Kód: Vybrat vše
[list=]Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-04-2014
Ran by Admin (administrator) on MARCUSAURELIUS on 23-04-2014 21:39:10
Running from C:\Users\Admin\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GSInGameService.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
() C:\Program Files (x86)\Opera\20.0.1387.91\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-04-15] (LogMeIn Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2014-04-23] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-04-19] (AMD)
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: D - D:\setup\rsrc\Autorun.exe
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: F - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: {185465d2-934d-11e0-a699-806e6f6e6963} - D:\AutoRunCD.exe
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: {2b874f63-a7fc-11e0-95e2-bcaec576abdd} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: {39f85499-9d82-11e0-9faf-bcaec576abdd} - E:\Portal2.part01.exe
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: {5a06f6e7-d003-11e0-9c03-bcaec576abdd} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: {9b3bf0e9-0fcb-11e1-9fb4-bcaec576abdd} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: {d9218416-9fee-11e0-94dc-bcaec576abdd} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: {d921841f-9fee-11e0-94dc-bcaec576abdd} - F:\setup_vmc_lite.exe /checkApplicationPresence
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://search.imesh.com/web?src=ieb&appid=393&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://search.imesh.com/web?src=ieb&appid=393&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {87FF3D05-24B7-4E88-9B11-2375CFA4EC85} URL =
SearchScopes: HKLM-x32 - {787D4B85-282E-4CB5-8541-3FAD93022DFD} URL = ${SEARCH_URL}{searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://search.imesh.com/web?src=ieb&appid=393&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://search.imesh.com/web?src=ieb&appid=393&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://search.imesh.com/web?src=ieb&appid=393&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKCU - {E16D0A7B-C88D-41A1-B1BA-C24FE2B04721} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Shopper Pro - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro64.dll (Speedbit Ltd.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Shopper Pro - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro.dll (Speedbit Ltd.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - No Name - !{25A3A431-30BB-47C8-AD6A-E1063801134F} - No File
Toolbar: HKLM - No Name - !{AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - No File
Toolbar: HKLM - No Name - !{AF3D7884-B142-414E-943D-75D8D54E1FFF} - No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - No Name - !{25A3A431-30BB-47C8-AD6A-E1063801134F} - No File
Toolbar: HKLM-x32 - No Name - !{AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - No File
Toolbar: HKLM-x32 - No Name - !{AF3D7884-B142-414E-943D-75D8D54E1FFF} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 02 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 03 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 04 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 05 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 06 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 07 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 08 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 09 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 10 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 21 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2014-04-23]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2014-04-23]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2014-04-23]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2014-04-23]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2014-04-23]
FF HKCU\...\Firefox\Extensions: [{54affe52-8223-453b-be1e-2fe2e250045c}] - C:\Users\Admin\AppData\Roaming\Lamantine\Sticky Password\spAutofill
Chrome:
=======
CHR HomePage: www.google.com
CHR RestoreOnStartup: "translate_blocked_languages": [ "cs" ],
"translate_whitelists"
CHR StartupUrls: "www.google.com"
CHR Extension: (avast! Online Security) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-11]
CHR Extension: (Peněženka Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-11]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2013-05-16]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2013-05-16]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2013-05-16]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2013-05-16]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2013-05-16]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [369152 2013-08-15] (AVerMedia TECHNOLOGIES, Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2014-04-23] (Kaspersky Lab ZAO)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-08] (LogMeIn, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-13] ()
S2 RzKLService; C:\Program Files (x86)\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4249088 2014-03-06] (A-Volute)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S2 YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm [X]
==================== Drivers (Whitelisted) ====================
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2013-12-17] (The OpenVPN Project)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-04-16] ()
R3 AVer330C875; C:\Windows\System32\DRIVERS\AVer330C875.sys [1520128 2013-08-26] (AVerMedia TECHNOLOGIES, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-17] (Disc Soft Ltd)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-07-23] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-04-23] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-05-16] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2014-04-23] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-04-23] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-04-23] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2014-04-23] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2014-04-23] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-05-16] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-04-16] ()
S0 ohuruev; C:\Windows\SysWOW64\drivers\emeaabfj.sys [61440 2013-12-17] ()
R3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [40696 2014-03-06] (Windows (R) Win 7 DDK provider)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
S3 cpuz130; \??\C:\Users\Admin\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
U2 DCE;
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-23 21:39 - 2014-04-23 21:43 - 00023911 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-04-23 21:32 - 2014-04-23 21:39 - 00000000 ____D () C:\FRST
