Reklamni okna v Chrome
Napsal: 04 bře 2014 10:29
Pořád mi vyskakují nějaká okna v chrome. Najedu na nějakou stránku a objeví je mi tam další iframes s reklamou. Odstranil jsem snad všechny doplňky a pořád to trvá. Teď jsem přeinstaloval Chrome a vypadá to, že se problém vyřešil nicméně chci mít jistotu. Diky moc
Tady FRST log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2014
Ran by Beatle.cz (administrator) on BEATLECZ-PC on 04-03-2014 10:35:32
Running from C:\Users\Beatle.cz\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AgileBits) C:\Program Files (x86)\1Password\Agile1pService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(Microsoft Corporation) C:\Users\Beatle.cz\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Dropbox, Inc.) C:\Users\Beatle.cz\AppData\Roaming\Dropbox\bin\Dropbox.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\pg_ctl.exe
(Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(AgileBits) C:\Program Files (x86)\1Password\Agile1pAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(forum.viry.cz) C:\Users\Beatle.cz\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [IntelliType Pro] - C:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-02-20] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Agile1pAgent] - C:\Program Files (x86)\1Password\Agile1pAgent.exe [2247952 2013-12-18] (AgileBits)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Runonce: [{9487340a-1abd-45e4-83f4-2c7fb32f9dbd}] - "C:\ProgramData\Package Cache\{9487340a-1abd-45e4-83f4-2c7fb32f9dbd}\vs_langpack.exe" /burn.log.append "C:\Users\Beatle.cz\AppData\Local\Temp\dd_vs_langpack_20120808144535.log" /uninstall /lpuninstall /chainingpackage vs_ultimate /CEIPconsent /p SkipAppidSetup=1 /burn.runonce [X]
HKU\S-1-5-21-1745207098-3779551704-2485539751-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-1745207098-3779551704-2485539751-1001\...\Run: [SkyDrive] - C:\Users\Beatle.cz\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-02-20] (Microsoft Corporation)
HKU\S-1-5-21-1745207098-3779551704-2485539751-1001\...\Run: [Metro7] - "C:\Program Files (x86)\Metro7\Metro7.exe"
HKU\S-1-5-21-1745207098-3779551704-2485539751-1001\...\Run: [OfficeSyncProcess] - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [911040 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-1745207098-3779551704-2485539751-1001\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1745207098-3779551704-2485539751-1001\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
Startup: C:\Users\Beatle.cz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Beatle.cz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Beatle.cz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
Startup: C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Users\Classic .NET AppPool\AppData\Roaming\lpuninstall.exe (LastPass)
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Users\DefaultAppPool\AppData\Roaming\lpuninstall.exe (LastPass)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://www2.inbox.com/search/dispatcher ... 120&lng=cs
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: 1Password - {CB1A24DA-7416-4921-A0CF-5AA1160AAE2A} - C:\Program Files (x86)\1Password\Agile1pIE.dll (AgileBits)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {55963676-2F5E-4BAF-AC28-CF26AA587566} https://vpn.salinememorial.org/CACHE/st ... vpnweb.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 71.251.230.84 metaweb
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{48ABC0C2-A2DB-416A-AE19-A15013986D2E}: [NameServer]8.8.8.8,8.8.4.4
FireFox:
========
FF ProfilePath: C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default
FF user.js: detected! => C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Extension: FVD Speed Dial with Full Online Sync - C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default\Extensions\pavel.sherbakov@gmail.com [2013-12-10]
FF Extension: Selenium IDE - C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default\Extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f} [2013-12-10]
FF Extension: Selenium IDE: C# Formatters - C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default\Extensions\csharpformatters@seleniumhq.org.xpi [2012-05-30]
FF Extension: Selenium IDE: Java Formatters - C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default\Extensions\javaformatters@seleniumhq.org.xpi [2012-05-30]
FF Extension: Selenium IDE: Python Formatters - C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default\Extensions\pythonformatters@seleniumhq.org.xpi [2012-05-30]
FF Extension: Selenium IDE: Ruby Formatters - C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default\Extensions\rubyformatters@seleniumhq.org.xpi [2012-05-30]
FF Extension: Selenium IDE Button - C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default\Extensions\selenium_ide_buttons@egarracingteam.com.ar.xpi [2012-05-30]
Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Beatle.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-04]
CHR Extension: (Disk Google) - C:\Users\Beatle.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-04]
CHR Extension: (YouTube) - C:\Users\Beatle.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-04]
CHR Extension: (Vyhledávání Google) - C:\Users\Beatle.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-04]
CHR Extension: (Peněženka Google) - C:\Users\Beatle.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-04]
CHR Extension: (Gmail) - C:\Users\Beatle.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-04]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 Agile1Password; C:\Program Files (x86)\1Password\Agile1pService.exe [768784 2013-12-18] (AgileBits)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.)
