VIRY.CZ

Ahoj přátelé,
prosím o kontrolu, jde jen o prevenci.

Děkuji Hanss1982

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(forum.viry.cz) C:\Users\Procházkovi\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-11-30] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKCU\...\Run: [StickyPassword] - C:\Program Files (x86)\Sticky Password\stpass.exe [8143672 2013-12-17] (Lamantine Software a.s.)
MountPoints2: G - G:\LGAutoRun.exe
MountPoints2: {8d831bbb-c1e4-11e2-8adf-001fd0594a9f} - G:\LGAutoRun.exe
BootExecute: autocheck autochk * Partizan

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
SearchScopes: HKCU - {83240646-0B5C-440A-86B3-3F4E873DBEBF} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {A2042A79-B114-40E5-AA41-4989F7F71E2B} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Sticky Password Toolbar - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM-x32 - Sticky Password Toolbar - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
Handler: livecall - No CLSID Value -
Handler: msnim - No CLSID Value -
Handler-x32: livecall - No CLSID Value -
Handler-x32: msnim - No CLSID Value -

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @stickypassword.com/Sticky Password - C:\Program Files (x86)\Sticky Password\npspAutofill.dll (Lamantine Software a.s.)
FF HKCU\...\Firefox\Extensions: [hideip@hide-ip-soft.com] - C:\Windows\vf_hip\
FF Extension: HideIP - C:\Windows\vf_hip\

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR RestoreOnStartup: "sync": {
"acknowledged_types": [ "Bookmarks", "Preferences", "Passwords", "Autofill Profiles", "Autofill", "Themes", "Typed URLs", "Extensions", "Sessions", "Apps", "App settings", "Extension settings", "History Delete Directives", "Dictionary", "Priority Preferences", "Tabs", "Encryption keys" ],
"app_settings": true,
"apps": true,
"autofill": true,
"autofill_profile": true,
"bookmarks": true,
"dictionary": true,
"encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAmTlwXdxUsUm9gC/6vk51JwAAAAACAAAAAAAQZgAAAAEAACAAAAD4coTANlhLE8zY3HihW7CU1RCXKPCJSBlY7uEvtoUxigAAAAAOgAAAAAIAACAAAACRQMvliIsJ0u3c3W2FneM8mytk6uKLiaxOPCP+tY+qSUAAAACNh3oUELClDh+ZBmCNP/FimglFuO+Fta5g2b9Wp8nkH1wht8QLUplCVnckPzVOBmX2r6ZpHTQd5jH39WXfV2tqQAAAAPzKG4kZ2wmXlUKMfNneYtouHsd2eLR6fPdm5bFkYqUcNh+mx607ivKMdLuz1tHl/LGuGDXx6zfOazE8KsBOnQk=",
"extension_settings": true,
"extensions": true,
"favicon_images": true,
"favicon_tracking": true,
"favicons_syncing_enabled": true,
"has_setup_completed": true,
"history_delete_directives": true,
"keep_everything_synced": false,
"keystore_encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAmTlwXdxUsUm9gC/6vk51JwAAAAACAAAAAAAQZgAAAAEAACAAAAAoobsng8j51/a+gjMxFdDpE+H3kqA/BcXVCjOwwa2etQAAAAAOgAAAAAIAACAAAAB80B+l9WEmgQlNagITAf9GBjjteUqKIICdoN911IKI3VAAAAB4COchQjRnCNI3W32vzHzBBuT4ZKg3UKxKTY/foi2gyqiBcacDmT26Jb39rByx5O3EF8RBpjrzYnLQvh5gAuaYCpi23DyU37tKblk2yw4zu0AAAADNf30jMuu7h6fk2oA4hA7V0KzhVisCfQjEWdaixF3Y+XoMRy9hrNzrxsPsjkDfXa3d4l+JvwYKjJEna6ashrQc",
"last_synced_time": "13028454398417182",
"passwords": true,
"preferences": false,
"priority_preferences": true,
"search_engines": false,
"session_sync_guid": "session_synccWOuYOSnQxc5tLaq/S+peQ==",
"sessions": true,
"suppress_start": true,
"synced_notifications": true,
"tabs": true,
"themes": true,
"typed_urls"
CHR DefaultSearchURL: http://www.google.com/search?q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Sticky Password) - C:\Program Files (x86)\Sticky Password\npspAutofill.dll (Lamantine Software a.s.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Advanced SystemCare 7) - C:\Users\Proch\u00E1zkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkddabc\\1.0.0_0\Plugin\ASCPlugin_Protect.dll No File
CHR Extension: (Google Drive) - C:\Users\Procházkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\Procházkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Procházkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Sticky Password Autofill Engine) - C:\Users\Procházkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhdcahhbjlmpbdcjnbhcobdaeieomgop\6.0.15.469
CHR Extension: (Google Play) - C:\Users\Procházkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.0_0
CHR Extension: (Google Wallet) - C:\Users\Procházkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Procházkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2

==================== Services (Whitelisted) =================

S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-07-04] (Advanced Micro Devices, Inc.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [908856 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-12] (Avira Operations GmbH & Co. KG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
S2 !SASCORE;
S2 MBAMScheduler;
S2 MBAMService;

