kontrola logu - smazány některé programy
Napsal: 04 čer 2014 16:35
Dobrý den, prosím o pomoc a kontrolu logu. Můj notebook něco provedl a smazaly se některé součásti programů, zbyl jen zástupce na ploše no ve startu. Např avast - zůstala složka ale exe aplikace nikde. Chtěl jsem ho nainstalovat znova a nejdeto. Někde to je to asi v registrech nebo v systemu. Přikládám log
Děkuji za pomoc
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014
Ran by Admin (administrator) on ADMIN-PC on 04-06-2014 17:27:40
Running from C:\Users\Admin\Desktop
Platform: Microsoft Windows 7 Ultimate (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe
(SOURCENEXT) C:\Windows\System32\bgsvcgen.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Nokia) C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [618496 2010-10-28] ()
HKLM\...\Run: [NokiaMServer] => C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [3200 Scan2PC] => C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe [1989120 2010-05-18] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKU\S-1-5-21-3008372348-1538280282-1265933599-1000\...\Run: [] => [X]
HKU\S-1-5-21-3008372348-1538280282-1265933599-1000\...\MountPoints2: E - E:\sources\SetupError.exe x64
HKU\S-1-5-21-3008372348-1538280282-1265933599-1000\...\MountPoints2: {142e72f1-22a6-11df-a39d-00218671774a} - F:\AutoRun.exe
HKU\S-1-5-21-3008372348-1538280282-1265933599-1000\...\MountPoints2: {142e72f6-22a6-11df-a39d-00218671774a} - F:\AutoRun.exe
HKU\S-1-5-21-3008372348-1538280282-1265933599-1000\...\MountPoints2: {142e7312-22a6-11df-a39d-00218671774a} - F:\AutoRun.exe
HKU\S-1-5-21-3008372348-1538280282-1265933599-1000\...\MountPoints2: {209c666c-08cb-11df-ac78-00218671774a} - F:\Axesstel_Setup.exe
HKU\S-1-5-21-3008372348-1538280282-1265933599-1000\...\MountPoints2: {ece57178-9d8f-11df-b113-00218671774a} - F:\autorun.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB1F4E47B2C31CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.myplaycity.com/
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKCU - {47BC6059-0F35-4E8F-B296-49F0E262E4DD} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13906
SearchScopes: HKCU - {501DB8DD-2C6C-4277-B619-2720F4A316D6} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13906
SearchScopes: HKCU - {5BB4CFAF-BA33-444C-BF2D-380E7254BC2E} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13906
SearchScopes: HKCU - {6CF82D0E-88AD-6205-BC69-EBB0A35C4A0C} URL = http://ala.asksearch.com/s/?q={searchTe ... =2-208-0-0
SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://start.myplaycity.com/results.php ... earchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKCU - {A6834752-B3E4-41EC-B114-6EA33E9B02FC} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13906
SearchScopes: HKCU - {AA986F8D-552A-4CDB-9478-2FF8B92A1D9B} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13906
SearchScopes: HKCU - {B611CB64-0BB4-43FA-A891-C53626AF215F} URL = http://search.seznam.cz/?q={searchTerms ... arch_13906
SearchScopes: HKCU - {D3D06160-BBC5-4F9D-AD90-5D5A89C67D80} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13906
SearchScopes: HKCU - {D6F2C16D-8A4D-43FD-866B-D1C6EC455E5F} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13906
SearchScopes: HKCU - {D7B3E922-1C00-4129-B3DF-F00F4B9BA2EE} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13906
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: No Name - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
Toolbar: HKLM - No Name - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
Toolbar: HKLM - No Name - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No File
Toolbar: HKLM - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
Toolbar: HKLM - No Name - {25A3A431-30BB-47C8-AD6A-E1063801134F} - No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Fishdom%20H2O%20-%20Hidden%20Odyssey/Images/stg_drm.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.sun.com/update/1.5.0/ ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Fishdom%20H2O%20-%20Hidden%20Odyssey/Images/armhelper.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\23ncdmno.default
FF DefaultSearchEngine: Search Results
FF SearchEngineOrder.1: Search Results
FF SelectedSearchEngine: MyPlayCity
FF Homepage: hxxp://start.myplaycity.com/
FF Keyword.URL: hxxp://start.myplaycity.com/results.php?category=web&s=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\23ncdmno.default\searchplugins\myplaycity.xml
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\23ncdmno.default\searchplugins\Search_Results.xml
FF Extension: Seznam lištička - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\23ncdmno.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-04-17]
FF HKLM\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
FF HKLM\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: mpcstart
CHR DefaultSearchProvider: MyPlayCity
CHR DefaultSearchURL: http://start.myplaycity.com/results.php ... earchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Unity Player) - C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Extension: (Seznam Lištička - Email) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2013-04-24]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2013-04-06]
CHR Extension: (Peněženka Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2013-04-18]
========================== Services (Whitelisted) =================
R2 bgsvcgen; C:\Windows\system32\bgsvcgen.exe [139264 2009-11-28] (SOURCENEXT)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [229458 2010-03-23] (IDT, Inc.)
