VIRY.CZ

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Michal\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Michal\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Michal\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Michal\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Users\Michal\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Michal\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "sync": {
"app_settings": true,
"apps": true,
"autofill": true,
"autofill_profile": true,
"bookmarks": true,
"dictionary": true,
"encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAWJzve5eeBUyxaCtaNdeW6wAAAAACAAAAAAAQZgAAAAEAACAAAABznMeug0QCPw03isu+UbeeHV7PfDWy7VBoV1q4V+YeIwAAAAAOgAAAAAIAACAAAAAiVnFTxJFZ71SZ1Zmv2Ls4vbRlb21KJTdP4PGyaVPC+EAAAAAFf9N8TGglbnbaYcI5EyXXgjx/Svc8FmenAVP8Cs0ief2yeG0QnBTJGSK4yqBSymBqB7n/4vo/pmRlvgqow52eQAAAAE8UE3aDaCBiZLkK12l0SUlw7H0TF8TA7H5cusN9bEeutUtFEClvMz7TxAuTVghUKorxndf15+5diNP8VXFjDM0=",
"extension_settings": true,
"extensions": true,
"favicon_images": true,
"favicon_tracking": true,
"has_setup_completed": true,
"history_delete_directives": true,
"keystore_encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAWJzve5eeBUyxaCtaNdeW6wAAAAACAAAAAAAQZgAAAAEAACAAAABNkWvHZiKISWmCstCuZOKlx1Ehj4V6bh/AncgUIS5AqAAAAAAOgAAAAAIAACAAAAAWB185d2A8VVPf1831IPJJlERf/JaJY4zBaew+/7f0oVAAAAAvfEYKqG16SKn8LAj0Dn2ysltQO8I2CJlAJOAdBqZ4qcPmiTion5vFXpLkD3x61690zAP5EhwiLK+E+Wxwpd8tNENVwC0RPEuLf9Mwvj4VRkAAAAAi3Ojc/LY/hCB60e5U+Z5XGiuZqc1NxKUIj4E0h52hjmiboBZafbpYETVilh7HnVKWluU/lZcuJhmHlhg+qY6m",
"last_synced_time": "13044471233033845",
"managed_user_shared_settings": true,
"managed_users": true,
"passwords": true,
"preferences": true,
"priority_preferences": true,
"search_engines": true,
"session_sync_guid": "session_syncmqdHIB8Hf+uv2bmWd++1bQ==",
"sessions": true,
"suppress_start": false,
"synced_notifications": true,
"tabs": true,
"themes": true,
"typed_urls": true
},
"sync_promo": {
"startup_count": 1
},
"synced_notification": {
"enabled_sending_services": [ "Google+"
CHR StartupUrls: "hxxp://www.google.com/", "hxxp://www.trovigo.com/?gd=&ctid=CT3310393&oct ... 371C&SSPV=", "www.google.com"
CHR Extension: (Dokumenty Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-15]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-15]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-15]
CHR Extension: (Vyhledávání Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-15]
CHR Extension: (Free Proxy - Free Web Proxies) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfkfjpdbpikmgbeljnjbpfemeikgopni [2014-04-13]
CHR Extension: (AdBlock) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-15]
CHR Extension: (avast! Online Security) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-28]
CHR Extension: (Peněženka Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-15]
CHR Extension: (Evernote Web Clipper) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-04-01]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-27]

==================== Services (Whitelisted) =================

R2 57xx SteelVine Manager; C:\Program Files (x86)\ASUS\Drive Xpert\SteelVine.exe [1286144 2009-02-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2014-03-25] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-27] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-04-27] (AVAST Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2014-03-25] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-27] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-04-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-27] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2014-04-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-04-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-27] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2014-03-25] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 VIAHdAudAddService; system32\drivers\viahduaa.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-13 18:16 - 2014-05-13 18:16 - 00017039 _____ () C:\Users\Michal\Downloads\FRST.txt
2014-05-13 18:14 - 2014-05-13 18:16 - 00000000 ____D () C:\FRST
2014-05-13 18:13 - 2014-05-13 18:13 - 02066944 _____ (Farbar) C:\Users\Michal\Downloads\FRST64.exe
2014-05-13 18:09 - 2014-05-13 18:10 - 00018020 _____ () C:\Users\Michal\Desktop\Process.txt
2014-05-13 17:13 - 2014-05-13 17:13 - 00000000 ____D () C:\Users\Michal\Downloads\Accept - Discography(1979-2012). -SmoK
2014-05-13 16:54 - 2014-05-13 16:54 - 00041134 _____ () C:\Users\Michal\Downloads\[CzT]Accept_diskografie_1979_2012_FLAC_.torrent
2014-05-13 13:03 - 2014-05-13 16:12 - 00000958 _____ () C:\Windows\setupact.log
2014-05-13 13:03 - 2014-05-13 13:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-11 23:35 - 2014-05-13 18:15 - 2712015206 _____ () C:\Users\Michal\Downloads\Vzepřít se obrům - CZ (2006).avi
2014-05-09 12:14 - 2014-05-09 12:15 - 18249295 _____ () C:\Users\Michal\Desktop\hasici.rar
2014-05-09 12:10 - 2014-05-09 12:11 - 00000000 ____D () C:\Users\Michal\Desktop\hasici
2014-05-08 22:56 - 2014-05-08 22:56 - 02932602 _____ () C:\Users\Michal\Downloads\3133.zip
2014-05-08 22:56 - 2014-05-08 22:56 - 00000000 ____D () C:\Users\Michal\Desktop\Thresh
2014-04-30 18:51 - 2014-04-30 18:51 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Mozilla
2014-04-29 22:43 - 2014-04-29 22:44 - 00000504 _____ () C:\Users\Michal\Downloads\url.htm
2014-04-28 19:45 - 2014-05-13 17:56 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA.job
2014-04-28 19:45 - 2014-05-11 12:56 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core.job
2014-04-28 19:45 - 2014-05-08 12:51 - 00003938 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA
2014-04-28 19:45 - 2014-05-08 12:51 - 00003542 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core
2014-04-28 19:45 - 2014-04-28 19:45 - 00884704 _____ (Google Inc.) C:\Users\Michal\Downloads\GoogleVoiceAndVideoSetup.exe
2014-04-28 15:45 - 2014-04-28 18:28 - 2345066496 _____ () C:\Users\Michal\Downloads\Coach Carter.avi
2014-04-28 11:37 - 2014-04-28 11:37 - 00012360 _____ () C:\Users\Michal\Documents\cc_20140428_113743.reg
2014-04-28 11:37 - 2014-04-28 11:35 - 00000426 _____ () C:\AVScanner.ini
2014-04-27 23:24 - 2014-04-27 23:24 - 22913908 _____ () C:\Users\Michal\Downloads\torbrowser-install-3.5.4_en-US.exe
2014-04-27 23:13 - 2014-05-13 13:04 - 00000000 ___RD () C:\Users\Michal\Dropbox
2014-04-27 23:13 - 2014-04-28 11:24 - 00001029 _____ () C:\Users\Michal\Desktop\Dropbox.lnk
2014-04-27 23:12 - 2014-04-28 11:24 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-27 23:12 - 2014-04-27 23:13 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\DropboxMaster
2014-04-27 23:10 - 2014-05-13 16:30 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Dropbox
2014-04-27 23:08 - 2014-04-27 23:08 - 00001978 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-04-27 23:08 - 2014-04-27 23:07 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-04-27 23:07 - 2014-04-27 23:07 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-04-27 23:03 - 2014-05-12 13:43 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-27 23:03 - 2014-04-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-27 23:03 - 2014-04-27 23:03 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\AVAST Software
2014-04-27 23:02 - 2014-04-27 23:02 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-27 23:02 - 2014-04-27 23:02 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-27 23:02 - 2014-04-27 23:02 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-27 23:00 - 2014-04-27 23:00 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-27 23:00 - 2014-04-27 23:00 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-27 22:59 - 2014-04-27 22:59 - 04796856 _____ (AVAST Software) C:\Users\Michal\Downloads\avast_free_antivirus_setup_online.exe
2014-04-25 18:34 - 2014-04-25 18:34 - 00001116 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-04-25 18:34 - 2014-04-25 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-04-25 18:33 - 2014-04-25 18:34 - 17529160 _____ (Google Inc.) C:\Users\Michal\Downloads\picasa39-setup.exe
2014-04-25 16:41 - 2014-04-25 21:03 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse Client
2014-04-25 16:41 - 2014-04-25 16:41 - 37439696 _____ (Curse) C:\Users\Michal\Downloads\CurseClientSetup.exe
2014-04-25 16:41 - 2014-04-25 16:41 - 00001044 _____ () C:\Users\Michal\Desktop\Curse.lnk
2014-04-25 16:41 - 2014-04-25 16:41 - 00001030 _____ () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2014-04-25 16:41 - 2014-04-25 16:41 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse Advertising
2014-04-25 16:41 - 2014-04-25 16:41 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse
2014-04-25 16:18 - 2014-04-25 16:18 - 00000795 _____ () C:\Users\Michal\Downloads\League-of-Legends-RP-hack-(100%-FUNGUJE).txt
2014-04-24 00:33 - 2014-04-24 00:46 - 1579972656 _____ () C:\Users\Michal\Downloads\Stesti.na.dosah.2006.BDRip.XviD.AC3.CZ-iNKViZiT0R.avi
2014-04-22 21:32 - 2014-04-22 21:32 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-22 21:31 - 2014-04-27 16:31 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-22 21:31 - 2014-04-22 21:31 - 00002025 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-22 21:31 - 2014-04-22 21:31 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-22 21:29 - 2014-04-22 21:29 - 21925555 _____ () C:\Users\Michal\Downloads\626mx6-electrical-manual-96.rar
2014-04-19 09:15 - 2014-03-21 21:43 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-04-19 09:15 - 2014-03-21 21:43 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-04-16 00:37 - 2014-04-16 00:49 - 1559347200 _____ () C:\Users\Michal\Downloads\Pařba na třetí.avi
2014-04-16 00:35 - 2014-04-16 00:53 - 734597120 _____ () C:\Users\Michal\Downloads\Parba.ve.Vegas.2009.DVDRip.CZ-PeXXXeso.avi
2014-04-15 10:43 - 2014-04-15 10:43 - 00001013 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2014-04-15 10:43 - 2014-04-15 10:43 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-04-15 10:42 - 2014-04-15 10:42 - 01785512 _____ () C:\Users\Michal\Downloads\wrar500cz.exe
2014-04-15 10:42 - 2014-04-15 10:42 - 00560939 _____ () C:\Users\Michal\Downloads\Paysafecard Code Generator 2014.rar
2014-04-15 03:55 - 2014-04-15 03:55 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2014-04-15 03:55 - 2014-04-15 03:55 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-04-15 03:55 - 2014-04-15 03:55 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-04-15 03:23 - 2014-04-15 03:23 - 00000000 ____D () C:\Users\Michal\aTubeCatcher
2014-04-15 02:38 - 2014-04-15 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-04-15 02:37 - 2014-04-15 02:37 - 00002124 _____ () C:\Users\Public\Desktop\Video Search.lnk
2014-04-15 02:37 - 2014-04-15 02:37 - 00001196 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-04-15 02:36 - 2014-04-15 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2014-04-15 02:36 - 2014-04-15 02:36 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-04-15 02:36 - 2014-04-14 13:08 - 01162824 _____ (Uniblue Systems Limited ) C:\Users\Michal\Documents\registrycleanerkit.exe
2014-04-15 02:34 - 2014-04-15 02:35 - 11851440 _____ (DsNET Corp) C:\Users\Michal\Downloads\aTubeCatcher.exe
2014-04-14 21:31 - 2014-04-22 17:53 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\TS3Client
2014-04-14 21:31 - 2014-04-14 21:31 - 00001172 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-04-14 21:31 - 2014-04-14 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-04-14 21:31 - 2014-04-14 21:31 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-04-14 21:30 - 2014-04-14 21:30 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Michal\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-04-14 01:01 - 2014-04-14 01:19 - 1464578326 _____ () C:\Users\Michal\Downloads\U mě dobrý.avi
2014-04-13 21:45 - 2014-04-13 23:05 - 733952000 _____ () C:\Users\Michal\Downloads\Klepání na nebeskou bránu.avi
2014-04-13 19:48 - 2014-04-13 19:58 - 1595410432 _____ () C:\Users\Michal\Downloads\Gravitace.avi