S3 fussvc; C:\Program Files\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 postgresql-9.3; C:\Program Files (x86)\PostgreSQL\9.3\bin\pg_ctl.exe [79872 2013-12-03] (PostgreSQL Global Development Group)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S3 dsNcAdpt; C:\Windows\System32\DRIVERS\dsNcAdX64.sys [29184 2008-04-30] (Juniper Networks)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-10] (DT Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [1077840 2010-11-19] (DiBcom SA)
S3 MODRC; C:\Windows\System32\DRIVERS\modrc.sys [24272 2010-11-19] (DiBcom S.A.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 PPJoyBus; C:\Windows\System32\DRIVERS\PPJoyBus64.sys [20024 2010-02-20] (Deon van der Westhuysen)
S3 PPortJoystick; C:\Windows\System32\DRIVERS\PPortJoy64.sys [39992 2010-02-20] (Deon van der Westhuysen)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2012-04-12] (Oracle Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61112 2014-02-20] (StdLib)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-04 10:35 - 2014-03-04 10:35 - 00847848 _____ (Google Inc.) C:\Users\Beatle.cz\Downloads\ChromeSetup (1).exe
2014-03-04 10:31 - 2014-03-04 10:31 - 00010460 _____ () C:\Windows\DPINST.LOG
2014-03-04 10:24 - 2014-03-04 10:24 - 00687104 _____ () C:\Users\Beatle.cz\Downloads\MicrosoftFixit50756.msi
2014-03-04 10:22 - 2014-03-04 10:27 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-04 10:22 - 2014-03-04 10:27 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-04 10:22 - 2014-03-04 10:22 - 00847848 _____ (Google Inc.) C:\Users\Beatle.cz\Downloads\ChromeSetup.exe
2014-03-04 10:22 - 2014-03-04 10:22 - 00003954 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-04 10:22 - 2014-03-04 10:22 - 00003702 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-04 10:22 - 2014-03-04 10:22 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-04 10:22 - 2014-03-04 10:22 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-04 10:04 - 2014-03-04 10:27 - 00009936 _____ () C:\Windows\PFRO.log
2014-03-04 09:55 - 2014-03-04 09:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Beatle.cz\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 09:55 - 2014-03-04 09:55 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-04 09:55 - 2014-03-04 09:55 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Malwarebytes
2014-03-04 09:55 - 2014-03-04 09:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-04 09:55 - 2014-03-04 09:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-04 09:55 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-04 09:42 - 2014-03-04 10:35 - 00018091 _____ () C:\Users\Beatle.cz\Desktop\FRST.txt
2014-03-04 09:41 - 2014-03-04 09:41 - 00080172 _____ () C:\Users\Beatle.cz\Downloads\Addition.txt
2014-03-04 09:40 - 2014-03-04 09:44 - 00000000 ____D () C:\FRST
2014-03-04 09:40 - 2014-03-04 09:41 - 00048273 _____ () C:\Users\Beatle.cz\Downloads\FRST.txt
2014-03-04 09:40 - 2014-03-04 09:40 - 02156544 _____ (Farbar) C:\Users\Beatle.cz\Desktop\FRST64.exe
2014-03-04 09:40 - 2014-03-04 09:40 - 00112640 _____ (forum.viry.cz) C:\Users\Beatle.cz\Desktop\FRSTLauncher.exe
2014-03-04 09:39 - 2014-03-04 09:39 - 00112107 _____ (forum.viry.cz) C:\Users\Beatle.cz\Downloads\VerzeOS.exe
2014-03-04 09:29 - 2014-03-04 09:29 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-03-04 09:29 - 2014-03-04 09:29 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Opera Software
2014-03-04 09:29 - 2014-03-04 09:29 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\Opera Software
2014-03-04 09:29 - 2014-03-04 09:29 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-04 09:26 - 2014-03-04 09:27 - 34759416 _____ (Opera Software ASA) C:\Users\Beatle.cz\Downloads\Opera_20.0.1387.64_Setup.exe
2014-03-04 09:24 - 2014-03-04 09:25 - 13932780 _____ (Opera Software ASA) C:\Users\Beatle.cz\Downloads\Unconfirmed 49365.crdownload
2014-03-03 17:19 - 2014-03-03 17:19 - 00927536 _____ () C:\Windows\Minidump\030314-16692-01.dmp
2014-02-28 14:53 - 2014-03-04 09:26 - 00000000 ____D () C:\Program Files (x86)\MediaViewV1
2014-02-24 16:54 - 2014-03-04 09:26 - 00000000 ____D () C:\Program Files (x86)\MediaViewerV1
2014-02-20 18:20 - 2014-02-20 18:20 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLib64.sys
2014-02-20 17:46 - 2014-02-20 17:46 - 00905552 _____ () C:\Windows\Minidump\022014-17238-01.dmp
2014-02-20 16:22 - 2014-02-20 16:22 - 00002175 _____ () C:\Users\Beatle.cz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-02-12 17:15 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 17:15 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 17:15 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 17:15 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 17:15 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 17:15 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 17:15 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 17:15 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 17:15 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 17:15 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 17:15 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 17:15 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 17:15 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 17:15 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 17:15 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 17:15 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 17:15 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 17:15 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 17:15 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 17:15 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 17:15 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 17:15 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 17:15 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 17:15 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 17:15 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 17:15 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 17:15 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 17:15 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 17:15 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 17:15 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 17:15 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 17:15 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 17:15 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 17:15 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 