25 21:47 - 2014-05-25 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2014-05-25 19:03 - 2014-05-25 19:03 - 00000211 _____ () C:\Users\JerryCZZ\Desktop\Dead Island Epidemic.url
2014-05-25 18:49 - 2014-03-21 23:52 - 00000000 ___RD () C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-25 18:48 - 2014-03-24 21:31 - 00000997 _____ () C:\Users\JerryCZZ\Desktop\Dropbox.lnk
2014-05-25 18:48 - 2014-03-24 21:29 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-23 09:16 - 2014-04-22 15:37 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-23 09:16 - 2014-04-22 15:37 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-23 00:36 - 2014-05-23 00:36 - 00000210 _____ () C:\Users\JerryCZZ\Desktop\Anomaly Warzone Earth.url
2014-05-22 10:36 - 2014-05-22 10:36 - 00000000 __SHD () C:\Users\JerryCZZ\AppData\Local\EmieUserList
2014-05-22 10:36 - 2014-05-22 10:36 - 00000000 __SHD () C:\Users\JerryCZZ\AppData\Local\EmieSiteList
2014-05-22 10:33 - 2014-05-22 10:33 - 00000646 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk
2014-05-22 10:33 - 2014-05-22 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
2014-05-22 10:33 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-21 09:37 - 2014-05-21 09:37 - 00000828 _____ () C:\Users\Public\Desktop\Wolfenstein The New Order.lnk
2014-05-21 09:37 - 2014-05-21 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein The New Order
2014-05-20 14:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-20 13:28 - 2014-03-27 00:03 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\FlvtoConverter
2014-05-20 04:44 - 2014-05-27 00:22 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:44 - 2014-05-27 00:22 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-20 04:44 - 2014-03-22 00:15 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-05-20 04:44 - 2014-03-22 00:15 - 00052056 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-05-20 04:44 - 2014-03-22 00:02 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44 - 2014-03-22 00:02 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-20 04:44 - 2014-03-22 00:02 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-20 04:44 - 2014-03-22 00:02 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-20 04:44 - 2014-03-22 00:02 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-20 04:44 - 2014-03-22 00:02 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-05-20 04:44 - 2014-03-22 00:02 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 03:25 - 2014-03-22 00:15 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 03:25 - 2014-03-22 00:15 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25 - 2014-03-22 00:15 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25 - 2014-03-22 00:15 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25 - 2014-03-22 00:15 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-20 03:25 - 2014-03-22 00:15 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-20 01:10 - 2014-05-27 00:27 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
Some content of TEMP:
====================
C:\Users\JerryCZZ\AppData\Local\Temp\7za.exe
C:\Users\JerryCZZ\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoyosam.dll
C:\Users\JerryCZZ\AppData\Local\Temp\hijackthis.exe
C:\Users\JerryCZZ\AppData\Local\Temp\InstHelper.exe
C:\Users\JerryCZZ\AppData\Local\Temp\jansi-64-git-MCPC-Plus-jenkins-MCPC-Plus-164-259.dll
C:\Users\JerryCZZ\AppData\Local\Temp\NirCmd.exe
C:\Users\JerryCZZ\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\JerryCZZ\AppData\Local\Temp\nvStInst.exe
C:\Users\JerryCZZ\AppData\Local\Temp\PEVZ.EXE
C:\Users\JerryCZZ\AppData\Local\Temp\PIPInstaller_PTV_.exe
C:\Users\JerryCZZ\AppData\Local\Temp\Quarantine.exe
C:\Users\JerryCZZ\AppData\Local\Temp\remove.exe
C:\Users\JerryCZZ\AppData\Local\Temp\sed.exe
C:\Users\JerryCZZ\AppData\Local\Temp\shortcut.exe
C:\Users\JerryCZZ\AppData\Local\Temp\sonarinst.exe
