VIRY.CZ

Zdravim, prosim o kontrolu logu a take o pomoc s odstranenim "Awardhotspot.com / Valuedealshopper.com / Scour.com" - zadny guide, ktery jsem vyhledal na google mi nepomohl..
Dekuji.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:28:08, on 15.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\C2MP\TrayMenu.exe
C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Users\Andrew\AppData\Local\PirritSuggestor\PirritDesktop.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Andrew\Desktop\hijackthis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://127.0.0.1:9880
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SteelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [CloudSystemBooster] "C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe" /hide /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: CodecPackTrayMenu.lnk = C:\Windows\SysWOW64\C2MP\TrayMenu.exe
O4 - Global Startup: CodecPackUpdateChecker.lnk = C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
O4 - Global Startup: CodeMeter Control Center.lnk = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{07649137-C5C5-4235-AA75-E1B987E42A2B}: NameServer = 8.8.8.8,8.8.4.4,192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{07649137-C5C5-4235-AA75-E1B987E42A2B}: NameServer = 8.8.8.8,8.8.4.4,192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{07649137-C5C5-4235-AA75-E1B987E42A2B}: NameServer = 8.8.8.8,8.8.4.4,192.168.1.1
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Anvi Cloud System Booster Speed Service (AnviCsbSvc) - Anvisoft - C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PirritDesktop - Unknown owner - C:\Users\Andrew\AppData\Local\PirritSuggestor\PirritService.exe
O23 - Service: PirritUpdater - Unknown owner - C:\Program Files (x86)\Pirrit\AutoUpdater.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service2 - Unknown owner - C:\Windows\System32\SUPDSvc2.exe (file missing)
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wlms\wlms.exe,-1 (WLMS) - Unknown owner - C:\Windows\system32\wlms\wlms.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14353 bytes

Zdravim

Log z FRST napovi vic - postupujte dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by Andrew (administrator) on ANDREW-PC on 15-02-2014 17:50:37
Running from C:\Users\Andrew\Desktop
Windows 7 Enterprise Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Users\Andrew\AppData\Local\PirritSuggestor\PirritService.exe
() C:\Program Files (x86)\Pirrit\AutoUpdater.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Windows\SysWOW64\C2MP\TrayMenu.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
() C:\Users\Andrew\AppData\Local\PirritSuggestor\PirritDesktop.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Andrew\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5671984 2013-02-26] (VIA)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Driver Genius] - [X]
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-14] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-01] (Microsoft Corporation)
HKU\S-1-5-21-3354695338-1066098849-1578917668-1001\...\Run: [SteelSeries Engine] - C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [239104 2013-02-06] (SteelSeries ApS)
HKU\S-1-5-21-3354695338-1066098849-1578917668-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3354695338-1066098849-1578917668-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-3354695338-1066098849-1578917668-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3354695338-1066098849-1578917668-1001\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3354695338-1066098849-1578917668-1001\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3354695338-1066098849-1578917668-1001\...\Run: [CloudSystemBooster] - C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe [527544 2013-12-24] (Anvisoft)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=http://127.0.0.1:9880
SearchScopes: HKCU - {E3363FE6-E914-4918-94A7-44FEAA0C5CCD} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{07649137-C5C5-4235-AA75-E1B987E42A2B}: [NameServer]8.8.8.8,8.8.4.4,192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Extension: No Name - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2014-01-10]
FF Extension: Pirrit Suggestor - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\profiles\extensions\suggestor@suggestor.pirrit.com.xpi [2014-01-10]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-16]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-16]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Extension: (Disk Google) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-14]
CHR Extension: (YouTube) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-14]
CHR Extension: (Vyhledvn Google) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-14]
CHR Extension: (Záložky na iCloudu) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-02-01]
CHR Extension: (Peněženka Google) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2013-05-14]