17:15 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 17:15 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 17:15 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 17:15 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 17:15 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 17:15 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 17:15 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 16:17 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 16:17 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 16:17 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 16:17 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 16:17 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 16:17 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 16:17 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 16:17 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 16:17 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 16:17 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 16:17 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 16:17 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 16:17 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 16:17 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 16:17 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 16:17 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 16:17 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 16:17 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 16:17 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 16:17 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 16:17 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 16:17 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 16:17 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 16:17 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 16:17 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 16:17 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 16:17 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 16:17 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-03 14:18 - 2014-02-03 14:18 - 06599055 _____ () C:\Users\Beatle.cz\Downloads\Json.NET.zip
2014-02-03 12:50 - 2014-02-03 12:50 - 00000000 ____D () C:\Users\Beatle.cz\Desktop\New folder
==================== One Month Modified Files and Folders =======
2014-03-04 10:35 - 2014-03-04 10:35 - 00847848 _____ (Google Inc.) C:\Users\Beatle.cz\Downloads\ChromeSetup (1).exe
2014-03-04 10:35 - 2014-03-04 09:42 - 00018091 _____ () C:\Users\Beatle.cz\Desktop\FRST.txt
2014-03-04 10:34 - 2009-07-14 05:45 - 00026480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-04 10:34 - 2009-07-14 05:45 - 00026480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-04 10:32 - 2013-12-10 11:37 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Dropbox
2014-03-04 10:32 - 2009-07-14 06:13 - 01009078 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-04 10:31 - 2014-03-04 10:31 - 00010460 _____ () C:\Windows\DPINST.LOG
2014-03-04 10:31 - 2012-05-10 08:36 - 01418973 _____ () C:\Windows\WindowsUpdate.log
2014-03-04 10:29 - 2012-10-10 13:07 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-04 10:29 - 2012-05-15 05:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-04 10:28 - 2013-12-10 11:38 - 00000000 ___RD () C:\Users\Beatle.cz\Dropbox
2014-03-04 10:28 - 2012-05-14 19:56 - 00000000 ___RD () C:\Users\Beatle.cz\SkyDrive
2014-03-04 10:28 - 2012-05-10 08:44 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Adobe
2014-03-04 10:27 - 2014-03-04 10:22 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-04 10:27 - 2014-03-04 10:22 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-04 10:27 - 2014-03-04 10:04 - 00009936 _____ () C:\Windows\PFRO.log
2014-03-04 10:27 - 2014-01-16 14:01 - 00002463 _____ () C:\Windows\setupact.log
2014-03-04 10:27 - 2012-05-10 12:30 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\TSVNCache
2014-03-04 10:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-04 10:26 - 2013-06-20 06:59 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\TGitCache
2014-03-04 10:24 - 2014-03-04 10:24 - 00687104 _____ () C:\Users\Beatle.cz\Downloads\MicrosoftFixit50756.msi
2014-03-04 10:23 - 2012-05-14 19:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-04 10:22 - 2014-03-04 10:22 - 00847848 _____ (Google Inc.) C:\Users\Beatle.cz\Downloads\ChromeSetup.exe
2014-03-04 10:22 - 2014-03-04 10:22 - 00003954 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-04 10:22 - 2014-03-04 10:22 - 00003702 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-04 10:22 - 2014-03-04 10:22 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-04 10:22 - 2014-03-04 10:22 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-04 10:15 - 2012-05-10 08:39 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\Google
2014-03-04 10:04 - 2014-01-08 14:11 - 00000000 ____D () C:\Program Files (x86)\outobox
2014-03-04 10:03 - 2014-01-08 14:12 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\genienext
2014-03-04 09:55 - 2014-03-04 09:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Beatle.cz\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 09:55 - 2014-03-04 09:55 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-04 09:55 - 2014-03-04 09:55 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Malwarebytes
2014-03-04 09:55 - 2014-03-04 09:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-04 09:55 - 2014-03-04 09:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-04 09:44 - 2014-03-04 09:40 - 00000000 ____D () C:\FRST
2014-03-04 09:41 - 2014-03-04 09:41 - 00080172 _____ () C:\Users\Beatle.cz\Downloads\Addition.txt
2014-03-04 09:41 - 2014-03-04 09:40 - 00048273 _____ () C:\Users\Beatle.cz\Downloads\FRST.txt
2014-03-04 09:40 - 2014-03-04 09:40 - 02156544 _____ (Farbar) C:\Users\Beatle.cz\Desktop\FRST64.exe
2014-03-04 09:40 - 2014-03-04 09:40 - 00112640 _____ (forum.viry.cz) C:\Users\Beatle.cz\Desktop\FRSTLauncher.exe
2014-03-04 09:39 - 2014-03-04 09:39 - 00112107 _____ (forum.viry.cz) C:\Users\Beatle.cz\Downloads\VerzeOS.exe
2014-03-04 09:33 - 2014-01-26 11:13 - 00000000 ____D () C:\Program Files (x86)\VideoPlayerV3
2014-03-04 09:33 - 2012-09-24 06:34 - 00000000 ____D () C:\ProgramData\KONAMI
2014-03-04 09:32 - 2012-09-24 06:37 - 00000000 ____D () C:\Users\Beatle.cz\Documents\KONAMI
2014-03-04 09:29 - 2014-03-04 09:29 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-03-04 09:29 - 2014-03-04 09:29 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Opera Software