C:\Users\JerryCZZ\AppData\Local\Temp\SRLDetectionLibrary1845222757925490913.dll
C:\Users\JerryCZZ\AppData\Local\Temp\swreg.exe
C:\Users\JerryCZZ\AppData\Local\Temp\swxcacls.exe
C:\Users\JerryCZZ\AppData\Local\Temp\wget.exe
C:\Users\JerryCZZ\AppData\Local\Temp\zoek-delete.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2014-06-05 15:14] - [2011-02-25 08:19] - 2388992 ____A (Microsoft Corporation) A3744361E5999CBF6DF3DE6AEB2DF63B
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-08 20:06
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Windows 7) (Fixed) (Total:197.66 GB) (Free:119.86 GB) NTFS
Drive d: (Ostatní) (Fixed) (Total:1518.87 GB) (Free:1107.64 GB) NTFS
Drive e: () (Fixed) (Total:146.49 GB) (Free:146.39 GB) NTFS
Drive f: (ehm.. blbosti) (Fixed) (Total:97.56 GB) (Free:83.68 GB) NTFS
Drive g: () (Fixed) (Total:368.1 GB) (Free:367.78 GB) NTFS
Drive i: (ehm.. blbosti 3) (Fixed) (Total:298.09 GB) (Free:281.55 GB) NTFS
Available physical RAM: 5561.82 MB
Total physical RAM: 8178.14 MB
Percentage of memory in use: 31%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 93474B61)
Partition 1: (Active) - (Size=-568145739776) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=198 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: ADC17899)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows XP) (Size: 298 GB) (Disk ID: 3E527811)
Partition 1: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\JerryCZZ\Desktop" je 3288 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FacebookDiscovery
"D:\Programy\FacebookDiscovery\FacebookDiscovery.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate 5
D:\Programy\MSI\Live Update 5\BootStartLiveupdate.exe /reminder [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-06-2014
Ran by JerryCZZ (administrator) on JERRYCZZ1 on 15-06-2014 21:55:55
Running from C:\Users\JerryCZZ\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Electronic Arts) D:\Programy\Origin\Origin.exe
(matt.malensek.net) D:\Programy\3RVX\3RVX.exe
(Overwolf LTD) D:\Programy\Overwolf\Overwolf.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\JerryCZZ\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.53.394.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.53.394.0\OverwolfHelper64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\JerryCZZ\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4031152 2013-11-26] (Stardock Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5617432 2013-08-19] (ESET)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-3147574288-179147957-1026596567-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3147574288-179147957-1026596567-1000\...\Run: [EADM] => D:\Programy\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-3147574288-179147957-1026596567-1000\...\Run: [3RVX] => D:\Programy\3RVX\3RVX.exe [159232 2008-10-14] (matt.malensek.net)
HKU\S-1-5-21-3147574288-179147957-1026596567-1000\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
HKU\S-1-5-21-3147574288-179147957-1026596567-1000\...\Run: [Overwolf] => D:\Programy\Overwolf\Overwolf.exe [39200 2014-05-28] (Overwolf LTD)
Startup: C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\JerryCZZ\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
SSODL-x32: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - D:\Programy\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
==================== Internet (Whitelisted) ====================
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\JerryCZZ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-04-29]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-04-29]
Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/?clid=12
CHR Extension: (Dark Stash [FVD]) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjhacjfeinnldnjgchiadamlnacohkh [2014-03-22]
CHR Extension: (Dokumenty Google) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-21]