==================== Services (Whitelisted) =================

R2 AnviCsbSvc; C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [42680 2013-12-24] (Anvisoft)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-14] (AVAST Software)
U2 PirritDesktop; C:\Users\Andrew\AppData\Local\PirritSuggestor\PirritService.exe [52568 2014-02-14] ()
R2 PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [59904 2014-02-14] ()
S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [158208 2012-04-06] (Samsung Electronics)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1246496 2009-09-17] (SafeNet, Inc)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)
S2 WLMS; C:\Windows\system32\wlms\wlms.exe [19456 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-14] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-12-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-14] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-14] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-09-22] (Disc Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-01-10] (SteelSeries Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16640 2014-02-11] (Windows (R) Win 7 DDK provider)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-15 17:50 - 2014-02-15 17:50 - 00018268 _____ () C:\Users\Andrew\Desktop\FRST.txt
2014-02-15 17:49 - 2014-02-15 17:49 - 00112640 _____ (forum.viry.cz) C:\Users\Andrew\Desktop\FRSTLauncher.exe
2014-02-15 17:46 - 2014-02-15 17:50 - 00000000 ____D () C:\FRST
2014-02-15 17:46 - 2014-02-15 17:46 - 00000000 _____ () C:\Users\Andrew\Desktop\FRSTLauncher (1).exe
2014-02-15 17:43 - 2014-02-15 17:44 - 02152960 _____ (Farbar) C:\Users\Andrew\Desktop\FRST64.exe
2014-02-15 17:35 - 2014-02-15 17:36 - 00000000 ____D () C:\AdwCleaner
2014-02-15 17:35 - 2014-02-15 17:35 - 01166132 _____ () C:\Users\Andrew\Desktop\adwcleaner.exe
2014-02-15 17:29 - 2014-02-15 17:29 - 00000000 ____D () C:\Users\Andrew\Documents\Elder Scrolls Online
2014-02-15 17:29 - 2014-02-15 17:29 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-02-15 17:16 - 2014-02-15 17:16 - 00000944 _____ () C:\Users\Public\Desktop\Trojan Killer.lnk
2014-02-15 17:16 - 2014-02-15 17:16 - 00000000 ____D () C:\ProgramData\GridinSoft
2014-02-15 17:15 - 2014-02-15 17:15 - 39905256 _____ (GridinSoft LLC) C:\Users\Andrew\Desktop\gtk-2.2.1.6-setup.exe
2014-02-15 15:28 - 2014-02-15 15:28 - 00014355 _____ () C:\Users\Andrew\Desktop\hijackthis.log
2014-02-15 15:27 - 2014-02-15 15:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\Andrew\Desktop\hijackthis.exe
2014-02-15 15:25 - 2014-02-15 17:37 - 00000168 _____ () C:\Windows\setupact.log
2014-02-15 15:25 - 2014-02-15 15:25 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-15 15:24 - 2014-02-15 15:24 - 00000604 _____ () C:\Windows\PFRO.log
2014-02-15 15:12 - 2014-02-15 16:42 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-02-15 15:12 - 2014-02-15 15:12 - 00001276 _____ () C:\Users\Public\Desktop\Cloud System Booster.lnk
2014-02-15 15:11 - 2014-02-15 15:11 - 15627064 _____ (Anvisoft) C:\Users\Andrew\Desktop\csbsetup.exe
2014-02-15 14:47 - 2014-02-15 14:48 - 00275712 _____ () C:\Windows\Minidump\021514-25646-01.dmp
2014-02-15 11:47 - 2014-02-15 13:00 - 09542429 _____ () C:\Users\Andrew\Desktop\STÁTNICOVÝ PACIENT-s laboratorní fází - 3.pptx
2014-02-15 11:42 - 2014-02-15 11:42 - 09542283 _____ () C:\Users\Andrew\Desktop\STÁTNICOVÝ PACIENT-s laboratorní fází - 2.pptx
2014-02-15 11:41 - 2014-02-15 16:48 - 00000000 ____D () C:\Users\Andrew\AppData\Local\PirritSuggestor
2014-02-13 18:53 - 2014-02-13 18:53 - 00218177 _____ () C:\Users\Andrew\Desktop\[kickass.to]il.labirinto.del.fauno.el.laberinto.del.fauno.bdrip.1080p.ita.spa.2006.torrent
2014-02-13 18:52 - 2014-02-13 18:52 - 00074479 _____ () C:\Users\Andrew\Desktop\[kickass.to]snatch.2000.bluray.1080p.dts.hd.x264.grym.torrent
2014-02-13 18:51 - 2014-02-13 18:51 - 00219512 _____ () C:\Users\Andrew\Desktop\[kickass.to]eternal.sunshine.of.the.spotless.mind.bdrip.1080p.eng.ita.dts.x264.bluray.2004.se.mi.lasci.ti.cancello.torrent
2014-02-13 18:51 - 2014-02-13 18:51 - 00023227 _____ () C:\Users\Andrew\Desktop\[kickass.to]eternal.sunshine.of.the.spotless.mind.2004.blu.ray.720p.x264.hdb.torrent
2014-02-13 18:49 - 2014-02-13 18:49 - 00062416 _____ () C:\Users\Andrew\Desktop\[kickass.to]django.unchained.2012.1080p.bluray.x264.sparks.torrent
2014-02-12 06:41 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 06:41 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 06:40 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 06:40 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 06:40 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 06:40 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 06:40 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 06:40 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 06:40 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 06:40 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 06:40 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 06:40 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 06:40 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 06:40 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 06:40 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 06:40 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 06:40 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 06:40 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 06:40 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 06:40 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 