==================== Drivers (Whitelisted) ====================

R0 57847584; C:\Windows\System32\DRIVERS\57847584.sys [460888 2013-12-23] (Kaspersky Lab ZAO)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93696 2013-04-23] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\Windows\system32\6BDD.tmp [6144 2011-08-25] (Sophos Plc)
U0 Partizan; C:\Windows\SysWow64\drivers\Partizan.sys [35816 2013-12-23] (Greatis Software)
S3 rkhdrv40; C:\Windows\SysWow64\Drivers\rkhdrv40.sys [24448 2013-12-23] ()
S3 rspSanity; C:\Windows\System32\DRIVERS\rspSanity64.sys [29752 2010-08-23] (Resplendence Software Projects Sp.)
S1 SASDIFSV; No ImagePath
S1 SASKUTIL; No ImagePath
S1 SAVRKBootTasks; C:\Windows\SysWow64\SAVRKBootTasks.sys [18816 2011-08-25] (Sophos Group)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-24 16:16 - 2013-12-24 16:17 - 00013327 _____ C:\Users\Procházkovi\Desktop\FRST.txt
2013-12-24 16:16 - 2013-12-24 16:16 - 00000000 ____D C:\FRST
2013-12-24 16:14 - 2013-12-24 16:14 - 01928604 _____ (Farbar) C:\Users\Procházkovi\Desktop\FRST64.exe
2013-12-24 16:14 - 2013-12-24 16:14 - 00112640 _____ (forum.viry.cz) C:\Users\Procházkovi\Desktop\FRSTLauncher.exe
2013-12-24 08:42 - 2013-12-24 08:42 - 00000056 _____ C:\Windows\setupact.log
2013-12-24 08:42 - 2013-12-24 08:42 - 00000000 _____ C:\Windows\setuperr.log
2013-12-23 22:38 - 2013-12-23 22:38 - 16990990 _____ C:\Users\Procházkovi\Desktop\det.txt
2013-12-23 22:34 - 2013-12-23 22:37 - 112039067 _____ C:\Users\Procházkovi\Desktop\detect.txt
2013-12-23 20:55 - 2013-12-23 21:34 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\57847584.sys
2013-12-23 19:55 - 2013-12-23 19:55 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-23 19:51 - 2013-12-23 19:52 - 130713808 _____ C:\Users\Procházkovi\Desktop\setup_11.0.1.1245.x01_2013_12_23_21_35.exe
2013-12-23 18:08 - 2013-12-24 08:42 - 00000250 _____ C:\Windows\SysWOW64\PARTIZAL.EXE
2013-12-23 18:03 - 2013-12-23 18:03 - 00040208 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
2013-12-23 18:03 - 2013-12-23 18:03 - 00000073 _____ C:\Windows\SysWOW64\Partizan.RRI
2013-12-23 17:54 - 2013-12-23 19:39 - 00003350 _____ C:\Windows\System32\Tasks\UnHackMe Task Scheduler
2013-12-23 17:54 - 2013-12-23 18:46 - 00000000 ____D C:\ProgramData\RegRun
2013-12-23 17:54 - 2013-12-23 18:20 - 00000000 ____D C:\Users\Procházkovi\Documents\RegRun2
2013-12-23 17:54 - 2013-12-23 18:16 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2013-12-23 17:54 - 2013-12-23 18:08 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2013-12-23 17:54 - 2013-12-23 18:07 - 00000947 _____ C:\Users\Procházkovi\Desktop\UnHackMe.lnk
2013-12-23 17:54 - 2013-12-23 17:54 - 00035816 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
2013-12-23 17:54 - 2013-12-23 17:54 - 00000002 RSHOT C:\Windows\winstart.bat
2013-12-23 17:54 - 2013-12-23 17:54 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
2013-12-23 17:54 - 2013-12-23 17:54 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2013-12-23 17:54 - 2013-09-05 10:19 - 00012800 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys
2013-12-23 17:52 - 2013-12-23 17:52 - 01525384 _____ C:\Users\Procházkovi\Downloads\sarsfx_2.exe
2013-12-23 17:47 - 2013-12-23 17:47 - 00005034 _____ C:\Users\Procházkovi\AppData\Local\Temp28.html
2013-12-23 17:45 - 2013-12-23 17:46 - 00001293 _____ C:\Users\Procházkovi\AppData\Local\Temp1.html
2013-12-23 17:45 - 2013-12-23 17:45 - 00777872 _____ (Resplendence Software Projects Sp. ) C:\Users\Procházkovi\Downloads\hookanlz.exe
2013-12-23 17:45 - 2013-12-23 17:45 - 00000723 _____ C:\Users\Procházkovi\Desktop\SanityCheck.lnk
2013-12-23 17:45 - 2013-12-23 17:45 - 00000000 ____D C:\Program Files\SanityCheck
2013-12-23 17:45 - 2010-08-23 17:07 - 00029752 _____ (Resplendence Software Projects Sp.) C:\Windows\system32\Drivers\rspSanity64.sys
2013-12-23 17:35 - 2013-12-23 17:35 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-23 17:35 - 2013-12-23 17:35 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-23 17:35 - 2013-12-23 17:35 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-23 17:35 - 2013-12-23 17:35 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-23 17:35 - 2013-12-23 17:35 - 00000000 ____D C:\ProgramData\Oracle
2013-12-23 17:34 - 2013-12-23 17:35 - 00000000 ____D C:\Program Files\Java
2013-12-23 17:31 - 2013-12-23 17:32 - 131396000 _____ (Oracle Corporation) C:\Users\Procházkovi\Downloads\jdk-7u45-windows-x64.exe
2013-12-23 17:24 - 2013-12-23 17:24 - 00401728 _____ (Softonic ) C:\Users\Procházkovi\Downloads\SoftonicDownloader_for_icesword.exe
2013-12-23 17:20 - 2013-12-23 17:20 - 00000260 _____ C:\Users\Procházkovi\Downloads\fsbl-20131223162046.log
2013-12-23 17:19 - 2013-12-23 17:19 - 01137360 _____ (F-Secure Corporation) C:\Users\Procházkovi\Downloads\fsbl.exe
2013-12-23 16:31 - 2011-08-25 09:33 - 00006144 ____N (Sophos Plc) C:\Windows\system32\6BDD.tmp
2013-12-23 16:30 - 2011-08-25 09:33 - 00006144 ____N (Sophos Plc) C:\Windows\system32\207A.tmp
2013-12-23 15:40 - 2011-08-25 09:33 - 00006144 ____N (Sophos Plc) C:\Windows\system32\24EE.tmp
2013-12-23 15:39 - 2011-08-25 09:33 - 00006144 ____N (Sophos Plc) C:\Windows\system32\E06F.tmp
2013-12-23 15:31 - 2011-08-25 09:37 - 00018816 ____N (Sophos Group) C:\Windows\SysWOW64\SAVRKBootTasks.sys
2013-12-23 14:37 - 2011-08-25 09:33 - 00006144 ____N (Sophos Plc) C:\Windows\system32\3759.tmp
2013-12-23 14:35 - 2013-12-23 14:35 - 01525384 _____ C:\Users\Procházkovi\Downloads\sarsfx.exe
2013-12-23 14:35 - 2013-12-23 14:35 - 00000000 ____D C:\Program Files (x86)\Sophos
2013-12-23 14:35 - 2011-08-25 09:33 - 00006144 ____N (Sophos Plc) C:\Windows\system32\5A81.tmp
2013-12-23 14:33 - 2013-12-23 14:34 - 00024448 _____ C:\Windows\SysWOW64\Drivers\rkhdrv40.sys
2013-12-23 14:25 - 2013-12-23 14:25 - 00377856 _____ C:\Users\Procházkovi\Downloads\gc1hwhzq.exe
2013-12-23 12:14 - 2013-12-23 12:15 - 00000000 ____D C:\Users\Procházkovi\Documents\Nero Recode