CHR Extension: (Disk Google) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-21]
CHR Extension: (YouTube) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-21]
CHR Extension: (Vyhledávání Google) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-21]
CHR Extension: (Stylish) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-03-21]
CHR Extension: (AdBlock) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-21]
CHR Extension: (Don't Starve) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc [2014-03-21]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-03-24]
CHR Extension: (New Tab Page for FVD Speed Dial) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgeoanibcknhniccgaoaiolihidecjn [2014-03-21]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2014-03-21]
CHR Extension: (Peněženka Google) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-21]
CHR Extension: (Gmail) - C:\Users\JerryCZZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-21]
CHR HKCU\...\Chrome\Extension: [lpgjmggepafkhenaeknpnjiceakbedpi] - C:\Users\JerryCZZ\AppData\Local\CRE\lpgjmggepafkhenaeknpnjiceakbedpi.crx [2014-03-21]
CHR HKLM-x32\...\Chrome\Extension: [lpgjmggepafkhenaeknpnjiceakbedpi] - C:\Users\JerryCZZ\AppData\Local\CRE\lpgjmggepafkhenaeknpnjiceakbedpi.crx [2014-03-21]
==================== Services (Whitelisted) =================
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337240 2013-08-19] (ESET)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
S3 OverwolfUpdater; D:\Programy\Overwolf\OverwolfUpdater.exe [1864480 2014-05-28] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-03-26] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-03-25] ()
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-06-05] (Microsoft Corporation) [File not signed]
S3 TunngleService; D:\Programy\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
==================== Drivers (Whitelisted) ====================
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-08-20] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-08-26] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-08-20] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-08-20] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-08-20] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-08-20] (ESET)
S3 NTIOLib_1_0_4; D:\Programy\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-15 21:55 - 2014-06-15 21:56 - 00013048 _____ () C:\Users\JerryCZZ\Desktop\FRST.txt
2014-06-15 21:53 - 2014-06-15 21:53 - 02081280 _____ (Farbar) C:\Users\JerryCZZ\Desktop\FRST64.exe
2014-06-15 21:53 - 2014-06-15 21:53 - 00112640 _____ (forum.viry.cz) C:\Users\JerryCZZ\Desktop\FRSTLauncher.exe
2014-06-15 16:09 - 2014-06-15 16:09 - 00000000 ____D () C:\Users\JerryCZZ\Desktop\Nová složka
2014-06-13 19:54 - 2014-06-13 19:54 - 00000000 ____D () C:\zoek_backup
2014-06-13 10:41 - 2014-06-13 10:41 - 00000000 ____D () C:\Windows\ERUNT
2014-06-13 01:18 - 2014-06-15 21:55 - 00000000 ____D () C:\FRST
2014-06-13 01:05 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-13 01:04 - 2014-06-13 01:06 - 00000000 ____D () C:\AdwCleaner
2014-06-12 20:37 - 2014-06-12 20:37 - 00000000 ____D () C:\Users\JerryCZZ\Documents\JERRYCZZ1
2014-06-12 20:33 - 2014-06-12 20:33 - 00000790 _____ () C:\Users\Public\Desktop\Enemy Front.lnk
2014-06-12 20:33 - 2014-06-12 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enemy Front
2014-06-12 18:23 - 2014-06-12 18:23 - 00001304 _____ () C:\Users\JerryCZZ\Desktop\Borderlands 2.lnk
2014-06-12 18:21 - 2014-06-12 18:21 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Borderlands.2.Incl.All.24.DLC.[1.7].W.B.Repack
2014-06-11 21:22 - 2014-06-11 21:22 - 00000211 _____ () C:\Users\JerryCZZ\Desktop\Pid.url
2014-06-07 00:19 - 2014-06-07 00:25 - 00000442 _____ () C:\Users\JerryCZZ\Desktop\Nový textový dokument.txt