2014-03-04 09:29 - 2014-03-04 09:29 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\Opera Software
2014-03-04 09:29 - 2014-03-04 09:29 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-04 09:29 - 2012-05-15 05:24 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-04 09:28 - 2014-01-08 11:11 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0
2014-03-04 09:28 - 2014-01-08 11:11 - 00000000 ____D () C:\Program Files (x86)\Moo0
2014-03-04 09:28 - 2012-06-25 16:03 - 00000000 ____D () C:\Program Files (x86)\Moje slovíčka
2014-03-04 09:27 - 2014-03-04 09:26 - 34759416 _____ (Opera Software ASA) C:\Users\Beatle.cz\Downloads\Opera_20.0.1387.64_Setup.exe
2014-03-04 09:27 - 2012-10-02 13:21 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Opera
2014-03-04 09:27 - 2012-10-02 13:21 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\Opera
2014-03-04 09:27 - 2012-10-02 13:21 - 00000000 ____D () C:\Program Files (x86)\Opera Next
2014-03-04 09:26 - 2014-02-28 14:53 - 00000000 ____D () C:\Program Files (x86)\MediaViewV1
2014-03-04 09:26 - 2014-02-24 16:54 - 00000000 ____D () C:\Program Files (x86)\MediaViewerV1
2014-03-04 09:26 - 2014-01-30 16:22 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerV1
2014-03-04 09:25 - 2014-03-04 09:24 - 13932780 _____ (Opera Software ASA) C:\Users\Beatle.cz\Downloads\Unconfirmed 49365.crdownload
2014-03-04 09:25 - 2014-01-30 16:22 - 00000602 __RSH () C:\ProgramData\ntuser.pol
2014-03-04 09:25 - 2012-07-13 12:34 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Juniper Networks
2014-03-04 09:25 - 2012-05-10 18:32 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\Instantbird
2014-03-04 08:40 - 2012-05-24 12:41 - 00000000 ____D () C:\Users\Beatle.cz\Documents\Visual Studio 11
2014-03-03 17:19 - 2014-03-03 17:19 - 00927536 _____ () C:\Windows\Minidump\030314-16692-01.dmp
2014-03-03 17:19 - 2012-08-31 15:06 - 00000000 ____D () C:\Windows\Minidump
2014-02-26 17:21 - 2012-05-10 09:16 - 00994076 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-22 14:23 - 2012-05-14 19:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-22 14:23 - 2012-05-14 19:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-22 14:23 - 2012-05-14 19:52 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 14:58 - 2012-05-21 19:08 - 00000000 ____D () C:\Users\Beatle.cz\.VirtualBox
2014-02-20 19:47 - 2012-11-30 11:37 - 00000000 ____D () C:\Windows\rescache
2014-02-20 18:20 - 2014-02-20 18:20 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLib64.sys
2014-02-20 17:46 - 2014-02-20 17:46 - 00905552 _____ () C:\Windows\Minidump\022014-17238-01.dmp
2014-02-20 17:31 - 2012-08-28 11:25 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\CrashDumps
2014-02-20 16:22 - 2014-02-20 16:22 - 00002175 _____ () C:\Users\Beatle.cz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-02-18 16:09 - 2013-09-20 15:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-18 16:07 - 2012-05-14 22:19 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-12 17:19 - 2012-05-10 09:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-12 17:16 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-02-06 13:16 - 2014-02-12 17:15 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 17:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 17:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 17:15 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 17:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 17:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 17:15 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 17:15 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 17:15 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 17:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 17:15 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 17:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 17:15 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 17:15 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 17:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 17:15 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 17:15 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 17:15 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 17:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 17:15 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 17:15 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 17:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 17:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 17:15 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 17:15 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 17:15 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 17:15 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 17:15 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 17:15 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 17:15 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 17:15 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 17:15 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 17:15 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 17:15 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 17:15 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 17:15 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 17:15 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 17:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 17:15 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 15:44 - 2012-05-11 08:43 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Skype
2014-02-05 15:37 - 2012-09-21 08:20 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\.purple
2014-02-05 10:54 - 2012-05-15 05:25 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\Adobe
2014-02-04 10:27 - 2014-01-07 10:48 - 00000000 ____D () C:\Users\Beatle.cz\Documents\Projects
2014-02-04 07:37 - 2012-05-10 14:52 - 00000000 ____D () C:\Users\Beatle.cz\Documents\SQL Server Management Studio
2014-02-03 14:18 - 2014-02-03 14:18 - 06599055 _____ () C:\Users\Beatle.cz\Downloads\Json.NET.zip
2014-02-03 12:50 - 2014-02-03 12:50 - 00000000 ____D () C:\Users\Beatle.cz\Desktop\New folder
Some content of TEMP:
====================
C:\Users\Beatle.cz\AppData\Local\Temp\dsNCInst64.exe
C:\Users\Beatle.cz\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Beatle.cz\AppData\Local\Temp\restarter118424015678852649.exe
C:\Users\Beatle.cz\AppData\Local\Temp\restarter1892845174297118254.exe