06:40 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 06:40 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 06:40 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 06:40 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 06:40 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 06:40 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 06:40 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 06:40 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 06:40 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 06:40 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 06:40 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 06:40 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 06:40 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 06:40 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 06:40 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 06:40 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 06:40 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 06:40 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 06:40 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 06:40 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 06:40 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 06:16 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 06:16 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 06:16 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 06:16 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 06:16 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 06:16 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 06:15 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 06:15 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 06:15 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 06:15 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 06:15 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 06:15 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 06:15 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 06:15 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 06:15 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 06:15 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 06:15 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 06:15 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 06:15 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 06:15 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 06:15 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 06:15 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 06:15 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 06:15 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 06:15 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 06:15 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 06:15 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 06:15 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 12:59 - 2014-02-11 12:59 - 00016640 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\gtkdrv.sys
2014-02-07 16:16 - 2014-02-07 16:16 - 00000916 _____ () C:\Users\Andrew\Desktop\The Elder Scrolls Online Beta.lnk
2014-02-07 16:15 - 2014-02-07 16:16 - 55903624 _____ ( ) C:\Users\Andrew\Desktop\Install_ESO_Beta.exe
2014-02-07 15:58 - 2014-02-07 16:08 - 00000000 ____D () C:\Users\Andrew\Desktop\material
2014-02-07 15:54 - 2014-02-07 15:54 - 00000048 _____ () C:\Users\Andrew\Desktop\secteno.txt
2014-02-01 13:28 - 2014-02-01 13:28 - 00000000 ___RD () C:\Users\Andrew\Desktop\Prace
2014-02-01 12:41 - 2014-02-01 12:41 - 00000511 _____ () C:\Users\Public\Desktop\Guild Wars 2.lnk
2014-02-01 12:38 - 2014-02-01 12:39 - 00000000 ____D () C:\Users\Andrew\AppData\Local\A5B384E2-7E91-4002-AA29-00A6A509C59E.aplzod
2014-01-30 21:40 - 2014-01-30 21:43 - 00000000 ____D () C:\Users\Andrew\Desktop\documents-export-2014-01-30
2014-01-30 21:16 - 2014-01-30 21:16 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-30 21:15 - 2014-01-30 21:16 - 09096003 _____ () C:\Users\Andrew\Desktop\STÁTNICOVÝ PACIENT.pptx
2014-01-30 21:15 - 2014-01-30 21:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-30 21:15 - 2014-01-30 21:15 - 00000000 ____D () C:\Program Files\iTunes
2014-01-30 21:15 - 2014-01-30 21:15 - 00000000 ____D () C:\Program Files\iPod
2014-01-30 21:15 - 2014-01-30 21:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-23 17:23 - 2014-01-23 17:23 - 00262144 ____N () C:\Windows\Minidump\012314-22604-01.dmp
2014-01-23 16:52 - 2014-01-23 16:52 - 00000000 ____D () C:\Users\Andrew\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2014-01-23 16:51 - 2014-01-23 16:51 - 00000000 ____D () C:\Users\Andrew\Documents\OCCT
2014-01-23 16:48 - 2014-01-23 16:48 - 00000971 _____ () C:\Users\Andrew\Desktop\OCCT.lnk
2014-01-23 16:48 - 2014-01-23 16:48 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT
2014-01-23 16:48 - 2014-01-23 16:48 - 00000000 ____D () C:\Program Files (x86)\OCCTPT
2014-01-21 06:42 - 2014-01-21 06:42 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-21 06:42 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-21 06:42 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-21 06:42 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-21 06:42 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-19 12:03 - 2014-01-19 12:03 - 00000000 ____D () C:\Users\Andrew\Documents\Assassin's Creed IV Black Flag
2014-01-19 10:32 - 2014-01-19 10:32 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-01-19 10:32 - 2014-01-19 10:32 - 00000000 ____D () C:\Program Files\Unlocker