==================== One Month Modified Files and Folders =======

2014-05-13 18:16 - 2014-05-13 18:16 - 00017039 _____ () C:\Users\Michal\Downloads\FRST.txt
2014-05-13 18:16 - 2014-05-13 18:14 - 00000000 ____D () C:\FRST
2014-05-13 18:15 - 2014-05-11 23:35 - 2712015206 _____ () C:\Users\Michal\Downloads\Vzepřít se obrům - CZ (2006).avi
2014-05-13 18:14 - 2014-03-20 21:23 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\uTorrent
2014-05-13 18:13 - 2014-05-13 18:13 - 02066944 _____ (Farbar) C:\Users\Michal\Downloads\FRST64.exe
2014-05-13 18:10 - 2014-05-13 18:09 - 00018020 _____ () C:\Users\Michal\Desktop\Process.txt
2014-05-13 18:03 - 2009-07-14 06:45 - 00017056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-13 18:03 - 2009-07-14 06:45 - 00017056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-13 18:01 - 2014-03-15 18:41 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-13 17:56 - 2014-04-28 19:45 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA.job
2014-05-13 17:55 - 2014-03-15 20:38 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Skype
2014-05-13 17:44 - 2014-03-24 03:36 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-13 17:13 - 2014-05-13 17:13 - 00000000 ____D () C:\Users\Michal\Downloads\Accept - Discography(1979-2012). -SmoK
2014-05-13 16:54 - 2014-05-13 16:54 - 00041134 _____ () C:\Users\Michal\Downloads\[CzT]Accept_diskografie_1979_2012_FLAC_.torrent
2014-05-13 16:37 - 2014-03-15 19:00 - 00000000 ____D () C:\Users\Michal\AppData\Local\PMB Files
2014-05-13 16:33 - 2014-03-17 00:12 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-05-13 16:33 - 2014-03-17 00:12 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-05-13 16:33 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-13 16:30 - 2014-04-27 23:10 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Dropbox
2014-05-13 16:12 - 2014-05-13 13:03 - 00000958 _____ () C:\Windows\setupact.log
2014-05-13 15:01 - 2014-03-15 18:41 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-13 13:07 - 2014-03-16 02:29 - 01781915 _____ () C:\Windows\WindowsUpdate.log
2014-05-13 13:04 - 2014-04-27 23:13 - 00000000 ___RD () C:\Users\Michal\Dropbox
2014-05-13 13:03 - 2014-05-13 13:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-13 13:03 - 2014-03-15 19:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-13 13:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-12 23:29 - 2014-03-18 00:28 - 00000000 ____D () C:\Windows\Minidump
2014-05-12 13:43 - 2014-04-27 23:03 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-11 12:56 - 2014-04-28 19:45 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core.job
2014-05-09 12:15 - 2014-05-09 12:14 - 18249295 _____ () C:\Users\Michal\Desktop\hasici.rar
2014-05-09 12:11 - 2014-05-09 12:10 - 00000000 ____D () C:\Users\Michal\Desktop\hasici
2014-05-08 22:56 - 2014-05-08 22:56 - 02932602 _____ () C:\Users\Michal\Downloads\3133.zip
2014-05-08 22:56 - 2014-05-08 22:56 - 00000000 ____D () C:\Users\Michal\Desktop\Thresh
2014-05-08 12:51 - 2014-04-28 19:45 - 00003938 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA
2014-05-08 12:51 - 2014-04-28 19:45 - 00003542 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core
2014-05-07 14:56 - 2014-03-15 18:41 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 14:56 - 2014-03-15 18:41 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 11:45 - 2014-03-15 18:55 - 00000000 ____D () C:\Users\Michal\Desktop\panda
2014-04-30 18:51 - 2014-04-30 18:51 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Mozilla
2014-04-30 14:11 - 2014-03-15 18:42 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-30 00:52 - 2014-03-25 03:32 - 00000000 ____D () C:\Program Files (x86)\VIA
2014-04-29 22:44 - 2014-04-29 22:43 - 00000504 _____ () C:\Users\Michal\Downloads\url.htm
2014-04-29 00:44 - 2014-03-24 03:36 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 00:44 - 2014-03-24 03:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 00:44 - 2014-03-24 03:36 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-28 19:46 - 2014-03-15 18:41 - 00000000 ____D () C:\Users\Michal\AppData\Local\Google
2014-04-28 19:45 - 2014-04-28 19:45 - 00884704 _____ (Google Inc.) C:\Users\Michal\Downloads\GoogleVoiceAndVideoSetup.exe
2014-04-28 18:28 - 2014-04-28 15:45 - 2345066496 _____ () C:\Users\Michal\Downloads\Coach Carter.avi
2014-04-28 11:37 - 2014-04-28 11:37 - 00012360 _____ () C:\Users\Michal\Documents\cc_20140428_113743.reg
2014-04-28 11:37 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-28 11:35 - 2014-04-28 11:37 - 00000426 _____ () C:\AVScanner.ini
2014-04-28 11:24 - 2014-04-27 23:13 - 00001029 _____ () C:\Users\Michal\Desktop\Dropbox.lnk
2014-04-28 11:24 - 2014-04-27 23:12 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-28 11:24 - 2014-03-15 18:33 - 00000000 ___RD () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-27 23:24 - 2014-04-27 23:24 - 22913908 _____ () C:\Users\Michal\Downloads\torbrowser-install-3.5.4_en-US.exe
2014-04-27 23:13 - 2014-04-27 23:12 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\DropboxMaster
2014-04-27 23:13 - 2014-03-15 18:32 - 00000000 ____D () C:\Users\Michal
2014-04-27 23:08 - 2014-04-27 23:08 - 00001978 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-04-27 23:08 - 2014-04-27 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-27 23:07 - 2014-04-27 23:08 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-04-27 23:07 - 2014-04-27 23:07 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-04-27 23:03 - 2014-04-27 23:03 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\AVAST Software
2014-04-27 23:02 - 2014-04-27 23:02 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-27 23:02 - 2014-04-27 23:02 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-27 23:02 - 2014-04-27 23:02 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-27 23:00 - 2014-04-27 23:00 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-27 23:00 - 2014-04-27 23:00 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-27 22:59 - 2014-04-27 22:59 - 04796856 _____ (AVAST Software) C:\Users\Michal\Downloads\avast_free_antivirus_setup_online.exe
2014-04-27 19:39 - 2014-03-15 19:00 - 00000000 ____D () C:\ProgramData\PMB Files
2014-04-27 16:31 - 2014-04-22 21:31 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-25 21:03 - 2014-04-25 16:41 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse Client
2014-04-25 18:34 - 2014-04-25 18:34 - 00001116 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-04-25 18:34 - 2014-04-25 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-04-25 18:34 - 2014-04-25 18:33 - 17529160 _____ (Google Inc.) C:\Users\Michal\Downloads\picasa39-setup.exe
2014-04-25 18:34 - 2014-03-15 18:41 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-25 16:41 - 2014-04-25 16:41 - 37439696 _____ (Curse) C:\Users\Michal\Downloads\CurseClientSetup.exe
2014-04-25 16:41 - 2014-04-25 16:41 - 00001044 _____ () C:\Users\Michal\Desktop\Curse.lnk
2014-04-25 16:41 - 2014-04-25 16:41 - 00001030 _____ () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2014-04-25 16:41 - 2014-04-25 16:41 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse Advertising
2014-04-25 16:41 - 2014-04-25 16:41 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse
2014-04-25 16:18 - 2014-04-25 16:18 - 00000795 _____ () C:\Users\Michal\Downloads\League-of-Legends-RP-hack-(100%-FUNGUJE).txt
2014-04-24 00:46 - 2014-04-24 00:33 - 1579972656 _____ () C:\Users\Michal\Downloads\Stesti.na.dosah.2006.BDRip.XviD.AC3.CZ-iNKViZiT0R.avi
2014-04-22 21:33 - 2014-03-28 05:07 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-22 21:32 - 2014-04-22 21:32 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-22 21:32 - 2014-03-24 03:36 - 00000000 ____D () C:\Users\Michal\AppData\Local\Adobe
2014-04-22 21:32 - 2014-03-15 21:06 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Adobe
2014-04-22 21:31 - 2014-04-22 21:31 - 00002025 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-22 21:31 - 2014-04-22 21:31 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-22 21:29 - 2014-04-22 21:29 - 21925555 _____ () C:\Users\Michal\Downloads\626mx6-electrical-manual-96.rar
2014-04-22 17:53 - 2014-04-14 21:31 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\TS3Client
2014-04-19 09:17 - 2014-03-15 20:21 - 00000000 ____D () C:\Users\Michal\AppData\Local\NVIDIA Corporation
2014-04-19 09:16 - 2014-03-15 19:29 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-19 09:15 - 2014-03-15 19:29 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-17 15:20 - 2014-03-24 03:34 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-16 00:53 - 2014-04-16 00:35 - 734597120 _____ () C:\Users\Michal\Downloads\Parba.ve.Vegas.2009.DVDRip.CZ-PeXXXeso.avi
2014-04-16 00:49 - 2014-04-16 00:37 - 1559347200 _____ () C:\Users\Michal\Downloads\Pařba na třetí.avi
2014-04-15 10:43 - 2014-04-15 10:43 - 00001013 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2014-04-15 10:43 - 2014-04-15 10:43 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-04-15 10:42 - 2014-04-15 10:42 - 01785512 _____ () C:\Users\Michal\Downloads\wrar500cz.exe
2014-04-15 10:42 - 2014-04-15 10:42 - 00560939 _____ () C:\Users\Michal\Downloads\Paysafecard Code Generator 2014.rar
2014-04-15 03:55 - 2014-04-15 03:55 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2014-04-15 03:55 - 2014-04-15 03:55 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-04-15 03:55 - 2014-04-15 03:55 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-04-15 03:55 - 2014-04-15 02:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-04-15 03:23 - 2014-04-15 03:23 - 00000000 ____D () C:\Users\Michal\aTubeCatcher
2014-04-15 02:37 - 2014-04-15 02:37 - 00002124 _____ () C:\Users\Public\Desktop\Video Search.lnk
2014-04-15 02:37 - 2014-04-15 02:37 - 00001196 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-04-15 02:36 - 2014-04-15 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2014-04-15 02:36 - 2014-04-15 02:36 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-04-15 02:35 - 2014-04-15 02:34 - 11851440 _____ (DsNET Corp) C:\Users\Michal\Downloads\aTubeCatcher.exe
2014-04-14 21:31 - 2014-04-14 21:31 - 00001172 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-04-14 21:31 - 2014-04-14 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-04-14 21:31 - 2014-04-14 21:31 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-04-14 21:30 - 2014-04-14 21:30 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Michal\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-04-14 13:08 - 2014-04-15 02:36 - 01162824 _____ (Uniblue Systems Limited ) C:\Users\Michal\Documents\registrycleanerkit.exe
2014-04-14 01:19 - 2014-04-14 01:01 - 1464578326 _____ () C:\Users\Michal\Downloads\U mě dobrý.avi
2014-04-13 23:05 - 2014-04-13 21:45 - 733952000 _____ () C:\Users\Michal\Downloads\Klepání na nebeskou bránu.avi
2014-04-13 19:58 - 2014-04-13 19:48 - 1595410432 _____ () C:\Users\Michal\Downloads\Gravitace.avi

Some content of TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnim99w.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-09 12:36

==================== End Of Log ============================

Zdravím!
Poprosím o log FRST i s hlavičkou.

Sorry špatně se to zkopíroval a díky moc za pomoc


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by Michal (administrator) on MICHAL-PC on 13-05-2014 18:16:26
Running from C:\Users\Michal\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Program Files (x86)\ASUS\Drive Xpert\SteelVine.exe
() C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Curse, Inc) C:\Users\Michal\AppData\Roaming\Curse Client\Bin\Curse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Silicon Image, Inc.) C:\Program Files (x86)\ASUS\Drive Xpert\DriveXpert.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.88\deploy\LolClient.exe
(Coherent Labs) C:\Users\Michal\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.exe
(Coherent Labs) C:\Users\Michal\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent, Inc.) C:\Users\Michal\AppData\Roaming\uTorrent\utorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Drive Xpert] => C:\Program Files (x86)\ASUS\Drive Xpert\DriveXpert.exe [10231808 2009-02-02] (Silicon Image, Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2014-03-25] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-27] (AVAST Software)
HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\...\Run: [BackgroundContainer] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Michal\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\...\Run: [Google Update] => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-28] (Google Inc.)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
ShortcutTarget: Curse.lnk -> C:\Users\Michal\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

ProxyServer: 107.170.5.93:80
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/search?q={searchT ... d=ie7&rlz=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x720C18576D40CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
URLSearchHook: HKLM-x32 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
URLSearchHook: HKCU - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
SearchScopes: HKCU - URL http://www.trovigo.com/Results.aspx?gd= ... rms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSugg ... earchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovigo.com/Results.aspx?gd= ... rms}&SSPV=
SearchScopes: HKCU - {922BD241-A485-492F-BF50-D0C470942704} URL = http://search.conduit.com/ResultsExt.as ... 78723&UM=1
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
Toolbar: HKLM-x32 - No Name - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Michal\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Michal\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Michal\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Michal\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Users\Michal\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Michal\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "sync": {
"app_settings": true,
"apps": true,
"autofill": true,
"autofill_profile": true,
"bookmarks": true,
"dictionary": true,
"encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAWJzve5eeBUyxaCtaNdeW6wAAAAACAAAAAAAQZgAAAAEAACAAAABznMeug0QCPw03isu+UbeeHV7PfDWy7VBoV1q4V+YeIwAAAAAOgAAAAAIAACAAAAAiVnFTxJFZ71SZ1Zmv2Ls4vbRlb21KJTdP4PGyaVPC+EAAAAAFf9N8TGglbnbaYcI5EyXXgjx/Svc8FmenAVP8Cs0ief2yeG0QnBTJGSK4yqBSymBqB7n/4vo/pmRlvgqow52eQAAAAE8UE3aDaCBiZLkK12l0SUlw7H0TF8TA7H5cusN9bEeutUtFEClvMz7TxAuTVghUKorxndf15+5diNP8VXFjDM0=",
"extension_settings": true,
"extensions": true,
"favicon_images": true,
"favicon_tracking": true,
"has_setup_completed": true,
"history_delete_directives": true,
"keystore_encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAWJzve5eeBUyxaCtaNdeW6wAAAAACAAAAAAAQZgAAAAEAACAAAABNkWvHZiKISWmCstCuZOKlx1Ehj4V6bh/AncgUIS5AqAAAAAAOgAAAAAIAACAAAAAWB185d2A8VVPf1831IPJJlERf/JaJY4zBaew+/7f0oVAAAAAvfEYKqG16SKn8LAj0Dn2ysltQO8I2CJlAJOAdBqZ4qcPmiTion5vFXpLkD3x61690zAP5EhwiLK+E+Wxwpd8tNENVwC0RPEuLf9Mwvj4VRkAAAAAi3Ojc/LY/hCB60e5U+Z5XGiuZqc1NxKUIj4E0h52hjmiboBZafbpYETVilh7HnVKWluU/lZcuJhmHlhg+qY6m",
"last_synced_time": "13044471233033845",
"managed_user_shared_settings": true,
"managed_users": true,
"passwords": true,
"preferences": true,
"priority_preferences": true,
"search_engines": true,
"session_sync_guid": "session_syncmqdHIB8Hf+uv2bmWd++1bQ==",
"sessions": true,
"suppress_start": false,
"synced_notifications": true,
"tabs": true,
"themes": true,
"typed_urls": true
},
"sync_promo": {
"startup_count": 1
},
"synced_notification": {
"enabled_sending_services": [ "Google+"
CHR StartupUrls: "hxxp://www.google.com/", "hxxp://www.trovigo.com/?gd=&ctid=CT3310393&oct ... 371C&SSPV=", "www.google.com"
CHR Extension: (Dokumenty Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-15]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-15]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-15]
CHR Extension: (Vyhledávání Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-15]
CHR Extension: (Free Proxy - Free Web Proxies) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfkfjpdbpikmgbeljnjbpfemeikgopni [2014-04-13]
CHR Extension: (AdBlock) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-15]
CHR Extension: (avast! Online Security) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-28]
CHR Extension: (Peněženka Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-15]
CHR Extension: (Evernote Web Clipper) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-04-01]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-27]