2013-12-23 12:13 - 2013-12-23 12:13 - 00000000 ____D C:\ProgramData\Ahead
2013-12-23 11:47 - 2013-12-23 12:09 - 00000000 ____D C:\Users\Procházkovi\AppData\Local\Ahead
2013-12-23 11:43 - 2013-12-23 12:13 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\Ahead
2013-12-23 11:41 - 2013-12-23 11:41 - 00000000 ____D C:\ProgramData\Nero
2013-12-23 11:41 - 2013-12-23 11:41 - 00000000 ____D C:\Program Files (x86)\Nero
2013-12-23 11:40 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-12-23 11:40 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2013-12-22 16:05 - 2013-12-22 16:05 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\Ashampoo
2013-12-22 15:41 - 2013-12-22 15:42 - 00000000 ____D C:\Program Files\CCleaner
2013-12-22 15:41 - 2013-12-22 15:41 - 00002784 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-22 15:41 - 2013-12-22 15:41 - 00000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-22 12:48 - 2013-12-22 12:48 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\3112
2013-12-22 11:24 - 2013-12-22 11:24 - 00031232 _____ C:\Users\Procházkovi\Desktop\2011_lspp_kontakty.xls
2013-12-12 17:53 - 2013-12-12 18:08 - 1290733904 _____ C:\Users\Procházkovi\Downloads\Rammstein-Diskografie.part2.rar
2013-12-12 17:25 - 2013-12-12 17:25 - 00000000 ____D C:\Users\Procházkovi\Desktop\Foto mobil HOnza
2013-12-12 16:14 - 2013-12-12 16:30 - 1325707673 _____ C:\Users\Procházkovi\Downloads\MANOWAR---Discografie---1982-2007.rar
2013-12-12 16:12 - 2013-12-12 16:46 - 3875141122 _____ C:\Users\Procházkovi\Downloads\Nightwish-Discografie-1997---2013-(18LP+18SP).zip
2013-12-12 16:10 - 2013-12-12 16:10 - 00059640 _____ C:\Users\Procházkovi\Downloads\nightwish-discografie-1997-2013-18lp-18sp-zip.htm
2013-12-12 16:06 - 2013-12-23 18:34 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\DMCache
2013-12-12 16:06 - 2013-12-12 16:06 - 00000000 ____D C:\ProgramData\IDM
2013-12-11 21:13 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 21:13 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 21:13 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 21:13 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 21:11 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 21:11 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 21:11 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 21:11 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 21:11 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 21:11 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 21:11 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 21:11 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 21:11 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 21:11 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 21:11 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 21:11 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 21:11 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 21:11 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 21:11 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 21:11 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 21:11 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 21:11 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 21:11 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 21:11 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-11 21:11 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 21:11 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 21:11 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 21:11 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-11 21:11 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 21:11 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 21:11 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 21:11 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 21:11 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-11 21:11 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 21:11 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 21:10 - 2013-12-11 21:10 - 00000000 ____D C:\Windows\PCHEALTH
2013-12-11 16:28 - 2013-12-11 16:28 - 00017205 _____ C:\Users\Procházkovi\Desktop\Tisk nákupního košíku - ALFA.cz _ ALFA COMPUTER.mht
2013-12-11 12:31 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 12:31 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 12:31 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 12:31 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 12:31 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 12:31 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 12:31 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 12:31 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 12:31 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 12:31 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 12:31 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 12:31 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 12:31 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 12:31 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 12:31 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 12:31 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 12:31 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 12:31 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 12:31 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 20:35 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-10 20:31 - 2013-12-10 20:31 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-10 20:31 - 2013-12-10 20:31 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-10 20:31 - 2013-12-10 20:31 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-10 20:31 - 2013-12-10 20:31 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-10 20:31 - 2013-12-10 20:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-10 20:31 - 2013-12-10 20:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-10 20:31 - 2013-12-10 20:31 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-10 18:20 - 2013-12-10 18:20 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-10 12:26 - 2013-12-15 17:08 - 00000000 ____D C:\Users\Procházkovi\Desktop\1213