2014-06-05 17:34 - 2014-06-05 17:34 - 00000211 _____ () C:\Users\JerryCZZ\Desktop\Anomaly 2.url
2014-06-05 16:27 - 2014-06-05 16:27 - 00000000 __HDC () C:\ProgramData\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643}
2014-06-05 16:27 - 2014-06-05 16:27 - 00000000 ____D () C:\Users\Public\Documents\Stardock
2014-06-05 16:10 - 2010-11-21 05:23 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll.backup
2014-06-05 16:10 - 2009-07-14 03:41 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll.backup
2014-06-05 16:10 - 2009-07-14 03:41 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll.backup
2014-06-05 15:38 - 2014-06-05 15:38 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Theme Resource Changer X64 v1.0
2014-06-05 15:38 - 2014-06-05 15:38 - 00000000 ____D () C:\Program Files\Theme Resource Changer
2014-06-05 15:35 - 2011-06-23 14:26 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-06-05 15:25 - 2014-06-07 14:07 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\Adobe
2014-06-05 15:24 - 2014-06-05 15:47 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-05 15:24 - 2014-06-05 15:24 - 00002028 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-05 15:23 - 2014-06-05 15:23 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-05 15:19 - 2014-06-05 15:19 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\Korbin_Bickel
2014-06-05 15:14 - 2014-06-05 15:14 - 00000000 ____D () C:\Windows\W7SBC
2014-06-05 15:14 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer_edit_w7sbc.exe
2014-06-05 15:14 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer_backup_w7sbc.exe
2014-06-05 15:14 - 2011-02-25 08:19 - 02388992 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-06-05 15:13 - 2014-06-05 15:13 - 00000748 _____ () C:\Users\Public\Desktop\Theme Manager.lnk
2014-06-05 15:13 - 2014-06-05 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theme Manager
2014-06-05 14:57 - 2014-06-05 14:57 - 00000211 _____ () C:\Users\JerryCZZ\Desktop\Afterfall InSanity Extended Edition.url
2014-06-04 20:08 - 2014-06-04 20:08 - 00000210 _____ () C:\Users\JerryCZZ\Desktop\Sniper Elite V2.url
2014-06-04 13:35 - 2014-06-04 13:35 - 00003684 _____ () C:\Windows\System32\Tasks\Overwolf Updater Task
2014-06-04 13:35 - 2014-06-04 13:35 - 00000802 _____ () C:\Users\Public\Desktop\Overwolf.lnk
2014-06-04 13:35 - 2014-06-04 13:35 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-06-04 13:34 - 2014-06-04 13:35 - 00000000 ____D () C:\ProgramData\Overwolf
2014-06-04 13:33 - 2014-06-15 21:52 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\Overwolf
2014-06-03 22:46 - 2014-06-03 22:46 - 00000000 ____D () C:\ProgramData\Orbit
2014-05-31 22:31 - 2014-05-31 22:31 - 00000804 _____ () C:\Users\JerryCZZ\Desktop\AIDA64 Extreme.lnk
2014-05-31 22:31 - 2014-05-31 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2014-05-31 22:29 - 2014-06-06 21:11 - 00007606 _____ () C:\Users\JerryCZZ\AppData\Local\Resmon.ResmonCfg
2014-05-31 17:34 - 2014-05-31 18:49 - 1007707327 _____ () C:\Users\JerryCZZ\Documents\Separ.wmv
2014-05-29 22:20 - 2014-06-15 15:57 - 00000000 ____D () C:\Users\JerryCZZ\Documents\FIFA World
2014-05-27 00:27 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-27 00:22 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-27 00:22 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-27 00:22 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-27 00:15 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-27 00:15 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-27 00:09 - 2014-06-12 22:48 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\ftblauncher
2014-05-25 22:17 - 2014-05-25 22:17 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\StunlockStudios
2014-05-25 21:47 - 2014-06-03 22:46 - 00000721 _____ () C:\Users\Public\Desktop\Watch_Dogs.lnk
2014-05-25 21:47 - 2014-05-25 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2014-05-25 19:03 - 2014-05-25 19:03 - 00000211 _____ () C:\Users\JerryCZZ\Desktop\Dead Island Epidemic.url