==================== Services (Whitelisted) =================

R2 57xx SteelVine Manager; C:\Program Files (x86)\ASUS\Drive Xpert\SteelVine.exe [1286144 2009-02-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2014-03-25] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-27] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-04-27] (AVAST Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2014-03-25] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-27] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-04-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-27] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2014-04-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-04-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-27] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2014-03-25] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 VIAHdAudAddService; system32\drivers\viahduaa.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-13 18:16 - 2014-05-13 18:16 - 00017039 _____ () C:\Users\Michal\Downloads\FRST.txt
2014-05-13 18:14 - 2014-05-13 18:16 - 00000000 ____D () C:\FRST
2014-05-13 18:13 - 2014-05-13 18:13 - 02066944 _____ (Farbar) C:\Users\Michal\Downloads\FRST64.exe
2014-05-13 18:09 - 2014-05-13 18:10 - 00018020 _____ () C:\Users\Michal\Desktop\Process.txt
2014-05-13 17:13 - 2014-05-13 17:13 - 00000000 ____D () C:\Users\Michal\Downloads\Accept - Discography(1979-2012). -SmoK
2014-05-13 16:54 - 2014-05-13 16:54 - 00041134 _____ () C:\Users\Michal\Downloads\[CzT]Accept_diskografie_1979_2012_FLAC_.torrent
2014-05-13 13:03 - 2014-05-13 16:12 - 00000958 _____ () C:\Windows\setupact.log
2014-05-13 13:03 - 2014-05-13 13:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-11 23:35 - 2014-05-13 18:15 - 2712015206 _____ () C:\Users\Michal\Downloads\Vzepřít se obrům - CZ (2006).avi
2014-05-09 12:14 - 2014-05-09 12:15 - 18249295 _____ () C:\Users\Michal\Desktop\hasici.rar
2014-05-09 12:10 - 2014-05-09 12:11 - 00000000 ____D () C:\Users\Michal\Desktop\hasici
2014-05-08 22:56 - 2014-05-08 22:56 - 02932602 _____ () C:\Users\Michal\Downloads\3133.zip
2014-05-08 22:56 - 2014-05-08 22:56 - 00000000 ____D () C:\Users\Michal\Desktop\Thresh
2014-04-30 18:51 - 2014-04-30 18:51 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Mozilla
2014-04-29 22:43 - 2014-04-29 22:44 - 00000504 _____ () C:\Users\Michal\Downloads\url.htm
2014-04-28 19:45 - 2014-05-13 17:56 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA.job
2014-04-28 19:45 - 2014-05-11 12:56 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core.job
2014-04-28 19:45 - 2014-05-08 12:51 - 00003938 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA
2014-04-28 19:45 - 2014-05-08 12:51 - 00003542 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core
2014-04-28 19:45 - 2014-04-28 19:45 - 00884704 _____ (Google Inc.) C:\Users\Michal\Downloads\GoogleVoiceAndVideoSetup.exe
2014-04-28 15:45 - 2014-04-28 18:28 - 2345066496 _____ () C:\Users\Michal\Downloads\Coach Carter.avi
2014-04-28 11:37 - 2014-04-28 11:37 - 00012360 _____ () C:\Users\Michal\Documents\cc_20140428_113743.reg
2014-04-28 11:37 - 2014-04-28 11:35 - 00000426 _____ () C:\AVScanner.ini
2014-04-27 23:24 - 2014-04-27 23:24 - 22913908 _____ () C:\Users\Michal\Downloads\torbrowser-install-3.5.4_en-US.exe
2014-04-27 23:13 - 2014-05-13 13:04 - 00000000 ___RD () C:\Users\Michal\Dropbox
2014-04-27 23:13 - 2014-04-28 11:24 - 00001029 _____ () C:\Users\Michal\Desktop\Dropbox.lnk
2014-04-27 23:12 - 2014-04-28 11:24 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-27 23:12 - 2014-04-27 23:13 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\DropboxMaster
2014-04-27 23:10 - 2014-05-13 16:30 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Dropbox
2014-04-27 23:08 - 2014-04-27 23:08 - 00001978 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-04-27 23:08 - 2014-04-27 23:07 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-04-27 23:07 - 2014-04-27 23:07 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-04-27 23:03 - 2014-05-12 13:43 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-27 23:03 - 2014-04-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-27 23:03 - 2014-04-27 23:03 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\AVAST Software
2014-04-27 23:02 - 2014-04-27 23:02 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-27 23:02 - 2014-04-27 23:02 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-27 23:02 - 2014-04-27 23:02 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-27 23:00 - 2014-04-27 23:00 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-27 23:00 - 2014-04-27 23:00 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-27 22:59 - 2014-04-27 22:59 - 04796856 _____ (AVAST Software) C:\Users\Michal\Downloads\avast_free_antivirus_setup_online.exe
2014-04-25 18:34 - 2014-04-25 18:34 - 00001116 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-04-25 18:34 - 2014-04-25 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-04-25 18:33 - 2014-04-25 18:34 - 17529160 _____ (Google Inc.) C:\Users\Michal\Downloads\picasa39-setup.exe
2014-04-25 16:41 - 2014-04-25 21:03 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse Client
2014-04-25 16:41 - 2014-04-25 16:41 - 37439696 _____ (Curse) C:\Users\Michal\Downloads\CurseClientSetup.exe
2014-04-25 16:41 - 2014-04-25 16:41 - 00001044 _____ () C:\Users\Michal\Desktop\Curse.lnk
2014-04-25 16:41 - 2014-04-25 16:41 - 00001030 _____ () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2014-04-25 16:41 - 2014-04-25 16:41 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse Advertising
2014-04-25 16:41 - 2014-04-25 16:41 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse
2014-04-25 16:18 - 2014-04-25 16:18 - 00000795 _____ () C:\Users\Michal\Downloads\League-of-Legends-RP-hack-(100%-FUNGUJE).txt
2014-04-24 00:33 - 2014-04-24 00:46 - 1579972656 _____ () C:\Users\Michal\Downloads\Stesti.na.dosah.2006.BDRip.XviD.AC3.CZ-iNKViZiT0R.avi
2014-04-22 21:32 - 2014-04-22 21:32 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-22 21:31 - 2014-04-27 16:31 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-22 21:31 - 2014-04-22 21:31 - 00002025 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-22 21:31 - 2014-04-22 21:31 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-22 21:29 - 2014-04-22 21:29 - 21925555 _____ () C:\Users\Michal\Downloads\626mx6-electrical-manual-96.rar
2014-04-19 09:15 - 2014-03-21 21:43 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-04-19 09:15 - 2014-03-21 21:43 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-04-16 00:37 - 2014-04-16 00:49 - 1559347200 _____ () C:\Users\Michal\Downloads\Pařba na třetí.avi
2014-04-16 00:35 - 2014-04-16 00:53 - 734597120 _____ () C:\Users\Michal\Downloads\Parba.ve.Vegas.2009.DVDRip.CZ-PeXXXeso.avi
2014-04-15 10:43 - 2014-04-15 10:43 - 00001013 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2014-04-15 10:43 - 2014-04-15 10:43 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-04-15 10:42 - 2014-04-15 10:42 - 01785512 _____ () C:\Users\Michal\Downloads\wrar500cz.exe
2014-04-15 10:42 - 2014-04-15 10:42 - 00560939 _____ () C:\Users\Michal\Downloads\Paysafecard Code Generator 2014.rar
2014-04-15 03:55 - 2014-04-15 03:55 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2014-04-15 03:55 - 2014-04-15 03:55 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-04-15 03:55 - 2014-04-15 03:55 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-04-15 03:23 - 2014-04-15 03:23 - 00000000 ____D () C:\Users\Michal\aTubeCatcher
2014-04-15 02:38 - 2014-04-15 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-04-15 02:37 - 2014-04-15 02:37 - 00002124 _____ () C:\Users\Public\Desktop\Video Search.lnk
2014-04-15 02:37 - 2014-04-15 02:37 - 00001196 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-04-15 02:36 - 2014-04-15 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2014-04-15 02:36 - 2014-04-15 02:36 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-04-15 02:36 - 2014-04-14 13:08 - 01162824 _____ (Uniblue Systems Limited ) C:\Users\Michal\Documents\registrycleanerkit.exe
2014-04-15 02:34 - 2014-04-15 02:35 - 11851440 _____ (DsNET Corp) C:\Users\Michal\Downloads\aTubeCatcher.exe
2014-04-14 21:31 - 2014-04-22 17:53 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\TS3Client
2014-04-14 21:31 - 2014-04-14 21:31 - 00001172 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-04-14 21:31 - 2014-04-14 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-04-14 21:31 - 2014-04-14 21:31 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-04-14 21:30 - 2014-04-14 21:30 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Michal\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-04-14 01:01 - 2014-04-14 01:19 - 1464578326 _____ () C:\Users\Michal\Downloads\U mě dobrý.avi
2014-04-13 21:45 - 2014-04-13 23:05 - 733952000 _____ () C:\Users\Michal\Downloads\Klepání na nebeskou bránu.avi
2014-04-13 19:48 - 2014-04-13 19:58 - 1595410432 _____ () C:\Users\Michal\Downloads\Gravitace.avi