==================== One Month Modified Files and Folders =======

2014-02-15 17:50 - 2014-02-15 17:50 - 00018268 _____ () C:\Users\Andrew\Desktop\FRST.txt
2014-02-15 17:50 - 2014-02-15 17:46 - 00000000 ____D () C:\FRST
2014-02-15 17:49 - 2014-02-15 17:49 - 00112640 _____ (forum.viry.cz) C:\Users\Andrew\Desktop\FRSTLauncher.exe
2014-02-15 17:48 - 2013-04-13 21:07 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\Skype
2014-02-15 17:46 - 2014-02-15 17:46 - 00000000 _____ () C:\Users\Andrew\Desktop\FRSTLauncher (1).exe
2014-02-15 17:45 - 2013-05-14 16:18 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-15 17:44 - 2014-02-15 17:43 - 02152960 _____ (Farbar) C:\Users\Andrew\Desktop\FRST64.exe
2014-02-15 17:44 - 2009-07-14 05:45 - 00021328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-15 17:44 - 2009-07-14 05:45 - 00021328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-15 17:42 - 2013-03-18 19:29 - 01692403 _____ () C:\Windows\WindowsUpdate.log
2014-02-15 17:38 - 2013-03-18 21:43 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-15 17:37 - 2014-02-15 15:25 - 00000168 _____ () C:\Windows\setupact.log
2014-02-15 17:37 - 2013-09-22 19:03 - 00000418 ____H () C:\Windows\Tasks\schedule!3036567561.job
2014-02-15 17:37 - 2013-05-14 16:18 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-15 17:37 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-15 17:36 - 2014-02-15 17:35 - 00000000 ____D () C:\AdwCleaner
2014-02-15 17:35 - 2014-02-15 17:35 - 01166132 _____ () C:\Users\Andrew\Desktop\adwcleaner.exe
2014-02-15 17:29 - 2014-02-15 17:29 - 00000000 ____D () C:\Users\Andrew\Documents\Elder Scrolls Online
2014-02-15 17:29 - 2014-02-15 17:29 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-02-15 17:16 - 2014-02-15 17:16 - 00000944 _____ () C:\Users\Public\Desktop\Trojan Killer.lnk
2014-02-15 17:16 - 2014-02-15 17:16 - 00000000 ____D () C:\ProgramData\GridinSoft
2014-02-15 17:16 - 2013-09-23 17:31 - 00000000 ____D () C:\Program Files\GridinSoft Trojan Killer
2014-02-15 17:15 - 2014-02-15 17:15 - 39905256 _____ (GridinSoft LLC) C:\Users\Andrew\Desktop\gtk-2.2.1.6-setup.exe
2014-02-15 17:05 - 2013-10-25 16:28 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-15 16:49 - 2013-03-18 19:31 - 00000000 ____D () C:\Users\Andrew
2014-02-15 16:48 - 2014-02-15 11:41 - 00000000 ____D () C:\Users\Andrew\AppData\Local\PirritSuggestor
2014-02-15 16:47 - 2013-10-09 05:44 - 00000000 ____D () C:\Windows\Minidump
2014-02-15 16:47 - 2013-03-20 06:33 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-02-15 16:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-15 16:46 - 2014-01-10 17:15 - 00000000 ____D () C:\Program Files (x86)\Pirrit
2014-02-15 16:46 - 2013-09-16 16:51 - 00000000 ____D () C:\ProgramData\HP
2014-02-15 16:46 - 2013-03-22 16:20 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\uTorrent
2014-02-15 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-15 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-15 16:42 - 2014-02-15 15:12 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-02-15 15:28 - 2014-02-15 15:28 - 00014355 _____ () C:\Users\Andrew\Desktop\hijackthis.log
2014-02-15 15:27 - 2014-02-15 15:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\Andrew\Desktop\hijackthis.exe
2014-02-15 15:25 - 2014-02-15 15:25 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-15 15:24 - 2014-02-15 15:24 - 00000604 _____ () C:\Windows\PFRO.log
2014-02-15 15:13 - 2013-06-28 17:10 - 00000000 __HDC () C:\ProgramData\{7DC941EB-5AED-4756-B9DB-5AD7769DC4C7}
2014-02-15 15:13 - 2013-03-19 04:25 - 00000000 ____D () C:\Windows\Panther
2014-02-15 15:12 - 2014-02-15 15:12 - 00001276 _____ () C:\Users\Public\Desktop\Cloud System Booster.lnk
2014-02-15 15:11 - 2014-02-15 15:11 - 15627064 _____ (Anvisoft) C:\Users\Andrew\Desktop\csbsetup.exe
2014-02-15 14:48 - 2014-02-15 14:47 - 00275712 _____ () C:\Windows\Minidump\021514-25646-01.dmp