2014-05-23 00:36 - 2014-05-23 00:36 - 00000210 _____ () C:\Users\JerryCZZ\Desktop\Anomaly Warzone Earth.url
2014-05-22 10:36 - 2014-05-22 10:36 - 00000000 __SHD () C:\Users\JerryCZZ\AppData\Local\EmieUserList
2014-05-22 10:36 - 2014-05-22 10:36 - 00000000 __SHD () C:\Users\JerryCZZ\AppData\Local\EmieSiteList
2014-05-22 10:33 - 2014-05-22 10:33 - 00000646 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk
2014-05-22 10:33 - 2014-05-22 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
2014-05-21 09:37 - 2014-05-21 09:37 - 00000828 _____ () C:\Users\Public\Desktop\Wolfenstein The New Order.lnk
2014-05-21 09:37 - 2014-05-21 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein The New Order
2014-05-17 11:37 - 2014-06-12 18:24 - 00000132 _____ () C:\Users\JerryCZZ\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
==================== One Month Modified Files and Folders =======
2014-06-15 21:56 - 2014-06-15 21:55 - 00013048 _____ () C:\Users\JerryCZZ\Desktop\FRST.txt
2014-06-15 21:56 - 2014-03-21 23:52 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\Temp
2014-06-15 21:55 - 2014-06-13 01:18 - 00000000 ____D () C:\FRST
2014-06-15 21:53 - 2014-06-15 21:53 - 02081280 _____ (Farbar) C:\Users\JerryCZZ\Desktop\FRST64.exe
2014-06-15 21:53 - 2014-06-15 21:53 - 00112640 _____ (forum.viry.cz) C:\Users\JerryCZZ\Desktop\FRSTLauncher.exe
2014-06-15 21:53 - 2014-03-22 11:25 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Skype
2014-06-15 21:52 - 2014-06-04 13:33 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\Overwolf
2014-06-15 21:52 - 2014-03-24 21:25 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Dropbox
2014-06-15 21:52 - 2014-03-22 11:26 - 00000000 ____D () C:\ProgramData\Origin
2014-06-15 21:51 - 2014-03-24 21:31 - 00000000 ___RD () C:\Users\JerryCZZ\Dropbox
2014-06-15 21:51 - 2014-03-24 21:29 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\DropboxMaster
2014-06-15 21:50 - 2014-03-21 23:55 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-15 21:50 - 2014-03-21 23:47 - 01373156 _____ () C:\Windows\WindowsUpdate.log
2014-06-15 21:48 - 2014-03-22 00:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-15 21:48 - 2014-03-21 23:55 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-15 21:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-15 21:48 - 2009-07-14 06:51 - 01131272 _____ () C:\Windows\setupact.log
2014-06-15 16:09 - 2014-06-15 16:09 - 00000000 ____D () C:\Users\JerryCZZ\Desktop\Nová složka
2014-06-15 16:09 - 2011-04-12 10:34 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-06-15 16:09 - 2011-04-12 10:34 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-06-15 16:09 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-15 15:57 - 2014-05-29 22:20 - 00000000 ____D () C:\Users\JerryCZZ\Documents\FIFA World
2014-06-14 20:14 - 2014-03-21 23:56 - 00002192 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-13 19:54 - 2014-06-13 19:54 - 00000000 ____D () C:\zoek_backup
2014-06-13 10:41 - 2014-06-13 10:41 - 00000000 ____D () C:\Windows\ERUNT
2014-06-13 01:07 - 2010-11-21 05:47 - 00027172 _____ () C:\Windows\PFRO.log
2014-06-13 01:06 - 2014-06-13 01:04 - 00000000 ____D () C:\AdwCleaner
2014-06-13 01:06 - 2009-07-14 06:45 - 00026000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-13 01:06 - 2009-07-14 06:45 - 00026000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-13 01:04 - 2014-03-23 12:18 - 00194073 _____ () C:\Windows\DirectX.log
2014-06-13 00:56 - 2009-07-14 06:45 - 00287048 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-12 22:48 - 2014-05-27 00:09 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\ftblauncher
2014-06-12 20:37 - 2014-06-12 20:37 - 00000000 ____D () C:\Users\JerryCZZ\Documents\JERRYCZZ1