==================== One Month Modified Files and Folders =======

2014-05-13 18:16 - 2014-05-13 18:16 - 00017039 _____ () C:\Users\Michal\Downloads\FRST.txt
2014-05-13 18:16 - 2014-05-13 18:14 - 00000000 ____D () C:\FRST
2014-05-13 18:15 - 2014-05-11 23:35 - 2712015206 _____ () C:\Users\Michal\Downloads\Vzepřít se obrům - CZ (2006).avi
2014-05-13 18:14 - 2014-03-20 21:23 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\uTorrent
2014-05-13 18:13 - 2014-05-13 18:13 - 02066944 _____ (Farbar) C:\Users\Michal\Downloads\FRST64.exe
2014-05-13 18:10 - 2014-05-13 18:09 - 00018020 _____ () C:\Users\Michal\Desktop\Process.txt
2014-05-13 18:03 - 2009-07-14 06:45 - 00017056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-13 18:03 - 2009-07-14 06:45 - 00017056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-13 18:01 - 2014-03-15 18:41 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-13 17:56 - 2014-04-28 19:45 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA.job
2014-05-13 17:55 - 2014-03-15 20:38 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Skype
2014-05-13 17:44 - 2014-03-24 03:36 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-13 17:13 - 2014-05-13 17:13 - 00000000 ____D () C:\Users\Michal\Downloads\Accept - Discography(1979-2012). -SmoK
2014-05-13 16:54 - 2014-05-13 16:54 - 00041134 _____ () C:\Users\Michal\Downloads\[CzT]Accept_diskografie_1979_2012_FLAC_.torrent
2014-05-13 16:37 - 2014-03-15 19:00 - 00000000 ____D () C:\Users\Michal\AppData\Local\PMB Files
2014-05-13 16:33 - 2014-03-17 00:12 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-05-13 16:33 - 2014-03-17 00:12 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-05-13 16:33 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-13 16:30 - 2014-04-27 23:10 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Dropbox
2014-05-13 16:12 - 2014-05-13 13:03 - 00000958 _____ () C:\Windows\setupact.log
2014-05-13 15:01 - 2014-03-15 18:41 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-13 13:07 - 2014-03-16 02:29 - 01781915 _____ () C:\Windows\WindowsUpdate.log
2014-05-13 13:04 - 2014-04-27 23:13 - 00000000 ___RD () C:\Users\Michal\Dropbox
2014-05-13 13:03 - 2014-05-13 13:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-13 13:03 - 2014-03-15 19:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-13 13:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-12 23:29 - 2014-03-18 00:28 - 00000000 ____D () C:\Windows\Minidump
2014-05-12 13:43 - 2014-04-27 23:03 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-11 12:56 - 2014-04-28 19:45 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core.job
2014-05-09 12:15 - 2014-05-09 12:14 - 18249295 _____ () C:\Users\Michal\Desktop\hasici.rar
2014-05-09 12:11 - 2014-05-09 12:10 - 00000000 ____D () C:\Users\Michal\Desktop\hasici
2014-05-08 22:56 - 2014-05-08 22:56 - 02932602 _____ () C:\Users\Michal\Downloads\3133.zip
2014-05-08 22:56 - 2014-05-08 22:56 - 00000000 ____D () C:\Users\Michal\Desktop\Thresh
2014-05-08 12:51 - 2014-04-28 19:45 - 00003938 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA
2014-05-08 12:51 - 2014-04-28 19:45 - 00003542 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core
2014-05-07 14:56 - 2014-03-15 18:41 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 14:56 - 2014-03-15 18:41 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 11:45 - 2014-03-15 18:55 - 00000000 ____D () C:\Users\Michal\Desktop\panda
2014-04-30 18:51 - 2014-04-30 18:51 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Mozilla
2014-04-30 14:11 - 2014-03-15 18:42 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-30 00:52 - 2014-03-25 03:32 - 00000000 ____D () C:\Program Files (x86)\VIA
2014-04-29 22:44 - 2014-04-29 22:43 - 00000504 _____ () C:\Users\Michal\Downloads\url.htm
2014-04-29 00:44 - 2014-03-24 03:36 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 00:44 - 2014-03-24 03:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 00:44 - 2014-03-24 03:36 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-28 19:46 - 2014-03-15 18:41 - 00000000 ____D () C:\Users\Michal\AppData\Local\Google
2014-04-28 19:45 - 2014-04-28 19:45 - 00884704 _____ (Google Inc.) C:\Users\Michal\Downloads\GoogleVoiceAndVideoSetup.exe
2014-04-28 18:28 - 2014-04-28 15:45 - 2345066496 _____ () C:\Users\Michal\Downloads\Coach Carter.avi
2014-04-28 11:37 - 2014-04-28 11:37 - 00012360 _____ () C:\Users\Michal\Documents\cc_20140428_113743.reg
2014-04-28 11:37 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-28 11:35 - 2014-04-28 11:37 - 00000426 _____ () C:\AVScanner.ini
2014-04-28 11:24 - 2014-04-27 23:13 - 00001029 _____ () C:\Users\Michal\Desktop\Dropbox.lnk
2014-04-28 11:24 - 2014-04-27 23:12 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-28 11:24 - 2014-03-15 18:33 - 00000000 ___RD () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-27 23:24 - 2014-04-27 23:24 - 22913908 _____ () C:\Users\Michal\Downloads\torbrowser-install-3.5.4_en-US.exe
2014-04-27 23:13 - 2014-04-27 23:12 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\DropboxMaster
2014-04-27 23:13 - 2014-03-15 18:32 - 00000000 ____D () C:\Users\Michal
2014-04-27 23:08 - 2014-04-27 23:08 - 00001978 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-04-27 23:08 - 2014-04-27 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-27 23:07 - 2014-04-27 23:08 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-04-27 23:07 - 2014-04-27 23:07 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-04-27 23:03 - 2014-04-27 23:03 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\AVAST Software
2014-04-27 23:02 - 2014-04-27 23:02 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-27 23:02 - 2014-04-27 23:02 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-27 23:02 - 2014-04-27 23:02 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-27 23:00 - 2014-04-27 23:00 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-27 23:00 - 2014-04-27 23:00 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-27 22:59 - 2014-04-27 22:59 - 04796856 _____ (AVAST Software) C:\Users\Michal\Downloads\avast_free_antivirus_setup_online.exe
2014-04-27 19:39 - 2014-03-15 19:00 - 00000000 ____D () C:\ProgramData\PMB Files
2014-04-27 16:31 - 2014-04-22 21:31 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-25 21:03 - 2014-04-25 16:41 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse Client
2014-04-25 18:34 - 2014-04-25 18:34 - 00001116 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-04-25 18:34 - 2014-04-25 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-04-25 18:34 - 2014-04-25 18:33 - 17529160 _____ (Google Inc.) C:\Users\Michal\Downloads\picasa39-setup.exe
2014-04-25 18:34 - 2014-03-15 18:41 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-25 16:41 - 2014-04-25 16:41 - 37439696 _____ (Curse) C:\Users\Michal\Downloads\CurseClientSetup.exe
2014-04-25 16:41 - 2014-04-25 16:41 - 00001044 _____ () C:\Users\Michal\Desktop\Curse.lnk
2014-04-25 16:41 - 2014-04-25 16:41 - 00001030 _____ () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2014-04-25 16:41 - 2014-04-25 16:41 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse Advertising
2014-04-25 16:41 - 2014-04-25 16:41 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse
2014-04-25 16:18 - 2014-04-25 16:18 - 00000795 _____ () C:\Users\Michal\Downloads\League-of-Legends-RP-hack-(100%-FUNGUJE).txt
2014-04-24 00:46 - 2014-04-24 00:33 - 1579972656 _____ () C:\Users\Michal\Downloads\Stesti.na.dosah.2006.BDRip.XviD.AC3.CZ-iNKViZiT0R.avi
2014-04-22 21:33 - 2014-03-28 05:07 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-22 21:32 - 2014-04-22 21:32 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-22 21:32 - 2014-03-24 03:36 - 00000000 ____D () C:\Users\Michal\AppData\Local\Adobe
2014-04-22 21:32 - 2014-03-15 21:06 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Adobe
2014-04-22 21:31 - 2014-04-22 21:31 - 00002025 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-22 21:31 - 2014-04-22 21:31 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-22 21:29 - 2014-04-22 21:29 - 21925555 _____ () C:\Users\Michal\Downloads\626mx6-electrical-manual-96.rar
2014-04-22 17:53 - 2014-04-14 21:31 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\TS3Client
2014-04-19 09:17 - 2014-03-15 20:21 - 00000000 ____D () C:\Users\Michal\AppData\Local\NVIDIA Corporation
2014-04-19 09:16 - 2014-03-15 19:29 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-19 09:15 - 2014-03-15 19:29 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-17 15:20 - 2014-03-24 03:34 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-16 00:53 - 2014-04-16 00:35 - 734597120 _____ () C:\Users\Michal\Downloads\Parba.ve.Vegas.2009.DVDRip.CZ-PeXXXeso.avi
2014-04-16 00:49 - 2014-04-16 00:37 - 1559347200 _____ () C:\Users\Michal\Downloads\Pařba na třetí.avi
2014-04-15 10:43 - 2014-04-15 10:43 - 00001013 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2014-04-15 10:43 - 2014-04-15 10:43 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-04-15 10:42 - 2014-04-15 10:42 - 01785512 _____ () C:\Users\Michal\Downloads\wrar500cz.exe
2014-04-15 10:42 - 2014-04-15 10:42 - 00560939 _____ () C:\Users\Michal\Downloads\Paysafecard Code Generator 2014.rar
2014-04-15 03:55 - 2014-04-15 03:55 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2014-04-15 03:55 - 2014-04-15 03:55 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-04-15 03:55 - 2014-04-15 03:55 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-04-15 03:55 - 2014-04-15 02:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-04-15 03:23 - 2014-04-15 03:23 - 00000000 ____D () C:\Users\Michal\aTubeCatcher
2014-04-15 02:37 - 2014-04-15 02:37 - 00002124 _____ () C:\Users\Public\Desktop\Video Search.lnk
2014-04-15 02:37 - 2014-04-15 02:37 - 00001196 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-04-15 02:36 - 2014-04-15 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2014-04-15 02:36 - 2014-04-15 02:36 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-04-15 02:35 - 2014-04-15 02:34 - 11851440 _____ (DsNET Corp) C:\Users\Michal\Downloads\aTubeCatcher.exe
2014-04-14 21:31 - 2014-04-14 21:31 - 00001172 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-04-14 21:31 - 2014-04-14 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-04-14 21:31 - 2014-04-14 21:31 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-04-14 21:30 - 2014-04-14 21:30 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Michal\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-04-14 13:08 - 2014-04-15 02:36 - 01162824 _____ (Uniblue Systems Limited ) C:\Users\Michal\Documents\registrycleanerkit.exe
2014-04-14 01:19 - 2014-04-14 01:01 - 1464578326 _____ () C:\Users\Michal\Downloads\U mě dobrý.avi
2014-04-13 23:05 - 2014-04-13 21:45 - 733952000 _____ () C:\Users\Michal\Downloads\Klepání na nebeskou bránu.avi
2014-04-13 19:58 - 2014-04-13 19:48 - 1595410432 _____ () C:\Users\Michal\Downloads\Gravitace.avi

Some content of TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnim99w.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-09 12:36

==================== End Of Log ============================

Zkusíme tento postup:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<. Dejte oba logy.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by Michal (administrator) on MICHAL-PC on 13-05-2014 20:50:06
Running from C:\Users\Michal\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Program Files (x86)\ASUS\Drive Xpert\SteelVine.exe
() C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Curse, Inc) C:\Users\Michal\AppData\Roaming\Curse Client\Bin\Curse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Silicon Image, Inc.) C:\Program Files (x86)\ASUS\Drive Xpert\DriveXpert.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.88\deploy\LolClient.exe
(Coherent Labs) C:\Users\Michal\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.exe
(Coherent Labs) C:\Users\Michal\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.exe
(BitTorrent, Inc.) C:\Users\Michal\AppData\Roaming\uTorrent\utorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Michal\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Drive Xpert] => C:\Program Files (x86)\ASUS\Drive Xpert\DriveXpert.exe [10231808 2009-02-02] (Silicon Image, Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2014-03-25] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-27] (AVAST Software)
HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\...\Run: [BackgroundContainer] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Michal\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\...\Run: [Google Update] => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-28] (Google Inc.)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
ShortcutTarget: Curse.lnk -> C:\Users\Michal\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

ProxyServer: 107.170.5.93:80
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/search?q={searchT ... d=ie7&rlz=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x720C18576D40CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
URLSearchHook: HKLM-x32 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
URLSearchHook: HKCU - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
SearchScopes: HKCU - URL http://www.trovigo.com/Results.aspx?gd= ... rms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSugg ... earchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovigo.com/Results.aspx?gd= ... rms}&SSPV=
SearchScopes: HKCU - {922BD241-A485-492F-BF50-D0C470942704} URL = http://search.conduit.com/ResultsExt.as ... 78723&UM=1
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
Toolbar: HKLM-x32 - No Name - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Michal\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Michal\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Michal\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Michal\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Users\Michal\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Michal\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "sync": {
"app_settings": true,
"apps": true,
"autofill": true,
"autofill_profile": true,
"bookmarks": true,
"dictionary": true,
"encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAWJzve5eeBUyxaCtaNdeW6wAAAAACAAAAAAAQZgAAAAEAACAAAABznMeug0QCPw03isu+UbeeHV7PfDWy7VBoV1q4V+YeIwAAAAAOgAAAAAIAACAAAAAiVnFTxJFZ71SZ1Zmv2Ls4vbRlb21KJTdP4PGyaVPC+EAAAAAFf9N8TGglbnbaYcI5EyXXgjx/Svc8FmenAVP8Cs0ief2yeG0QnBTJGSK4yqBSymBqB7n/4vo/pmRlvgqow52eQAAAAE8UE3aDaCBiZLkK12l0SUlw7H0TF8TA7H5cusN9bEeutUtFEClvMz7TxAuTVghUKorxndf15+5diNP8VXFjDM0=",
"extension_settings": true,
"extensions": true,
"favicon_images": true,
"favicon_tracking": true,
"has_setup_completed": true,
"history_delete_directives": true,
"keystore_encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAWJzve5eeBUyxaCtaNdeW6wAAAAACAAAAAAAQZgAAAAEAACAAAABNkWvHZiKISWmCstCuZOKlx1Ehj4V6bh/AncgUIS5AqAAAAAAOgAAAAAIAACAAAAAWB185d2A8VVPf1831IPJJlERf/JaJY4zBaew+/7f0oVAAAAAvfEYKqG16SKn8LAj0Dn2ysltQO8I2CJlAJOAdBqZ4qcPmiTion5vFXpLkD3x61690zAP5EhwiLK+E+Wxwpd8tNENVwC0RPEuLf9Mwvj4VRkAAAAAi3Ojc/LY/hCB60e5U+Z5XGiuZqc1NxKUIj4E0h52hjmiboBZafbpYETVilh7HnVKWluU/lZcuJhmHlhg+qY6m",
"last_synced_time": "13044480538040813",
"managed_user_shared_settings": true,
"managed_users": true,
"passwords": true,
"preferences": true,
"priority_preferences": true,
"search_engines": true,
"session_sync_guid": "session_syncmqdHIB8Hf+uv2bmWd++1bQ==",
"sessions": true,
"suppress_start": false,
"synced_notifications": true,
"tabs": true,
"themes": true,
"typed_urls": true
},
"sync_promo": {
"startup_count": 1
},
"synced_notification": {
"enabled_sending_services": [ "Google+"
CHR StartupUrls: "hxxp://www.google.com/", "hxxp://www.trovigo.com/?gd=&ctid=CT3310393&oct ... 371C&SSPV=", "www.google.com"
CHR Extension: (Dokumenty Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-15]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-15]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-15]
CHR Extension: (Vyhledávání Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-15]
CHR Extension: (Free Proxy - Free Web Proxies) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfkfjpdbpikmgbeljnjbpfemeikgopni [2014-04-13]
CHR Extension: (AdBlock) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-15]
CHR Extension: (avast! Online Security) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-28]
CHR Extension: (Peněženka Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-15]
CHR Extension: (Evernote Web Clipper) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-04-01]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-27]