2013-12-09 12:36 - 2013-12-09 12:36 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\2976
2013-12-09 11:52 - 2013-12-09 11:52 - 00219248 _____ (VMware, Inc.) C:\Windows\SysWOW64\vm3dum.dll
2013-12-09 11:51 - 2013-12-09 11:52 - 03223152 _____ (VMware, Inc.) C:\Windows\SysWOW64\vm3dgl.dll
2013-12-09 11:48 - 2013-12-23 18:51 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-12-09 11:48 - 2013-12-23 18:51 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\corpol.dll
2013-12-09 11:22 - 2013-12-09 11:22 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-12-09 11:20 - 2013-12-23 18:51 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-12-09 11:20 - 2013-12-23 18:51 - 00053360 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmGuestLib.dll
2013-12-09 11:20 - 2013-12-09 11:20 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2013-12-09 11:20 - 2013-12-09 11:20 - 01047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
2013-12-09 11:16 - 2013-12-23 18:52 - 00063088 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2013-12-09 11:16 - 2013-12-23 18:51 - 00050800 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmhgfs.dll
2013-12-09 11:16 - 2013-12-23 18:51 - 00034416 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmGuestLibJava.dll
2013-12-09 11:15 - 2013-12-23 18:51 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2013-12-09 11:15 - 2013-12-23 18:51 - 00229376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-12-09 11:15 - 2013-12-23 18:51 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-12-09 10:45 - 2013-12-09 10:45 - 00000000 ____D C:\ProgramData\Weskysoft
2013-12-09 10:34 - 2013-12-09 17:14 - 00000000 ____D C:\Program Files (x86)\DLLSuite
2013-12-05 09:47 - 2013-12-05 09:47 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\Avira
2013-12-05 09:43 - 2013-12-05 09:50 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-12-05 09:42 - 2013-12-12 11:10 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-05 09:42 - 2013-12-12 11:10 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-05 09:42 - 2013-12-12 11:10 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-05 09:42 - 2013-12-05 09:42 - 00000000 ____D C:\Program Files (x86)\Avira
2013-12-05 09:42 - 2013-12-05 09:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-04 09:07 - 2013-12-04 09:07 - 00000000 ____D C:\Windows\ERUNT
2013-12-04 08:42 - 2013-12-04 08:42 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2013-12-03 17:29 - 2013-12-03 19:02 - 00000000 ____D C:\Users\Procházkovi\Desktop\Lenka mobil
2013-12-02 17:21 - 2013-12-02 17:57 - 346635141 _____ C:\Users\Procházkovi\Desktop\V20D_00.kdz
2013-12-02 17:08 - 2013-12-02 17:08 - 00000000 ____D C:\Users\Procházkovi\Desktop\KDZ_FW_UPD_EN
2013-12-02 08:51 - 2013-12-02 08:52 - 00000000 ____D C:\Users\Public\Documents\DriverGenius
2013-11-30 17:53 - 2013-11-30 17:53 - 26017280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 19584512 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 15827456 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 13402112 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 11922944 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2013-11-30 17:53 - 2013-11-30 17:53 - 07528440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 06857392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 06288832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 04782960 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 04292192 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 01978240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdmv.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 01065720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6v.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00929736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00364544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00359936 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2013-11-30 17:53 - 2013-11-30 17:53 - 00246000 _____ C:\Windows\SysWOW64\atiapfxx.blb
2013-11-30 17:53 - 2013-11-30 17:53 - 00246000 _____ C:\Windows\system32\atiapfxx.blb
2013-11-30 17:53 - 2013-11-30 17:53 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2013-11-30 17:53 - 2013-11-30 17:53 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00069632 _____ (AMD) C:\Windows\system32\coinst_8.97.100.11.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00062976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00062976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00062464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00062464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00051152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00048544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00038768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00021504 _____ (AMD) C:\Windows\system32\atimuixx.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00017920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 03707864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-11-30 17:52 - 2013-11-30 17:52 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 02587864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 01012992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 00681905 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-11-30 17:52 - 2013-11-30 17:52 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 00153304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-11-30 17:16 - 2013-12-09 14:54 - 00000000 ____D C:\ProgramData\ProductData
2013-11-30 16:54 - 2013-11-30 16:54 - 00000000 ____D C:\Program Files (x86)\FinalWire
2013-11-27 18:00 - 2013-11-27 18:24 - 00000000 ____D C:\Program Files (x86)\Windows Doctor