2014-04-23 21:29 - 2014-04-23 21:29 - 00112640 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2014-04-23 21:28 - 2014-04-23 21:29 - 02061312 _____ (Farbar) C:\Users\Admin\Downloads\FRST64 (1).exe
2014-04-23 21:28 - 2014-04-23 21:29 - 02061312 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-04-23 17:53 - 2014-04-23 17:53 - 00001777 _____ () C:\Users\Admin\Desktop\Crysis – zástupce.lnk
2014-04-23 17:29 - 2014-04-23 17:38 - 00055633 _____ () C:\Windows\DirectX.log
2014-04-23 16:33 - 2014-04-23 16:33 - 00001146 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
2014-04-23 16:33 - 2014-04-23 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013
2014-04-23 16:33 - 2013-05-16 22:58 - 00064856 _____ (Kaspersky Lab) C:\Windows\system32\klfphc.dll
2014-04-23 16:32 - 2014-04-23 17:15 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-04-23 16:32 - 2014-04-23 17:07 - 00626272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-04-23 16:32 - 2014-04-23 16:32 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-04-23 16:32 - 2014-04-23 16:32 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-04-23 16:32 - 2013-05-16 22:58 - 00090208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-04-23 16:15 - 2014-04-23 16:15 - 00000000 ___HD () C:\kleaner.tmp
2014-04-23 15:38 - 2014-04-23 15:38 - 00002999 _____ () C:\Users\Admin\Desktop\kastreset.zip
2014-04-23 15:38 - 2014-04-23 15:38 - 00000545 _____ () C:\Users\Admin\Downloads\[CzT]Kaspersky_Trial_Reset.torrent
2014-04-23 15:13 - 2014-04-23 15:13 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList
2014-04-23 15:13 - 2014-04-23 15:13 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList
2014-04-23 15:08 - 2014-04-23 15:08 - 00018924 _____ () C:\Users\Admin\Downloads\[CzT]Kaspersky_Internet_Security_2013_2014_CZ_.torrent
2014-04-23 15:04 - 2014-04-23 15:05 - 03972608 _____ () C:\Users\Admin\Downloads\RogueKiller.exe
2014-04-23 14:58 - 2014-04-23 14:58 - 00001190 _____ () C:\Users\Public\Desktop\Dead Space.lnk
2014-04-23 14:42 - 2014-04-23 21:00 - 00000000 ____D () C:\Users\Admin\Desktop\Warhammer , Warhammer 40-000
2014-04-23 14:42 - 2014-04-23 14:42 - 00075768 _____ () C:\Users\Admin\Downloads\[CzT]Warhammer_40_000_1993_2013_CZ_.torrent
2014-04-23 14:42 - 2014-04-23 14:42 - 00000913 _____ () C:\Users\Admin\Downloads\[CzT]Dragon_Age_Prameny_Origins_oficialni_komiks_CZ.torrent
2014-04-23 14:36 - 2014-04-23 14:36 - 00002747 _____ () C:\Users\Admin\Downloads\[CzT]Mitchell_Zuckoff_Ztraceni_v_Shangri_La_2012_CZ_.torrent
2014-04-23 14:29 - 2014-04-23 17:02 - 00000000 ____D () C:\Program Files (x86)\Crysis
2014-04-23 14:20 - 2014-04-23 14:20 - 00000000 ____D () C:\Users\Admin\Desktop\Mlčení jehňátek (1991)
2014-04-23 14:19 - 2014-04-23 14:19 - 06236992 _____ () C:\Users\Admin\Downloads\The Demonata by Darren Shan - Complete 10 Books.pdf.rar
2014-04-23 14:16 - 2014-04-23 14:16 - 00000000 ____D () C:\Users\Admin\Desktop\Fantasy
2014-04-23 14:14 - 2014-04-23 14:14 - 00002878 _____ () C:\Users\Admin\Downloads\[CzT]Robert_Galbraith_Volani_kukacky_2014_CZ_.torrent
2014-04-23 14:11 - 2014-04-23 14:11 - 00021216 _____ () C:\Users\Admin\Downloads\[CzT]Andrzej_Sapkowski_Serie_Zaklinac_CZ_.torrent
2014-04-23 14:11 - 2014-04-23 14:11 - 00003410 _____ () C:\Users\Admin\Downloads\[CzT]Oliver_Bowden_Assassin_s_Creed_3_dily_CZ_.torrent
2014-04-23 14:10 - 2014-04-23 14:10 - 00016847 _____ () C:\Users\Admin\Downloads\[CzT]Oliver_Bowden_Assassins_Creed_Bratrstvo_2011_.torrent
2014-04-23 14:05 - 2014-04-23 14:05 - 00017524 _____ () C:\Users\Admin\Downloads\[CzT]Mlceni_jehnatek_The_Silence_of_the_Lambs_1991_.torrent
2014-04-23 13:44 - 2014-04-23 13:44 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe_Systems_Incorporate
2014-04-23 13:43 - 2014-04-23 13:44 - 00000000 ____D () C:\Users\Admin\Documents\My Digital Editions
2014-04-23 13:43 - 2014-04-23 13:43 - 00002172 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2014-04-23 13:42 - 2014-04-23 13:42 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Admin\Downloads\ADE_3.0_Installer.exe
2014-04-23 13:39 - 2014-04-23 13:40 - 00000000 ____D () C:\Users\Admin\.FBReader
2014-04-23 13:33 - 2014-04-23 13:33 - 00001885 _____ () C:\Users\Máma\Desktop\FBReader.lnk
2014-04-23 13:33 - 2014-04-23 13:33 - 00001885 _____ () C:\Users\Guest\Desktop\FBReader.lnk
2014-04-23 13:33 - 2014-04-23 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FBReader for Windows
2014-04-23 13:30 - 2014-04-23 13:31 - 05337840 _____ () C:\Users\Admin\Downloads\FBReaderSetup-0.12.10.exe
2014-04-23 13:20 - 2014-04-23 13:20 - 00022635 _____ () C:\Users\Admin\Downloads\[CzT]George_R_R_Martin_Pisen_ledu_a_ohne_Hra_o_truny_Stret_kralu_Boure_mecu_Hostina_pro_vrany_Tanec_s_draky_1996_2011_CZ_.torrent
2014-04-23 13:18 - 2014-04-23 13:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-23 13:16 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-23 13:16 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-23 13:08 - 2014-04-23 13:08 - 00347816 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe
2014-04-22 21:29 - 2014-04-22 21:29 - 00013330 _____ () C:\Users\Admin\Downloads\a072pc.torrent
2014-04-22 21:06 - 2014-04-22 21:06 - 00016883 _____ () C:\Users\Admin\Downloads\[CzT]Crysis_3.torrent
2014-04-22 20:57 - 2014-04-22 20:57 - 00019290 _____ () C:\Users\Admin\Downloads\[CzT]Crysis_CZ_v1_2_1_HiRes_DX10_.torrent
2014-04-22 17:14 - 2014-04-22 17:14 - 00013437 _____ () C:\Users\Admin\Downloads\[CzT]Hra_o_truny_Game_of_Thrones_S04E03_Breaker_of_chains_TVRip_720p_.torrent
2014-04-22 15:30 - 2014-04-22 15:30 - 00012900 _____ () C:\Users\Admin\Downloads\voda.xlsx
2014-04-21 21:30 - 2014-04-21 21:30 - 00001352 _____ () C:\Users\Admin\Desktop\BattleField 4.lnk
2014-04-21 21:22 - 2014-04-21 21:26 - 00000000 ____D () C:\Users\Admin\Documents\Battlefield 4
2014-04-21 20:44 - 2014-04-21 21:30 - 00000000 ____D () C:\Program Files (x86)\Battlefield 4
2014-04-21 19:00 - 2014-04-21 19:01 - 07014874 _____ () C:\Users\Admin\Downloads\Thief_V1.00_32bit-64bit_Trainer_plus5 (1).zip
2014-04-21 18:59 - 2014-04-21 18:59 - 06938609 _____ () C:\Users\Admin\Downloads\Thief_V1.00_32bit-64bit_Trainer_plus5.zip
2014-04-21 18:41 - 2014-04-21 18:41 - 00000000 ____D () C:\ProgramData\RzMaelstromVAD_1.1.52.1675
2014-04-21 18:34 - 2014-04-21 18:34 - 00000000 ____D () C:\Users\Admin\Documents\Sniper - Ghost Warrior
2014-04-21 18:33 - 2014-04-21 18:33 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-04-21 18:16 - 2014-04-21 18:16 - 00093385 _____ () C:\Users\Admin\Downloads\[CzT]Battlefield_4_2013_CZ_.torrent
2014-04-21 18:16 - 2014-04-21 18:16 - 00093384 _____ () C:\Users\Admin\Downloads\[CzT]Battlefield_4_2013_CZ_ (1).torrent