==================== Services (Whitelisted) =================

R2 57xx SteelVine Manager; C:\Program Files (x86)\ASUS\Drive Xpert\SteelVine.exe [1286144 2009-02-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2014-03-25] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-27] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-04-27] (AVAST Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2014-03-25] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-27] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-04-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-27] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2014-04-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-04-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-27] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2014-03-25] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 VIAHdAudAddService; system32\drivers\viahduaa.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-13 20:47 - 2014-05-13 20:47 - 00044040 _____ () C:\Users\Michal\Desktop\Extras.Txt
2014-05-13 20:46 - 2014-05-13 20:46 - 00181802 _____ () C:\Users\Michal\Desktop\OTL.Txt
2014-05-13 20:26 - 2014-05-13 20:26 - 00000512 _____ () C:\PhysicalMBR.bin
2014-05-13 20:22 - 2014-05-13 20:22 - 00602112 _____ (OldTimer Tools) C:\Users\Michal\Desktop\OTL.exe
2014-05-13 18:29 - 2014-05-13 18:29 - 00000000 ____D () C:\Users\Michal\Downloads\Accept
2014-05-13 18:27 - 2014-05-13 18:27 - 00020787 _____ () C:\Users\Michal\Downloads\[CzT]Accept_diskografie.torrent
2014-05-13 18:26 - 2014-05-13 18:26 - 00005841 _____ () C:\Users\Michal\Desktop\Addition.rar
2014-05-13 18:26 - 2014-05-13 18:26 - 00001961 _____ () C:\Users\Michal\Desktop\Process.rar
2014-05-13 18:17 - 2014-05-13 18:18 - 00023175 _____ () C:\Users\Michal\Desktop\Addition.txt
2014-05-13 18:16 - 2014-05-13 20:50 - 00017371 _____ () C:\Users\Michal\Desktop\FRST.txt
2014-05-13 18:14 - 2014-05-13 20:50 - 00000000 ____D () C:\FRST
2014-05-13 18:13 - 2014-05-13 18:13 - 02066944 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2014-05-13 18:09 - 2014-05-13 18:10 - 00018020 _____ () C:\Users\Michal\Desktop\Process.txt
2014-05-13 17:13 - 2014-05-13 20:30 - 00000000 ____D () C:\Users\Michal\Downloads\Accept - Discography(1979-2012). -SmoK
2014-05-13 16:54 - 2014-05-13 16:54 - 00041134 _____ () C:\Users\Michal\Downloads\[CzT]Accept_diskografie_1979_2012_FLAC_.torrent
2014-05-13 13:03 - 2014-05-13 16:12 - 00000958 _____ () C:\Windows\setupact.log
2014-05-13 13:03 - 2014-05-13 13:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-11 23:35 - 2014-05-13 19:39 - 2712015206 _____ () C:\Users\Michal\Downloads\Vzepřít se obrům - CZ (2006).avi
2014-05-09 12:14 - 2014-05-09 12:15 - 18249295 _____ () C:\Users\Michal\Desktop\hasici.rar
2014-05-09 12:10 - 2014-05-09 12:11 - 00000000 ____D () C:\Users\Michal\Desktop\hasici
2014-05-08 22:56 - 2014-05-08 22:56 - 02932602 _____ () C:\Users\Michal\Downloads\3133.zip
2014-05-08 22:56 - 2014-05-08 22:56 - 00000000 ____D () C:\Users\Michal\Desktop\Thresh
2014-04-30 18:51 - 2014-04-30 18:51 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Mozilla
2014-04-29 22:43 - 2014-04-29 22:44 - 00000504 _____ () C:\Users\Michal\Downloads\url.htm
2014-04-28 19:45 - 2014-05-13 19:56 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA.job
2014-04-28 19:45 - 2014-05-11 12:56 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core.job
2014-04-28 19:45 - 2014-05-08 12:51 - 00003938 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA
2014-04-28 19:45 - 2014-05-08 12:51 - 00003542 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core
2014-04-28 19:45 - 2014-04-28 19:45 - 00884704 _____ (Google Inc.) C:\Users\Michal\Downloads\GoogleVoiceAndVideoSetup.exe
2014-04-28 15:45 - 2014-04-28 18:28 - 2345066496 _____ () C:\Users\Michal\Downloads\Coach Carter.avi
2014-04-28 11:37 - 2014-04-28 11:37 - 00012360 _____ () C:\Users\Michal\Documents\cc_20140428_113743.reg
2014-04-28 11:37 - 2014-04-28 11:35 - 00000426 _____ () C:\AVScanner.ini
2014-04-27 23:24 - 2014-04-27 23:24 - 22913908 _____ () C:\Users\Michal\Downloads\torbrowser-install-3.5.4_en-US.exe
2014-04-27 23:13 - 2014-05-13 13:04 - 00000000 ___RD () C:\Users\Michal\Dropbox
2014-04-27 23:13 - 2014-04-28 11:24 - 00001029 _____ () C:\Users\Michal\Desktop\Dropbox.lnk
2014-04-27 23:12 - 2014-04-28 11:24 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-27 23:12 - 2014-04-27 23:13 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\DropboxMaster
2014-04-27 23:10 - 2014-05-13 16:30 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Dropbox
2014-04-27 23:08 - 2014-04-27 23:08 - 00001978 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-04-27 23:08 - 2014-04-27 23:07 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-04-27 23:07 - 2014-04-27 23:07 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-04-27 23:03 - 2014-05-12 13:43 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-27 23:03 - 2014-04-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-27 23:03 - 2014-04-27 23:03 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\AVAST Software
2014-04-27 23:02 - 2014-04-27 23:02 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-27 23:02 - 2014-04-27 23:02 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-27 23:02 - 2014-04-27 23:02 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-27 23:00 - 2014-04-27 23:00 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-27 23:00 - 2014-04-27 23:00 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-27 22:59 - 2014-04-27 22:59 - 04796856 _____ (AVAST Software) C:\Users\Michal\Downloads\avast_free_antivirus_setup_online.exe
2014-04-25 18:34 - 2014-04-25 18:34 - 00001116 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-04-25 18:34 - 2014-04-25 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-04-25 18:33 - 2014-04-25 18:34 - 17529160 _____ (Google Inc.) C:\Users\Michal\Downloads\picasa39-setup.exe
2014-04-25 16:41 - 2014-04-25 21:03 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse Client
2014-04-25 16:41 - 2014-04-25 16:41 - 37439696 _____ (Curse) C:\Users\Michal\Downloads\CurseClientSetup.exe
2014-04-25 16:41 - 2014-04-25 16:41 - 00001044 _____ () C:\Users\Michal\Desktop\Curse.lnk
2014-04-25 16:41 - 2014-04-25 16:41 - 00001030 _____ () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2014-04-25 16:41 - 2014-04-25 16:41 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse Advertising
2014-04-25 16:41 - 2014-04-25 16:41 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse
2014-04-25 16:18 - 2014-04-25 16:18 - 00000795 _____ () C:\Users\Michal\Downloads\League-of-Legends-RP-hack-(100%-FUNGUJE).txt
2014-04-24 00:33 - 2014-04-24 00:46 - 1579972656 _____ () C:\Users\Michal\Downloads\Stesti.na.dosah.2006.BDRip.XviD.AC3.CZ-iNKViZiT0R.avi
2014-04-22 21:32 - 2014-04-22 21:32 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-22 21:31 - 2014-04-27 16:31 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-22 21:31 - 2014-04-22 21:31 - 00002025 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-22 21:31 - 2014-04-22 21:31 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-22 21:29 - 2014-04-22 21:29 - 21925555 _____ () C:\Users\Michal\Downloads\626mx6-electrical-manual-96.rar
2014-04-19 09:15 - 2014-03-21 21:43 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-04-19 09:15 - 2014-03-21 21:43 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-04-16 00:37 - 2014-04-16 00:49 - 1559347200 _____ () C:\Users\Michal\Downloads\Pařba na třetí.avi
2014-04-16 00:35 - 2014-04-16 00:53 - 734597120 _____ () C:\Users\Michal\Downloads\Parba.ve.Vegas.2009.DVDRip.CZ-PeXXXeso.avi
2014-04-15 10:43 - 2014-04-15 10:43 - 00001013 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2014-04-15 10:43 - 2014-04-15 10:43 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-04-15 10:42 - 2014-04-15 10:42 - 01785512 _____ () C:\Users\Michal\Downloads\wrar500cz.exe
2014-04-15 10:42 - 2014-04-15 10:42 - 00560939 _____ () C:\Users\Michal\Downloads\Paysafecard Code Generator 2014.rar
2014-04-15 03:55 - 2014-04-15 03:55 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2014-04-15 03:55 - 2014-04-15 03:55 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-04-15 03:55 - 2014-04-15 03:55 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-04-15 03:23 - 2014-04-15 03:23 - 00000000 ____D () C:\Users\Michal\aTubeCatcher
2014-04-15 02:38 - 2014-04-15 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-04-15 02:37 - 2014-04-15 02:37 - 00002124 _____ () C:\Users\Public\Desktop\Video Search.lnk
2014-04-15 02:37 - 2014-04-15 02:37 - 00001196 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-04-15 02:36 - 2014-04-15 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2014-04-15 02:36 - 2014-04-15 02:36 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-04-15 02:36 - 2014-04-14 13:08 - 01162824 _____ (Uniblue Systems Limited ) C:\Users\Michal\Documents\registrycleanerkit.exe
2014-04-15 02:34 - 2014-04-15 02:35 - 11851440 _____ (DsNET Corp) C:\Users\Michal\Downloads\aTubeCatcher.exe
2014-04-14 21:31 - 2014-04-22 17:53 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\TS3Client
2014-04-14 21:31 - 2014-04-14 21:31 - 00001172 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-04-14 21:31 - 2014-04-14 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-04-14 21:31 - 2014-04-14 21:31 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-04-14 21:30 - 2014-04-14 21:30 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Michal\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-04-14 01:01 - 2014-04-14 01:19 - 1464578326 _____ () C:\Users\Michal\Downloads\U mě dobrý.avi
2014-04-13 21:45 - 2014-04-13 23:05 - 733952000 _____ () C:\Users\Michal\Downloads\Klepání na nebeskou bránu.avi
2014-04-13 19:48 - 2014-04-13 19:58 - 1595410432 _____ () C:\Users\Michal\Downloads\Gravitace.avi