==================== One Month Modified Files and Folders =======

2013-12-24 16:17 - 2013-12-24 16:16 - 00013327 _____ C:\Users\Procházkovi\Desktop\FRST.txt
2013-12-24 16:16 - 2013-12-24 16:16 - 00000000 ____D C:\FRST
2013-12-24 16:14 - 2013-12-24 16:14 - 01928604 _____ (Farbar) C:\Users\Procházkovi\Desktop\FRST64.exe
2013-12-24 16:14 - 2013-12-24 16:14 - 00112640 _____ (forum.viry.cz) C:\Users\Procházkovi\Desktop\FRSTLauncher.exe
2013-12-24 15:50 - 2013-05-10 18:31 - 01934361 _____ C:\Windows\WindowsUpdate.log
2013-12-24 08:50 - 2009-07-14 05:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-24 08:50 - 2009-07-14 05:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-24 08:43 - 2013-05-14 20:05 - 00000000 ___SD C:\Users\Procházkovi\Documents\Sticky Passwords
2013-12-24 08:42 - 2013-12-24 08:42 - 00000056 _____ C:\Windows\setupact.log
2013-12-24 08:42 - 2013-12-24 08:42 - 00000000 _____ C:\Windows\setuperr.log
2013-12-24 08:42 - 2013-12-23 18:08 - 00000250 _____ C:\Windows\SysWOW64\PARTIZAL.EXE
2013-12-24 08:42 - 2013-09-16 16:56 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-24 08:42 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-23 22:38 - 2013-12-23 22:38 - 16990990 _____ C:\Users\Procházkovi\Desktop\det.txt
2013-12-23 22:37 - 2013-12-23 22:34 - 112039067 _____ C:\Users\Procházkovi\Desktop\detect.txt
2013-12-23 21:34 - 2013-12-23 20:55 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\57847584.sys
2013-12-23 19:58 - 2013-05-10 19:25 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\uTorrent
2013-12-23 19:55 - 2013-12-23 19:55 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-23 19:52 - 2013-12-23 19:51 - 130713808 _____ C:\Users\Procházkovi\Desktop\setup_11.0.1.1245.x01_2013_12_23_21_35.exe
2013-12-23 19:39 - 2013-12-23 17:54 - 00003350 _____ C:\Windows\System32\Tasks\UnHackMe Task Scheduler
2013-12-23 19:38 - 2013-09-16 16:56 - 00003854 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-23 18:52 - 2013-12-09 11:16 - 00063088 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2013-12-23 18:51 - 2013-12-09 11:48 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-12-23 18:51 - 2013-12-09 11:48 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\corpol.dll
2013-12-23 18:51 - 2013-12-09 11:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-12-23 18:51 - 2013-12-09 11:20 - 00053360 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmGuestLib.dll
2013-12-23 18:51 - 2013-12-09 11:16 - 00050800 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmhgfs.dll
2013-12-23 18:51 - 2013-12-09 11:16 - 00034416 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmGuestLibJava.dll
2013-12-23 18:51 - 2013-12-09 11:15 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2013-12-23 18:51 - 2013-12-09 11:15 - 00229376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-12-23 18:51 - 2013-12-09 11:15 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-12-23 18:46 - 2013-12-23 17:54 - 00000000 ____D C:\ProgramData\RegRun
2013-12-23 18:40 - 2013-11-23 19:56 - 00000000 ____D C:\Users\Procházkovi\AppData\Local\CrashDumps
2013-12-23 18:34 - 2013-12-12 16:06 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\DMCache
2013-12-23 18:20 - 2013-12-23 17:54 - 00000000 ____D C:\Users\Procházkovi\Documents\RegRun2
2013-12-23 18:16 - 2013-12-23 17:54 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2013-12-23 18:08 - 2013-12-23 17:54 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2013-12-23 18:07 - 2013-12-23 17:54 - 00000947 _____ C:\Users\Procházkovi\Desktop\UnHackMe.lnk
2013-12-23 18:03 - 2013-12-23 18:03 - 00040208 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
2013-12-23 18:03 - 2013-12-23 18:03 - 00000073 _____ C:\Windows\SysWOW64\Partizan.RRI
2013-12-23 17:54 - 2013-12-23 17:54 - 00035816 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
2013-12-23 17:54 - 2013-12-23 17:54 - 00000002 RSHOT C:\Windows\winstart.bat
2013-12-23 17:54 - 2013-12-23 17:54 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
2013-12-23 17:54 - 2013-12-23 17:54 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2013-12-23 17:52 - 2013-12-23 17:52 - 01525384 _____ C:\Users\Procházkovi\Downloads\sarsfx_2.exe
2013-12-23 17:47 - 2013-12-23 17:47 - 00005034 _____ C:\Users\Procházkovi\AppData\Local\Temp28.html
2013-12-23 17:46 - 2013-12-23 17:45 - 00001293 _____ C:\Users\Procházkovi\AppData\Local\Temp1.html
2013-12-23 17:45 - 2013-12-23 17:45 - 00777872 _____ (Resplendence Software Projects Sp. ) C:\Users\Procházkovi\Downloads\hookanlz.exe
2013-12-23 17:45 - 2013-12-23 17:45 - 00000723 _____ C:\Users\Procházkovi\Desktop\SanityCheck.lnk
2013-12-23 17:45 - 2013-12-23 17:45 - 00000000 ____D C:\Program Files\SanityCheck
2013-12-23 17:35 - 2013-12-23 17:35 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-23 17:35 - 2013-12-23 17:35 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-23 17:35 - 2013-12-23 17:35 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-23 17:35 - 2013-12-23 17:35 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-23 17:35 - 2013-12-23 17:35 - 00000000 ____D C:\ProgramData\Oracle
2013-12-23 17:35 - 2013-12-23 17:34 - 00000000 ____D C:\Program Files\Java
2013-12-23 17:32 - 2013-12-23 17:31 - 131396000 _____ (Oracle Corporation) C:\Users\Procházkovi\Downloads\jdk-7u45-windows-x64.exe
2013-12-23 17:24 - 2013-12-23 17:24 - 00401728 _____ (Softonic ) C:\Users\Procházkovi\Downloads\SoftonicDownloader_for_icesword.exe
2013-12-23 17:20 - 2013-12-23 17:20 - 00000260 _____ C:\Users\Procházkovi\Downloads\fsbl-20131223162046.log
2013-12-23 17:19 - 2013-12-23 17:19 - 01137360 _____ (F-Secure Corporation) C:\Users\Procházkovi\Downloads\fsbl.exe
2013-12-23 17:12 - 2013-05-10 19:22 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-23 17:12 - 2013-05-10 19:22 - 00000958 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-23 16:53 - 2013-05-10 19:22 - 00003970 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-23 16:53 - 2013-05-10 19:22 - 00003718 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-23 14:35 - 2013-12-23 14:35 - 01525384 _____ C:\Users\Procházkovi\Downloads\sarsfx.exe
2013-12-23 14:35 - 2013-12-23 14:35 - 00000000 ____D C:\Program Files (x86)\Sophos
2013-12-23 14:34 - 2013-12-23 14:33 - 00024448 _____ C:\Windows\SysWOW64\Drivers\rkhdrv40.sys
2013-12-23 14:25 - 2013-12-23 14:25 - 00377856 _____ C:\Users\Procházkovi\Downloads\gc1hwhzq.exe