S3 ServiceLayer; "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe" [X]
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-04-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-04-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-04-30] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-04-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-05-15] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [56080 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-04-30] ()
S3 Axtmvflt; C:\Windows\System32\DRIVERS\Axtmvflt.sys [3456 2007-03-22] (Axesstel)
S3 Axtmvmdm; C:\Windows\System32\DRIVERS\Axtmvmdm.sys [40064 2007-03-26] (Axesstel)
S3 Axtmvprt; C:\Windows\System32\Drivers\Axtmvprt.sys [38784 2007-03-26] (Axesstel)
R1 cdrbsdrv; C:\Windows\system32\Drivers\cdrbsdrv.sys [38944 2009-11-28] (B.H.A Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
S1 prodrv06; C:\Windows\System32\drivers\prodrv06.sys [52128 2003-10-10] (Protection Technology)
S0 prohlp02; C:\Windows\System32\drivers\prohlp02.sys [62720 2003-10-10] (Protection Technology)
S0 prosync1; C:\Windows\System32\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology)
S0 sfhlp01; C:\Windows\System32\drivers\sfhlp01.sys [4832 2003-09-06] (Protection Technology)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-08-01] ()
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
U3 a9fgzwf5; No ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-04 17:27 - 2014-06-04 17:28 - 00016924 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-06-04 17:26 - 2014-06-04 17:27 - 00000000 ____D () C:\FRST
2014-06-04 17:24 - 2014-06-04 17:24 - 00112640 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2014-06-04 17:21 - 2014-06-04 17:21 - 01059840 _____ (Farbar) C:\Users\Admin\Desktop\FRST.exe
2014-06-04 16:55 - 2014-06-04 16:55 - 00000000 ____D () C:\Program Files\Google
2014-06-04 16:54 - 2014-06-04 16:55 - 00000000 ____D () C:\Users\Admin\AppData\Local\Deployment
2014-06-04 16:54 - 2014-06-04 16:54 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apps\2.0
2014-06-04 16:53 - 2012-01-04 11:03 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-06-04 16:53 - 2012-01-03 07:44 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-06-04 16:53 - 2011-06-16 06:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-06-04 16:53 - 2011-05-04 06:53 - 01553920 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-06-04 16:53 - 2011-05-04 06:52 - 01401856 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-06-04 16:53 - 2011-05-04 06:52 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-06-04 16:53 - 2011-05-04 06:52 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-06-04 16:53 - 2011-05-04 06:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-06-04 16:53 - 2011-05-04 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-06-04 16:53 - 2011-05-04 06:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-06-04 16:53 - 2011-05-04 06:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-06-04 16:53 - 2011-05-04 06:52 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-06-04 16:41 - 2011-04-22 21:36 - 00026496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-06-04 16:41 - 2011-03-25 05:06 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-06-04 16:41 - 2011-03-25 05:06 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-06-04 16:41 - 2011-03-25 05:06 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-06-04 16:41 - 2011-03-25 05:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-06-04 16:41 - 2011-03-25 05:06 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-06-04 16:41 - 2011-03-25 05:06 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-06-04 16:41 - 2011-03-25 05:06 - 00005888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-06-04 16:41 - 2011-03-12 13:31 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-06-04 16:35 - 2014-06-04 16:35 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-04 16:33 - 2014-06-04 16:33 - 00000000 ____D () C:\Program Files\VideoLAN