C:\Users\Beatle.cz\AppData\Local\Temp\restarter8473227234860584488.exe
C:\Users\Beatle.cz\AppData\Local\Temp\VistaLauncher7886954547769750124.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-20 19:40
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:111.79 GB) (Free:14.18 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:156.15 GB) (Free:47.83 GB) NTFS
Drive f: () (Fixed) (Total:309.51 GB) (Free:89.43 GB) NTFS
Available physical RAM: 1985 MB
Total physical RAM: 4094.49 MB
Percentage of memory in use: 51%
==================== MBR and Partition Table ==================
Multiple Image Resizer .NET 4 (HKLM-x32\...\Multiple Image Resizer .NET 4) (Version: 4.0.0.4 - Acumen Business Systems Ltd)
Multiple Image Resizer .NET 4 (x32 Version: 4.0.0.4 - Acumen Business Systems Ltd) Hidden
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F059185C)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 84C3FC8E)
Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Beatle.cz\Desktop" je 274 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Tady FRST log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2014
Ran by Beatle.cz (administrator) on BEATLECZ-PC on 04-03-2014 10:35:32
Running from C:\Users\Beatle.cz\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AgileBits) C:\Program Files (x86)\1Password\Agile1pService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(Microsoft Corporation) C:\Users\Beatle.cz\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Dropbox, Inc.) C:\Users\Beatle.cz\AppData\Roaming\Dropbox\bin\Dropbox.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\pg_ctl.exe
(Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(AgileBits) C:\Program Files (x86)\1Password\Agile1pAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(forum.viry.cz) C:\Users\Beatle.cz\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [IntelliType Pro] - C:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-02-20] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Agile1pAgent] - C:\Program Files (x86)\1Password\Agile1pAgent.exe [2247952 2013-12-18] (AgileBits)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Runonce: [{9487340a-1abd-45e4-83f4-2c7fb32f9dbd}] - "C:\ProgramData\Package Cache\{9487340a-1abd-45e4-83f4-2c7fb32f9dbd}\vs_langpack.exe" /burn.log.append "C:\Users\Beatle.cz\AppData\Local\Temp\dd_vs_langpack_20120808144535.log" /uninstall /lpuninstall /chainingpackage vs_ultimate /CEIPconsent /p SkipAppidSetup=1 /burn.runonce [X]
HKU\S-1-5-21-1745207098-3779551704-2485539751-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-1745207098-3779551704-2485539751-1001\...\Run: [SkyDrive] - C:\Users\Beatle.cz\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-02-20] (Microsoft Corporation)
HKU\S-1-5-21-1745207098-3779551704-2485539751-1001\...\Run: [Metro7] - "C:\Program Files (x86)\Metro7\Metro7.exe"
HKU\S-1-5-21-1745207098-3779551704-2485539751-1001\...\Run: [OfficeSyncProcess] - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [911040 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-1745207098-3779551704-2485539751-1001\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1745207098-3779551704-2485539751-1001\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
Startup: C:\Users\Beatle.cz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Beatle.cz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Beatle.cz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
Startup: C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Users\Classic .NET AppPool\AppData\Roaming\lpuninstall.exe (LastPass)
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Users\DefaultAppPool\AppData\Roaming\lpuninstall.exe (LastPass)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://www2.inbox.com/search/dispatcher ... 120&lng=cs
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: 1Password - {CB1A24DA-7416-4921-A0CF-5AA1160AAE2A} - C:\Program Files (x86)\1Password\Agile1pIE.dll (AgileBits)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {55963676-2F5E-4BAF-AC28-CF26AA587566} https://vpn.salinememorial.org/CACHE/st ... vpnweb.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 71.251.230.84 metaweb
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{48ABC0C2-A2DB-416A-AE19-A15013986D2E}: [NameServer]8.8.8.8,8.8.4.4
FireFox:
========
FF ProfilePath: C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default
FF user.js: detected! => C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Extension: FVD Speed Dial with Full Online Sync - C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default\Extensions\pavel.sherbakov@gmail.com [2013-12-10]
FF Extension: Selenium IDE - C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default\Extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f} [2013-12-10]
FF Extension: Selenium IDE: C# Formatters - C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default\Extensions\csharpformatters@seleniumhq.org.xpi [2012-05-30]
FF Extension: Selenium IDE: Java Formatters - C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default\Extensions\javaformatters@seleniumhq.org.xpi [2012-05-30]
FF Extension: Selenium IDE: Python Formatters - C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default\Extensions\pythonformatters@seleniumhq.org.xpi [2012-05-30]
FF Extension: Selenium IDE: Ruby Formatters - C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default\Extensions\rubyformatters@seleniumhq.org.xpi [2012-05-30]
FF Extension: Selenium IDE Button - C:\Users\Beatle.cz\AppData\Roaming\Mozilla\Firefox\Profiles\3qdrk6mr.default\Extensions\selenium_ide_buttons@egarracingteam.com.ar.xpi [2012-05-30]
Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Beatle.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-04]
CHR Extension: (Disk Google) - C:\Users\Beatle.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-04]
CHR Extension: (YouTube) - C:\Users\Beatle.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-04]
CHR Extension: (Vyhledávání Google) - C:\Users\Beatle.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-04]
CHR Extension: (Peněženka Google) - C:\Users\Beatle.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-04]
CHR Extension: (Gmail) - C:\Users\Beatle.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-04]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 Agile1Password; C:\Program Files (x86)\1Password\Agile1pService.exe [768784 2013-12-18] (AgileBits)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.)