2013-12-23 12:15 - 2013-12-23 12:14 - 00000000 ____D C:\Users\Procházkovi\Documents\Nero Recode
2013-12-23 12:13 - 2013-12-23 12:13 - 00000000 ____D C:\ProgramData\Ahead
2013-12-23 12:13 - 2013-12-23 11:43 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\Ahead
2013-12-23 12:09 - 2013-12-23 11:47 - 00000000 ____D C:\Users\Procházkovi\AppData\Local\Ahead
2013-12-23 11:41 - 2013-12-23 11:41 - 00000000 ____D C:\ProgramData\Nero
2013-12-23 11:41 - 2013-12-23 11:41 - 00000000 ____D C:\Program Files (x86)\Nero
2013-12-22 16:05 - 2013-12-22 16:05 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\Ashampoo
2013-12-22 16:05 - 2013-05-18 21:35 - 00000000 ____D C:\Users\Procházkovi\AppData\Local\ashampoo
2013-12-22 15:43 - 2013-05-10 19:28 - 00000000 ____D C:\Windows\Panther
2013-12-22 15:42 - 2013-12-22 15:41 - 00000000 ____D C:\Program Files\CCleaner
2013-12-22 15:41 - 2013-12-22 15:41 - 00002784 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-22 15:41 - 2013-12-22 15:41 - 00000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-22 12:48 - 2013-12-22 12:48 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\3112
2013-12-22 11:24 - 2013-12-22 11:24 - 00031232 _____ C:\Users\Procházkovi\Desktop\2011_lspp_kontakty.xls
2013-12-21 16:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\oobe
2013-12-21 10:51 - 2013-10-19 10:17 - 00000000 ____D C:\Program Files (x86)\Sticky Password
2013-12-15 17:08 - 2013-12-10 12:26 - 00000000 ____D C:\Users\Procházkovi\Desktop\1213
2013-12-15 17:08 - 2009-07-14 16:18 - 00666194 _____ C:\Windows\system32\perfh005.dat
2013-12-15 17:08 - 2009-07-14 16:18 - 00139890 _____ C:\Windows\system32\perfc005.dat
2013-12-15 17:08 - 2009-07-14 06:13 - 01576554 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-15 12:48 - 2013-08-14 19:33 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 12:46 - 2013-05-11 07:51 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-12 18:08 - 2013-12-12 17:53 - 1290733904 _____ C:\Users\Procházkovi\Downloads\Rammstein-Diskografie.part2.rar
2013-12-12 17:25 - 2013-12-12 17:25 - 00000000 ____D C:\Users\Procházkovi\Desktop\Foto mobil HOnza
2013-12-12 16:46 - 2013-12-12 16:12 - 3875141122 _____ C:\Users\Procházkovi\Downloads\Nightwish-Discografie-1997---2013-(18LP+18SP).zip
2013-12-12 16:30 - 2013-12-12 16:14 - 1325707673 _____ C:\Users\Procházkovi\Downloads\MANOWAR---Discografie---1982-2007.rar
2013-12-12 16:10 - 2013-12-12 16:10 - 00059640 _____ C:\Users\Procházkovi\Downloads\nightwish-discografie-1997-2013-18lp-18sp-zip.htm
2013-12-12 16:06 - 2013-12-12 16:06 - 00000000 ____D C:\ProgramData\IDM
2013-12-12 11:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-12 11:10 - 2013-12-05 09:42 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-12 11:10 - 2013-12-05 09:42 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-12 11:10 - 2013-12-05 09:42 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-12 11:03 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-12 11:02 - 2009-07-14 05:45 - 00415592 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 21:12 - 2013-05-12 08:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 21:10 - 2013-12-11 21:10 - 00000000 ____D C:\Windows\PCHEALTH
2013-12-11 20:20 - 2013-10-28 19:41 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\.minecraft
2013-12-11 16:28 - 2013-12-11 16:28 - 00017205 _____ C:\Users\Procházkovi\Desktop\Tisk nákupního košíku - ALFA.cz _ ALFA COMPUTER.mht
2013-12-11 12:19 - 2013-05-10 18:58 - 00001397 _____ C:\Users\Procházkovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-11 12:17 - 2013-05-10 19:37 - 00000000 ____D C:\Program Files\WinRAR
2013-12-11 12:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-10 20:31 - 2013-12-10 20:31 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-10 20:31 - 2013-12-10 20:31 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-10 20:31 - 2013-12-10 20:31 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-10 20:31 - 2013-12-10 20:31 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-10 20:31 - 2013-12-10 20:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-10 20:31 - 2013-12-10 20:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-10 20:31 - 2013-12-10 20:31 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-10 20:31 - 2013-12-10 20:31 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-10 20:31 - 2013-12-10 20:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-10 18:20 - 2013-12-10 18:20 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-09 17:14 - 2013-12-09 10:34 - 00000000 ____D C:\Program Files (x86)\DLLSuite
2013-12-09 14:54 - 2013-11-30 17:16 - 00000000 ____D C:\ProgramData\ProductData
2013-12-09 12:36 - 2013-12-09 12:36 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\2976
2013-12-09 11:52 - 2013-12-09 11:52 - 00219248 _____ (VMware, Inc.) C:\Windows\SysWOW64\vm3dum.dll
2013-12-09 11:52 - 2013-12-09 11:51 - 03223152 _____ (VMware, Inc.) C:\Windows\SysWOW64\vm3dgl.dll
2013-12-09 11:22 - 2013-12-09 11:22 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-12-09 11:20 - 2013-12-09 11:20 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2013-12-09 11:20 - 2013-12-09 11:20 - 01047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
2013-12-09 10:45 - 2013-12-09 10:45 - 00000000 ____D C:\ProgramData\Weskysoft
2013-12-05 09:50 - 2013-12-05 09:43 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-12-05 09:47 - 2013-12-05 09:47 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\Avira
2013-12-05 09:42 - 2013-12-05 09:42 - 00000000 ____D C:\Program Files (x86)\Avira
2013-12-05 09:42 - 2013-09-15 19:34 - 00000000 ____D C:\ProgramData\Avira
2013-12-05 09:41 - 2013-12-05 09:42 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-04 09:32 - 2013-05-10 18:57 - 00000000 ____D C:\Users\Procházkovi
2013-12-04 09:31 - 2013-09-15 18:03 - 00000000 ____D C:\Qoobox
2013-12-04 09:07 - 2013-12-04 09:07 - 00000000 ____D C:\Windows\ERUNT
2013-12-04 08:47 - 2013-06-07 16:04 - 00000000 ____D C:\Users\Procházkovi\AppData\Roaming\IObit
2013-12-04 08:42 - 2013-12-04 08:42 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2013-12-03 19:02 - 2013-12-03 17:29 - 00000000 ____D C:\Users\Procházkovi\Desktop\Lenka mobil
2013-12-02 18:07 - 2013-05-21 20:10 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2013-12-02 17:57 - 2013-12-02 17:21 - 346635141 _____ C:\Users\Procházkovi\Desktop\V20D_00.kdz