2014-04-21 18:10 - 2014-04-21 18:10 - 00000000 ____D () C:\Users\Admin\Documents\Razer
2014-04-21 18:10 - 2014-04-21 18:10 - 00000000 ____D () C:\Users\Admin\AppData\Local\Razer_Inc
2014-04-21 18:09 - 2014-04-21 18:11 - 01725304 _____ (Razer Inc.) C:\Users\Admin\Downloads\RazerSurroundInstaller_v2.00.10.exe
2014-04-21 17:51 - 2014-04-21 18:31 - 00000000 ____D () C:\Users\Admin\AppData\Local\Razer
2014-04-21 17:50 - 2014-04-22 21:40 - 00000000 ____D () C:\Program Files (x86)\Razer Game Booster
2014-04-21 17:50 - 2014-04-21 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-04-21 17:50 - 2014-04-21 18:31 - 00000000 ____D () C:\ProgramData\Razer
2014-04-21 17:50 - 2014-04-21 17:50 - 00002007 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-04-21 14:18 - 2014-04-21 14:18 - 00013059 _____ () C:\Users\Admin\Downloads\Recovery.torrent
2014-04-21 14:08 - 2014-04-21 14:10 - 129866009 _____ () C:\Users\Admin\Downloads\Factorio_v0.9.2_setup.exe
2014-04-16 22:25 - 2014-04-16 22:25 - 00314016 _____ () C:\Windows\system32\Drivers\atksgt.sys
2014-04-16 22:25 - 2014-04-16 22:25 - 00043680 _____ () C:\Windows\system32\Drivers\lirsgt.sys
2014-04-16 22:25 - 2014-04-16 22:25 - 00000000 ____D () C:\Windows\usgwmt
2014-04-16 13:59 - 2014-04-16 18:40 - 00000000 ____D () C:\Users\Public\Documents\stalker-shoc
2014-04-16 13:58 - 2014-04-16 13:58 - 00001110 _____ () C:\Users\Admin\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk
2014-04-16 13:49 - 2014-04-16 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-04-16 13:49 - 2014-04-16 13:49 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-15 22:08 - 2014-04-15 22:08 - 00002137 _____ () C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Clear Sky.lnk
2014-04-15 22:08 - 2014-04-15 22:08 - 00001689 _____ () C:\Users\Admin\Desktop\S.T.A.L.K.E.R. - Call of Pripyat.lnk
2014-04-15 22:08 - 2014-04-15 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2014-04-15 22:07 - 2014-04-16 22:31 - 00000000 ____D () C:\Users\Public\Documents\STALKER-STCS
2014-04-15 21:52 - 2014-04-17 07:50 - 00000000 ____D () C:\Program Files (x86)\S.T.A.L.K.E.R. - Clear Sky
2014-04-15 21:52 - 2014-04-15 22:08 - 00000000 ____D () C:\Program Files (x86)\STALKER - Call of Pripyat
2014-04-15 21:51 - 2014-04-15 22:11 - 00000000 ____D () C:\Program Files (x86)\STALKER - Shadow of Chernobyl
2014-04-15 19:50 - 2014-04-15 19:50 - 00000000 ____D () C:\Users\Admin\Downloads\Take Me Home
2014-04-15 19:49 - 2014-04-23 16:24 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent
2014-04-15 19:49 - 2014-04-15 19:49 - 00000893 _____ () C:\Users\Admin\Desktop\µTorrent.lnk
2014-04-15 19:47 - 2014-04-15 20:04 - 00000000 ____D () C:\Users\Admin\Downloads\Recovery
2014-04-15 19:34 - 2014-04-15 19:34 - 00000000 ____D () C:\Users\Admin\Documents\Rockstar Games
2014-04-15 19:31 - 2014-04-21 14:07 - 00000000 ____D () C:\Users\Admin\AppData\Local\Rockstar Games
2014-04-15 19:28 - 2014-04-15 19:28 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2014-04-15 19:28 - 2014-04-15 19:28 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-04-15 18:33 - 2014-04-21 14:07 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-04-15 17:40 - 2014-04-15 17:40 - 00000000 ____D () C:\Users\Admin\Downloads\Night Visions
2014-04-15 16:59 - 2014-04-15 16:59 - 00014252 _____ () C:\Users\Admin\Downloads\One Direction.torrent
2014-04-15 16:38 - 2014-04-15 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music NFO Builder
2014-04-15 16:33 - 2014-04-15 16:33 - 00013587 _____ () C:\Users\Admin\Downloads\Night Visions.torrent
2014-04-15 13:08 - 2014-04-15 13:08 - 00012322 _____ () C:\Users\Admin\Desktop\Company Of Heroes.lnk
2014-04-14 21:45 - 2014-04-14 21:45 - 00000000 ____D () C:\Program Files (x86)\THQ
2014-04-13 19:39 - 2014-04-13 19:39 - 00000000 ____D () C:\ProgramData\Orbit
2014-04-13 19:38 - 2014-04-13 19:38 - 00001579 _____ () C:\Users\Admin\Desktop\FarCry 3.lnk
2014-04-13 16:06 - 2014-04-13 16:06 - 00001946 _____ () C:\Users\Public\Desktop\Minn OS1.lnk
2014-04-13 16:06 - 2014-04-13 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkyTEK Minn OS1
2014-04-13 16:06 - 2014-04-13 16:06 - 00000000 ____D () C:\Program Files (x86)\SkyTEK Minn OS1
2014-04-13 10:41 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-13 10:41 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-13 10:41 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-13 10:41 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-13 10:41 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-13 10:41 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-13 10:40 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-13 10:40 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-13 10:40 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-13 10:40 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-13 10:40 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-13 10:40 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-13 10:40 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-13 10:40 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-13 10:40 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-13 10:40 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-13 10:40 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-13 10:40 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-13 10:40 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-13 10:40 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-13 10:40 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-13 10:40 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-13 10:40 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-13 10:40 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-13 10:40 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-13 10:40 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-13 10:40 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-13 10:40 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-13 10:40 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-13 10:40 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-13 10:40 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-13 10:40 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-13 10:40 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-13 10:40 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-13 10:40 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-13 10:40 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-13 10:40 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-13 10:40 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-13 10:40 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-13 10:40 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-13 10:40 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-13 10:40 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-13 10:40 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-13 10:40 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-13 10:40 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-13 10:40 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-13 10:40 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-13 10:40 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-12 09:38 - 2014-04-12 23:13 - 00000000 ____D () C:\Users\Admin\Downloads\Green Day - Greatest Hits (2CD)- 2010
2014-04-11 21:24 - 2014-04-11 21:24 - 00002023 _____ () C:\Users\Admin\Desktop\Surgeon Simulator.lnk
2014-04-11 21:23 - 2014-04-13 15:26 - 00000000 ____D () C:\Program Files (x86)\Surgeon Simulator
2014-04-11 15:15 - 2014-04-15 18:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2014-04-10 18:29 - 2014-04-10 18:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\.StarMade
2014-04-09 21:28 - 2014-04-09 21:28 - 00000000 ____D () C:\Users\Máma\AppData\Local\Apple Computer
2014-04-09 20:42 - 2014-04-09 20:42 - 00000000 ____D () C:\Users\Admin\Documents\My Cheat Tables
2014-04-09 20:33 - 2014-04-09 20:33 - 00000000 ____D () C:\Users\Admin\AppData\Local\VS Revo Group
2014-04-09 20:32 - 2014-04-09 20:32 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-04-09 13:17 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 13:17 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 13:17 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 13:17 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 13:17 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 13:17 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 13:17 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 13:17 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 13:17 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 13:17 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 13:17 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 13:17 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 13:17 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 13:17 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 13:17 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 13:17 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 13:15 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-08 18:03 - 2014-04-13 12:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Factorio
2014-04-08 18:02 - 2014-04-08 18:02 - 00001823 _____ () C:\Users\Admin\Desktop\Factorio.lnk
2014-04-08 17:41 - 2014-04-11 14:34 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\.minecraft
2014-04-08 17:30 - 2014-04-08 17:41 - 00675988 _____ () C:\Users\Admin\Desktop\Minecraft.exe
2014-04-08 17:21 - 2014-04-08 17:21 - 00000981 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NSIS.lnk
2014-04-07 21:38 - 2014-04-07 21:39 - 00001406 _____ () C:\Users\Admin\Desktop\MultiMC.lnk
2014-04-07 21:20 - 2014-04-07 21:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2014-04-07 21:20 - 2014-04-07 21:20 - 00000000 ____D () C:\FFOutput
2014-04-07 21:19 - 2014-04-07 21:21 - 00000000 ____D () C:\Program Files (x86)\FormatFactory
2014-04-05 10:29 - 2014-04-06 20:11 - 00000000 ____D () C:\Users\Admin\Documents\Telltale Games
2014-04-05 10:29 - 2014-04-05 10:29 - 00000000 ____D () C:\ProgramData\CODEX
2014-04-05 10:26 - 2014-04-05 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telltale games
2014-04-04 23:49 - 2014-04-04 23:49 - 00000221 _____ () C:\Users\Admin\Desktop\Skyrim.url
2014-04-04 14:11 - 2014-04-04 14:11 - 00003134 _____ () C:\Windows\System32\Tasks\{E03F7B9A-BBCE-4C8B-B0A5-9C815EBA345F}
2014-04-04 14:10 - 2014-04-04 14:13 - 00000000 ____D () C:\Program Files (x86)\Scorpions WinCheater
2014-04-04 14:10 - 2014-04-04 14:10 - 00001103 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scorpion's WinCheater 2.lnk
2014-04-04 14:10 - 2014-04-04 14:10 - 00001091 _____ () C:\Users\Máma\Desktop\Scorpion's WinCheater 2.lnk
2014-04-04 14:10 - 2014-04-04 14:10 - 00001091 _____ () C:\Users\Admin\Desktop\Scorpion's WinCheater 2.lnk
2014-04-04 12:50 - 2014-04-23 16:27 - 00003496 _____ () C:\Windows\System32\Tasks\gg_uac_daemon_Admin
2014-04-03 17:21 - 2014-04-03 17:21 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-04-03 17:20 - 2014-04-03 17:22 - 00000000 ____D () C:\ProgramData\Alwil Software
2014-04-03 17:20 - 2010-06-28 22:57 - 00165032 _____ (AVAST Software) C:\Windows\SysWOW64\aswA6E9.tmp
2014-03-30 09:16 - 2014-03-30 09:16 - 00000000 ____D () C:\Users\Admin\AppData\Local\Introversion
2014-03-29 17:22 - 2014-03-29 18:39 - 00001718 _____ () C:\Users\Admin\Desktop\Dragon Age II.lnk
2014-03-27 10:37 - 2013-12-29 11:17 - 03678720 _____ () C:\Users\Admin\Desktop\State of Decay - Breakdown Trainer +8 MrAntiFun.EXE
2014-03-26 19:04 - 2014-03-26 19:04 - 00000874 _____ () C:\Users\Public\Desktop\State of Decay.lnk
2014-03-26 19:00 - 2014-03-26 19:05 - 00000000 ____D () C:\Program Files\State of Decay
2014-03-24 15:51 - 2014-03-25 18:48 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\SPORE
2014-03-24 15:51 - 2014-03-24 15:52 - 00000000 ____D () C:\Users\Admin\Documents\Ěîč ňâîđĺíč˙
2014-03-24 15:51 - 2014-03-24 15:51 - 00001688 _____ () C:\Users\Admin\Desktop\Spore.lnk
2014-03-24 15:49 - 2014-03-24 15:50 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SPORE™ Anthology
2014-03-24 15:41 - 2014-03-24 15:49 - 00000000 ____D () C:\Program Files (x86)\SPORE Anthology
==================== One Month Modified Files and Folders =======
2014-04-23 21:43 - 2014-04-23 21:39 - 00023911 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-04-23 21:39 - 2014-04-23 21:32 - 00000000 ____D () C:\FRST
2014-04-23 21:29 - 2014-04-23 21:29 - 00112640 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2014-04-23 21:29 - 2014-04-23 21:28 - 02061312 _____ (Farbar) C:\Users\Admin\Downloads\FRST64 (1).exe
2014-04-23 21:29 - 2014-04-23 21:28 - 02061312 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-04-23 21:17 - 2014-01-11 11:54 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-23 21:02 - 2013-01-28 14:22 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-23 21:00 - 2014-04-23 14:42 - 00000000 ____D () C:\Users\Admin\Desktop\Warhammer , Warhammer 40-000
2014-04-23 20:06 - 2013-12-20 15:06 - 00001346 _____ () C:\Windows\Tasks\Object Browser-updater.job
2014-04-23 20:05 - 2013-12-20 15:05 - 00002082 _____ () C:\Windows\Tasks\Object Browser-firefoxinstaller.job
2014-04-23 20:05 - 2013-12-20 15:05 - 00001248 _____ () C:\Windows\Tasks\Object Browser-codedownloader.job
2014-04-23 20:05 - 2013-12-20 15:05 - 00001148 _____ () C:\Windows\Tasks\Object Browser-enabler.job
2014-04-23 20:04 - 2013-12-20 15:04 - 00002000 _____ () C:\Windows\Tasks\Object Browser-chromeinstaller.job
2014-04-23 19:25 - 2011-06-27 14:42 - 00103736 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-04-23 19:25 - 2011-06-27 14:42 - 00103736 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-23 18:49 - 2011-06-27 13:21 - 01867179 _____ () C:\Windows\WindowsUpdate.log
2014-04-23 17:53 - 2014-04-23 17:53 - 00001777 _____ () C:\Users\Admin\Desktop\Crysis – zástupce.lnk
2014-04-23 17:38 - 2014-04-23 17:29 - 00055633 _____ () C:\Windows\DirectX.log
2014-04-23 17:28 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-04-23 17:27 - 2011-06-29 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-04-23 17:17 - 2013-01-05 13:31 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2014-04-23 17:15 - 2014-04-23 16:32 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-04-23 17:07 - 2014-04-23 16:32 - 00626272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-04-23 17:07 - 2013-05-16 22:58 - 00054368 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kltdi.sys
2014-04-23 17:07 - 2013-05-16 22:58 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2014-04-23 17:07 - 2013-05-16 22:58 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2014-04-23 17:07 - 2012-08-02 15:09 - 00029792 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2014-04-23 17:07 - 2012-06-19 17:28 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-04-23 17:02 - 2014-04-23 14:29 - 00000000 ____D () C:\Program Files (x86)\Crysis
2014-04-23 16:47 - 2011-06-29 17:25 - 00000000 ____D () C:\Users\Admin\Documents\My Games
2014-04-23 16:35 - 2009-07-14 06:45 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-23 16:35 - 2009-07-14 06:45 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-23 16:33 - 2014-04-23 16:33 - 00001146 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
2014-04-23 16:33 - 2014-04-23 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013
2014-04-23 16:32 - 2014-04-23 16:32 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-04-23 16:32 - 2014-04-23 16:32 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-04-23 16:29 - 2013-12-19 22:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Dropbox
2014-04-23 16:28 - 2013-12-19 22:25 - 00000000 ___RD () C:\Users\Admin\Dropbox
2014-04-23 16:27 - 2014-04-04 12:50 - 00003496 _____ () C:\Windows\System32\Tasks\gg_uac_daemon_Admin
2014-04-23 16:27 - 2014-01-11 11:54 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-23 16:27 - 2013-01-06 18:01 - 00000000 ____D () C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2014-04-23 16:26 - 2013-03-23 17:53 - 00000376 _____ () C:\Windows\Tasks\SmartPCFix Task.job
2014-04-23 16:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-23 16:24 - 2014-04-15 19:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent
2014-04-23 16:15 - 2014-04-23 16:15 - 00000000 ___HD () C:\kleaner.tmp
2014-04-23 16:13 - 2011-12-04 13:28 - 00000000 ____D () C:\Users\záložní účet
2014-04-23 16:07 - 2014-03-04 15:12 - 00002731 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-23 16:07 - 2014-03-04 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-23 16:07 - 2011-09-21 16:15 - 00000000 ____D () C:\ProgramData\Skype
2014-04-23 15:38 - 2014-04-23 15:38 - 00002999 _____ () C:\Users\Admin\Desktop\kastreset.zip
2014-04-23 15:38 - 2014-04-23 15:38 - 00000545 _____ () C:\Users\Admin\Downloads\[CzT]Kaspersky_Trial_Reset.torrent
2014-04-23 15:26 - 2013-12-17 21:47 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-23 15:24 - 2013-06-16 15:16 - 00000000 ____D () C:\ProgramData\Origin
2014-04-23 15:13 - 2014-04-23 15:13 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList
2014-04-23 15:13 - 2014-04-23 15:13 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList
2014-04-23 15:08 - 2014-04-23 15:08 - 00018924 _____ () C:\Users\Admin\Downloads\[CzT]Kaspersky_Internet_Security_2013_2014_CZ_.torrent
2014-04-23 15:05 - 2014-04-23 15:04 - 03972608 _____ () C:\Users\Admin\Downloads\RogueKiller.exe
2014-04-23 14:58 - 2014-04-23 14:58 - 00001190 _____ () C:\Users\Public\Desktop\Dead Space.lnk
2014-04-23 14:42 - 2014-04-23 14:42 - 00075768 _____ () C:\Users\Admin\Downloads\[CzT]Warhammer_40_000_1993_2013_CZ_.torrent
2014-04-23 14:42 - 2014-04-23 14:42 - 00000913 _____ () C:\Users\Admin\Downloads\[CzT]Dragon_Age_Prameny_Origins_oficialni_komiks_CZ.torrent
2014-04-23 14:36 - 2014-04-23 14:36 - 00002747 _____ () C:\Users\Admin\Downloads\[CzT]Mitchell_Zuckoff_Ztraceni_v_Shangri_La_2012_CZ_.torrent
2014-04-23 14:29 - 2011-06-23 12:47 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2014-04-23 14:20 - 2014-04-23 14:20 - 00000000 ____D () C:\Users\Admin\Desktop\Mlčení jehňátek (1991)
2014-04-23 14:19 - 2014-04-23 14:19 - 06236992 _____ () C:\Users\Admin\Downloads\The Demonata by Darren Shan - Complete 10 Books.pdf.rar
2014-04-23 14:16 - 2014-04-23 14:16 - 00000000 ____D () C:\Users\Admin\Desktop\Fantasy
2014-04-23 14:14 - 2014-04-23 14:14 - 00002878 _____ () C:\Users\Admin\Downloads\[CzT]Robert_Galbraith_Volani_kukacky_2014_CZ_.torrent
2014-04-23 14:12 - 2013-06-16 15:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-23 14:11 - 2014-04-23 14:11 - 00021216 _____ () C:\Users\Admin\Downloads\[CzT]Andrzej_Sapkowski_Serie_Zaklinac_CZ_.torrent
2014-04-23 14:11 - 2014-04-23 14:11 - 00003410 _____ () C:\Users\Admin\Downloads\[CzT]Oliver_Bowden_Assassin_s_Creed_3_dily_CZ_.torrent
2014-04-23 14:10 - 2014-04-23 14:10 - 00016847 _____ () C:\Users\Admin\Downloads\[CzT]Oliver_Bowden_Assassins_Creed_Bratrstvo_2011_.torrent
2014-04-23 14:05 - 2014-04-23 14:05 - 00017524 _____ () C:\Users\Admin\Downloads\[CzT]Mlceni_jehnatek_The_Silence_of_the_Lambs_1991_.torrent
2014-04-23 13:44 - 2014-04-23 13:44 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe_Systems_Incorporate
2014-04-23 13:44 - 2014-04-23 13:43 - 00000000 ____D () C:\Users\Admin\Documents\My Digital Editions
2014-04-23 13:43 - 2014-04-23 13:43 - 00002172 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2014-04-23 13:43 - 2011-06-21 14:49 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-23 13:42 - 2014-04-23 13:42 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Admin\Downloads\ADE_3.0_Installer.exe
2014-04-23 13:40 - 2014-04-23 13:39 - 00000000 ____D () C:\Users\Admin\.FBReader
2014-04-23 13:39 - 2011-06-10 13:39 - 00000000 ____D () C:\Users\Admin
2014-04-23 13:33 - 2014-04-23 13:33 - 00001885 _____ () C:\Users\Máma\Desktop\FBReader.lnk
2014-04-23 13:33 - 2014-04-23 13:33 - 00001885 _____ () C:\Users\Guest\Desktop\FBReader.lnk
2014-04-23 13:33 - 2014-04-23 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FBReader for Windows
2014-04-23 13:31 - 2014-04-23 13:30 - 05337840 _____ () C:\Users\Admin\Downloads\FBReaderSetup-0.12.10.exe
2014-04-23 13:20 - 2014-04-23 13:20 - 00022635 _____ () C:\Users\Admin\Downloads\[CzT]George_R_R_Martin_Pisen_ledu_a_ohne_Hra_o_truny_Stret_kralu_Boure_mecu_Hostina_pro_vrany_Tanec_s_draky_1996_2011_CZ_.torrent
2014-04-23 13:18 - 2014-04-23 13:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-23 13:11 - 2011-06-10 16:23 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-04-23 13:08 - 2014-04-23 13:08 - 00347816 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe
2014-04-22 21:40 - 2014-04-21 17:50 - 00000000 ____D () C:\Program Files (x86)\Razer Game Booster
2014-04-22 21:29 - 2014-04-22 21:29 - 00013330 _____ () C:\Users\Admin\Downloads\a072pc.torrent
2014-04-22 21:06 - 2014-04-22 21:06 - 00016883 _____ () C:\Users\Admin\Downloads\[CzT]Crysis_3.torrent
2014-04-22 20:57 - 2014-04-22 20:57 - 00019290 _____ () C:\Users\Admin\Downloads\[CzT]Crysis_CZ_v1_2_1_HiRes_DX10_.torrent
2014-04-22 20:42 - 2013-06-16 15:19 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-04-22 20:08 - 2012-10-18 19:02 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-22 17:14 - 2014-04-22 17:14 - 00013437 _____ () C:\Users\Admin\Downloads\[CzT]Hra_o_truny_Game_of_Thrones_S04E03_Breaker_of_chains_TVRip_720p_.torrent
2014-04-22 15:30 - 2014-04-22 15:30 - 00012900 _____ () C:\Users\Admin\Downloads\voda.xlsx
2014-04-22 14:50 - 2009-07-14 06:45 - 05216696 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-21 22:05 - 2011-09-21 16:15 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype
2014-04-21 21:30 - 2014-04-21 21:30 - 00001352 _____ () C:\Users\Admin\Desktop\BattleField 4.lnk
2014-04-21 21:30 - 2014-04-21 20:44 - 00000000 ____D () C:\Program Files (x86)\Battlefield 4
2014-04-21 21:26 - 2014-04-21 21:22 - 00000000 ____D () C:\Users\Admin\Documents\Battlefield 4
2014-04-21 19:01 - 2014-04-21 19:00 - 07014874 _____ () C:\Users\Admin\Downloads\Thief_V1.00_32bit-64bit_Trainer_plus5 (1).zip
2014-04-21 18:59 - 2014-04-21 18:59 - 06938609 _____ () C:\Users\Admin\Downloads\Thief_V1.00_32bit-64bit_Trainer_plus5.zip
2014-04-21 18:46 - 2011-06-10 16:23 - 00143160 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-21 18:41 - 2014-04-21 18:41 - 00000000 ____D () C:\ProgramData\RzMaelstromVAD_1.1.52.1675
2014-04-21 18:34 - 2014-04-21 18:34 - 00000000 ____D () C:\Users\Admin\Documents\Sniper - Ghost Warrior
2014-04-21 18:33 - 2014-04-21 18:33 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-04-21 18:33 - 2014-04-21 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-04-21 18:31 - 2014-04-21 17:51 - 00000000 ____D () C:\Users\Admin\AppData\Local\Razer
2014-04-21 18:31 - 2014-04-21 17:50 - 00000000 ____D () C:\ProgramData\Razer
2014-04-21 18:16 - 2014-04-21 18:16 - 00093385 _____ () C:\Users\Admin\Downloads\[CzT]Battlefield_4_2013_CZ_.torrent
2014-04-21 18:16 - 2014-04-21 18:16 - 00093384 _____ () C:\Users\Admin\Downloads\[CzT]Battlefield_4_2013_CZ_ (1).torrent
2014-04-21 18:11 - 2014-04-21 18:09 - 01725304 _____ (Razer Inc.) C:\Users\Admin\Downloads\RazerSurroundInstaller_v2.00.10.exe
2014-04-21 18:10 - 2014-04-21 18:10 - 00000000 ____D () C:\Users\Admin\Documents\Razer
2014-04-21 18:10 - 2014-04-21 18:10 - 00000000 ____D () C:\Users\Admin\AppData\Local\Razer_Inc
2014-04-21 17:50 - 2014-04-21 17:50 - 00002007 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-04-21 14:18 - 2014-04-21 14:18 - 00013059 _____ () C:\Users\Admin\Downloads\Recovery.torrent
2014-04-21 14:10 - 2014-04-21 14:08 - 129866009 _____ () C:\Users\Admin\Downloads\Factorio_v0.9.2_setup.exe
2014-04-21 14:07 - 2014-04-15 19:31 - 00000000 ____D () C:\Users\Admin\AppData\Local\Rockstar Games
2014-04-21 14:07 - 2014-04-15 18:33 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-04-21 14:07 - 2011-06-10 14:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-17 07:50 - 2014-04-15 21:52 - 00000000 ____D () C:\Program Files (x86)\S.T.A.L.K.E.R. - Clear Sky
2014-04-16 22:31 - 2014-04-15 22:07 - 00000000 ____D () C:\Users\Public\Documents\STALKER-STCS
2014-04-16 22:25 - 2014-04-16 22:25 - 00314016 _____ () C:\Windows\system32\Drivers\atksgt.sys
2014-04-16 22:25 - 2014-04-16 22:25 - 00043680 _____ () C:\Windows\system32\Drivers\lirsgt.sys
2014-04-16 22:25 - 2014-04-16 22:25 - 00000000 ____D () C:\Windows\usgwmt
2014-04-16 18:40 - 2014-04-16 13:59 - 00000000 ____D () C:\Users\Public\Documents\stalker-shoc
2014-04-16 13:58 - 2014-04-16 13:58 - 00001110 _____ () C:\Users\Admin\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk
2014-04-16 13:49 - 2014-04-16 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-04-16 13:49 - 2014-04-16 13:49 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-15 22:11 - 2014-04-15 21:51 - 00000000 ____D () C:\Program Files (x86)\STALKER - Shadow of Chernobyl
2014-04-15 22:08 - 2014-04-15 22:08 - 00002137 _____ () C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Clear Sky.lnk
2014-04-15 22:08 - 2014-04-15 22:08 - 00001689 _____ () C:\Users\Admin\Desktop\S.T.A.L.K.E.R. - Call of Pripyat.lnk
2014-04-15 22:08 - 2014-04-15 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2014-04-15 22:08 - 2014-04-15 21:52 - 00000000 ____D () C:\Program Files (x86)\STALKER - Call of Pripyat
2014-04-15 20:14 - 2011-09-05 14:37 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-04-15 20:04 - 2014-04-15 19:47 - 00000000 ____D () C:\Users\Admin\Downloads\Recovery
2014-04-15 20:03 - 2013-12-09 18:46 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TS3Client
2014-04-15 20:01 - 2014-03-08 02:01 - 00000000 ____D () C:\Windows\Minidump
2014-04-15 20:00 - 2012-08-26 18:29 - 00015834 _____ () C:\Windows\system32\lvcoinst.log
2014-04-15 19:50 - 2014-04-15 19:50 - 00000000 ____D () C:\Users\Admin\Downloads\Take Me Home
2014-04-15 19:49 - 2014-04-15 19:49 - 00000893 _____ () C:\Users\Admin\Desktop\µTorrent.lnk
2014-04-15 19:34 - 2014-04-15 19:34 - 00000000 ____D () C:\Users\Admin\Documents\Rockstar Games
2014-04-15 19:28 - 2014-04-15 19:28 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2014-04-15 19:28 - 2014-04-15 19:28 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-04-15 18:26 - 2014-04-11 15:15 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2014-04-15 17:40 - 2014-04-15 17:40 - 00000000 ____D () C:\Users\Admin\Downloads\Night Visions
2014-04-15 16:59 - 2014-04-15 16:59 - 00014252 _____ () C:\Users\Admin\Downloads\One Direction.torrent
2014-04-15 16:38 - 2014-04-15 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music NFO Builder
2014-04-15 16:33 - 2014-04-15 16:33 - 00013587 _____ () C:\Users\Admin\Downloads\Night Visions.torrent
2014-04-15 13:43 - 2013-01-28 14:22 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-15 13:43 - 2012-10-26 08:48 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-15 13:43 - 2011-06-10 15:57 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-15 13:09 - 2011-09-20 19:07 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2014-04-15 13:08 - 2014-04-15 13:08 - 00012322 _____ () C:\Users\Admin\Desktop\Company Of Heroes.lnk
2014-04-14 21:45 - 2014-04-14 21:45 - 00000000 ____D () C:\Program Files (x86)\THQ
2014-04-14 04:24 - 2014-04-23 13:16 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-04-23 13:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 20:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-04-13 20:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-04-13 20:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-04-13 20:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-04-13 20:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-13 19:39 - 2014-04-13 19:39 - 00000000 ____D () C:\ProgramData\Orbit
2014-04-13 19:39 - 2011-06-30 13:03 - 00000000 ____D () C:\Users\Admin\AppData\Local\PunkBuster
2014-04-13 19:38 - 2014-04-13 19:38 - 00001579 _____ () C:\Users\Admin\Desktop\FarCry 3.lnk
2014-04-13 19:33 - 2011-06-27 14:42 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-13 19:20 - 2011-06-27 13:30 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-04-13 16:06 - 2014-04-13 16:06 - 00001946 _____ () C:\Users\Public\Desktop\Minn OS1.lnk
2014-04-13 16:06 - 2014-04-13 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkyTEK Minn OS1
2014-04-13 16:06 - 2014-04-13 16:06 - 00000000 ____D () C:\Program Files (x86)\SkyTEK Minn OS1
2014-04-13 15:26 - 2014-04-11 21:23 - 00000000 ____D () C:\Program Files (x86)\Surgeon Simulator
2014-04-13 15:23 - 2014-02-19 18:00 - 00036892 _____ () C:\Windows\SysWOW64\bassmod.dll
2014-04-13 12:26 - 2014-04-08 18:03 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Factorio
2014-04-12 23:13 - 2014-04-12 09:38 - 00000000 ____D () C:\Users\Admin\Downloads\Green Day - Greatest Hits (2CD)- 2010
2014-04-12 21:50 - 2011-06-13 17:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-12 21:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-04-12 21:49 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2014-04-12 12:38 - 2013-01-07 07:54 - 00000000 ____D () C:\Users\Máma\AppData\Local\CrashDumps
2014-04-12 12:24 - 2013-12-16 21:05 - 00000000 ____D () C:\Users\Máma\AppData\Roaming\Seznam.cz
2014-04-12 12:19 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-11 23:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-11 21:24 - 2014-04-11 21:24 - 00002023 _____ () C:\Users\Admin\Desktop\Surgeon Simulator.lnk
2014-04-11 14:34 - 2014-04-08 17:41 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\.minecraft
2014-04-10 18:33 - 2014-04-10 18:29 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\.StarMade
2014-04-10 16:40 - 2011-06-13 16:39 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-04-10 15:37 - 2013-08-18 08:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 15:33 - 2011-06-10 15:05 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 21:31 - 2013-01-07 07:52 - 00000000 ____D () C:\Users\Máma\AppData\Roaming\Apple Computer
2014-04-09 21:28 - 2014-04-09 21:28 - 00000000 ____D () C:\Users\Máma\AppData\Local\Apple Computer
2014-04-09 20:42 - 2014-04-09 20:42 - 00000000 ____D () C:\Users\Admin\Documents\My Cheat Tables
2014-04-09 20:41 - 2014-03-18 19:25 - 00000000 ____D () C:\Program Files (x86)\Pinnacle
2014-04-09 20:33 - 2014-04-09 20:33 - 00000000 ____D () C:\Users\Admin\AppData\Local\VS Revo Group
2014-04-09 20:32 - 2014-04-09 20:32 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-04-09 20:30 - 2014-03-18 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 16
2014-04-09 20:00 - 2014-01-13 17:00 - 00001375 _____ () C:\Users\Admin\Desktop\Assassins Creed IV.lnk
2014-04-08 22:03 - 2013-01-07 07:52 - 00000000 ____D () C:\Users\Máma\AppData\Local\LogMeIn Hamachi
2014-04-08 18:02 - 2014-04-08 18:02 - 00001823 _____ () C:\Users\Admin\Desktop\Factorio.lnk
2014-04-08 18:01 - 2013-12-29 20:21 - 00000000 ____D () C:\Games
2014-04-08 17:55 - 2014-01-22 21:13 - 00000000 ____D () C:\Program Files (x86)\MultiMC
2014-04-08 17:41 - 2014-04-08 17:30 - 00675988 _____ () C:\Users\Admin\Desktop\Minecraft.exe
2014-04-08 17:21 - 2014-04-08 17:21 - 00000981 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NSIS.lnk
2014-04-07 21:45 - 2014-03-10 22:39 - 00003088 _____ () C:\Windows\System32\Tasks\RECentral Startup task
2014-04-07 21:39 - 2014-04-07 21:38 - 00001406 _____ () C:\Users\Admin\Desktop\MultiMC.lnk
2014-04-07 21:21 - 2014-04-07 21:19 - 00000000 ____D () C:\Program Files (x86)\FormatFactory
2014-04-07 21:20 - 2014-04-07 21:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2014-04-07 21:20 - 2014-04-07 21:20 - 00000000 ____D () C:\FFOutput
2014-04-06 20:11 - 2014-04-05 10:29 - 00000000 ____D () C:\Users\Admin\Documents\Telltale Games
2014-04-05 10:29 - 2014-04-05 10:29 - 00000000 ____D () C:\ProgramData\CODEX
2014-04-05 10:26 - 2014-04-05 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telltale games
2014-04-04 23:49 - 2014-04-04 23:49 - 00000221 _____ () C:\Users\Admin\Desktop\Skyrim.url
2014-04-04 14:13 - 2014-04-04 14:10 - 00000000 ____D () C:\Program Files (x86)\Scorpions WinCheater
2014-04-04 14:11 - 2014-04-04 14:11 - 00003134 _____ () C:\Windows\System32\Tasks\{E03F7B9A-BBCE-4C8B-B0A5-9C815EBA345F}
2014-04-04 14:10 - 2014-04-04 14:10 - 00001103 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scorpion's WinCheater 2.lnk
2014-04-04 14:10 - 2014-04-04 14:10 - 00001091 _____ () C:\Users\Máma\Desktop\Scorpion's WinCheater 2.lnk
2014-04-04 14:10 - 2014-04-04 14:10 - 00001091 _____ () C:\Users\Admin\Desktop\Scorpion's WinCheater 2.lnk
2014-04-04 14:10 - 2012-09-12 17:57 - 00001091 _____ () C:\Users\Guest\Desktop\Scorpion's WinCheater 2.lnk
2014-04-04 12:54 - 2013-12-16 15:52 - 00699060 _____ () C:\Windows\system32\perfh00C.dat
2014-04-04 12:54 - 2013-12-16 15:52 - 00485596 _____ () C:\Windows\system32\perfh001.dat
2014-04-04 12:54 - 2013-12-16 15:52 - 00137898 _____ () C:\Windows\system32\perfc00C.dat
2014-04-04 12:54 - 2013-12-16 15:52 - 00101372 _____ () C:\Windows\system32\perfc001.dat
2014-04-04 12:54 - 2013-12-16 15:27 - 00706692 _____ () C:\Windows\system32\perfh007.dat
2014-04-04 12:54 - 2013-12-16 15:27 - 00156768 _____ () C:\Windows\system32\perfc007.dat
2014-04-04 12:54 - 2009-07-14 17:18 - 00047268 _____ () C:\Windows\system32\perfh005.dat
2014-04-04 12:54 - 2009-07-14 17:18 - 00022482 _____ () C:\Windows\system32\perfc005.dat
2014-04-04 12:54 - 2009-07-14 07:13 - 02395930 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-03 17:22 - 2014-04-03 17:20 - 00000000 ____D () C:\ProgramData\Alwil Software
2014-04-03 17:21 - 2014-04-03 17:21 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-04-03 16:35 - 2013-12-21 16:31 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-03 16:28 - 2013-12-12 17:41 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-04-03 16:28 - 2013-01-07 07:51 - 00000000 ____D () C:\Users\Máma