2014-02-15 13:00 - 2014-02-15 11:47 - 09542429 _____ () C:\Users\Andrew\Desktop\STÁTNICOVÝ PACIENT-s laboratorní fází - 3.pptx
2014-02-15 11:42 - 2014-02-15 11:42 - 09542283 _____ () C:\Users\Andrew\Desktop\STÁTNICOVÝ PACIENT-s laboratorní fází - 2.pptx
2014-02-13 18:53 - 2014-02-13 18:53 - 00218177 _____ () C:\Users\Andrew\Desktop\[kickass.to]il.labirinto.del.fauno.el.laberinto.del.fauno.bdrip.1080p.ita.spa.2006.torrent
2014-02-13 18:52 - 2014-02-13 18:52 - 00074479 _____ () C:\Users\Andrew\Desktop\[kickass.to]snatch.2000.bluray.1080p.dts.hd.x264.grym.torrent
2014-02-13 18:51 - 2014-02-13 18:51 - 00219512 _____ () C:\Users\Andrew\Desktop\[kickass.to]eternal.sunshine.of.the.spotless.mind.bdrip.1080p.eng.ita.dts.x264.bluray.2004.se.mi.lasci.ti.cancello.torrent
2014-02-13 18:51 - 2014-02-13 18:51 - 00023227 _____ () C:\Users\Andrew\Desktop\[kickass.to]eternal.sunshine.of.the.spotless.mind.2004.blu.ray.720p.x264.hdb.torrent
2014-02-13 18:49 - 2014-02-13 18:49 - 00062416 _____ () C:\Users\Andrew\Desktop\[kickass.to]django.unchained.2012.1080p.bluray.x264.sparks.torrent
2014-02-13 16:08 - 2009-07-14 06:08 - 00032616 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-12 06:42 - 2013-03-18 23:15 - 01567286 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-12 06:42 - 2013-03-18 21:12 - 00671830 _____ () C:\Windows\system32\perfh005.dat
2014-02-12 06:42 - 2013-03-18 21:12 - 00142416 _____ () C:\Windows\system32\perfc005.dat
2014-02-12 06:42 - 2009-07-14 06:13 - 01567286 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-11 12:59 - 2014-02-11 12:59 - 00016640 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\gtkdrv.sys
2014-02-11 06:40 - 2013-05-14 16:18 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-11 06:40 - 2013-05-14 16:18 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-07 16:16 - 2014-02-07 16:16 - 00000916 _____ () C:\Users\Andrew\Desktop\The Elder Scrolls Online Beta.lnk
2014-02-07 16:16 - 2014-02-07 16:15 - 55903624 _____ ( ) C:\Users\Andrew\Desktop\Install_ESO_Beta.exe
2014-02-07 16:08 - 2014-02-07 15:58 - 00000000 ____D () C:\Users\Andrew\Desktop\material
2014-02-07 15:54 - 2014-02-07 15:54 - 00000048 _____ () C:\Users\Andrew\Desktop\secteno.txt
2014-02-06 13:16 - 2014-02-12 06:40 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 06:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 06:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 06:40 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 06:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 06:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 06:40 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 06:40 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 06:40 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 06:40 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 06:40 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 06:40 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 06:40 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 06:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 06:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 06:40 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 06:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 06:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 06:40 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 06:40 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 06:40 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 06:40 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 06:40 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 06:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 06:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 06:40 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 06:40 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 06:40 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 06:40 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 