2013-12-02 17:09 - 2013-05-21 20:11 - 00002411 _____ C:\Windows\SysWOW64\lgAxconfig.ini
2013-12-02 17:08 - 2013-12-02 17:08 - 00000000 ____D C:\Users\Procházkovi\Desktop\KDZ_FW_UPD_EN
2013-12-02 08:52 - 2013-12-02 08:51 - 00000000 ____D C:\Users\Public\Documents\DriverGenius
2013-12-02 08:52 - 2013-08-04 13:53 - 00000000 ____D C:\ProgramData\DriverGenius
2013-11-30 17:53 - 2013-11-30 17:53 - 26017280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 19584512 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 15827456 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 13402112 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 11922944 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2013-11-30 17:53 - 2013-11-30 17:53 - 07528440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 06857392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 06288832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 04782960 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 04292192 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 01978240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdmv.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 01065720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6v.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00929736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00364544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00359936 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2013-11-30 17:53 - 2013-11-30 17:53 - 00246000 _____ C:\Windows\SysWOW64\atiapfxx.blb
2013-11-30 17:53 - 2013-11-30 17:53 - 00246000 _____ C:\Windows\system32\atiapfxx.blb
2013-11-30 17:53 - 2013-11-30 17:53 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2013-11-30 17:53 - 2013-11-30 17:53 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00069632 _____ (AMD) C:\Windows\system32\coinst_8.97.100.11.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00062976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00062976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00062464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00062464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00051152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00048544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00038768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00021504 _____ (AMD) C:\Windows\system32\atimuixx.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00017920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2013-11-30 17:53 - 2013-11-30 17:53 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2013-11-30 17:53 - 2013-06-25 12:14 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-11-30 17:53 - 2012-07-04 07:25 - 01094024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2013-11-30 17:53 - 2012-07-04 07:21 - 00514048 _____ (AMD) C:\Windows\system32\atieclxx.exe
2013-11-30 17:53 - 2012-07-04 07:20 - 00238080 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2013-11-30 17:53 - 2012-07-04 06:57 - 07560424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2013-11-30 17:53 - 2012-07-04 06:11 - 00535552 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2013-11-30 17:53 - 2012-07-04 06:10 - 00061464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 03707864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-11-30 17:52 - 2013-11-30 17:52 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 02587864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 01012992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 00681905 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-11-30 17:52 - 2013-11-30 17:52 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 00153304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-11-30 17:52 - 2013-11-30 17:52 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-11-30 16:54 - 2013-11-30 16:54 - 00000000 ____D C:\Program Files (x86)\FinalWire
2013-11-27 18:24 - 2013-11-27 18:00 - 00000000 ____D C:\Program Files (x86)\Windows Doctor
2013-11-26 12:54 - 2013-12-11 21:11 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 11:19 - 2013-12-11 21:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 11:18 - 2013-12-11 21:11 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 11:11 - 2013-12-11 21:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 10:48 - 2013-12-11 21:11 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 10:46 - 2013-12-11 21:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 10:41 - 2013-12-11 21:11 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 10:29 - 2013-12-11 21:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 10:27 - 2013-12-11 21:11 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 10:23 - 2013-12-11 21:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 10:21 - 2013-12-11 21:11 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 10:18 - 2013-12-11 21:11 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 10:18 - 2013-12-11 21:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 10:16 - 2013-12-11 21:11 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:57 - 2013-12-11 21:11 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-11 21:11 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 09:38 - 2013-12-11 21:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 09:35 - 2013-12-11 21:11 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:32 - 2013-12-11 21:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 09:28 - 2013-12-11 21:11 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 09:16 - 2013-12-11 21:11 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-11 21:11 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-11 21:11 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-11 21:11 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-11 21:11 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-11 21:11 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:40 - 2013-12-11 21:11 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-11 21:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-11 21:11 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-11 21:11 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-11 21:11 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.1520.dll