2014-06-12 20:34 - 2014-03-25 00:37 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-12 20:34 - 2014-03-23 12:19 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-12 20:33 - 2014-06-12 20:33 - 00000790 _____ () C:\Users\Public\Desktop\Enemy Front.lnk
2014-06-12 20:33 - 2014-06-12 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enemy Front
2014-06-12 20:20 - 2014-03-22 11:19 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\uTorrent
2014-06-12 18:48 - 2014-03-27 22:46 - 00000000 ____D () C:\Users\JerryCZZ\Documents\My Games
2014-06-12 18:48 - 2014-03-27 22:46 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\SKIDROW
2014-06-12 18:24 - 2014-05-17 11:37 - 00000132 _____ () C:\Users\JerryCZZ\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-06-12 18:23 - 2014-06-12 18:23 - 00001304 _____ () C:\Users\JerryCZZ\Desktop\Borderlands 2.lnk
2014-06-12 18:21 - 2014-06-12 18:21 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Borderlands.2.Incl.All.24.DLC.[1.7].W.B.Repack
2014-06-12 18:15 - 2014-03-21 23:55 - 00062048 _____ () C:\Users\JerryCZZ\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-11 21:22 - 2014-06-11 21:22 - 00000211 _____ () C:\Users\JerryCZZ\Desktop\Pid.url
2014-06-11 15:01 - 2014-03-23 12:20 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-09 12:09 - 2014-03-23 12:20 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-08 18:06 - 2014-03-27 00:21 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-06-07 14:07 - 2014-06-05 15:25 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\Adobe
2014-06-07 12:19 - 2014-03-23 12:21 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-07 00:25 - 2014-06-07 00:19 - 00000442 _____ () C:\Users\JerryCZZ\Desktop\Nový textový dokument.txt
2014-06-06 22:07 - 2014-03-27 00:21 - 00000000 ____D () C:\Users\JerryCZZ\Documents\Battlefield 3
2014-06-06 21:11 - 2014-05-31 22:29 - 00007606 _____ () C:\Users\JerryCZZ\AppData\Local\Resmon.ResmonCfg
2014-06-05 17:34 - 2014-06-05 17:34 - 00000211 _____ () C:\Users\JerryCZZ\Desktop\Anomaly 2.url
2014-06-05 16:48 - 2014-03-22 11:58 - 00000000 ___RD () C:\Users\JerryCZZ\Desktop\Hudba
2014-06-05 16:46 - 2009-07-14 01:57 - 20266496 _____ (Microsoft Corporation) C:\Windows\system32\imageres.dll
2014-06-05 16:30 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-05 16:27 - 2014-06-05 16:27 - 00000000 __HDC () C:\ProgramData\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643}
2014-06-05 16:27 - 2014-06-05 16:27 - 00000000 ____D () C:\Users\Public\Documents\Stardock
2014-06-05 16:27 - 2014-04-21 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-06-05 16:10 - 2010-11-21 05:23 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-06-05 16:10 - 2009-07-14 01:55 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-06-05 16:10 - 2009-07-14 01:54 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll
2014-06-05 15:47 - 2014-06-05 15:24 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-05 15:38 - 2014-06-05 15:38 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Theme Resource Changer X64 v1.0
2014-06-05 15:38 - 2014-06-05 15:38 - 00000000 ____D () C:\Program Files\Theme Resource Changer
2014-06-05 15:26 - 2014-04-18 17:52 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-05 15:25 - 2014-03-24 12:21 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Adobe
2014-06-05 15:24 - 2014-06-05 15:24 - 00002028 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-05 15:23 - 2014-06-05 15:23 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-05 15:19 - 2014-06-05 15:19 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\Korbin_Bickel
2014-06-05 15:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-06-05 15:14 - 2014-06-05 15:14 - 00000000 ____D () C:\Windows\W7SBC
2014-06-05 15:13 - 2014-06-05 15:13 - 00000748 _____ () C:\Users\Public\Desktop\Theme Manager.lnk
2014-06-05 15:13 - 2014-06-05 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theme Manager