06:40 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 06:40 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 06:40 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 06:40 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 06:40 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 06:40 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 06:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 06:40 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 06:40 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 17:05 - 2013-10-25 16:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 17:05 - 2013-10-25 16:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 17:05 - 2013-10-25 16:28 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-01 13:28 - 2014-02-01 13:28 - 00000000 ___RD () C:\Users\Andrew\Desktop\Prace
2014-02-01 12:41 - 2014-02-01 12:41 - 00000511 _____ () C:\Users\Public\Desktop\Guild Wars 2.lnk
2014-02-01 12:41 - 2013-10-19 07:08 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\Guild Wars 2
2014-02-01 12:41 - 2013-03-19 20:34 - 00000000 ____D () C:\Users\Andrew\Documents\Guild Wars 2
2014-02-01 12:39 - 2014-02-01 12:38 - 00000000 ____D () C:\Users\Andrew\AppData\Local\A5B384E2-7E91-4002-AA29-00A6A509C59E.aplzod
2014-02-01 12:39 - 2013-03-21 16:35 - 00000000 ____D () C:\Users\Andrew\AppData\Local\Apple
2014-02-01 12:38 - 2013-07-19 15:42 - 00000000 ____D () C:\Users\Andrew\Documents\Outlook Files
2014-02-01 12:38 - 2013-03-21 16:36 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\Apple Computer
2014-01-30 21:43 - 2014-01-30 21:40 - 00000000 ____D () C:\Users\Andrew\Desktop\documents-export-2014-01-30
2014-01-30 21:16 - 2014-01-30 21:16 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-30 21:16 - 2014-01-30 21:15 - 09096003 _____ () C:\Users\Andrew\Desktop\STÁTNICOVÝ PACIENT.pptx
2014-01-30 21:15 - 2014-01-30 21:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-30 21:15 - 2014-01-30 21:15 - 00000000 ____D () C:\Program Files\iTunes
2014-01-30 21:15 - 2014-01-30 21:15 - 00000000 ____D () C:\Program Files\iPod
2014-01-30 21:15 - 2014-01-30 21:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-30 21:13 - 2013-03-21 16:35 - 00000000 ____D () C:\ProgramData\Apple
2014-01-23 17:23 - 2014-01-23 17:23 - 00262144 ____N () C:\Windows\Minidump\012314-22604-01.dmp
2014-01-23 16:52 - 2014-01-23 16:52 - 00000000 ____D () C:\Users\Andrew\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2014-01-23 16:51 - 2014-01-23 16:51 - 00000000 ____D () C:\Users\Andrew\Documents\OCCT
2014-01-23 16:48 - 2014-01-23 16:48 - 00000971 _____ () C:\Users\Andrew\Desktop\OCCT.lnk
2014-01-23 16:48 - 2014-01-23 16:48 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT
2014-01-23 16:48 - 2014-01-23 16:48 - 00000000 ____D () C:\Program Files (x86)\OCCTPT
2014-01-23 16:48 - 2013-06-02 09:39 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-01-21 06:43 - 2013-10-17 13:11 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-21 06:42 - 2014-01-21 06:42 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-21 06:42 - 2013-06-28 17:11 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-19 12:03 - 2014-01-19 12:03 - 00000000 ____D () C:\Users\Andrew\Documents\Assassin's Creed IV Black Flag
2014-01-19 10:32 - 2014-01-19 10:32 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-01-19 10:32 - 2014-01-19 10:32 - 00000000 ____D () C:\Program Files\Unlocker
2014-01-18 17:49 - 2013-07-14 11:12 - 00000000 ____D () C:\Users\Andrew\Desktop\Cviceni
2014-01-16 08:19 - 2009-07-14 05:45 - 00442456 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 00:52 - 2013-08-12 14:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 00:51 - 2013-03-18 21:00 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Andrew\AppData\Local\Temp\CERECConfigurator.exe
C:\Users\Andrew\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2014-02-15 16:13