==================== One Month Modified Files and Folders =======

2014-05-13 20:50 - 2014-05-13 18:16 - 00017371 _____ () C:\Users\Michal\Desktop\FRST.txt
2014-05-13 20:50 - 2014-05-13 18:14 - 00000000 ____D () C:\FRST
2014-05-13 20:50 - 2014-03-20 21:23 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\uTorrent
2014-05-13 20:47 - 2014-05-13 20:47 - 00044040 _____ () C:\Users\Michal\Desktop\Extras.Txt
2014-05-13 20:47 - 2014-03-15 20:38 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Skype
2014-05-13 20:46 - 2014-05-13 20:46 - 00181802 _____ () C:\Users\Michal\Desktop\OTL.Txt
2014-05-13 20:44 - 2014-03-24 03:36 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-13 20:33 - 2009-07-14 06:45 - 00017056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-13 20:33 - 2009-07-14 06:45 - 00017056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-13 20:30 - 2014-05-13 17:13 - 00000000 ____D () C:\Users\Michal\Downloads\Accept - Discography(1979-2012). -SmoK
2014-05-13 20:26 - 2014-05-13 20:26 - 00000512 _____ () C:\PhysicalMBR.bin
2014-05-13 20:22 - 2014-05-13 20:22 - 00602112 _____ (OldTimer Tools) C:\Users\Michal\Desktop\OTL.exe
2014-05-13 20:01 - 2014-03-15 18:41 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-13 19:56 - 2014-04-28 19:45 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA.job
2014-05-13 19:39 - 2014-05-11 23:35 - 2712015206 _____ () C:\Users\Michal\Downloads\Vzepřít se obrům - CZ (2006).avi
2014-05-13 18:29 - 2014-05-13 18:29 - 00000000 ____D () C:\Users\Michal\Downloads\Accept
2014-05-13 18:27 - 2014-05-13 18:27 - 00020787 _____ () C:\Users\Michal\Downloads\[CzT]Accept_diskografie.torrent
2014-05-13 18:26 - 2014-05-13 18:26 - 00005841 _____ () C:\Users\Michal\Desktop\Addition.rar
2014-05-13 18:26 - 2014-05-13 18:26 - 00001961 _____ () C:\Users\Michal\Desktop\Process.rar
2014-05-13 18:18 - 2014-05-13 18:17 - 00023175 _____ () C:\Users\Michal\Desktop\Addition.txt
2014-05-13 18:13 - 2014-05-13 18:13 - 02066944 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2014-05-13 18:10 - 2014-05-13 18:09 - 00018020 _____ () C:\Users\Michal\Desktop\Process.txt
2014-05-13 16:54 - 2014-05-13 16:54 - 00041134 _____ () C:\Users\Michal\Downloads\[CzT]Accept_diskografie_1979_2012_FLAC_.torrent
2014-05-13 16:37 - 2014-03-15 19:00 - 00000000 ____D () C:\Users\Michal\AppData\Local\PMB Files
2014-05-13 16:33 - 2014-03-17 00:12 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-05-13 16:33 - 2014-03-17 00:12 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-05-13 16:33 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-13 16:30 - 2014-04-27 23:10 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Dropbox
2014-05-13 16:12 - 2014-05-13 13:03 - 00000958 _____ () C:\Windows\setupact.log
2014-05-13 15:01 - 2014-03-15 18:41 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-13 13:07 - 2014-03-16 02:29 - 01781915 _____ () C:\Windows\WindowsUpdate.log
2014-05-13 13:04 - 2014-04-27 23:13 - 00000000 ___RD () C:\Users\Michal\Dropbox
2014-05-13 13:03 - 2014-05-13 13:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-13 13:03 - 2014-03-15 19:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-13 13:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-12 23:29 - 2014-03-18 00:28 - 00000000 ____D () C:\Windows\Minidump
2014-05-12 13:43 - 2014-04-27 23:03 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-11 12:56 - 2014-04-28 19:45 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core.job
2014-05-09 12:15 - 2014-05-09 12:14 - 18249295 _____ () C:\Users\Michal\Desktop\hasici.rar
2014-05-09 12:11 - 2014-05-09 12:10 - 00000000 ____D () C:\Users\Michal\Desktop\hasici
2014-05-08 22:56 - 2014-05-08 22:56 - 02932602 _____ () C:\Users\Michal\Downloads\3133.zip
2014-05-08 22:56 - 2014-05-08 22:56 - 00000000 ____D () C:\Users\Michal\Desktop\Thresh
2014-05-08 12:51 - 2014-04-28 19:45 - 00003938 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA
2014-05-08 12:51 - 2014-04-28 19:45 - 00003542 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core
2014-05-07 14:56 - 2014-03-15 18:41 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 14:56 - 2014-03-15 18:41 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 11:45 - 2014-03-15 18:55 - 00000000 ____D () C:\Users\Michal\Desktop\panda
2014-04-30 18:51 - 2014-04-30 18:51 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Mozilla
2014-04-30 14:11 - 2014-03-15 18:42 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-30 00:52 - 2014-03-25 03:32 - 00000000 ____D () C:\Program Files (x86)\VIA
2014-04-29 22:44 - 2014-04-29 22:43 - 00000504 _____ () C:\Users\Michal\Downloads\url.htm
2014-04-29 00:44 - 2014-03-24 03:36 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 00:44 - 2014-03-24 03:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 00:44 - 2014-03-24 03:36 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-28 19:46 - 2014-03-15 18:41 - 00000000 ____D () C:\Users\Michal\AppData\Local\Google
2014-04-28 19:45 - 2014-04-28 19:45 - 00884704 _____ (Google Inc.) C:\Users\Michal\Downloads\GoogleVoiceAndVideoSetup.exe
2014-04-28 18:28 - 2014-04-28 15:45 - 2345066496 _____ () C:\Users\Michal\Downloads\Coach Carter.avi
2014-04-28 11:37 - 2014-04-28 11:37 - 00012360 _____ () C:\Users\Michal\Documents\cc_20140428_113743.reg
2014-04-28 11:37 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-28 11:35 - 2014-04-28 11:37 - 00000426 _____ () C:\AVScanner.ini
2014-04-28 11:24 - 2014-04-27 23:13 - 00001029 _____ () C:\Users\Michal\Desktop\Dropbox.lnk
2014-04-28 11:24 - 2014-04-27 23:12 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-28 11:24 - 2014-03-15 18:33 - 00000000 ___RD () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-27 23:24 - 2014-04-27 23:24 - 22913908 _____ () C:\Users\Michal\Downloads\torbrowser-install-3.5.4_en-US.exe
2014-04-27 23:13 - 2014-04-27 23:12 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\DropboxMaster
2014-04-27 23:13 - 2014-03-15 18:32 - 00000000 ____D () C:\Users\Michal
2014-04-27 23:08 - 2014-04-27 23:08 - 00001978 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-04-27 23:08 - 2014-04-27 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-27 23:07 - 2014-04-27 23:08 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-04-27 23:07 - 2014-04-27 23:07 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-04-27 23:03 - 2014-04-27 23:03 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\AVAST Software
2014-04-27 23:02 - 2014-04-27 23:02 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-27 23:02 - 2014-04-27 23:02 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-27 23:02 - 2014-04-27 23:02 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-27 23:02 - 2014-04-27 23:02 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-27 23:00 - 2014-04-27 23:00 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-27 23:00 - 2014-04-27 23:00 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-27 22:59 - 2014-04-27 22:59 - 04796856 _____ (AVAST Software) C:\Users\Michal\Downloads\avast_free_antivirus_setup_online.exe
2014-04-27 19:39 - 2014-03-15 19:00 - 00000000 ____D () C:\ProgramData\PMB Files
2014-04-27 16:31 - 2014-04-22 21:31 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-25 21:03 - 2014-04-25 16:41 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse Client
2014-04-25 18:34 - 2014-04-25 18:34 - 00001116 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-04-25 18:34 - 2014-04-25 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-04-25 18:34 - 2014-04-25 18:33 - 17529160 _____ (Google Inc.) C:\Users\Michal\Downloads\picasa39-setup.exe
2014-04-25 18:34 - 2014-03-15 18:41 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-25 16:41 - 2014-04-25 16:41 - 37439696 _____ (Curse) C:\Users\Michal\Downloads\CurseClientSetup.exe
2014-04-25 16:41 - 2014-04-25 16:41 - 00001044 _____ () C:\Users\Michal\Desktop\Curse.lnk
2014-04-25 16:41 - 2014-04-25 16:41 - 00001030 _____ () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2014-04-25 16:41 - 2014-04-25 16:41 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse Advertising
2014-04-25 16:41 - 2014-04-25 16:41 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Curse
2014-04-25 16:18 - 2014-04-25 16:18 - 00000795 _____ () C:\Users\Michal\Downloads\League-of-Legends-RP-hack-(100%-FUNGUJE).txt
2014-04-24 00:46 - 2014-04-24 00:33 - 1579972656 _____ () C:\Users\Michal\Downloads\Stesti.na.dosah.2006.BDRip.XviD.AC3.CZ-iNKViZiT0R.avi
2014-04-22 21:33 - 2014-03-28 05:07 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-22 21:32 - 2014-04-22 21:32 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-22 21:32 - 2014-03-24 03:36 - 00000000 ____D () C:\Users\Michal\AppData\Local\Adobe
2014-04-22 21:32 - 2014-03-15 21:06 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Adobe
2014-04-22 21:31 - 2014-04-22 21:31 - 00002025 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-22 21:31 - 2014-04-22 21:31 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-22 21:29 - 2014-04-22 21:29 - 21925555 _____ () C:\Users\Michal\Downloads\626mx6-electrical-manual-96.rar
2014-04-22 17:53 - 2014-04-14 21:31 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\TS3Client
2014-04-19 09:17 - 2014-03-15 20:21 - 00000000 ____D () C:\Users\Michal\AppData\Local\NVIDIA Corporation
2014-04-19 09:16 - 2014-03-15 19:29 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-19 09:15 - 2014-03-15 19:29 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-17 15:20 - 2014-03-24 03:34 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-16 00:53 - 2014-04-16 00:35 - 734597120 _____ () C:\Users\Michal\Downloads\Parba.ve.Vegas.2009.DVDRip.CZ-PeXXXeso.avi
2014-04-16 00:49 - 2014-04-16 00:37 - 1559347200 _____ () C:\Users\Michal\Downloads\Pařba na třetí.avi
2014-04-15 10:43 - 2014-04-15 10:43 - 00001013 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2014-04-15 10:43 - 2014-04-15 10:43 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-15 10:43 - 2014-04-15 10:43 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-04-15 10:42 - 2014-04-15 10:42 - 01785512 _____ () C:\Users\Michal\Downloads\wrar500cz.exe
2014-04-15 10:42 - 2014-04-15 10:42 - 00560939 _____ () C:\Users\Michal\Downloads\Paysafecard Code Generator 2014.rar
2014-04-15 03:55 - 2014-04-15 03:55 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2014-04-15 03:55 - 2014-04-15 03:55 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-04-15 03:55 - 2014-04-15 03:55 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-04-15 03:55 - 2014-04-15 02:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-04-15 03:23 - 2014-04-15 03:23 - 00000000 ____D () C:\Users\Michal\aTubeCatcher
2014-04-15 02:37 - 2014-04-15 02:37 - 00002124 _____ () C:\Users\Public\Desktop\Video Search.lnk
2014-04-15 02:37 - 2014-04-15 02:37 - 00001196 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-04-15 02:36 - 2014-04-15 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2014-04-15 02:36 - 2014-04-15 02:36 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-04-15 02:35 - 2014-04-15 02:34 - 11851440 _____ (DsNET Corp) C:\Users\Michal\Downloads\aTubeCatcher.exe
2014-04-14 21:31 - 2014-04-14 21:31 - 00001172 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-04-14 21:31 - 2014-04-14 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-04-14 21:31 - 2014-04-14 21:31 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-04-14 21:30 - 2014-04-14 21:30 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Michal\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-04-14 13:08 - 2014-04-15 02:36 - 01162824 _____ (Uniblue Systems Limited ) C:\Users\Michal\Documents\registrycleanerkit.exe
2014-04-14 01:19 - 2014-04-14 01:01 - 1464578326 _____ () C:\Users\Michal\Downloads\U mě dobrý.avi
2014-04-13 23:05 - 2014-04-13 21:45 - 733952000 _____ () C:\Users\Michal\Downloads\Klepání na nebeskou bránu.avi
2014-04-13 19:58 - 2014-04-13 19:48 - 1595410432 _____ () C:\Users\Michal\Downloads\Gravitace.avi

Some content of TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnim99w.dll
C:\Users\Michal\AppData\Local\Temp\FirewallAPI.dll
C:\Users\Michal\AppData\Local\Temp\ieframe.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-09 12:36

==================== End Of Log ============================

OTL logfile created on: 13.5.2014 20:24:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michal\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

6,00 Gb Total Physical Memory | 3,03 Gb Available Physical Memory | 50,46% Memory free
12,00 Gb Paging File | 8,51 Gb Available in Paging File | 70,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 268,79 Gb Free Space | 57,71% Space Free | Partition Type: NTFS

Computer Name: MICHAL-PC | User Name: Michal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.05.13 20:22:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michal\Desktop\OTL.exe
PRC - [2014.05.11 16:55:20 | 008,526,600 | ---- | M] (Curse, Inc) -- C:\Users\Michal\AppData\Roaming\Curse Client\Bin\Curse.exe
PRC - [2014.05.10 01:53:31 | 005,424,120 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\LoLLauncher.exe
PRC - [2014.04.27 23:07:55 | 000,109,048 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2014.04.27 23:02:14 | 003,873,704 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.04.27 23:02:14 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.04.25 03:46:52 | 000,064,384 | ---- | M] (Google) -- C:\Users\Michal\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2014.04.24 02:33:15 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.04.18 20:50:52 | 033,604,728 | ---- | M] (Dropbox, Inc.) -- C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014.04.02 15:29:05 | 002,201,032 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.04.02 15:28:46 | 001,615,192 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014.03.25 03:38:34 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2014.03.15 20:32:01 | 000,074,752 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.88\deploy\LolClient.exe
PRC - [2014.03.15 20:24:12 | 001,294,336 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
PRC - [2014.03.10 13:55:42 | 010,179,696 | ---- | M] (Coherent Labs) -- C:\Users\Michal\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.exe
PRC - [2014.03.04 13:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014.01.01 01:00:00 | 000,393,728 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Michal\AppData\Roaming\uTorrent\utorrent.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2009.06.26 17:08:38 | 006,036,992 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
PRC - [2009.02.02 11:39:00 | 010,231,808 | ---- | M] (Silicon Image, Inc.) -- C:\Program Files (x86)\ASUS\Drive Xpert\DriveXpert.exe
PRC - [2009.02.02 11:37:16 | 001,286,144 | ---- | M] () -- C:\Program Files (x86)\ASUS\Drive Xpert\SteelVine.exe