2014-06-04 14:32 - 2012-03-08 18:32 - 00039272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2014-06-04 14:31 - 2014-06-04 14:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-06-04 14:31 - 2014-06-04 14:31 - 00001222 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2014-06-04 14:31 - 2014-06-04 14:31 - 00000000 ____D () C:\Windows\cs
2014-06-04 14:30 - 2014-06-04 14:31 - 00001291 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2014-06-04 14:30 - 2014-06-04 14:30 - 00001375 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-06-04 14:30 - 2014-06-04 14:30 - 00000020 _____ () C:\Windows\ řg
2014-06-04 14:30 - 2014-06-04 14:30 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-06-04 14:29 - 2014-06-04 14:29 - 00002403 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-06-04 14:28 - 2014-06-04 14:32 - 00000000 ____D () C:\Program Files\Windows Live
2014-06-04 14:24 - 2014-06-04 16:20 - 00002088 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-04 14:24 - 2014-06-04 16:20 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-06-04 14:24 - 2014-06-04 16:20 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-04 14:24 - 2014-06-04 14:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\Windows Live
2014-06-04 14:24 - 2014-06-04 14:24 - 00000000 ____D () C:\Program Files\Common Files\Windows Live
2014-06-04 14:22 - 2010-04-09 09:24 - 00240008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-04 14:00 - 2014-06-04 14:12 - 00000000 ____D () C:\Windows\pss
2014-06-04 12:53 - 2014-06-04 12:54 - 94714880 _____ (AVAST Software) C:\Users\Admin\Downloads\avast_free_antivirus_setup.exe
2014-06-04 12:33 - 2014-06-04 12:34 - 03343796 _____ () C:\Users\Admin\Documents\záloha registru cc 4.6.14.reg
2014-06-04 12:30 - 2014-06-04 12:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-04 12:30 - 2014-06-04 12:30 - 00000940 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-04 12:30 - 2014-06-04 12:30 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-04 12:29 - 2014-06-04 12:30 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-04 12:29 - 2014-06-04 12:29 - 00000000 ____D () C:\Program Files\Adobe
2014-06-04 12:24 - 2014-06-04 12:24 - 00000000 ____D () C:\Program Files\PDFCreator
2014-06-04 12:24 - 2014-04-25 17:44 - 00095416 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2014-06-04 02:37 - 2014-06-04 09:09 - 00000000 ____D () C:\Users\Admin\Desktop\šablony
2014-06-02 20:05 - 2014-06-02 21:02 - 464414720 _____ () C:\Users\Admin\Downloads\Hra-o-trůny-S04E08-cz-tit..avi
2014-05-31 06:52 - 2014-05-31 06:52 - 00000840 _____ () C:\Users\Admin\Desktop\obrázky kvarta – zástupce.lnk
2014-05-31 05:47 - 2014-05-31 05:47 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-05-31 05:46 - 2014-06-02 20:05 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-05-31 05:46 - 2014-05-31 05:46 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-05-28 17:01 - 2014-05-28 17:01 - 01601592 _____ () C:\Users\Admin\Downloads\h_mcr_dosp.rar
2014-05-19 19:20 - 2014-05-19 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-19 19:19 - 2014-05-19 19:19 - 06957280 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\Silverlight.exe
2014-05-17 21:22 - 2014-06-04 00:23 - 00000000 ____D () C:\Users\Admin\Desktop\obrázky kvarta
2014-05-17 21:13 - 2014-06-04 06:54 - 00000000 ____D () C:\Users\Admin\Desktop\utilitárky kvarta1
2014-05-15 15:35 - 2014-06-04 16:33 - 00000999 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-05-15 13:10 - 2011-02-24 07:32 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-05-15 13:10 - 2011-02-18 07:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-05-10 21:28 - 2014-05-10 21:28 - 00015753 _____ () C:\Users\Admin\Downloads\[CzT]Captain_America_Navrat_prvniho_Avengera_Captain_America_The_Winter_Soldier_2014_TS_.torrent
2014-05-10 20:36 - 2014-05-10 20:36 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Apple Computer
2014-05-10 20:36 - 2014-05-10 20:36 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apple Computer