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:465.66 GB) (Free:318.55 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:405.54 GB) NTFS
Drive f: (Transcend) (Fixed) (Total:931.51 GB) (Free:455.43 GB) NTFS

Available physical RAM: 5725.31 MB
Total physical RAM: 8190.05 MB
Percentage of memory in use: 30%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 30701168)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: AFFD6249)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 00013A5C)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\schedule!3036567561.job => C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:AF2E656A

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Andrew\Desktop" je 1073 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\Program Files\\CEREC\\inLab System64\\inLab.exe"="C:\\Program Files\\CEREC\\inLab System64\\inLab.exe:*:Enabled:inLab"
"C:\\Program Files\\CEREC\\inLabStack System64\\inLabStack.exe"="C:\\Program Files\\CEREC\\inLabStack System64\\inLabStack.exe:*:EnabledinLabStack"
"C:\\Program Files (x86)\\CodeMeter\\Runtime\\bin\\CodeMeter.exe"="C:\\Program Files (x86)\\CodeMeter\\Runtime\\bin\\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\CEREC\\inLab System64\\inLab.exe"="C:\\Program Files\\CEREC\\inLab System64\\inLab.exe:*:Enabled:inLab"
"C:\\Program Files\\CEREC\\inLabStack System64\\inLabStack.exe"="C:\\Program Files\\CEREC\\inLabStack System64\\inLabStack.exe:*:EnabledinLabStack"
"C:\\Program Files (x86)\\CodeMeter\\Runtime\\bin\\CodeMeter.exe"="C:\\Program Files (x86)\\CodeMeter\\Runtime\\bin\\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

add log : http://ulozto.cz/xxYLBNnR/andrewcz-rar , heslo : virycz

jinak se prosim neleknete toho nepreberneho mnozstvi removeru apod.. Snazil jsem se dnes opravdu vehementne tento problem odstranit..

Maly dotaz, kde jste sehnal verzi W7 Enterpise, ktera neni normalne k prodeji a je urcena je pro velke korporace

nahrali mi to v servisu pc po tom co jsem si nechal vymenit desku a nechal jsem si od nich obnovit data z mrtveho disku tak se mi vratil preinstalovany pc.

mel jsem predtim ultimate, jaky je rozdil ?

Ultimate - legalni?? Urcen spise pro mensi firmy a profesionaly

Enterprise - neprodejna licence, urcena pro firemni zakazniky...

Mohu vedet, kolik za licenci na Enterprise chteli zaplatit?? Jinak samozrejme pokud je tam nainstalovali, ta musi dat instalacni medium, ci licencni stitek (COA stitek)