2014-04-03 16:28 - 2011-12-14 17:44 - 00000000 ____D () C:\Users\Guest
2014-04-03 16:28 - 2011-06-23 12:47 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-04-03 16:28 - 2011-06-23 12:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-03 16:28 - 2011-06-13 17:14 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-04-03 16:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-03 16:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-03 16:27 - 2013-12-12 17:41 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2014-04-02 17:24 - 2013-12-12 17:41 - 00017304 _____ () C:\Users\Admin\AppData\Roaming\event.log
2014-03-31 09:35 - 2011-06-10 14:46 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-30 09:16 - 2014-03-30 09:16 - 00000000 ____D () C:\Users\Admin\AppData\Local\Introversion
2014-03-29 18:39 - 2014-03-29 17:22 - 00001718 _____ () C:\Users\Admin\Desktop\Dragon Age II.lnk
2014-03-29 15:12 - 2014-01-11 11:54 - 00003946 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-29 15:12 - 2014-01-11 11:54 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-29 09:26 - 2009-07-14 07:08 - 00032636 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-29 09:26 - 2009-07-14 07:08 - 00032636 _____ () C:\Windows\Tasks\SCHEDLGU(22).TXT
2014-03-28 09:12 - 2014-01-18 01:15 - 00000000 ____D () C:\avast! sandbox
2014-03-27 15:35 - 2013-09-08 15:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\SKIDROW
2014-03-26 19:05 - 2014-03-26 19:00 - 00000000 ____D () C:\Program Files\State of Decay
2014-03-26 19:04 - 2014-03-26 19:04 - 00000874 _____ () C:\Users\Public\Desktop\State of Decay.lnk
2014-03-25 21:22 - 2013-05-02 14:08 - 00043216 _____ (COMODO) C:\Windows\system32\cmdcsr(18).dll
2014-03-25 21:22 - 2011-05-02 20:36 - 00453680 _____ (COMODO) C:\Windows\system32\guard64(19).dll
2014-03-25 21:22 - 2011-05-02 20:36 - 00363504 _____ (COMODO) C:\Windows\SysWOW64\guard32(20).dll
2014-03-25 18:48 - 2014-03-24 15:51 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\SPORE
2014-03-24 15:52 - 2014-03-24 15:51 - 00000000 ____D () C:\Users\Admin\Documents\Ěîč ňâîđĺíč˙
2014-03-24 15:51 - 2014-03-24 15:51 - 00001688 _____ () C:\Users\Admin\Desktop\Spore.lnk
2014-03-24 15:50 - 2014-03-24 15:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SPORE™ Anthology
2014-03-24 15:49 - 2014-03-24 15:41 - 00000000 ____D () C:\Program Files (x86)\SPORE Anthology
2014-03-24 14:43 - 2014-03-13 18:08 - 00000000 ____D () C:\Users\Admin\Documents\Thief
Files to move or delete:
====================
C:\Users\Admin\dynavix_setup.exe
C:\Users\Admin\Uninstall.exe
C:\ProgramData\hNDE3FC.pad
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\drm_dyndata_7340014.dll
C:\Users\Guest\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Máma\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Máma\AppData\Local\Temp\SIntf16.dll
C:\Users\Máma\AppData\Local\Temp\SIntf32.dll
C:\Users\Máma\AppData\Local\Temp\SIntfNT.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Object Browser-chromeinstaller.job => C:\Program Files (x86)\Object Browser\Object Browser-chromeinstaller.exe
Task: C:\Windows\Tasks\Object Browser-codedownloader.job => C:\Program Files (x86)\Object Browser\Object Browser-codedownloader.exe
Task: C:\Windows\Tasks\Object Browser-enabler.job => C:\Program Files (x86)\Object Browser\Object Browser-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Object Browser-firefoxinstaller.job => C:\Program Files (x86)\Object Browser\Object Browser-firefoxinstaller.exe
Task: C:\Windows\Tasks\Object Browser-updater.job => C:\Program Files (x86)\Object Browser\Object Browser-updater.exe
Task: C:\Windows\Tasks\SmartPCFix Task.job => C:\Program Files (x86)\SmartPCFix\SmartPCFix.exe <==== ATTENTION
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Admin\Desktop" je 18514 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Razer Synapse
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
[/list]
takže legální Win 7 Ultimate. Bohužel třeba původní office 2003 originální nebyl a něco dalšího, ale v tom se radši nevrtám ...Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: D - D:\setup\rsrc\Autorun.exe
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: F - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: {185465d2-934d-11e0-a699-806e6f6e6963} - D:\AutoRunCD.exe
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: {2b874f63-a7fc-11e0-95e2-bcaec576abdd} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: {39f85499-9d82-11e0-9faf-bcaec576abdd} - E:\Portal2.part01.exe
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: {5a06f6e7-d003-11e0-9c03-bcaec576abdd} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: {9b3bf0e9-0fcb-11e1-9fb4-bcaec576abdd} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: {d9218416-9fee-11e0-94dc-bcaec576abdd} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-388027229-2338766943-1772961740-1000\...\MountPoints2: {d921841f-9fee-11e0-94dc-bcaec576abdd} - F:\setup_vmc_lite.exe /checkApplicationPresence
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://search.imesh.com/web?src=ieb&app ... earchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://search.imesh.com/web?src=ieb&app ... earchTerms}
SearchScopes: HKLM-x32 - DefaultScope {87FF3D05-24B7-4E88-9B11-2375CFA4EC85} URL =
SearchScopes: HKLM-x32 - {787D4B85-282E-4CB5-8541-3FAD93022DFD} URL = ${SEARCH_URL}{searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://search.imesh.com/web?src=ieb&app ... earchTerms}
SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://search.imesh.com/web?src=ieb&app ... earchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://search.imesh.com/web?src=ieb&app ... earchTerms}
BHO: Shopper Pro - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro64.dll (Speedbit Ltd.)
BHO-x32: Shopper Pro - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro.dll (Speedbit Ltd.)
Toolbar: HKLM - No Name - !{25A3A431-30BB-47C8-AD6A-E1063801134F} - No File
Toolbar: HKLM - No Name - !{AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - No File
Toolbar: HKLM - No Name - !{AF3D7884-B142-414E-943D-75D8D54E1FFF} - No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - No Name - !{25A3A431-30BB-47C8-AD6A-E1063801134F} - No File
Toolbar: HKLM-x32 - No Name - !{AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - No File
Toolbar: HKLM-x32 - No Name - !{AF3D7884-B142-414E-943D-75D8D54E1FFF} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Admin\dynavix_setup.exe
C:\Users\Admin\Uninstall.exe
C:\ProgramData\hNDE3FC.pad
C:\Users\Admin\AppData\Local\Temp
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
End