2014-06-05 14:57 - 2014-06-05 14:57 - 00000211 _____ () C:\Users\JerryCZZ\Desktop\Afterfall InSanity Extended Edition.url
2014-06-04 20:08 - 2014-06-04 20:08 - 00000210 _____ () C:\Users\JerryCZZ\Desktop\Sniper Elite V2.url
2014-06-04 13:35 - 2014-06-04 13:35 - 00003684 _____ () C:\Windows\System32\Tasks\Overwolf Updater Task
2014-06-04 13:35 - 2014-06-04 13:35 - 00000802 _____ () C:\Users\Public\Desktop\Overwolf.lnk
2014-06-04 13:35 - 2014-06-04 13:35 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-06-04 13:35 - 2014-06-04 13:34 - 00000000 ____D () C:\ProgramData\Overwolf
2014-06-03 22:46 - 2014-06-03 22:46 - 00000000 ____D () C:\ProgramData\Orbit
2014-06-03 22:46 - 2014-05-25 21:47 - 00000721 _____ () C:\Users\Public\Desktop\Watch_Dogs.lnk
2014-06-03 08:43 - 2014-03-24 10:56 - 00027918 _____ () C:\Windows\system32\lvcoinst.log
2014-05-31 22:31 - 2014-05-31 22:31 - 00000804 _____ () C:\Users\JerryCZZ\Desktop\AIDA64 Extreme.lnk
2014-05-31 22:31 - 2014-05-31 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2014-05-31 18:49 - 2014-05-31 17:34 - 1007707327 _____ () C:\Users\JerryCZZ\Documents\Separ.wmv
2014-05-28 11:18 - 2014-04-16 17:15 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Local\CRE
2014-05-27 00:27 - 2014-03-22 00:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-27 00:09 - 2014-04-04 15:27 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\ftblauncher
2014-05-25 22:17 - 2014-05-25 22:17 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\StunlockStudios
2014-05-25 21:47 - 2014-05-25 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2014-05-25 19:03 - 2014-05-25 19:03 - 00000211 _____ () C:\Users\JerryCZZ\Desktop\Dead Island Epidemic.url
2014-05-25 18:49 - 2014-03-21 23:52 - 00000000 ___RD () C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-25 18:48 - 2014-03-24 21:31 - 00000997 _____ () C:\Users\JerryCZZ\Desktop\Dropbox.lnk
2014-05-25 18:48 - 2014-03-24 21:29 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-23 09:16 - 2014-04-22 15:37 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-23 09:16 - 2014-04-22 15:37 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-23 00:36 - 2014-05-23 00:36 - 00000210 _____ () C:\Users\JerryCZZ\Desktop\Anomaly Warzone Earth.url
2014-05-22 10:36 - 2014-05-22 10:36 - 00000000 __SHD () C:\Users\JerryCZZ\AppData\Local\EmieUserList
2014-05-22 10:36 - 2014-05-22 10:36 - 00000000 __SHD () C:\Users\JerryCZZ\AppData\Local\EmieSiteList
2014-05-22 10:33 - 2014-05-22 10:33 - 00000646 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk
2014-05-22 10:33 - 2014-05-22 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
2014-05-22 10:33 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-21 09:37 - 2014-05-21 09:37 - 00000828 _____ () C:\Users\Public\Desktop\Wolfenstein The New Order.lnk
2014-05-21 09:37 - 2014-05-21 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein The New Order
2014-05-20 14:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-20 13:28 - 2014-03-27 00:03 - 00000000 ____D () C:\Users\JerryCZZ\AppData\Roaming\FlvtoConverter
2014-05-20 04:44 - 2014-05-27 00:22 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:44 - 2014-05-27 00:22 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-20 04:44 - 2014-05-27 00:22 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-20 04:44 - 2014-03-22 00:15 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-05-20 04:44 - 2014-03-22 00:15 - 00052056 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-05-20 04:44 - 2014-03-22 00:02 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44 - 2014-03-22 00:02 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-20 04:44 - 2014-03-22 00:02 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-20 04:44 - 2014-03-22 00:02 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-20 04:44 - 2014-03-22 00:02 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-20 