Some content of TEMP:
====================
C:\Users\Procházkovi\AppData\Local\Temp\avgnt.exe
C:\Users\Procházkovi\AppData\Local\Temp\catchme.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!

nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!

LastRegBack: 2013-12-20 12:02

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:116.45 GB) (Free:73.16 GB) NTFS
Drive d: () (Fixed) (Total:116.21 GB) (Free:18.2 GB) NTFS

Available physical RAM: 473.9 MB
Total physical RAM: 1790.49 MB
Percentage of memory in use: 73%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 37413740)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=116 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Proch�zkovi\Desktop" je 827 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
Re�im ECHO je vypnut.

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Zdravím!
Leckteré zbytečnosti je třeba vyházet. Otevřte poznámkový blok a zkopírujte do něj:

Start
MountPoints2: G - G:\LGAutoRun.exe
MountPoints2: {8d831bbb-c1e4-11e2-8adf-001fd0594a9f} - G:\LGAutoRun.exe
Handler: livecall - No CLSID Value -
Handler: msnim - No CLSID Value -
Handler-x32: livecall - No CLSID Value -
Handler-x32: msnim - No CLSID Value -
C:\Windows\system32\6BDD.tmp
C:\Windows\system32\207A.tmp
C:\Windows\system32\24EE.tmp
C:\Windows\system32\E06F.tmp
C:\Windows\system32\3759.tmp
C:\Windows\system32\5A81.tmp
C:\Users\Procházkovi\Downloads\gc1hwhzq.exe
End

Zkopírováno

Někjak jsem tam tam nedal ten zbytek. Omlouvám se. Uložte do stejného adresáře, jako FRST jako fixlist.txt. Pak znovu spusťte FRST a klikněte na >Fix<. Zkopírujte sem pak log, který se na závěr vytvoří.

Vůbec o nic nejde

Zde je LOG:

Content of fixlist:
*****************
Start
MountPoints2: G - G:\LGAutoRun.exe
MountPoints2: {8d831bbb-c1e4-11e2-8adf-001fd0594a9f} - G:\LGAutoRun.exe
Handler: livecall - No CLSID Value -
Handler: msnim - No CLSID Value -
Handler-x32: livecall - No CLSID Value -
Handler-x32: msnim - No CLSID Value -
C:\Windows\system32\6BDD.tmp
C:\Windows\system32\207A.tmp
C:\Windows\system32\24EE.tmp
C:\Windows\system32\E06F.tmp
C:\Windows\system32\3759.tmp
C:\Windows\system32\5A81.tmp
C:\Users\Procházkovi\Downloads\gc1hwhzq.exe
End

*****************

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8d831bbb-c1e4-11e2-8adf-001fd0594a9f} => Key deleted successfully.
HKCR\CLSID\{8d831bbb-c1e4-11e2-8adf-001fd0594a9f} => Key not found.
HKCR\PROTOCOLS\Handler\Handler: livecall - No CLSID Value - => Key not found.
HKCR\PROTOCOLS\Handler\Handler: msnim - No CLSID Value - => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\Handler-x32: livecall - No CLSID Value - => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\Handler-x32: msnim - No CLSID Value - => Key not found.
C:\Windows\system32\6BDD.tmp => Moved successfully.
C:\Windows\system32\207A.tmp => Moved successfully.
C:\Windows\system32\24EE.tmp => Moved successfully.
C:\Windows\system32\E06F.tmp => Moved successfully.
C:\Windows\system32\3759.tmp => Moved successfully.
C:\Windows\system32\5A81.tmp => Moved successfully.
C:\Users\Procházkovi\Downloads\gc1hwhzq.exe => Moved successfully.

==== End of Fixlog ====

Vše smazáno. Jinak by mělo být čisto.

Děkuji a podpořím tento projekt

Nemáte zač a za podporu děkujeme!

VIRY.CZ

Prosím o kontrolu LOGU

Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU