FRST log prosím prokouknout
Napsal: 07 dub 2014 12:49
Ahoj, dobrý den,
dávám sem log z FRST něco mi vlezlo do PC a nevim co to je tak prosím o pomoc jsem tady poprvý, minulý týden jsem si nechal kontrolovat logy na warforu tak tam nechci otravovat znova navíc mě moderátor často odkazoval sem, tak to zakládám tady. Ne že by mi tam nepomohl vše bylo v pořádku akorát teď mi Avira vyhodila nějakýho Miner.skdr (a nejen to). když jsem chtěl sputit scan antivirem tak problikla obrazovka a scan se neprovedl. Když jsem chtěl uploadnout ten soubor ze kterýho to hlásilo vir tak mi to hodilo že na to nemam právo nevim jestli je to administratorský nebo co ale nevim jak to tam mam hodit udělal jsem screen posílám odkaz. Taky jsem platil něco v chrome přes kreditku a na zabezpečených stránkách vodafonu mi to řeklo, že je certifikát neduvěryhodnej nebo tak nějak bylo škrtlý https tak jsem to radši neplatil (nikdy předtim mi to nehlásilo platitm tam za kredit každou chvíli). Předem díky za pomoc. No a tady je ten odkaz, log a addition:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Joe (administrator) on CIZAP on 07-04-2014 13:33:53
Running from C:\Users\Joe\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Borland Software Corporation) D:\Programy\ibase\bin\ibguard.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\system32\PnkBstrA.exe
(Borland Software Corporation) D:\Programy\ibase\bin\ibserver.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\system32\StikyNot.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(DT Soft Ltd) D:\Programy\DAEMON Tools Lite\DTLite.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe
(forum.viry.cz) C:\Users\Joe\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BCSSync] - D:\Programy\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-13] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2345296 2013-10-01] (LogMeIn Inc.)
HKLM\...\Run: [EaseUS EPM tray] - C:\Program Files\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM\...\Run: [MSStp] - C:\Windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM\...\Run: [mncdtklhgSrv] - C:\Windows\system32\mncdtklhg.vbe [7670 2014-03-05] ()
HKU\S-1-5-21-3743817662-1129281641-473641309-1000\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [1804648 2011-09-16] (Hewlett-Packard Co.)
HKU\S-1-5-21-3743817662-1129281641-473641309-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3743817662-1129281641-473641309-1000\...\Run: [GSplay.exe] - C:\Users\Joe\Downloads\GSplay\GSplay.exe [4772747 2014-03-12] ()
HKU\S-1-5-21-3743817662-1129281641-473641309-1000\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\system32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3743817662-1129281641-473641309-1003\...\Run: [ISUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation)
HKU\S-1-5-21-3743817662-1129281641-473641309-1003\...\Run: [QuickTime Task] - D:\Programy\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKU\S-1-5-21-3743817662-1129281641-473641309-1003\...\Run: [OfficeSyncProcess] - D:\Programy\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6CFCD46C8935CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope value is missing.
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll No File
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programy\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: gameboxchrome - {494D4E3B-FA53-4487-8AF6-3F50FE1167A9} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\3rkrtyxj.default
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - D:\Programy\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - D:\Programy\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=15.0.4.53 - d:\programy\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.4.53 - d:\programy\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.4.53 - d:\programy\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 - D:\Programy\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Joe\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Joe\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\3rkrtyxj.default\searchplugins\searchplugins-backup
FF Extension: Battlefield Heroes Updater - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\3rkrtyxj.default\Extensions\battlefieldheroespatcher@ea.com [2010-10-05]
FF Extension: Giant Savings - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\3rkrtyxj.default\Extensions\crossriderapp4479@crossrider.com [2012-09-12]
FF Extension: Illimitux - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\3rkrtyxj.default\Extensions\illimitux@illimitux.net [2010-05-18]
FF Extension: Nelinka - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\3rkrtyxj.default\Extensions\nelinka@shabbi.cz [2009-12-04]
FF Extension: Check4Change - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\3rkrtyxj.default\Extensions\check4change-owner@mozdev.org.xpi [2014-01-31]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\3rkrtyxj.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-08-22]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-06-08]
FF StartMenuInternet: FIREFOX.EXE - D:\Programz\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HomePage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (registryAccess) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.28.48310_0\background/registryAccess.dll No File
CHR Plugin: (Battlefield Play4Free Updater) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\npBP4FUpdater.dll (EA Digital Illusions CE AB)
CHR Plugin: (EA Battlefield Heroes Updater) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.142.0_0\npBFHUpdater.dll (EA Digital Illusions CE AB)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - D:\Programy\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - D:\Programy\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - D:\Programy\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - D:\Programy\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - D:\Programy\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - D:\Programy\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - D:\Programy\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - D:\Programy\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealJukebox NS Plugin) - D:\Programy\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - D:\Programy\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - D:\Programz\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (DivX Player Netscape Plugin) - D:\Programz\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (2007 Microsoft Office system) - D:\Programz\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\system32\npdeployJava1.dll No File
CHR Plugin: (Microsoft Office 2010) - D:\Programy\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - D:\Programy\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (VLC Web Plugin) - D:\Programy\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Extension: (YouTube) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]
CHR Extension: (McAfee Security Scan+) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-25]
CHR Extension: (Battlefield Heroes) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2013-12-03]
CHR Extension: (Vyhledávání Google) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]
CHR Extension: (Battlefield Play4Free) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei [2012-01-22]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2012-08-04]
CHR Extension: (Battlefield Heroes) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm [2011-12-17]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-07-25]
CHR Extension: (Skype Click to Call) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-26]
CHR Extension: (Peněženka Google) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-12]
CHR Extension: (Gmail) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-06-08]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-03-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-13] (Avira Operations GmbH & Co. KG)
S2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1612112 2013-10-01] (LogMeIn Inc.)
R2 InterBaseGuardian; D:\Programy\ibase\bin\ibguard.exe [32768 2001-11-29] (Borland Software Corporation)
R3 InterBaseServer; D:\Programy\ibase\bin\ibserver.exe [1769472 2001-11-29] (Borland Software Corporation)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2013-08-26] (LogMeIn, Inc.)
S3 Microsoft SharePoint Workspace Audit Service; D:\Programy\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2014-01-29] ()
==================== Drivers (Whitelisted) ====================
S3 apf001; D:\Hry\Softnyx\RakionIS\Bin\apf001.sys [10872 2011-07-21] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2010-08-02] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-07] (Avira Operations GmbH & Co. KG)
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2009-07-14] (Microsoft Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] ()
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-09-23] (LogMeIn, Inc.)
S3 LGDDCDevice; C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys [14336 2009-04-24] ()
S3 LGII2CDevice; C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys [18432 2009-04-24] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-08-01] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 RTL8187; C:\Windows\System32\DRIVERS\RTL8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-07-31] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-13] (Avira GmbH)
U3 afnr62j4; C:\Windows\system32\Drivers\afnr62j4.sys [0 ] (Microsoft Corporation)
S3 CFcatchme; \??\C:\Users\Joe\AppData\Local\Temp\CFcatchme.sys [X]
S3 GarenaPEngine; \??\C:\Users\Joe\AppData\Local\Temp\EIG6A57.tmp [X]
S3 GGSAFERDriver; \??\D:\Programy\Garena\plugins\UI\safedrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-07 13:33 - 2014-04-07 13:34 - 00023201 _____ () C:\Users\Joe\Desktop\FRST.txt
2014-04-07 13:32 - 2014-04-07 13:33 - 00000000 ____D () C:\FRST
2014-04-07 13:31 - 2014-04-07 13:31 - 00112640 _____ (forum.viry.cz) C:\Users\Joe\Desktop\FRSTLauncher.exe
2014-04-07 13:29 - 2014-04-07 13:29 - 00112640 _____ (forum.viry.cz) C:\Users\Joe\Downloads\Nepotvrzeno 250667.crdownload
2014-04-07 13:28 - 2014-04-07 13:28 - 00112640 _____ (forum.viry.cz) C:\Users\Joe\Downloads\Nepotvrzeno 569979.crdownload
2014-04-07 13:28 - 2014-04-07 13:28 - 00112640 _____ (forum.viry.cz) C:\Users\Joe\Downloads\Nepotvrzeno 340812.crdownload
2014-04-07 13:25 - 2014-04-07 13:27 - 01145856 _____ (Farbar) C:\Users\Joe\Desktop\FRST.exe
2014-04-04 07:54 - 2014-04-04 07:54 - 00001048 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-04-02 21:53 - 2014-04-02 21:53 - 00001003 _____ () C:\Users\Joe\Desktop\MP3 Speed Changer.lnk
2014-04-02 21:53 - 2014-04-02 21:53 - 00000000 ____D () C:\Users\Joe\AppData\Local\Crazy_Boomerang_Software
2014-04-02 21:52 - 2014-04-02 21:53 - 00000000 ____D () C:\Program Files\MP3 Speed Changer
2014-03-31 16:32 - 2014-04-07 11:43 - 00004144 _____ () C:\Windows\setupact.log
2014-03-31 16:32 - 2014-03-31 16:32 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-31 12:02 - 2014-03-31 12:02 - 00165888 _____ () C:\Users\Joe\Downloads\T-Cleaner.exe
2014-03-31 07:28 - 2014-03-31 07:28 - 00000003 _____ () C:\Users\Joe\stut
2014-03-31 06:58 - 2014-04-07 12:51 - 00000510 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3743817662-1129281641-473641309-1000.job
2014-03-30 21:59 - 2014-03-30 21:59 - 01031330 _____ () C:\Users\Joe\Desktop\Nátlakové skupiny.pptx
2014-03-30 19:43 - 2014-03-30 19:43 - 00000000 ____D () C:\Users\Joe\Desktop\modlitby počajevo
2014-03-30 17:47 - 2014-03-30 17:47 - 01954304 _____ () C:\Users\Joe\Downloads\Úvaha.lnk.ppt
2014-03-30 13:23 - 2014-03-30 21:56 - 01031310 _____ () C:\Users\Joe\Downloads\Nátlakové skupiny.pptx
2014-03-30 13:23 - 2014-03-30 13:23 - 00084880 _____ () C:\Users\Joe\Downloads\Nátlakové skupiny (1).pptx
2014-03-29 15:09 - 2014-03-31 07:27 - 00000330 _____ () C:\Users\Joe\rgut
2014-03-28 16:16 - 2014-03-28 16:16 - 00001540 _____ () C:\Users\Joe\Desktop\Minecraft.exe – zástupce (2).lnk
2014-03-28 16:13 - 2014-03-28 16:13 - 00000687 _____ () C:\Users\Public\Desktop\World of Tanks - Common Test.lnk
2014-03-28 16:11 - 2014-03-28 16:12 - 10983288 _____ (Wargaming.net ) C:\Users\Joe\Downloads\WoT_internet_install_ct.exe
2014-03-27 23:54 - 2014-03-28 02:48 - 00000000 ____D () C:\Users\Joe\GSplay
2014-03-27 23:54 - 2014-03-27 23:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-27 23:53 - 2014-03-27 23:53 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-27 23:53 - 2014-03-27 23:53 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-03-27 23:50 - 2014-03-27 23:50 - 00921000 _____ (Oracle Corporation) C:\Users\Joe\Desktop\jxpiinstall.exe
2014-03-27 23:50 - 2014-03-27 23:50 - 00000000 ____D () C:\Users\Joe\Downloads\GSplay
2014-03-27 23:47 - 2014-03-27 23:48 - 04748905 _____ () C:\Users\Joe\Downloads\GSplay.zip
2014-03-27 23:40 - 2014-03-27 23:40 - 01106756 _____ () C:\Users\Joe\Downloads\KeiNett Launcher.exe
2014-03-27 23:31 - 2014-03-05 23:19 - 00007670 ____S () C:\Windows\system32\mncdtklhg.vbe
2014-03-27 23:31 - 2013-10-26 21:30 - 00972814 ____S () C:\Windows\system32\dcgmncdtklhg.exe
2014-03-27 23:31 - 2013-07-18 17:06 - 00187904 ____S () C:\Windows\system32\lcpmncdtklhg.exe
2014-03-27 23:30 - 2014-03-27 23:30 - 00000000 ____D () C:\Windows\system32\bitstreams
2014-03-27 23:30 - 2014-03-27 23:30 - 00000000 ____D () C:\Users\Joe\Downloads\Minecraft-1.7.2
2014-03-27 23:30 - 2014-03-27 23:30 - 00000000 ____D () C:\Program Files\Minecraft-1.7.2
2014-03-27 23:30 - 2013-12-10 01:30 - 10236928 ____S () C:\Windows\system32\acumncdtklhg.exe
2014-03-27 23:30 - 2013-10-26 21:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\system32\libeay32.dll
2014-03-27 23:30 - 2013-10-26 21:30 - 00538126 ____S () C:\Windows\system32\libcurl-4.dll
2014-03-27 23:30 - 2013-10-26 21:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\system32\ssleay32.dll
2014-03-27 23:30 - 2013-10-26 21:30 - 00192512 ____S () C:\Windows\system32\libidn-11.dll
2014-03-27 23:30 - 2013-10-26 21:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\system32\libssh2.dll
2014-03-27 23:30 - 2013-10-26 21:30 - 00133632 ____S () C:\Windows\system32\librtmp.dll
2014-03-27 23:30 - 2013-10-26 21:30 - 00044727 ____S () C:\Windows\system32\diablo130302.cl
2014-03-27 23:30 - 2013-10-26 21:30 - 00043810 ____S () C:\Windows\system32\poclbm130302.cl
2014-03-27 23:30 - 2013-10-26 21:30 - 00030802 ____S () C:\Windows\system32\diakgcn121016.cl
2014-03-27 23:30 - 2013-10-26 21:30 - 00023825 ____S () C:\Windows\system32\scrypt130511.cl
2014-03-27 23:30 - 2013-10-26 21:30 - 00013062 ____S () C:\Windows\system32\phatk121016.cl
2014-03-27 23:30 - 2013-06-12 16:15 - 00100864 ____S () C:\Windows\system32\zlib1.dll
2014-03-27 23:30 - 2012-09-26 00:46 - 00472424 ____S (NVIDIA Corporation) C:\Windows\system32\cudart32_50_35.dll
2014-03-27 23:30 - 2012-05-27 02:36 - 00055808 ____S (Open Source Software community LGPL) C:\Windows\system32\pthreadVC2.dll
2014-03-27 23:29 - 2014-03-27 23:30 - 07531703 _____ () C:\Users\Joe\Downloads\Minecraft-1.7.2.zip
2014-03-27 23:27 - 2014-03-27 23:27 - 00000654 _____ () C:\Users\Joe\Downloads\Minecraft-Launcher-1.7.2.rar
2014-03-27 23:27 - 2014-03-27 23:27 - 00000000 ____D () C:\Users\Joe\Downloads\Minecraft-Launcher-1.7.2
2014-03-27 23:25 - 2014-03-27 23:25 - 01106756 _____ () C:\Users\Joe\Desktop\Minecraft-Warez-launcher-1.7.4.exe
2014-03-21 10:40 - 2014-04-05 11:06 - 00000000 ____D () C:\Users\Joe\AppData\Local\CrashDumps
2014-03-19 12:09 - 2014-03-19 12:09 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-19 11:49 - 2014-03-19 11:55 - 133561080 _____ () C:\Users\Joe\Downloads\setup_11.0.1.1245.x01_2014_03_14_23_53.exe
2014-03-19 11:44 - 2014-03-19 11:44 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-19 11:44 - 2014-03-19 11:44 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-19 11:43 - 2014-03-19 11:43 - 04765152 _____ (Piriform Ltd) C:\Users\Joe\Downloads\ccsetup411.exe
2014-03-17 14:24 - 2014-03-17 14:24 - 00000000 ____D () C:\Windows\ERUNT
2014-03-15 13:33 - 2014-03-15 13:33 - 00000000 ____D () C:\Users\Joe\Downloads\SC_T_PRAVNICH_VZT
2014-03-15 13:32 - 2014-03-15 13:32 - 00004539 _____ () C:\Users\Joe\Downloads\SC_T_PRAVNICH_VZT.zip
2014-03-14 21:23 - 2014-03-14 21:23 - 00177086 _____ () C:\Users\Joe\Downloads\The-Wolf-of-Wall-Street(0000233483).srt
2014-03-12 10:40 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 10:40 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 10:40 - 2014-03-01 06:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 10:40 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 10:40 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 10:40 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 10:40 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 10:40 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 10:40 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 10:40 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 10:40 - 2014-03-01 05:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 10:40 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 10:40 - 2014-03-01 05:31 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 10:40 - 2014-03-01 05:25 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 10:40 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 10:40 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 10:40 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 10:40 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 10:40 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 10:40 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 10:40 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 10:40 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 10:40 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 10:37 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 10:37 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 10:37 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 10:37 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-08 16:02 - 2014-03-08 16:02 - 00888320 _____ () C:\Users\Joe\Desktop\Extremismus.ppt
2014-03-08 16:02 - 2014-03-08 16:02 - 00552960 _____ () C:\Users\Joe\Desktop\volby, volební systém.ppt
2014-03-08 16:02 - 2014-03-08 16:02 - 00130560 _____ () C:\Users\Joe\Desktop\IDEOLOGIE+ extremismus.ppt
==================== One Month Modified Files and Folders =======
2014-04-07 13:34 - 2014-04-07 13:33 - 00023201 _____ () C:\Users\Joe\Desktop\FRST.txt
2014-04-07 13:33 - 2014-04-07 13:32 - 00000000 ____D () C:\FRST
2014-04-07 13:31 - 2014-04-07 13:31 - 00112640 _____ (forum.viry.cz) C:\Users\Joe\Desktop\FRSTLauncher.exe
2014-04-07 13:30 - 2009-12-02 17:02 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\Skype
2014-04-07 13:29 - 2014-04-07 13:29 - 00112640 _____ (forum.viry.cz) C:\Users\Joe\Downloads\Nepotvrzeno 250667.crdownload
2014-04-07 13:28 - 2014-04-07 13:28 - 00112640 _____ (forum.viry.cz) C:\Users\Joe\Downloads\Nepotvrzeno 569979.crdownload
2014-04-07 13:28 - 2014-04-07 13:28 - 00112640 _____ (forum.viry.cz) C:\Users\Joe\Downloads\Nepotvrzeno 340812.crdownload
2014-04-07 13:28 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-07 13:27 - 2014-04-07 13:25 - 01145856 _____ (Farbar) C:\Users\Joe\Desktop\FRST.exe
2014-04-07 13:20 - 2009-07-14 06:34 - 00013792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-07 13:20 - 2009-07-14 06:34 - 00013792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-07 12:51 - 2014-03-31 06:58 - 00000510 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3743817662-1129281641-473641309-1000.job
2014-04-07 12:51 - 2012-03-30 20:00 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-07 12:31 - 2010-02-11 13:02 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\vlc
2014-04-07 11:43 - 2014-03-31 16:32 - 00004144 _____ () C:\Windows\setupact.log
2014-04-07 01:48 - 2012-09-12 10:41 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\.minecraft
2014-04-06 12:43 - 2014-02-01 17:30 - 00000000 ____D () C:\Users\Joe\Desktop\ivča
2014-04-05 11:06 - 2014-03-21 10:40 - 00000000 ____D () C:\Users\Joe\AppData\Local\CrashDumps
2014-04-05 10:38 - 2009-09-27 23:44 - 01989099 _____ () C:\Windows\WindowsUpdate.log
2014-04-04 17:26 - 2009-09-27 18:14 - 00114904 _____ () C:\Users\Joe\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-04 07:55 - 2013-06-27 14:21 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\TeamViewer
2014-04-04 07:54 - 2014-04-04 07:54 - 00001048 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-04-04 07:54 - 2013-06-26 15:05 - 00000000 ____D () C:\Program Files\TeamViewer
2014-04-03 19:41 - 2011-06-13 18:11 - 00000000 ____D () C:\Users\Joe\AppData\Local\PMB Files
2014-04-02 21:53 - 2014-04-02 21:53 - 00001003 _____ () C:\Users\Joe\Desktop\MP3 Speed Changer.lnk
2014-04-02 21:53 - 2014-04-02 21:53 - 00000000 ____D () C:\Users\Joe\AppData\Local\Crazy_Boomerang_Software
2014-04-02 21:53 - 2014-04-02 21:52 - 00000000 ____D () C:\Program Files\MP3 Speed Changer
2014-04-02 13:56 - 2014-02-11 16:26 - 00000000 ____D () C:\Program Files\MetaTrader FLOAT
2014-04-01 22:03 - 2011-06-13 18:11 - 00000000 ____D () C:\ProgramData\PMB Files
2014-03-31 17:26 - 2009-09-27 06:30 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-31 16:32 - 2014-03-31 16:32 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-31 12:09 - 2010-03-07 21:23 - 00000000 ____D () C:\Users\Joe\AppData\Local\LogMeIn Hamachi
2014-03-31 12:05 - 2009-09-27 06:27 - 00000000 ____D () C:\Users\Joe
2014-03-31 12:03 - 2013-11-14 14:12 - 00000000 ____D () C:\Program Files\trend micro
2014-03-31 12:03 - 2010-07-31 12:43 - 00000000 ____D () C:\Qoobox
2014-03-31 12:02 - 2014-03-31 12:02 - 00165888 _____ () C:\Users\Joe\Downloads\T-Cleaner.exe
2014-03-31 07:28 - 2014-03-31 07:28 - 00000003 _____ () C:\Users\Joe\stut
2014-03-31 07:27 - 2014-03-29 15:09 - 00000330 _____ () C:\Users\Joe\rgut
2014-03-31 07:24 - 2009-09-28 11:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-31 07:24 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-30 21:59 - 2014-03-30 21:59 - 01031330 _____ () C:\Users\Joe\Desktop\Nátlakové skupiny.pptx
2014-03-30 21:56 - 2014-03-30 13:23 - 01031310 _____ () C:\Users\Joe\Downloads\Nátlakové skupiny.pptx
2014-03-30 19:43 - 2014-03-30 19:43 - 00000000 ____D () C:\Users\Joe\Desktop\modlitby počajevo
2014-03-30 18:44 - 2012-01-25 20:25 - 00000000 ____D () C:\Users\Joe\AppData\Local\Microsoft Help
2014-03-30 17:47 - 2014-03-30 17:47 - 01954304 _____ () C:\Users\Joe\Downloads\Úvaha.lnk.ppt
2014-03-30 13:23 - 2014-03-30 13:23 - 00084880 _____ () C:\Users\Joe\Downloads\Nátlakové skupiny (1).pptx
2014-03-28 16:16 - 2014-03-28 16:16 - 00001540 _____ () C:\Users\Joe\Desktop\Minecraft.exe – zástupce (2).lnk
2014-03-28 16:13 - 2014-03-28 16:13 - 00000687 _____ () C:\Users\Public\Desktop\World of Tanks - Common Test.lnk
2014-03-28 16:13 - 2010-08-18 19:28 - 00000000 ____D () C:\Windows\system32\directx
2014-03-28 16:12 - 2014-03-28 16:11 - 10983288 _____ (Wargaming.net ) C:\Users\Joe\Downloads\WoT_internet_install_ct.exe
2014-03-28 02:48 - 2014-03-27 23:54 - 00000000 ____D () C:\Users\Joe\GSplay
2014-03-27 23:54 - 2014-03-27 23:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-27 23:53 - 2014-03-27 23:53 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-27 23:53 - 2014-03-27 23:53 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-03-27 23:53 - 2012-10-22 15:01 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-27 23:53 - 2012-10-22 15:01 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-27 23:53 - 2010-08-11 12:11 - 00000000 ____D () C:\Program Files\Java
2014-03-27 23:50 - 2014-03-27 23:50 - 00921000 _____ (Oracle Corporation) C:\Users\Joe\Desktop\jxpiinstall.exe
2014-03-27 23:50 - 2014-03-27 23:50 - 00000000 ____D () C:\Users\Joe\Downloads\GSplay
2014-03-27 23:48 - 2014-03-27 23:47 - 04748905 _____ () C:\Users\Joe\Downloads\GSplay.zip
2014-03-27 23:40 - 2014-03-27 23:40 - 01106756 _____ () C:\Users\Joe\Downloads\KeiNett Launcher.exe
2014-03-27 23:30 - 2014-03-27 23:30 - 00000000 ____D () C:\Windows\system32\bitstreams
2014-03-27 23:30 - 2014-03-27 23:30 - 00000000 ____D () C:\Users\Joe\Downloads\Minecraft-1.7.2
2014-03-27 23:30 - 2014-03-27 23:30 - 00000000 ____D () C:\Program Files\Minecraft-1.7.2
2014-03-27 23:30 - 2014-03-27 23:29 - 07531703 _____ () C:\Users\Joe\Downloads\Minecraft-1.7.2.zip
2014-03-27 23:27 - 2014-03-27 23:27 - 00000654 _____ () C:\Users\Joe\Downloads\Minecraft-Launcher-1.7.2.rar
2014-03-27 23:27 - 2014-03-27 23:27 - 00000000 ____D () C:\Users\Joe\Downloads\Minecraft-Launcher-1.7.2
2014-03-27 23:25 - 2014-03-27 23:25 - 01106756 _____ () C:\Users\Joe\Desktop\Minecraft-Warez-launcher-1.7.4.exe
2014-03-27 22:51 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-03-27 22:48 - 2009-07-14 04:03 - 63963136 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-03-27 22:48 - 2009-07-14 04:03 - 32768000 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-03-27 22:48 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-03-27 22:48 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-03-27 22:48 - 2009-07-14 04:03 - 00102400 _____ () C:\Windows\system32\config\SAM.bak
2014-03-20 07:56 - 2013-08-01 18:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-20 07:53 - 2009-09-28 11:24 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-19 12:09 - 2014-03-19 12:09 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-19 11:55 - 2014-03-19 11:49 - 133561080 _____ () C:\Users\Joe\Downloads\setup_11.0.1.1245.x01_2014_03_14_23_53.exe
2014-03-19 11:53 - 2012-08-24 16:15 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\FileZilla
2014-03-19 11:53 - 2010-03-04 17:01 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\Azureus
2014-03-19 11:53 - 2009-10-01 19:13 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\DAEMON Tools Lite
2014-03-19 11:50 - 2011-06-21 17:40 - 00000000 ____D () C:\Windows\Minidump
2014-03-19 11:50 - 2009-09-28 00:40 - 00000000 ____D () C:\Windows\Panther
2014-03-19 11:44 - 2014-03-19 11:44 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-19 11:44 - 2014-03-19 11:44 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-19 11:43 - 2014-03-19 11:43 - 04765152 _____ (Piriform Ltd) C:\Users\Joe\Downloads\ccsetup411.exe
2014-03-17 14:36 - 2009-12-02 17:01 - 00000000 ___RD () C:\Program Files\Skype
2014-03-17 14:33 - 2010-10-29 09:20 - 00000000 ____D () C:\ProgramData\ICQ
2014-03-17 14:24 - 2014-03-17 14:24 - 00000000 ____D () C:\Windows\ERUNT
2014-03-16 12:00 - 2010-08-05 18:00 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-15 13:33 - 2014-03-15 13:33 - 00000000 ____D () C:\Users\Joe\Downloads\SC_T_PRAVNICH_VZT
2014-03-15 13:32 - 2014-03-15 13:32 - 00004539 _____ () C:\Users\Joe\Downloads\SC_T_PRAVNICH_VZT.zip
2014-03-14 21:23 - 2014-03-14 21:23 - 00177086 _____ () C:\Users\Joe\Downloads\The-Wolf-of-Wall-Street(0000233483).srt
2014-03-13 04:25 - 2009-07-14 06:33 - 02353728 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 04:05 - 2012-01-25 20:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-11 21:52 - 2012-03-30 20:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-11 21:52 - 2011-05-22 18:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-09 10:21 - 2014-02-25 16:51 - 00000084 _____ () C:\Users\Joe\AppData\Roaming\WB.CFG
2014-03-08 16:02 - 2014-03-08 16:02 - 00888320 _____ () C:\Users\Joe\Desktop\Extremismus.ppt
2014-03-08 16:02 - 2014-03-08 16:02 - 00552960 _____ () C:\Users\Joe\Desktop\volby, volební systém.ppt
2014-03-08 16:02 - 2014-03-08 16:02 - 00130560 _____ () C:\Users\Joe\Desktop\IDEOLOGIE+ extremismus.ppt
Files to move or delete:
====================
C:\Users\Joe\AppData\Roaming\CamLayout.ini
C:\Users\Joe\AppData\Roaming\CamShapes.ini
Some content of TEMP:
====================
C:\Users\Joe\AppData\Local\temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3743817662-1129281641-473641309-1000.job => C:\Program Files\Citrix\GoToMeeting\1350\g2mupdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{B7C2079D-2FB1-48B0-BDA6-2F15A718F334}.job => C:\Windows\system32\msfeedssync.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Joe\Desktop" je 4726 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\\Programy\\TriDef 3D\\TriDef\\TriDefMediaPlayer\\TriDefMediaPlayer.exe"="D:\\Programy\\TriDef 3D\\TriDef\\TriDefMediaPlayer\\TriDefMediaPlayer.exe:*:Enabled:TriDef 3D Media Player"
"D:\\Programy\\xchat\\xchat.exe"="D:\\Programy\\xchat\\xchat.exe:*:Enabled:XChat IRC Client"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
dávám sem log z FRST něco mi vlezlo do PC a nevim co to je tak prosím o pomoc jsem tady poprvý, minulý týden jsem si nechal kontrolovat logy na warforu tak tam nechci otravovat znova navíc mě moderátor často odkazoval sem, tak to zakládám tady. Ne že by mi tam nepomohl vše bylo v pořádku akorát teď mi Avira vyhodila nějakýho Miner.skdr (a nejen to). když jsem chtěl sputit scan antivirem tak problikla obrazovka a scan se neprovedl. Když jsem chtěl uploadnout ten soubor ze kterýho to hlásilo vir tak mi to hodilo že na to nemam právo nevim jestli je to administratorský nebo co ale nevim jak to tam mam hodit udělal jsem screen posílám odkaz. Taky jsem platil něco v chrome přes kreditku a na zabezpečených stránkách vodafonu mi to řeklo, že je certifikát neduvěryhodnej nebo tak nějak bylo škrtlý https tak jsem to radši neplatil (nikdy předtim mi to nehlásilo platitm tam za kredit každou chvíli). Předem díky za pomoc. No a tady je ten odkaz, log a addition:
Kód: Vybrat vše
http://imageshack.com/a/img20/6678/lufk.jpgScan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Joe (administrator) on CIZAP on 07-04-2014 13:33:53
Running from C:\Users\Joe\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Borland Software Corporation) D:\Programy\ibase\bin\ibguard.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\system32\PnkBstrA.exe
(Borland Software Corporation) D:\Programy\ibase\bin\ibserver.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\system32\StikyNot.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(DT Soft Ltd) D:\Programy\DAEMON Tools Lite\DTLite.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe
(forum.viry.cz) C:\Users\Joe\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BCSSync] - D:\Programy\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-13] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2345296 2013-10-01] (LogMeIn Inc.)
HKLM\...\Run: [EaseUS EPM tray] - C:\Program Files\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM\...\Run: [MSStp] - C:\Windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM\...\Run: [mncdtklhgSrv] - C:\Windows\system32\mncdtklhg.vbe [7670 2014-03-05] ()
HKU\S-1-5-21-3743817662-1129281641-473641309-1000\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [1804648 2011-09-16] (Hewlett-Packard Co.)
HKU\S-1-5-21-3743817662-1129281641-473641309-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3743817662-1129281641-473641309-1000\...\Run: [GSplay.exe] - C:\Users\Joe\Downloads\GSplay\GSplay.exe [4772747 2014-03-12] ()
HKU\S-1-5-21-3743817662-1129281641-473641309-1000\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\system32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3743817662-1129281641-473641309-1003\...\Run: [ISUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation)
HKU\S-1-5-21-3743817662-1129281641-473641309-1003\...\Run: [QuickTime Task] - D:\Programy\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKU\S-1-5-21-3743817662-1129281641-473641309-1003\...\Run: [OfficeSyncProcess] - D:\Programy\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6CFCD46C8935CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope value is missing.
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll No File
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programy\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: gameboxchrome - {494D4E3B-FA53-4487-8AF6-3F50FE1167A9} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\3rkrtyxj.default
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - D:\Programy\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - D:\Programy\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=15.0.4.53 - d:\programy\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.4.53 - d:\programy\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.4.53 - d:\programy\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 - D:\Programy\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Joe\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Joe\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\3rkrtyxj.default\searchplugins\searchplugins-backup
FF Extension: Battlefield Heroes Updater - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\3rkrtyxj.default\Extensions\battlefieldheroespatcher@ea.com [2010-10-05]
FF Extension: Giant Savings - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\3rkrtyxj.default\Extensions\crossriderapp4479@crossrider.com [2012-09-12]
FF Extension: Illimitux - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\3rkrtyxj.default\Extensions\illimitux@illimitux.net [2010-05-18]
FF Extension: Nelinka - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\3rkrtyxj.default\Extensions\nelinka@shabbi.cz [2009-12-04]
FF Extension: Check4Change - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\3rkrtyxj.default\Extensions\check4change-owner@mozdev.org.xpi [2014-01-31]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\3rkrtyxj.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-08-22]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-06-08]
FF StartMenuInternet: FIREFOX.EXE - D:\Programz\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HomePage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (registryAccess) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.28.48310_0\background/registryAccess.dll No File
CHR Plugin: (Battlefield Play4Free Updater) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\npBP4FUpdater.dll (EA Digital Illusions CE AB)
CHR Plugin: (EA Battlefield Heroes Updater) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.142.0_0\npBFHUpdater.dll (EA Digital Illusions CE AB)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - D:\Programy\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - D:\Programy\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - D:\Programy\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - D:\Programy\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - D:\Programy\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - D:\Programy\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - D:\Programy\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - D:\Programy\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealJukebox NS Plugin) - D:\Programy\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - D:\Programy\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - D:\Programz\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (DivX Player Netscape Plugin) - D:\Programz\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (2007 Microsoft Office system) - D:\Programz\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\system32\npdeployJava1.dll No File
CHR Plugin: (Microsoft Office 2010) - D:\Programy\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - D:\Programy\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (VLC Web Plugin) - D:\Programy\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Extension: (YouTube) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]
CHR Extension: (McAfee Security Scan+) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-25]
CHR Extension: (Battlefield Heroes) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2013-12-03]
CHR Extension: (Vyhledávání Google) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]
CHR Extension: (Battlefield Play4Free) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei [2012-01-22]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2012-08-04]
CHR Extension: (Battlefield Heroes) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm [2011-12-17]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-07-25]
CHR Extension: (Skype Click to Call) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-26]
CHR Extension: (Peněženka Google) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-12]
CHR Extension: (Gmail) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-06-08]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-03-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-13] (Avira Operations GmbH & Co. KG)
S2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1612112 2013-10-01] (LogMeIn Inc.)
R2 InterBaseGuardian; D:\Programy\ibase\bin\ibguard.exe [32768 2001-11-29] (Borland Software Corporation)
R3 InterBaseServer; D:\Programy\ibase\bin\ibserver.exe [1769472 2001-11-29] (Borland Software Corporation)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2013-08-26] (LogMeIn, Inc.)
S3 Microsoft SharePoint Workspace Audit Service; D:\Programy\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2014-01-29] ()
==================== Drivers (Whitelisted) ====================
S3 apf001; D:\Hry\Softnyx\RakionIS\Bin\apf001.sys [10872 2011-07-21] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2010-08-02] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-07] (Avira Operations GmbH & Co. KG)
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2009-07-14] (Microsoft Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] ()
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-09-23] (LogMeIn, Inc.)
S3 LGDDCDevice; C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys [14336 2009-04-24] ()
S3 LGII2CDevice; C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys [18432 2009-04-24] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-08-01] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 RTL8187; C:\Windows\System32\DRIVERS\RTL8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-07-31] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-13] (Avira GmbH)
U3 afnr62j4; C:\Windows\system32\Drivers\afnr62j4.sys [0 ] (Microsoft Corporation)
S3 CFcatchme; \??\C:\Users\Joe\AppData\Local\Temp\CFcatchme.sys [X]
S3 GarenaPEngine; \??\C:\Users\Joe\AppData\Local\Temp\EIG6A57.tmp [X]
S3 GGSAFERDriver; \??\D:\Programy\Garena\plugins\UI\safedrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-07 13:33 - 2014-04-07 13:34 - 00023201 _____ () C:\Users\Joe\Desktop\FRST.txt
2014-04-07 13:32 - 2014-04-07 13:33 - 00000000 ____D () C:\FRST
2014-04-07 13:31 - 2014-04-07 13:31 - 00112640 _____ (forum.viry.cz) C:\Users\Joe\Desktop\FRSTLauncher.exe
2014-04-07 13:29 - 2014-04-07 13:29 - 00112640 _____ (forum.viry.cz) C:\Users\Joe\Downloads\Nepotvrzeno 250667.crdownload
2014-04-07 13:28 - 2014-04-07 13:28 - 00112640 _____ (forum.viry.cz) C:\Users\Joe\Downloads\Nepotvrzeno 569979.crdownload
2014-04-07 13:28 - 2014-04-07 13:28 - 00112640 _____ (forum.viry.cz) C:\Users\Joe\Downloads\Nepotvrzeno 340812.crdownload
2014-04-07 13:25 - 2014-04-07 13:27 - 01145856 _____ (Farbar) C:\Users\Joe\Desktop\FRST.exe
2014-04-04 07:54 - 2014-04-04 07:54 - 00001048 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-04-02 21:53 - 2014-04-02 21:53 - 00001003 _____ () C:\Users\Joe\Desktop\MP3 Speed Changer.lnk
2014-04-02 21:53 - 2014-04-02 21:53 - 00000000 ____D () C:\Users\Joe\AppData\Local\Crazy_Boomerang_Software
2014-04-02 21:52 - 2014-04-02 21:53 - 00000000 ____D () C:\Program Files\MP3 Speed Changer
2014-03-31 16:32 - 2014-04-07 11:43 - 00004144 _____ () C:\Windows\setupact.log
2014-03-31 16:32 - 2014-03-31 16:32 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-31 12:02 - 2014-03-31 12:02 - 00165888 _____ () C:\Users\Joe\Downloads\T-Cleaner.exe
2014-03-31 07:28 - 2014-03-31 07:28 - 00000003 _____ () C:\Users\Joe\stut
2014-03-31 06:58 - 2014-04-07 12:51 - 00000510 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3743817662-1129281641-473641309-1000.job
2014-03-30 21:59 - 2014-03-30 21:59 - 01031330 _____ () C:\Users\Joe\Desktop\Nátlakové skupiny.pptx
2014-03-30 19:43 - 2014-03-30 19:43 - 00000000 ____D () C:\Users\Joe\Desktop\modlitby počajevo
2014-03-30 17:47 - 2014-03-30 17:47 - 01954304 _____ () C:\Users\Joe\Downloads\Úvaha.lnk.ppt
2014-03-30 13:23 - 2014-03-30 21:56 - 01031310 _____ () C:\Users\Joe\Downloads\Nátlakové skupiny.pptx
2014-03-30 13:23 - 2014-03-30 13:23 - 00084880 _____ () C:\Users\Joe\Downloads\Nátlakové skupiny (1).pptx
2014-03-29 15:09 - 2014-03-31 07:27 - 00000330 _____ () C:\Users\Joe\rgut
2014-03-28 16:16 - 2014-03-28 16:16 - 00001540 _____ () C:\Users\Joe\Desktop\Minecraft.exe – zástupce (2).lnk
2014-03-28 16:13 - 2014-03-28 16:13 - 00000687 _____ () C:\Users\Public\Desktop\World of Tanks - Common Test.lnk
2014-03-28 16:11 - 2014-03-28 16:12 - 10983288 _____ (Wargaming.net ) C:\Users\Joe\Downloads\WoT_internet_install_ct.exe
2014-03-27 23:54 - 2014-03-28 02:48 - 00000000 ____D () C:\Users\Joe\GSplay
2014-03-27 23:54 - 2014-03-27 23:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-27 23:53 - 2014-03-27 23:53 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-27 23:53 - 2014-03-27 23:53 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-03-27 23:50 - 2014-03-27 23:50 - 00921000 _____ (Oracle Corporation) C:\Users\Joe\Desktop\jxpiinstall.exe
2014-03-27 23:50 - 2014-03-27 23:50 - 00000000 ____D () C:\Users\Joe\Downloads\GSplay
2014-03-27 23:47 - 2014-03-27 23:48 - 04748905 _____ () C:\Users\Joe\Downloads\GSplay.zip
2014-03-27 23:40 - 2014-03-27 23:40 - 01106756 _____ () C:\Users\Joe\Downloads\KeiNett Launcher.exe
2014-03-27 23:31 - 2014-03-05 23:19 - 00007670 ____S () C:\Windows\system32\mncdtklhg.vbe
2014-03-27 23:31 - 2013-10-26 21:30 - 00972814 ____S () C:\Windows\system32\dcgmncdtklhg.exe
2014-03-27 23:31 - 2013-07-18 17:06 - 00187904 ____S () C:\Windows\system32\lcpmncdtklhg.exe
2014-03-27 23:30 - 2014-03-27 23:30 - 00000000 ____D () C:\Windows\system32\bitstreams
2014-03-27 23:30 - 2014-03-27 23:30 - 00000000 ____D () C:\Users\Joe\Downloads\Minecraft-1.7.2
2014-03-27 23:30 - 2014-03-27 23:30 - 00000000 ____D () C:\Program Files\Minecraft-1.7.2
2014-03-27 23:30 - 2013-12-10 01:30 - 10236928 ____S () C:\Windows\system32\acumncdtklhg.exe
2014-03-27 23:30 - 2013-10-26 21:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\system32\libeay32.dll
2014-03-27 23:30 - 2013-10-26 21:30 - 00538126 ____S () C:\Windows\system32\libcurl-4.dll
2014-03-27 23:30 - 2013-10-26 21:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\system32\ssleay32.dll
2014-03-27 23:30 - 2013-10-26 21:30 - 00192512 ____S () C:\Windows\system32\libidn-11.dll
2014-03-27 23:30 - 2013-10-26 21:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\system32\libssh2.dll
2014-03-27 23:30 - 2013-10-26 21:30 - 00133632 ____S () C:\Windows\system32\librtmp.dll
2014-03-27 23:30 - 2013-10-26 21:30 - 00044727 ____S () C:\Windows\system32\diablo130302.cl
2014-03-27 23:30 - 2013-10-26 21:30 - 00043810 ____S () C:\Windows\system32\poclbm130302.cl
2014-03-27 23:30 - 2013-10-26 21:30 - 00030802 ____S () C:\Windows\system32\diakgcn121016.cl
2014-03-27 23:30 - 2013-10-26 21:30 - 00023825 ____S () C:\Windows\system32\scrypt130511.cl
2014-03-27 23:30 - 2013-10-26 21:30 - 00013062 ____S () C:\Windows\system32\phatk121016.cl
2014-03-27 23:30 - 2013-06-12 16:15 - 00100864 ____S () C:\Windows\system32\zlib1.dll
2014-03-27 23:30 - 2012-09-26 00:46 - 00472424 ____S (NVIDIA Corporation) C:\Windows\system32\cudart32_50_35.dll
2014-03-27 23:30 - 2012-05-27 02:36 - 00055808 ____S (Open Source Software community LGPL) C:\Windows\system32\pthreadVC2.dll
2014-03-27 23:29 - 2014-03-27 23:30 - 07531703 _____ () C:\Users\Joe\Downloads\Minecraft-1.7.2.zip
2014-03-27 23:27 - 2014-03-27 23:27 - 00000654 _____ () C:\Users\Joe\Downloads\Minecraft-Launcher-1.7.2.rar
2014-03-27 23:27 - 2014-03-27 23:27 - 00000000 ____D () C:\Users\Joe\Downloads\Minecraft-Launcher-1.7.2
2014-03-27 23:25 - 2014-03-27 23:25 - 01106756 _____ () C:\Users\Joe\Desktop\Minecraft-Warez-launcher-1.7.4.exe
2014-03-21 10:40 - 2014-04-05 11:06 - 00000000 ____D () C:\Users\Joe\AppData\Local\CrashDumps
2014-03-19 12:09 - 2014-03-19 12:09 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-19 11:49 - 2014-03-19 11:55 - 133561080 _____ () C:\Users\Joe\Downloads\setup_11.0.1.1245.x01_2014_03_14_23_53.exe
2014-03-19 11:44 - 2014-03-19 11:44 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-19 11:44 - 2014-03-19 11:44 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-19 11:43 - 2014-03-19 11:43 - 04765152 _____ (Piriform Ltd) C:\Users\Joe\Downloads\ccsetup411.exe
2014-03-17 14:24 - 2014-03-17 14:24 - 00000000 ____D () C:\Windows\ERUNT
2014-03-15 13:33 - 2014-03-15 13:33 - 00000000 ____D () C:\Users\Joe\Downloads\SC_T_PRAVNICH_VZT
2014-03-15 13:32 - 2014-03-15 13:32 - 00004539 _____ () C:\Users\Joe\Downloads\SC_T_PRAVNICH_VZT.zip
2014-03-14 21:23 - 2014-03-14 21:23 - 00177086 _____ () C:\Users\Joe\Downloads\The-Wolf-of-Wall-Street(0000233483).srt
2014-03-12 10:40 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 10:40 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 10:40 - 2014-03-01 06:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 10:40 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 10:40 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 10:40 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 10:40 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 10:40 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 10:40 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 10:40 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 10:40 - 2014-03-01 05:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 10:40 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 10:40 - 2014-03-01 05:31 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 10:40 - 2014-03-01 05:25 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 10:40 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 10:40 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 10:40 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 10:40 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 10:40 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 10:40 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 10:40 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 10:40 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 10:40 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 10:37 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 10:37 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 10:37 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 10:37 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-08 16:02 - 2014-03-08 16:02 - 00888320 _____ () C:\Users\Joe\Desktop\Extremismus.ppt
2014-03-08 16:02 - 2014-03-08 16:02 - 00552960 _____ () C:\Users\Joe\Desktop\volby, volební systém.ppt
2014-03-08 16:02 - 2014-03-08 16:02 - 00130560 _____ () C:\Users\Joe\Desktop\IDEOLOGIE+ extremismus.ppt
==================== One Month Modified Files and Folders =======
2014-04-07 13:34 - 2014-04-07 13:33 - 00023201 _____ () C:\Users\Joe\Desktop\FRST.txt
2014-04-07 13:33 - 2014-04-07 13:32 - 00000000 ____D () C:\FRST
2014-04-07 13:31 - 2014-04-07 13:31 - 00112640 _____ (forum.viry.cz) C:\Users\Joe\Desktop\FRSTLauncher.exe
2014-04-07 13:30 - 2009-12-02 17:02 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\Skype
2014-04-07 13:29 - 2014-04-07 13:29 - 00112640 _____ (forum.viry.cz) C:\Users\Joe\Downloads\Nepotvrzeno 250667.crdownload
2014-04-07 13:28 - 2014-04-07 13:28 - 00112640 _____ (forum.viry.cz) C:\Users\Joe\Downloads\Nepotvrzeno 569979.crdownload
2014-04-07 13:28 - 2014-04-07 13:28 - 00112640 _____ (forum.viry.cz) C:\Users\Joe\Downloads\Nepotvrzeno 340812.crdownload
2014-04-07 13:28 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-07 13:27 - 2014-04-07 13:25 - 01145856 _____ (Farbar) C:\Users\Joe\Desktop\FRST.exe
2014-04-07 13:20 - 2009-07-14 06:34 - 00013792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-07 13:20 - 2009-07-14 06:34 - 00013792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-07 12:51 - 2014-03-31 06:58 - 00000510 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3743817662-1129281641-473641309-1000.job
2014-04-07 12:51 - 2012-03-30 20:00 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-07 12:31 - 2010-02-11 13:02 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\vlc
2014-04-07 11:43 - 2014-03-31 16:32 - 00004144 _____ () C:\Windows\setupact.log
2014-04-07 01:48 - 2012-09-12 10:41 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\.minecraft
2014-04-06 12:43 - 2014-02-01 17:30 - 00000000 ____D () C:\Users\Joe\Desktop\ivča
2014-04-05 11:06 - 2014-03-21 10:40 - 00000000 ____D () C:\Users\Joe\AppData\Local\CrashDumps
2014-04-05 10:38 - 2009-09-27 23:44 - 01989099 _____ () C:\Windows\WindowsUpdate.log
2014-04-04 17:26 - 2009-09-27 18:14 - 00114904 _____ () C:\Users\Joe\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-04 07:55 - 2013-06-27 14:21 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\TeamViewer
2014-04-04 07:54 - 2014-04-04 07:54 - 00001048 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-04-04 07:54 - 2013-06-26 15:05 - 00000000 ____D () C:\Program Files\TeamViewer
2014-04-03 19:41 - 2011-06-13 18:11 - 00000000 ____D () C:\Users\Joe\AppData\Local\PMB Files
2014-04-02 21:53 - 2014-04-02 21:53 - 00001003 _____ () C:\Users\Joe\Desktop\MP3 Speed Changer.lnk
2014-04-02 21:53 - 2014-04-02 21:53 - 00000000 ____D () C:\Users\Joe\AppData\Local\Crazy_Boomerang_Software
2014-04-02 21:53 - 2014-04-02 21:52 - 00000000 ____D () C:\Program Files\MP3 Speed Changer
2014-04-02 13:56 - 2014-02-11 16:26 - 00000000 ____D () C:\Program Files\MetaTrader FLOAT
2014-04-01 22:03 - 2011-06-13 18:11 - 00000000 ____D () C:\ProgramData\PMB Files
2014-03-31 17:26 - 2009-09-27 06:30 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-31 16:32 - 2014-03-31 16:32 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-31 12:09 - 2010-03-07 21:23 - 00000000 ____D () C:\Users\Joe\AppData\Local\LogMeIn Hamachi
2014-03-31 12:05 - 2009-09-27 06:27 - 00000000 ____D () C:\Users\Joe
2014-03-31 12:03 - 2013-11-14 14:12 - 00000000 ____D () C:\Program Files\trend micro
2014-03-31 12:03 - 2010-07-31 12:43 - 00000000 ____D () C:\Qoobox
2014-03-31 12:02 - 2014-03-31 12:02 - 00165888 _____ () C:\Users\Joe\Downloads\T-Cleaner.exe
2014-03-31 07:28 - 2014-03-31 07:28 - 00000003 _____ () C:\Users\Joe\stut
2014-03-31 07:27 - 2014-03-29 15:09 - 00000330 _____ () C:\Users\Joe\rgut
2014-03-31 07:24 - 2009-09-28 11:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-31 07:24 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-30 21:59 - 2014-03-30 21:59 - 01031330 _____ () C:\Users\Joe\Desktop\Nátlakové skupiny.pptx
2014-03-30 21:56 - 2014-03-30 13:23 - 01031310 _____ () C:\Users\Joe\Downloads\Nátlakové skupiny.pptx
2014-03-30 19:43 - 2014-03-30 19:43 - 00000000 ____D () C:\Users\Joe\Desktop\modlitby počajevo
2014-03-30 18:44 - 2012-01-25 20:25 - 00000000 ____D () C:\Users\Joe\AppData\Local\Microsoft Help
2014-03-30 17:47 - 2014-03-30 17:47 - 01954304 _____ () C:\Users\Joe\Downloads\Úvaha.lnk.ppt
2014-03-30 13:23 - 2014-03-30 13:23 - 00084880 _____ () C:\Users\Joe\Downloads\Nátlakové skupiny (1).pptx
2014-03-28 16:16 - 2014-03-28 16:16 - 00001540 _____ () C:\Users\Joe\Desktop\Minecraft.exe – zástupce (2).lnk
2014-03-28 16:13 - 2014-03-28 16:13 - 00000687 _____ () C:\Users\Public\Desktop\World of Tanks - Common Test.lnk
2014-03-28 16:13 - 2010-08-18 19:28 - 00000000 ____D () C:\Windows\system32\directx
2014-03-28 16:12 - 2014-03-28 16:11 - 10983288 _____ (Wargaming.net ) C:\Users\Joe\Downloads\WoT_internet_install_ct.exe
2014-03-28 02:48 - 2014-03-27 23:54 - 00000000 ____D () C:\Users\Joe\GSplay
2014-03-27 23:54 - 2014-03-27 23:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-27 23:53 - 2014-03-27 23:53 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-27 23:53 - 2014-03-27 23:53 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-03-27 23:53 - 2012-10-22 15:01 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-27 23:53 - 2012-10-22 15:01 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-27 23:53 - 2010-08-11 12:11 - 00000000 ____D () C:\Program Files\Java
2014-03-27 23:50 - 2014-03-27 23:50 - 00921000 _____ (Oracle Corporation) C:\Users\Joe\Desktop\jxpiinstall.exe
2014-03-27 23:50 - 2014-03-27 23:50 - 00000000 ____D () C:\Users\Joe\Downloads\GSplay
2014-03-27 23:48 - 2014-03-27 23:47 - 04748905 _____ () C:\Users\Joe\Downloads\GSplay.zip
2014-03-27 23:40 - 2014-03-27 23:40 - 01106756 _____ () C:\Users\Joe\Downloads\KeiNett Launcher.exe
2014-03-27 23:30 - 2014-03-27 23:30 - 00000000 ____D () C:\Windows\system32\bitstreams
2014-03-27 23:30 - 2014-03-27 23:30 - 00000000 ____D () C:\Users\Joe\Downloads\Minecraft-1.7.2
2014-03-27 23:30 - 2014-03-27 23:30 - 00000000 ____D () C:\Program Files\Minecraft-1.7.2
2014-03-27 23:30 - 2014-03-27 23:29 - 07531703 _____ () C:\Users\Joe\Downloads\Minecraft-1.7.2.zip
2014-03-27 23:27 - 2014-03-27 23:27 - 00000654 _____ () C:\Users\Joe\Downloads\Minecraft-Launcher-1.7.2.rar
2014-03-27 23:27 - 2014-03-27 23:27 - 00000000 ____D () C:\Users\Joe\Downloads\Minecraft-Launcher-1.7.2
2014-03-27 23:25 - 2014-03-27 23:25 - 01106756 _____ () C:\Users\Joe\Desktop\Minecraft-Warez-launcher-1.7.4.exe
2014-03-27 22:51 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-03-27 22:48 - 2009-07-14 04:03 - 63963136 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-03-27 22:48 - 2009-07-14 04:03 - 32768000 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-03-27 22:48 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-03-27 22:48 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-03-27 22:48 - 2009-07-14 04:03 - 00102400 _____ () C:\Windows\system32\config\SAM.bak
2014-03-20 07:56 - 2013-08-01 18:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-20 07:53 - 2009-09-28 11:24 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-19 12:09 - 2014-03-19 12:09 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-19 11:55 - 2014-03-19 11:49 - 133561080 _____ () C:\Users\Joe\Downloads\setup_11.0.1.1245.x01_2014_03_14_23_53.exe
2014-03-19 11:53 - 2012-08-24 16:15 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\FileZilla
2014-03-19 11:53 - 2010-03-04 17:01 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\Azureus
2014-03-19 11:53 - 2009-10-01 19:13 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\DAEMON Tools Lite
2014-03-19 11:50 - 2011-06-21 17:40 - 00000000 ____D () C:\Windows\Minidump
2014-03-19 11:50 - 2009-09-28 00:40 - 00000000 ____D () C:\Windows\Panther
2014-03-19 11:44 - 2014-03-19 11:44 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-19 11:44 - 2014-03-19 11:44 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-19 11:43 - 2014-03-19 11:43 - 04765152 _____ (Piriform Ltd) C:\Users\Joe\Downloads\ccsetup411.exe
2014-03-17 14:36 - 2009-12-02 17:01 - 00000000 ___RD () C:\Program Files\Skype
2014-03-17 14:33 - 2010-10-29 09:20 - 00000000 ____D () C:\ProgramData\ICQ
2014-03-17 14:24 - 2014-03-17 14:24 - 00000000 ____D () C:\Windows\ERUNT
2014-03-16 12:00 - 2010-08-05 18:00 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-15 13:33 - 2014-03-15 13:33 - 00000000 ____D () C:\Users\Joe\Downloads\SC_T_PRAVNICH_VZT
2014-03-15 13:32 - 2014-03-15 13:32 - 00004539 _____ () C:\Users\Joe\Downloads\SC_T_PRAVNICH_VZT.zip
2014-03-14 21:23 - 2014-03-14 21:23 - 00177086 _____ () C:\Users\Joe\Downloads\The-Wolf-of-Wall-Street(0000233483).srt
2014-03-13 04:25 - 2009-07-14 06:33 - 02353728 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 04:05 - 2012-01-25 20:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-11 21:52 - 2012-03-30 20:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-11 21:52 - 2011-05-22 18:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-09 10:21 - 2014-02-25 16:51 - 00000084 _____ () C:\Users\Joe\AppData\Roaming\WB.CFG
2014-03-08 16:02 - 2014-03-08 16:02 - 00888320 _____ () C:\Users\Joe\Desktop\Extremismus.ppt
2014-03-08 16:02 - 2014-03-08 16:02 - 00552960 _____ () C:\Users\Joe\Desktop\volby, volební systém.ppt
2014-03-08 16:02 - 2014-03-08 16:02 - 00130560 _____ () C:\Users\Joe\Desktop\IDEOLOGIE+ extremismus.ppt
Files to move or delete:
====================
C:\Users\Joe\AppData\Roaming\CamLayout.ini
C:\Users\Joe\AppData\Roaming\CamShapes.ini
Some content of TEMP:
====================
C:\Users\Joe\AppData\Local\temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3743817662-1129281641-473641309-1000.job => C:\Program Files\Citrix\GoToMeeting\1350\g2mupdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{B7C2079D-2FB1-48B0-BDA6-2F15A718F334}.job => C:\Windows\system32\msfeedssync.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Joe\Desktop" je 4726 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\\Programy\\TriDef 3D\\TriDef\\TriDefMediaPlayer\\TriDefMediaPlayer.exe"="D:\\Programy\\TriDef 3D\\TriDef\\TriDefMediaPlayer\\TriDefMediaPlayer.exe:*:Enabled:TriDef 3D Media Player"
"D:\\Programy\\xchat\\xchat.exe"="D:\\Programy\\xchat\\xchat.exe:*:Enabled:XChat IRC Client"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
díky
Stáhněte Junkware Removal Tool 
záložka 
hrozně jste mi usnadnili práci já bych to asi dokázal jen zálohovat a zformátovat tak asi už se může zamknout