2014-05-10 20:34 - 2014-05-10 20:58 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-10 20:34 - 2014-05-10 20:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apple
2014-05-10 20:34 - 2014-05-10 20:34 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-05-10 20:33 - 2014-05-10 20:33 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-05-10 20:32 - 2014-05-10 20:33 - 00000000 ____D () C:\ProgramData\Apple
2014-05-10 20:28 - 2014-05-10 20:29 - 137699152 _____ (Apple Inc.) C:\Users\Admin\Downloads\iTunesSetup.exe
2014-05-07 17:16 - 2014-05-07 17:16 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-05-07 11:54 - 2014-05-07 11:54 - 00018255 _____ () C:\Users\Admin\Downloads\[CzT]Letadla_Planes_2013_CZ_.torrent
2014-05-07 11:54 - 2014-05-07 11:54 - 00017945 _____ () C:\Users\Admin\Downloads\[CzT]Ptaci_ulet_Free_Birds_2013_CZ_SK_.torrent
2014-05-07 11:54 - 2014-05-07 11:54 - 00017374 _____ () C:\Users\Admin\Downloads\[CzT]Turbo_2013_CZ_SK_.torrent
2014-05-07 11:53 - 2014-05-07 11:53 - 00018311 _____ () C:\Users\Admin\Downloads\[CzT]Zatazeno_obcas_trakare_2_Cloudy_with_a_Chance_of_Meatballs_2_2013_CZ_SK_.torrent
2014-05-07 11:53 - 2014-05-07 11:53 - 00016626 _____ () C:\Users\Admin\Downloads\[CzT]Ledove_kralovstvi_Frozen_2013_CZ_.torrent
==================== One Month Modified Files and Folders =======
2014-06-04 17:28 - 2014-06-04 17:27 - 00016924 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-06-04 17:28 - 2009-09-09 09:23 - 00000000 ____D () C:\Users\Admin\AppData\Local\Temp
2014-06-04 17:27 - 2014-06-04 17:26 - 00000000 ____D () C:\FRST
2014-06-04 17:24 - 2014-06-04 17:24 - 00112640 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2014-06-04 17:21 - 2014-06-04 17:21 - 01059840 _____ (Farbar) C:\Users\Admin\Desktop\FRST.exe
2014-06-04 17:20 - 2009-07-14 06:34 - 00010208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-04 17:20 - 2009-07-14 06:34 - 00010208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-04 17:17 - 2009-09-09 09:15 - 01843606 _____ () C:\Windows\WindowsUpdate.log
2014-06-04 17:12 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2014-06-04 17:10 - 2009-12-12 00:25 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-04 17:03 - 2009-09-09 16:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-04 17:03 - 2009-09-09 16:47 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-04 17:03 - 2009-07-14 04:04 - 00000478 _____ () C:\Windows\win.ini
2014-06-04 17:00 - 2009-12-12 00:25 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-04 16:59 - 2014-01-02 21:37 - 00016418 _____ () C:\Windows\setupact.log
2014-06-04 16:59 - 2011-09-24 09:27 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-06-04 16:59 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-04 16:58 - 2014-01-02 21:36 - 00341690 _____ () C:\Windows\PFRO.log
2014-06-04 16:56 - 2009-12-12 00:27 - 00002176 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-04 16:55 - 2014-06-04 16:55 - 00000000 ____D () C:\Program Files\Google
2014-06-04 16:55 - 2014-06-04 16:54 - 00000000 ____D () C:\Users\Admin\AppData\Local\Deployment
2014-06-04 16:54 - 2014-06-04 16:54 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apps\2.0
2014-06-04 16:45 - 2009-07-14 06:33 - 01752688 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-04 16:36 - 2013-05-01 18:10 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-04 16:35 - 2014-06-04 16:35 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-04 16:33 - 2014-06-04 16:33 - 00000000 ____D () C:\Program Files\VideoLAN
2014-06-04 16:33 - 2014-05-15 15:35 - 00000999 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-04 16:20 - 2014-06-04 14:24 - 00002088 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-04 16:20 - 2014-06-04 14:24 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-06-04 16:20 - 2014-06-04 14:24 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-04 14:39 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-04 14:32 - 2014-06-04 14:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-06-04 14:32 - 2014-06-04 14:28 - 00000000 ____D () C:\Program Files\Windows Live