04:44 - 2014-03-22 00:02 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-05-20 04:44 - 2014-03-22 00:02 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 03:25 - 2014-03-22 00:15 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 03:25 - 2014-03-22 00:15 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25 - 2014-03-22 00:15 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25 - 2014-03-22 00:15 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25 - 2014-03-22 00:15 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-20 03:25 - 2014-03-22 00:15 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-20 01:10 - 2014-05-27 00:27 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
Some content of TEMP:
====================
C:\Users\JerryCZZ\AppData\Local\Temp\7za.exe
C:\Users\JerryCZZ\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoyosam.dll
C:\Users\JerryCZZ\AppData\Local\Temp\hijackthis.exe
C:\Users\JerryCZZ\AppData\Local\Temp\InstHelper.exe
C:\Users\JerryCZZ\AppData\Local\Temp\jansi-64-git-MCPC-Plus-jenkins-MCPC-Plus-164-259.dll
C:\Users\JerryCZZ\AppData\Local\Temp\NirCmd.exe
C:\Users\JerryCZZ\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\JerryCZZ\AppData\Local\Temp\nvStInst.exe
C:\Users\JerryCZZ\AppData\Local\Temp\PEVZ.EXE
C:\Users\JerryCZZ\AppData\Local\Temp\PIPInstaller_PTV_.exe
C:\Users\JerryCZZ\AppData\Local\Temp\Quarantine.exe
C:\Users\JerryCZZ\AppData\Local\Temp\remove.exe
C:\Users\JerryCZZ\AppData\Local\Temp\sed.exe
C:\Users\JerryCZZ\AppData\Local\Temp\shortcut.exe
C:\Users\JerryCZZ\AppData\Local\Temp\sonarinst.exe
C:\Users\JerryCZZ\AppData\Local\Temp\SRLDetectionLibrary1845222757925490913.dll
C:\Users\JerryCZZ\AppData\Local\Temp\swreg.exe
C:\Users\JerryCZZ\AppData\Local\Temp\swxcacls.exe
C:\Users\JerryCZZ\AppData\Local\Temp\wget.exe
C:\Users\JerryCZZ\AppData\Local\Temp\zoek-delete.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2014-06-05 15:14] - [2011-02-25 08:19] - 2388992 ____A (Microsoft Corporation) A3744361E5999CBF6DF3DE6AEB2DF63B
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-08 20:06
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Windows 7) (Fixed) (Total:197.66 GB) (Free:119.86 GB) NTFS
Drive d: (Ostatní) (Fixed) (Total:1518.87 GB) (Free:1107.64 GB) NTFS
Drive e: () (Fixed) (Total:146.49 GB) (Free:146.39 GB) NTFS
Drive f: (ehm.. blbosti) (Fixed) (Total:97.56 GB) (Free:83.68 GB) NTFS
Drive g: () (Fixed) (Total:368.1 GB) (Free:367.78 GB) NTFS
Drive i: (ehm.. blbosti 3) (Fixed) (Total:298.09 GB) (Free:281.55 GB) NTFS
Available physical RAM: 5561.82 MB
Total physical RAM: 8178.14 MB
Percentage of memory in use: 31%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 93474B61)
Partition 1: (Active) - (Size=-568145739776) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=198 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: ADC17899)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows XP) (Size: 298 GB) (Disk ID: 3E527811)
Partition 1: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\JerryCZZ\Desktop" je 3288 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FacebookDiscovery
"D:\Programy\FacebookDiscovery\FacebookDiscovery.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate 5
D:\Programy\MSI\Live Update 5\BootStartLiveupdate.exe /reminder [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Naposledy upravil(a) vyosek dne 15 čer 2014 21:03, celkem upraveno 1 x.
Důvod: log odstranen z code
Důvod: log odstranen z code
Re: Naskakování nevyžadané stránky přes CMD
Trošku asi vyřešeno.. prošel jsem si ten FRST a zjistil že je to zažrané v registru. Odebral jsem to z registru a už je to v klidu. může se lock
Re: Naskakování nevyžadané stránky přes CMD
No kdyz to nechcete vycistit poradne a dukladne i od dalsiho bordelu, ja vam to nutit nebudu...
Na vasi zadost
Na vasi zadost
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?