========== Modules (No Company Name) ==========

MOD - [2014.05.13 13:04:18 | 000,041,984 | ---- | M] () -- c:\Users\Michal\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnim99w.dll
MOD - [2014.05.10 01:53:32 | 001,531,384 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\RiotLauncher.dll
MOD - [2014.05.10 01:53:31 | 005,424,120 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\LoLLauncher.exe
MOD - [2014.04.27 23:02:15 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.04.24 02:33:13 | 000,390,472 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppgooglenaclpluginchrome.dll
MOD - [2014.04.24 02:33:12 | 013,692,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
MOD - [2014.04.24 02:33:10 | 004,081,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
MOD - [2014.04.24 02:33:03 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
MOD - [2014.04.24 02:33:01 | 000,065,352 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
MOD - [2014.03.25 03:26:27 | 000,024,576 | ---- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2014.03.20 20:11:11 | 000,530,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\d7a1bbd56dc15a29c2450b177f9468d7\System.Net.Http.ni.dll
MOD - [2014.03.20 20:11:10 | 019,693,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll
MOD - [2014.03.20 20:10:43 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014.03.20 20:10:37 | 000,241,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Comp46f2b404#\2526b5a3ab48717e858a08c3a4a8000c\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2014.03.20 20:10:36 | 013,620,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\921861ef36355e6f12a981a188f99b8a\System.Web.ni.dll
MOD - [2014.03.20 20:10:27 | 000,785,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\4d5d17a21443c7ea06190ccce3cb4ce1\System.EnterpriseServices.ni.dll
MOD - [2014.03.20 20:10:27 | 000,250,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\4d5d17a21443c7ea06190ccce3cb4ce1\System.EnterpriseServices.Wrapper.dll
MOD - [2014.03.20 20:10:26 | 000,399,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll
MOD - [2014.03.20 04:08:58 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014.03.20 04:08:53 | 000,660,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\2053b0e14f1e64a5c5d6d1c4d01485a2\System.Transactions.ni.dll
MOD - [2014.03.20 04:08:52 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\966f64a25064fe74936295dc06ec586e\System.Runtime.Remoting.ni.dll
MOD - [2014.03.20 04:08:38 | 007,409,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\6bbed231aec6fd82547e09474da0b2f9\System.Data.ni.dll
MOD - [2014.03.20 04:08:33 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014.03.20 04:08:27 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014.03.20 04:08:11 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014.03.20 04:08:08 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll
MOD - [2014.03.20 04:08:07 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll
MOD - [2014.03.20 04:08:06 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
MOD - [2014.03.20 04:08:00 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014.03.20 04:08:00 | 001,046,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\cc50d2e812a40e7932c04af96578de25\System.ComponentModel.Composition.ni.dll
MOD - [2014.03.20 04:07:44 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
MOD - [2014.03.20 04:07:43 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014.03.20 04:07:39 | 001,947,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\a627e2bfb55b5f583da237b214097f34\Microsoft.VisualBasic.ni.dll
MOD - [2014.03.20 04:07:31 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014.03.20 04:07:24 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014.03.20 04:07:16 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014.03.20 04:07:13 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014.03.20 04:07:01 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014.03.15 20:32:01 | 000,074,752 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.88\deploy\LolClient.exe
MOD - [2014.03.15 20:30:51 | 004,774,248 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.88\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
MOD - [2014.03.15 20:24:12 | 001,294,336 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
MOD - [2014.03.10 13:55:42 | 000,861,696 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Curse Client\Bin\ffmpegsumo.dll
MOD - [2014.03.10 13:55:38 | 000,343,040 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Curse Client\Bin\WebRTC_CSharpWrapper.dll
MOD - [2014.02.10 13:44:24 | 004,592,128 | ---- | M] () -- C:\Users\Michal\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll
MOD - [2014.02.10 13:44:24 | 000,112,128 | ---- | M] () -- C:\Users\Michal\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll
MOD - [2014.01.03 05:42:50 | 003,610,624 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013.12.13 08:12:44 | 000,307,712 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Curse Client\Bin\opus.dll
MOD - [2013.10.19 01:55:02 | 025,100,288 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2009.06.26 17:08:38 | 006,036,992 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
MOD - [2009.04.22 21:20:00 | 000,179,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\AsusService.dll
MOD - [2009.04.20 14:55:34 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\pngio.dll
MOD - [2009.04.20 14:55:32 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\AsSpindownTimeout.dll
MOD - [2009.02.02 11:34:36 | 000,917,504 | ---- | M] () -- C:\Program Files (x86)\ASUS\Drive Xpert\SDKEngine.dll
MOD - [2009.02.02 11:29:26 | 000,692,224 | ---- | M] () -- C:\Program Files (x86)\ASUS\Drive Xpert\SVSteelVine.dll
MOD - [2007.06.23 10:15:46 | 000,409,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\Drive Xpert\QtSql4.dll
MOD - [2007.06.23 10:15:46 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\ASUS\Drive Xpert\QtNetwork4.dll
MOD - [2007.06.23 10:15:46 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\Drive Xpert\QtXml4.dll
MOD - [2007.06.23 10:15:44 | 003,969,024 | ---- | M] () -- C:\Program Files (x86)\ASUS\Drive Xpert\QtGui4.dll
MOD - [2007.06.23 10:15:42 | 002,224,128 | ---- | M] () -- C:\Program Files (x86)\ASUS\Drive Xpert\Qt3Support4.dll
MOD - [2007.06.23 10:15:42 | 001,720,320 | ---- | M] () -- C:\Program Files (x86)\ASUS\Drive Xpert\QtCore4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.04.27 23:07:55 | 000,109,048 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2014.04.27 23:02:14 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014.04.02 15:28:36 | 020,541,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014.03.01 06:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.04.29 00:44:20 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.04.02 15:28:46 | 001,615,192 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.03.25 03:38:34 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2014.03.04 13:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.09.11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.02 11:37:16 | 001,286,144 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\Drive Xpert\SteelVine.exe -- (57xx SteelVine Manager)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.04.27 23:07:58 | 000,028,184 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2014.04.27 23:07:55 | 000,447,888 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdisFlt.sys -- (aswNdisFlt)
DRV:64bit: - [2014.04.27 23:02:16 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014.04.27 23:02:16 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014.04.27 23:02:16 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.04.27 23:02:16 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.04.27 23:02:16 | 000,085,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014.04.27 23:02:16 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.04.27 23:02:16 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.04.27 23:02:16 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014.03.25 03:43:21 | 000,104,408 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2014.03.25 03:41:00 | 000,055,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2014.03.25 03:28:04 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2014.03.21 21:43:52 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.11.28 15:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... d=ie7&rlz=


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/search?q={searchT ... d=ie7&rlz=
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 72 0C 18 57 6D 40 CF 01 [binary data]
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No CLSID value found
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovigo.com/Results.aspx?gd= ... rms}&SSPV=
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... d=ie7&rlz=
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\..\SearchScopes\{922BD241-A485-492F-BF50-D0C470942704}: "URL" = http://search.conduit.com/ResultsExt.as ... 78723&UM=1
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 107.170.5.93:80


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Michal\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Michal\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Michal\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Michal\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhledávání Google = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Free Proxy - Free Web Proxies = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfkfjpdbpikmgbeljnjbpfemeikgopni\1_0\
CHR - Extension: AdBlock = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.29_0\
CHR - Extension: avast! Online Security = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
CHR - Extension: Peněženka Google = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Evernote Web Clipper = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.1.3_0\
CHR - Extension: Gmail = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No CLSID value found.
O3 - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\..\Toolbar\WebBrowser: (no name) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No CLSID value found.
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Drive Xpert] C:\Program Files (x86)\ASUS\Drive Xpert\DriveXpert.exe (Silicon Image, Inc.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000..\Run: [BackgroundContainer] C:\Users\Michal\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll (Conduit Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk = C:\Users\Michal\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
O4 - Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{78C9AC17-D99A-47F4-9FAB-CEBBC00008E3}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.05.13 20:22:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Michal\Desktop\OTL.exe
[2014.05.13 18:14:51 | 000,000,000 | ---D | C] -- C:\FRST
[2014.05.09 12:10:58 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\hasici
[2014.05.08 22:56:37 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\Thresh
[2014.04.30 18:51:22 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Mozilla
[2014.04.27 23:13:49 | 000,000,000 | R--D | C] -- C:\Users\Michal\Dropbox
[2014.04.27 23:12:35 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\DropboxMaster
[2014.04.27 23:12:14 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2014.04.27 23:10:46 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Dropbox
[2014.04.27 23:08:08 | 000,028,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2014.04.27 23:07:55 | 000,447,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2014.04.27 23:03:49 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\AVAST Software
[2014.04.27 23:03:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014.04.27 23:02:40 | 000,085,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014.04.27 23:02:37 | 001,039,096 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014.04.27 23:02:36 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014.04.27 23:02:34 | 000,079,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.04.27 23:02:25 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014.04.27 23:02:21 | 000,334,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.04.27 23:02:15 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.04.27 23:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014.04.27 23:00:07 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014.04.25 18:34:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2014.04.25 16:41:57 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Curse Advertising
[2014.04.25 16:41:38 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Curse Client
[2014.04.25 16:41:25 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Curse
[2014.04.22 21:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2014.04.22 21:31:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014.04.22 21:31:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014.04.19 09:15:42 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014.04.19 09:15:42 | 000,033,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014.04.15 10:43:26 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\WinRAR
[2014.04.15 10:43:15 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014.04.15 10:43:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014.04.15 10:43:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2014.04.15 03:55:52 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2014.04.15 03:55:52 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2014.04.15 03:23:28 | 000,000,000 | ---D | C] -- C:\Users\Michal\aTubeCatcher
[2014.04.15 02:38:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2014.04.15 02:36:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
[2014.04.15 02:36:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DsNET Corp
[2014.04.15 02:36:08 | 001,162,824 | ---- | C] (Uniblue Systems Limited ) -- C:\Users\Michal\Documents\registrycleanerkit.exe
[2014.04.14 21:31:16 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\TS3Client
[2014.04.14 21:31:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2014.04.14 21:31:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client

========== Files - Modified Within 30 Days ==========

[2014.05.13 20:26:55 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.05.13 20:22:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michal\Desktop\OTL.exe
[2014.05.13 20:01:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.05.13 19:56:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA.job
[2014.05.13 19:44:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.05.13 19:03:46 | 000,017,056 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.05.13 19:03:46 | 000,017,056 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.05.13 18:26:14 | 000,005,841 | ---- | M] () -- C:\Users\Michal\Desktop\Addition.rar
[2014.05.13 18:26:01 | 000,001,961 | ---- | M] () -- C:\Users\Michal\Desktop\Process.rar
[2014.05.13 16:33:32 | 001,584,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.05.13 16:33:32 | 000,668,866 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.05.13 16:33:32 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.05.13 16:33:32 | 000,141,526 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.05.13 16:33:32 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.05.13 15:01:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.05.13 13:03:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.05.13 13:03:21 | 536,125,439 | -HS- | M] () -- C:\hiberfil.sys
[2014.05.11 12:56:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core.job
[2014.05.09 12:15:19 | 018,249,295 | ---- | M] () -- C:\Users\Michal\Desktop\hasici.rar
[2014.04.30 14:11:07 | 000,002,177 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.04.29 00:44:19 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.04.29 00:44:19 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.04.28 11:37:46 | 000,012,360 | ---- | M] () -- C:\Users\Michal\Documents\cc_20140428_113743.reg
[2014.04.28 11:35:59 | 000,000,426 | ---- | M] () -- C:\AVScanner.ini
[2014.04.28 11:24:42 | 000,001,059 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014.04.28 11:24:20 | 000,001,029 | ---- | M] () -- C:\Users\Michal\Desktop\Dropbox.lnk
[2014.04.27 23:08:50 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2014.04.27 23:07:58 | 000,028,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2014.04.27 23:07:55 | 000,447,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2014.04.27 23:02:16 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014.04.27 23:02:16 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014.04.27 23:02:16 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.04.27 23:02:16 | 000,208,416 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014.04.27 23:02:16 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014.04.27 23:02:16 | 000,085,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014.04.27 23:02:16 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.04.27 23:02:16 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014.04.27 23:02:16 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014.04.27 23:02:15 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.04.25 18:37:47 | 000,384,355 | ---- | M] () -- C:\Users\Michal\Desktop\zadní starana.PNG
[2014.04.25 18:37:09 | 000,380,114 | ---- | M] () -- C:\Users\Michal\Desktop\prední starama.PNG
[2014.04.25 18:34:41 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2014.04.25 16:41:39 | 000,001,054 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
[2014.04.25 16:41:39 | 000,001,044 | ---- | M] () -- C:\Users\Michal\Desktop\Curse.lnk
[2014.04.22 21:31:44 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014.04.15 10:43:15 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2014.04.15 03:55:52 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2014.04.15 03:55:52 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2014.04.15 02:37:10 | 000,002,124 | ---- | M] () -- C:\Users\Public\Desktop\Video Search.lnk
[2014.04.15 02:37:08 | 000,001,196 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
[2014.04.14 21:31:09 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2014.04.14 13:08:10 | 001,162,824 | ---- | M] (Uniblue Systems Limited ) -- C:\Users\Michal\Documents\registrycleanerkit.exe

========== Files Created - No Company Name ==========

[2014.05.13 20:26:55 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.05.13 18:26:13 | 000,005,841 | ---- | C] () -- C:\Users\Michal\Desktop\Addition.rar
[2014.05.13 18:26:01 | 000,001,961 | ---- | C] () -- C:\Users\Michal\Desktop\Process.rar
[2014.05.09 12:14:49 | 018,249,295 | ---- | C] () -- C:\Users\Michal\Desktop\hasici.rar
[2014.04.28 19:45:47 | 000,000,966 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA.job
[2014.04.28 19:45:46 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core.job
[2014.04.28 11:37:45 | 000,012,360 | ---- | C] () -- C:\Users\Michal\Documents\cc_20140428_113743.reg
[2014.04.28 11:37:18 | 000,000,426 | ---- | C] () -- C:\AVScanner.ini
[2014.04.27 23:13:49 | 000,001,029 | ---- | C] () -- C:\Users\Michal\Desktop\Dropbox.lnk
[2014.04.27 23:13:43 | 000,001,059 | ---- | C] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014.04.27 23:08:50 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2014.04.27 23:02:38 | 000,208,416 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014.04.27 23:02:35 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014.04.27 23:02:29 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014.04.25 18:37:47 | 000,384,355 | ---- | C] () -- C:\Users\Michal\Desktop\zadní starana.PNG
[2014.04.25 18:37:09 | 000,380,114 | ---- | C] () -- C:\Users\Michal\Desktop\prední starama.PNG
[2014.04.25 18:34:41 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2014.04.25 16:41:39 | 000,001,054 | ---- | C] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
[2014.04.25 16:41:39 | 000,001,044 | ---- | C] () -- C:\Users\Michal\Desktop\Curse.lnk
[2014.04.25 16:41:39 | 000,001,030 | ---- | C] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
[2014.04.22 21:31:44 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014.04.22 21:31:43 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014.04.15 10:43:15 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2014.04.15 02:37:10 | 000,002,124 | ---- | C] () -- C:\Users\Public\Desktop\Video Search.lnk
[2014.04.15 02:37:08 | 000,001,196 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
[2014.04.14 21:31:09 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2014.03.28 05:38:45 | 000,218,200 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2014.03.25 03:39:07 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2014.03.25 03:39:07 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2014.03.25 03:32:19 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2014.03.25 03:27:19 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2014.03.25 03:27:19 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2014.03.15 19:12:05 | 001,567,554 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.04.27 23:03:49 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\AVAST Software
[2014.03.20 21:11:30 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\BitSpirit
[2014.03.28 05:36:30 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\BSplayer
[2014.03.31 21:44:20 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\BSplayer Pro
[2014.04.25 16:41:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Curse
[2014.04.25 16:41:57 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Curse Advertising
[2014.04.25 21:03:46 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Curse Client
[2014.05.13 16:30:42 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Dropbox
[2014.04.27 23:13:49 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DropboxMaster
[2014.03.15 21:06:52 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\LolClient
[2014.03.28 05:11:58 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\OpenOffice
[2014.03.24 03:34:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Opera Software
[2014.03.15 18:59:00 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Riot Games
[2014.03.24 03:36:27 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\rmi
[2014.04.22 17:53:31 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\TS3Client
[2014.05.13 20:30:37 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\uTorrent
[2014.03.20 21:10:41 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ValueApps