S3 fussvc; C:\Program Files\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 postgresql-9.3; C:\Program Files (x86)\PostgreSQL\9.3\bin\pg_ctl.exe [79872 2013-12-03] (PostgreSQL Global Development Group)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S3 dsNcAdpt; C:\Windows\System32\DRIVERS\dsNcAdX64.sys [29184 2008-04-30] (Juniper Networks)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-10] (DT Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [1077840 2010-11-19] (DiBcom SA)
S3 MODRC; C:\Windows\System32\DRIVERS\modrc.sys [24272 2010-11-19] (DiBcom S.A.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 PPJoyBus; C:\Windows\System32\DRIVERS\PPJoyBus64.sys [20024 2010-02-20] (Deon van der Westhuysen)
S3 PPortJoystick; C:\Windows\System32\DRIVERS\PPortJoy64.sys [39992 2010-02-20] (Deon van der Westhuysen)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2012-04-12] (Oracle Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61112 2014-02-20] (StdLib)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-04 10:35 - 2014-03-04 10:35 - 00847848 _____ (Google Inc.) C:\Users\Beatle.cz\Downloads\ChromeSetup (1).exe
2014-03-04 10:31 - 2014-03-04 10:31 - 00010460 _____ () C:\Windows\DPINST.LOG
2014-03-04 10:24 - 2014-03-04 10:24 - 00687104 _____ () C:\Users\Beatle.cz\Downloads\MicrosoftFixit50756.msi
2014-03-04 10:22 - 2014-03-04 10:27 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-04 10:22 - 2014-03-04 10:27 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-04 10:22 - 2014-03-04 10:22 - 00847848 _____ (Google Inc.) C:\Users\Beatle.cz\Downloads\ChromeSetup.exe
2014-03-04 10:22 - 2014-03-04 10:22 - 00003954 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-04 10:22 - 2014-03-04 10:22 - 00003702 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-04 10:22 - 2014-03-04 10:22 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-04 10:22 - 2014-03-04 10:22 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-04 10:04 - 2014-03-04 10:27 - 00009936 _____ () C:\Windows\PFRO.log
2014-03-04 09:55 - 2014-03-04 09:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Beatle.cz\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 09:55 - 2014-03-04 09:55 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-04 09:55 - 2014-03-04 09:55 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Malwarebytes
2014-03-04 09:55 - 2014-03-04 09:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-04 09:55 - 2014-03-04 09:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-04 09:55 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-04 09:42 - 2014-03-04 10:35 - 00018091 _____ () C:\Users\Beatle.cz\Desktop\FRST.txt
2014-03-04 09:41 - 2014-03-04 09:41 - 00080172 _____ () C:\Users\Beatle.cz\Downloads\Addition.txt
2014-03-04 09:40 - 2014-03-04 09:44 - 00000000 ____D () C:\FRST
2014-03-04 09:40 - 2014-03-04 09:41 - 00048273 _____ () C:\Users\Beatle.cz\Downloads\FRST.txt
2014-03-04 09:40 - 2014-03-04 09:40 - 02156544 _____ (Farbar) C:\Users\Beatle.cz\Desktop\FRST64.exe
2014-03-04 09:40 - 2014-03-04 09:40 - 00112640 _____ (forum.viry.cz) C:\Users\Beatle.cz\Desktop\FRSTLauncher.exe
2014-03-04 09:39 - 2014-03-04 09:39 - 00112107 _____ (forum.viry.cz) C:\Users\Beatle.cz\Downloads\VerzeOS.exe
2014-03-04 09:29 - 2014-03-04 09:29 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-03-04 09:29 - 2014-03-04 09:29 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Opera Software
2014-03-04 09:29 - 2014-03-04 09:29 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\Opera Software
2014-03-04 09:29 - 2014-03-04 09:29 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-04 09:26 - 2014-03-04 09:27 - 34759416 _____ (Opera Software ASA) C:\Users\Beatle.cz\Downloads\Opera_20.0.1387.64_Setup.exe
2014-03-04 09:24 - 2014-03-04 09:25 - 13932780 _____ (Opera Software ASA) C:\Users\Beatle.cz\Downloads\Unconfirmed 49365.crdownload
2014-03-03 17:19 - 2014-03-03 17:19 - 00927536 _____ () C:\Windows\Minidump\030314-16692-01.dmp
2014-02-28 14:53 - 2014-03-04 09:26 - 00000000 ____D () C:\Program Files (x86)\MediaViewV1
2014-02-24 16:54 - 2014-03-04 09:26 - 00000000 ____D () C:\Program Files (x86)\MediaViewerV1
2014-02-20 18:20 - 2014-02-20 18:20 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLib64.sys
2014-02-20 17:46 - 2014-02-20 17:46 - 00905552 _____ () C:\Windows\Minidump\022014-17238-01.dmp
2014-02-20 16:22 - 2014-02-20 16:22 - 00002175 _____ () C:\Users\Beatle.cz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-02-12 17:15 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 17:15 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 17:15 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 17:15 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 17:15 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 17:15 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 17:15 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 17:15 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 17:15 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 17:15 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 17:15 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 17:15 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 17:15 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 17:15 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 17:15 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 17:15 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 17:15 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 17:15 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 17:15 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 17:15 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 17:15 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 17:15 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 17:15 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 17:15 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 17:15 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 17:15 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 17:15 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 17:15 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 17:15 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 17:15 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 17:15 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 17:15 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 17:15 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 17:15 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 17:15 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 17:15 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 17:15 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 17:15 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 17:15 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 17:15 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 