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,018,664 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.03.15 18:41:48 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.03.15 18:41:49 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.03.24 03:36:50 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.04.28 19:45:46 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core.job
[2014.04.28 19:45:47 | 000,000,966 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013.11.26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c612691226045883af6d7b1c400d226a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c612691226045883af6d7b1c400d226a\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.04.22 21:32:40 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Adobe
[2014.04.27 23:03:49 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\AVAST Software
[2014.03.20 21:11:30 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\BitSpirit
[2014.03.28 05:36:30 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\BSplayer
[2014.03.31 21:44:20 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\BSplayer Pro
[2014.04.25 16:41:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Curse
[2014.04.25 16:41:57 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Curse Advertising
[2014.04.25 21:03:46 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Curse Client
[2014.05.13 16:30:42 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Dropbox
[2014.04.27 23:13:49 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DropboxMaster
[2014.03.15 18:33:08 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Identities
[2014.03.15 21:06:52 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\LolClient
[2014.03.15 21:06:50 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Macromedia
[2010.11.21 09:16:46 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Media Center Programs
[2014.04.22 21:32:39 | 000,000,000 | --SD | M] -- C:\Users\Michal\AppData\Roaming\Microsoft
[2014.04.30 18:51:22 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Mozilla
[2014.03.28 05:11:58 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\OpenOffice
[2014.03.24 03:34:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Opera Software
[2014.03.15 18:59:00 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Riot Games
[2014.03.24 03:36:27 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\rmi
[2014.05.13 20:30:51 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Skype
[2014.04.22 17:53:31 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\TS3Client
[2014.05.13 20:41:50 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\uTorrent
[2014.03.20 21:10:41 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ValueApps
[2014.04.15 10:43:26 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009.08.11 22:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\BSplayer Pro\AC3 Filter\ac3config.exe
[2009.08.11 22:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\BSplayer Pro\AC3 Filter\spdif_test.exe
[2010.03.22 15:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\BSplayer Pro\AC3 Filter\unins000.exe
[2012.10.11 10:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\BSplayer Pro\FFDShow\unins000.exe
[2010.08.14 11:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\BSplayer Pro\Haali media splitter\dsmux.exe
[2010.08.14 11:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\BSplayer Pro\Haali media splitter\gdsmux.exe
[2010.08.14 11:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\BSplayer Pro\Haali media splitter\mkv2vfr.exe
[2010.09.30 16:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\BSplayer Pro\Haali media splitter\uninstall.exe
[2014.03.10 13:55:42 | 010,179,696 | ---- | M] (Coherent Labs) -- C:\Users\Michal\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.exe
[2014.05.11 16:55:20 | 008,526,600 | ---- | M] (Curse, Inc) -- C:\Users\Michal\AppData\Roaming\Curse Client\Bin\Curse.exe
[2014.05.11 16:55:20 | 000,008,192 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Curse Client\Bin\Curse.OverlayHelper.exe
[2014.05.06 23:24:55 | 000,724,216 | ---- | M] (Curse) -- C:\Users\Michal\AppData\Roaming\Curse Client\Bin\CurseClientUpdater.exe
[2014.03.10 13:55:42 | 000,606,816 | ---- | M] (Curse, Inc.) -- C:\Users\Michal\AppData\Roaming\Curse Client\Bin\CurseSetupHelper.exe
[2014.02.25 17:02:00 | 000,292,184 | ---- | M] (Microsoft Corporation) -- C:\Users\Michal\AppData\Roaming\Curse Client\Bin\dxwebsetup.exe
[2014.04.18 20:50:52 | 033,604,728 | ---- | M] (Dropbox, Inc.) -- C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014.04.18 20:52:50 | 000,243,632 | ---- | M] (Dropbox, Inc.) -- C:\Users\Michal\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014.04.18 20:50:54 | 000,143,656 | ---- | M] (Dropbox, Inc.) -- C:\Users\Michal\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2014.03.25 03:35:39 | 000,004,286 | R--- | M] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Installer\{D5080B9F-670C-44BC-A9D0-FC8A50172F64}\_16496df1.exe
[2014.03.25 03:35:39 | 000,004,286 | R--- | M] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Installer\{D5080B9F-670C-44BC-A9D0-FC8A50172F64}\_69525f90.exe
[2014.04.25 16:41:39 | 000,295,646 | R--- | M] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Installer\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}\CurseClient.exe
[2014.01.01 01:00:00 | 000,393,728 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Michal\AppData\Roaming\uTorrent\utorrent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.05.13 20:44:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.05.13 15:01:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.05.13 20:01:00 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.05.11 12:56:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core.job
[2014.05.13 19:56:00 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2014.02.10 18:46:14 | 020,922,016 | R--- | M] (Skype Technologies S.A.)
"BackgroundContainer" = "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Michal\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun -- [2009.07.14 03:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2014.04.28 19:45:42 | 000,116,648 | ---- | M] (Google Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.03.02 00:02:17 | 000,808,152 | ---- | M] (Microsoft Corporation) MD5=3A3BEA53F039CE2E997A918E26E30B1D -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014.04.24 02:33:15 | 000,841,032 | ---- | M] (Google Inc.) MD5=542459D16B416D054161007FC9B1246E -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.05.13 20:26:55 | 000,000,512 | ---- | M] () MD5=32611DCBBDC668D41A9B1F5FA0ED46AD -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2014.02.05 11:31:23 | 001,169,184 | ---- | M] () -- \NVIDIA\DisplayDriver\335.23\Win8_WinVista_Win7_64\English\GFExperience\ExtensionLoader.dll
[2014.03.25 03:28:05 | 000,368,128 | ---- | M] () -- \Program Files (x86)\ASUS\AASP\1.00.95\AsLoader.exe
[2014.03.25 03:28:06 | 000,000,925 | ---- | M] () -- \Program Files (x86)\ASUS\AASP\1.00.95\AsLoader.exe.manifest
[2014.03.11 21:34:44 | 000,000,702 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_advoptions.fen
[2014.03.11 21:34:44 | 000,000,790 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_debug.fen
[2014.03.11 21:34:44 | 000,000,723 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_download.fen
[2014.03.11 21:34:44 | 000,000,694 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_file_errors.fen
[2014.03.11 21:34:44 | 000,000,634 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_manage_devices.fen
[2014.03.11 21:34:44 | 000,002,398 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_onboard.fen
[2014.03.11 21:34:44 | 000,001,417 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_options.fen
[2014.03.11 21:34:44 | 000,001,330 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_pinwheel_72.png
[2014.03.11 21:34:44 | 000,002,541 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_pinwheel_72x2.png
[2014.03.11 21:34:44 | 000,002,196 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_prefs.fen
[2014.03.11 21:34:44 | 000,000,956 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_quota_error1.fen
[2014.03.11 21:34:44 | 000,001,080 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_quota_error2.fen
[2014.03.11 21:34:44 | 000,001,139 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_quota_error_estimate.fen
[2014.03.11 21:34:44 | 000,002,181 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_welcome.fen
[2014.04.02 15:27:35 | 001,170,376 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.12.20 02:37:56 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.12.20 02:37:56 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.12.20 02:37:44 | 000,073,536 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.12.20 02:37:44 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013.09.17 05:54:36 | 000,029,696 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\javaloader.uno.dll
[2013.09.17 05:57:36 | 000,005,813 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\pythonloader.py
[2013.09.17 05:54:38 | 000,020,992 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\pythonloader.uno.dll
[2013.09.20 14:57:06 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\pythonloader.uno.ini
[2013.09.20 14:39:02 | 000,003,868 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\classes\unoloader.jar
[2013.09.16 23:10:56 | 000,013,420 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\python-core-2.7.5\lib\unittest\loader.py
[2014.04.27 23:02:14 | 000,072,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014.04.27 23:02:14 | 000,085,888 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2014.02.05 11:31:23 | 001,169,184 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{9B88B816-5DE4-4492-9768-3433FACADA8E}\ExtensionLoader.dll
[2014.04.02 15:27:35 | 001,170,376 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{E1DF5233-A890-4A13-9DE3-4F34BBD3AF7C}\ExtensionLoader.dll
[2014.03.15 20:31:59 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.88\deploy\assets\storeImages\layout\small_loader.gif
[2014.04.24 14:33:40 | 000,002,845 | ---- | M] () -- \Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.1.3_0\content\fleLoader.js
[2014.04.24 14:33:42 | 000,002,324 | ---- | M] () -- \Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.1.3_0\content\frame_loader.js
[2014.04.24 14:35:02 | 000,001,136 | ---- | M] () -- \Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.1.3_0\js\main\cache_loader.js
[2014.05.13 13:05:59 | 000,112,122 | ---- | M] () -- \Users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D8B4LYD4\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2014.05.13 13:05:59 | 000,001,870 | ---- | M] () -- \Users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G4ZGMFF3\AdLoader[1].htm
[2014.05.13 00:36:16 | 000,000,353 | ---- | M] () -- \Users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G4ZGMFF3\queryLoader[1].css
[2014.05.13 00:36:20 | 000,005,505 | ---- | M] () -- \Users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G4ZGMFF3\queryLoader[1].js
[2014.01.28 20:35:56 | 000,072,638 | ---- | M] () -- \Users\Michal\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.01.28 20:35:56 | 000,003,032 | ---- | M] () -- \Users\Michal\AppData\Local\Skype\Apps\login\images\loader.png
[2014.01.28 20:35:56 | 000,006,012 | ---- | M] () -- \Users\Michal\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.01.28 20:35:56 | 000,021,956 | ---- | M] () -- \Users\Michal\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.01.28 20:35:56 | 000,009,772 | ---- | M] () -- \Users\Michal\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014.03.24 03:50:28 | 000,443,328 | ---- | M] () -- \Users\Michal\Downloads\ant_video_downloader_and_player-2.4.7.16-fx.xpi
[2014.03.25 03:28:05 | 000,368,128 | ---- | M] () -- \Users\Michal\Downloads\ProbeII_V10476\ProbeII\AsSP\AsLoader.exe
[2014.03.25 03:28:06 | 000,000,925 | ---- | M] () -- \Users\Michal\Downloads\ProbeII_V10476\ProbeII\AsSP\AsLoader.exe.manifest
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.16 05:20:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.16 05:21:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.16 05:20:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.16 05:21:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.17 00:10:12 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2014.03.17 00:10:12 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2014.03.17 00:10:12 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2014.03.17 00:10:12 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2014.03.17 00:10:12 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2010.11.21 09:06:45 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010.11.21 09:06:45 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2010.11.21 09:06:45 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2010.11.21 09:06:45 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2010.11.21 09:06:45 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2014.03.16 04:08:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2014.03.16 04:08:43 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2014.03.16 04:08:43 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2014.03.16 04:08:43 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2014.03.16 04:08:43 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.13 20:18:36 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 09:05:43 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.16 05:20:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.16 05:21:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.16 05:20:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.16 05:21:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

Znovu spustte OTL jako spravce. Do spodniho okna vlozte nasledujici text:

:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovigo.com/Results.aspx?gd= ... 385371C&q={searchTerms}&SSPV=
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-1009048204-1274090199-2451567400-1000\..\SearchScopes\{922BD241-A485-492F-BF50-D0C470942704}: "URL" = http://search.conduit.com/ResultsExt.as ... 78723&UM=1
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing

:files
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Zde je log moc děkuji. Rád bych se zeptal kde byl problém a jak bych mu mohl pro příště předejít uvědomuji si že byl problém jak se říká mezi židlí a počítačem konečně je už neslyším ten hrozně sekající se zvuk když si něco pouštím.
Děkuji moc.



All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1009048204-1274090199-2451567400-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\ not found.
Registry key HKEY_USERS\S-1-5-21-1009048204-1274090199-2451567400-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1009048204-1274090199-2451567400-1000\Software\Microsoft\Internet Explorer\SearchScopes\{922BD241-A485-492F-BF50-D0C470942704}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{922BD241-A485-492F-BF50-D0C470942704}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000UA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1009048204-1274090199-2451567400-1000Core.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Michal
->Temp folder emptied: 12654049 bytes
->Temporary Internet Files folder emptied: 4196504 bytes
->Java cache emptied: 417997 bytes
->Google Chrome cache emptied: 346226496 bytes
->Flash cache emptied: 1011 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 57207864 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43274130 bytes
RecycleBin emptied: 5814831567 bytes

Total Files Cleaned = 5 988,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Michal
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 05132014_213628

Files\Folders moved on Reboot...
C:\Users\Michal\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Především zbytečnosti (skoro 6GB dat v dočasných adresářích) a několik toolbarů, které zpomalují systém. Používejte na občasné čištění systému CCleaner: http://forum.viry.cz/viewtopic.php?f=46&t=7478 a váš PC bude v lepší kondici Nemáte zač!

Děkuji moc mužete lock my topick

Rádo se stalo!