17:15 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 16:17 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 16:17 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 16:17 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 16:17 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 16:17 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 16:17 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 16:17 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 16:17 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 16:17 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 16:17 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 16:17 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 16:17 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 16:17 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 16:17 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 16:17 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 16:17 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 16:17 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 16:17 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 16:17 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 16:17 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 16:17 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 16:17 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 16:17 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 16:17 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 16:17 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 16:17 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 16:17 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 16:17 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-03 14:18 - 2014-02-03 14:18 - 06599055 _____ () C:\Users\Beatle.cz\Downloads\Json.NET.zip
2014-02-03 12:50 - 2014-02-03 12:50 - 00000000 ____D () C:\Users\Beatle.cz\Desktop\New folder
==================== One Month Modified Files and Folders =======
2014-03-04 10:35 - 2014-03-04 10:35 - 00847848 _____ (Google Inc.) C:\Users\Beatle.cz\Downloads\ChromeSetup (1).exe
2014-03-04 10:35 - 2014-03-04 09:42 - 00018091 _____ () C:\Users\Beatle.cz\Desktop\FRST.txt
2014-03-04 10:34 - 2009-07-14 05:45 - 00026480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-04 10:34 - 2009-07-14 05:45 - 00026480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-04 10:32 - 2013-12-10 11:37 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Dropbox
2014-03-04 10:32 - 2009-07-14 06:13 - 01009078 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-04 10:31 - 2014-03-04 10:31 - 00010460 _____ () C:\Windows\DPINST.LOG
2014-03-04 10:31 - 2012-05-10 08:36 - 01418973 _____ () C:\Windows\WindowsUpdate.log
2014-03-04 10:29 - 2012-10-10 13:07 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-04 10:29 - 2012-05-15 05:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-04 10:28 - 2013-12-10 11:38 - 00000000 ___RD () C:\Users\Beatle.cz\Dropbox
2014-03-04 10:28 - 2012-05-14 19:56 - 00000000 ___RD () C:\Users\Beatle.cz\SkyDrive
2014-03-04 10:28 - 2012-05-10 08:44 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Adobe
2014-03-04 10:27 - 2014-03-04 10:22 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-04 10:27 - 2014-03-04 10:22 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-04 10:27 - 2014-03-04 10:04 - 00009936 _____ () C:\Windows\PFRO.log
2014-03-04 10:27 - 2014-01-16 14:01 - 00002463 _____ () C:\Windows\setupact.log
2014-03-04 10:27 - 2012-05-10 12:30 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\TSVNCache
2014-03-04 10:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-04 10:26 - 2013-06-20 06:59 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\TGitCache
2014-03-04 10:24 - 2014-03-04 10:24 - 00687104 _____ () C:\Users\Beatle.cz\Downloads\MicrosoftFixit50756.msi
2014-03-04 10:23 - 2012-05-14 19:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-04 10:22 - 2014-03-04 10:22 - 00847848 _____ (Google Inc.) C:\Users\Beatle.cz\Downloads\ChromeSetup.exe
2014-03-04 10:22 - 2014-03-04 10:22 - 00003954 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-04 10:22 - 2014-03-04 10:22 - 00003702 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-04 10:22 - 2014-03-04 10:22 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-04 10:22 - 2014-03-04 10:22 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-04 10:15 - 2012-05-10 08:39 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\Google
2014-03-04 10:04 - 2014-01-08 14:11 - 00000000 ____D () C:\Program Files (x86)\outobox
2014-03-04 10:03 - 2014-01-08 14:12 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\genienext
2014-03-04 09:55 - 2014-03-04 09:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Beatle.cz\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 09:55 - 2014-03-04 09:55 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-04 09:55 - 2014-03-04 09:55 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Malwarebytes
2014-03-04 09:55 - 2014-03-04 09:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-04 09:55 - 2014-03-04 09:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-04 09:44 - 2014-03-04 09:40 - 00000000 ____D () C:\FRST
2014-03-04 09:41 - 2014-03-04 09:41 - 00080172 _____ () C:\Users\Beatle.cz\Downloads\Addition.txt
2014-03-04 09:41 - 2014-03-04 09:40 - 00048273 _____ () C:\Users\Beatle.cz\Downloads\FRST.txt
2014-03-04 09:40 - 2014-03-04 09:40 - 02156544 _____ (Farbar) C:\Users\Beatle.cz\Desktop\FRST64.exe
2014-03-04 09:40 - 2014-03-04 09:40 - 00112640 _____ (forum.viry.cz) C:\Users\Beatle.cz\Desktop\FRSTLauncher.exe
2014-03-04 09:39 - 2014-03-04 09:39 - 00112107 _____ (forum.viry.cz) C:\Users\Beatle.cz\Downloads\VerzeOS.exe
2014-03-04 09:33 - 2014-01-26 11:13 - 00000000 ____D () C:\Program Files (x86)\VideoPlayerV3
2014-03-04 09:33 - 2012-09-24 06:34 - 00000000 ____D () C:\ProgramData\KONAMI
2014-03-04 09:32 - 2012-09-24 06:37 - 00000000 ____D () C:\Users\Beatle.cz\Documents\KONAMI
2014-03-04 09:29 - 2014-03-04 09:29 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-03-04 09:29 - 2014-03-04 09:29 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Opera Software
2014-03-04 09:29 - 2014-03-04 09:29 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\Opera Software
2014-03-04 09:29 - 2014-03-04 09:29 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-04 09:29 - 2012-05-15 05:24 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-04 09:28 - 2014-01-08 11:11 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0
2014-03-04 09:28 - 2014-01-08 11:11 - 00000000 ____D () C:\Program Files (x86)\Moo0
2014-03-04 09:28 - 2012-06-25 16:03 - 00000000 ____D () C:\Program Files (x86)\Moje slovíčka
2014-03-04 09:27 - 2014-03-04 09:26 - 34759416 _____ (Opera Software ASA) C:\Users\Beatle.cz\Downloads\Opera_20.0.1387.64_Setup.exe
2014-03-04 09:27 - 2012-10-02 13:21 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Opera
2014-03-04 09:27 - 2012-10-02 13:21 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\Opera
2014-03-04 09:27 - 2012-10-02 13:21 - 00000000 ____D () C:\Program Files (x86)\Opera Next
2014-03-04 09:26 - 2014-02-28 14:53 - 00000000 ____D () C:\Program Files (x86)\MediaViewV1
2014-03-04 09:26 - 2014-02-24 16:54 - 00000000 ____D () C:\Program Files (x86)\MediaViewerV1
2014-03-04 09:26 - 2014-01-30 16:22 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerV1
2014-03-04 09:25 - 2014-03-04 09:24 - 13932780 _____ (Opera Software ASA) C:\Users\Beatle.cz\Downloads\Unconfirmed 49365.crdownload
2014-03-04 09:25 - 2014-01-30 16:22 - 00000602 __RSH () C:\ProgramData\ntuser.pol
2014-03-04 09:25 - 2012-07-13 12:34 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Juniper Networks
2014-03-04 09:25 - 2012-05-10 18:32 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\Instantbird
2014-03-04 08:40 - 2012-05-24 12:41 - 00000000 ____D () C:\Users\Beatle.cz\Documents\Visual Studio 11
2014-03-03 17:19 - 2014-03-03 17:19 - 00927536 _____ () C:\Windows\Minidump\030314-16692-01.dmp
2014-03-03 17:19 - 2012-08-31 15:06 - 00000000 ____D () C:\Windows\Minidump
2014-02-26 17:21 - 2012-05-10 09:16 - 00994076 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-22 14:23 - 2012-05-14 19:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-22 14:23 - 2012-05-14 19:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-22 14:23 - 2012-05-14 19:52 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 14:58 - 2012-05-21 19:08 - 00000000 ____D () C:\Users\Beatle.cz\.VirtualBox
2014-02-20 19:47 - 2012-11-30 11:37 - 00000000 ____D () C:\Windows\rescache
2014-02-20 18:20 - 2014-02-20 18:20 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLib64.sys
2014-02-20 17:46 - 2014-02-20 17:46 - 00905552 _____ () C:\Windows\Minidump\022014-17238-01.dmp
2014-02-20 17:31 - 2012-08-28 11:25 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\CrashDumps
2014-02-20 16:22 - 2014-02-20 16:22 - 00002175 _____ () C:\Users\Beatle.cz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-02-18 16:09 - 2013-09-20 15:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-18 16:07 - 2012-05-14 22:19 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-12 17:19 - 2012-05-10 09:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-12 17:16 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-02-06 13:16 - 2014-02-12 17:15 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 17:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 17:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 17:15 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 17:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 17:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 17:15 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 17:15 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 17:15 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 17:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 17:15 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 17:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 17:15 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 17:15 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 17:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 17:15 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 17:15 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 17:15 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 17:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 17:15 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 17:15 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 17:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 17:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 17:15 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 17:15 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 17:15 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 17:15 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 17:15 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 17:15 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 17:15 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 17:15 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 17:15 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 17:15 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 17:15 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 17:15 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 17:15 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 17:15 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 17:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 17:15 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 15:44 - 2012-05-11 08:43 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\Skype
2014-02-05 15:37 - 2012-09-21 08:20 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Roaming\.purple
2014-02-05 10:54 - 2012-05-15 05:25 - 00000000 ____D () C:\Users\Beatle.cz\AppData\Local\Adobe
2014-02-04 10:27 - 2014-01-07 10:48 - 00000000 ____D () C:\Users\Beatle.cz\Documents\Projects
2014-02-04 07:37 - 2012-05-10 14:52 - 00000000 ____D () C:\Users\Beatle.cz\Documents\SQL Server Management Studio
2014-02-03 14:18 - 2014-02-03 14:18 - 06599055 _____ () C:\Users\Beatle.cz\Downloads\Json.NET.zip
2014-02-03 12:50 - 2014-02-03 12:50 - 00000000 ____D () C:\Users\Beatle.cz\Desktop\New folder
Some content of TEMP:
====================
C:\Users\Beatle.cz\AppData\Local\Temp\dsNCInst64.exe
C:\Users\Beatle.cz\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Beatle.cz\AppData\Local\Temp\restarter118424015678852649.exe
C:\Users\Beatle.cz\AppData\Local\Temp\restarter1892845174297118254.exe
C:\Users\Beatle.cz\AppData\Local\Temp\restarter8473227234860584488.exe
C:\Users\Beatle.cz\AppData\Local\Temp\VistaLauncher7886954547769750124.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-20 19:40
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:111.79 GB) (Free:14.18 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:156.15 GB) (Free:47.83 GB) NTFS
Drive f: () (Fixed) (Total:309.51 GB) (Free:89.43 GB) NTFS
Available physical RAM: 1985 MB
Total physical RAM: 4094.49 MB
Percentage of memory in use: 51%
==================== MBR and Partition Table ==================
Multiple Image Resizer .NET 4 (HKLM-x32\...\Multiple Image Resizer .NET 4) (Version: 4.0.0.4 - Acumen Business Systems Ltd)
Multiple Image Resizer .NET 4 (x32 Version: 4.0.0.4 - Acumen Business Systems Ltd) Hidden
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F059185C)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 84C3FC8E)
Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Beatle.cz\Desktop" je 274 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Stahnete Junkware Removal Tool