2014-06-04 14:31 - 2014-06-04 14:31 - 00001222 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2014-06-04 14:31 - 2014-06-04 14:31 - 00000000 ____D () C:\Windows\cs
2014-06-04 14:31 - 2014-06-04 14:30 - 00001291 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2014-06-04 14:30 - 2014-06-04 14:30 - 00001375 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-06-04 14:30 - 2014-06-04 14:30 - 00000020 _____ () C:\Windows\ řg
2014-06-04 14:30 - 2014-06-04 14:30 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-06-04 14:29 - 2014-06-04 14:29 - 00002403 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-06-04 14:28 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-04 14:24 - 2014-06-04 14:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\Windows Live
2014-06-04 14:24 - 2014-06-04 14:24 - 00000000 ____D () C:\Program Files\Common Files\Windows Live
2014-06-04 14:12 - 2014-06-04 14:00 - 00000000 ____D () C:\Windows\pss
2014-06-04 14:06 - 2011-10-11 21:10 - 00931328 ___SH () C:\Users\Admin\Desktop\Thumbs.db
2014-06-04 12:54 - 2014-06-04 12:53 - 94714880 _____ (AVAST Software) C:\Users\Admin\Downloads\avast_free_antivirus_setup.exe
2014-06-04 12:34 - 2014-06-04 12:33 - 03343796 _____ () C:\Users\Admin\Documents\záloha registru cc 4.6.14.reg
2014-06-04 12:30 - 2014-06-04 12:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-04 12:30 - 2014-06-04 12:30 - 00000940 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-04 12:30 - 2014-06-04 12:30 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-04 12:30 - 2014-06-04 12:29 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-04 12:29 - 2014-06-04 12:29 - 00000000 ____D () C:\Program Files\Adobe
2014-06-04 12:29 - 2009-09-09 13:46 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-04 12:24 - 2014-06-04 12:24 - 00000000 ____D () C:\Program Files\PDFCreator
2014-06-04 12:24 - 2014-04-28 05:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-06-04 09:09 - 2014-06-04 02:37 - 00000000 ____D () C:\Users\Admin\Desktop\šablony
2014-06-04 06:54 - 2014-05-17 21:13 - 00000000 ____D () C:\Users\Admin\Desktop\utilitárky kvarta1
2014-06-04 06:50 - 2009-09-09 10:24 - 01585934 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-04 02:15 - 2009-09-09 13:02 - 00108824 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-04 01:48 - 2014-03-12 05:33 - 00000000 ____D () C:\Users\Admin\Desktop\utilitárky septima 1314
2014-06-04 00:23 - 2014-05-17 21:22 - 00000000 ____D () C:\Users\Admin\Desktop\obrázky kvarta
2014-06-02 21:32 - 2009-09-09 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-06-02 21:02 - 2014-06-02 20:05 - 464414720 _____ () C:\Users\Admin\Downloads\Hra-o-trůny-S04E08-cz-tit..avi
2014-06-02 20:07 - 2009-09-09 16:52 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-06-02 20:05 - 2014-05-31 05:46 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-06-02 20:05 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-06-02 19:49 - 2012-08-24 19:12 - 00000000 ____D () C:\Program Files\Java
2014-06-02 19:49 - 2009-10-27 11:16 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-06-02 19:49 - 2009-09-09 13:12 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-05-31 06:52 - 2014-05-31 06:52 - 00000840 _____ () C:\Users\Admin\Desktop\obrázky kvarta – zástupce.lnk
2014-05-31 05:47 - 2014-05-31 05:47 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-05-31 05:47 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-31 05:46 - 2014-05-31 05:46 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-05-31 05:30 - 2009-09-09 22:16 - 00000000 ____D () C:\Program Files\Common Files\Nokia
2014-05-31 05:30 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-05-31 05:29 - 2012-01-14 12:50 - 00000000 ____D () C:\Program Files\Scan Assistant
2014-05-31 05:29 - 2010-09-26 13:12 - 00000000 ___RD () C:\Program Files\Skype
2014-05-31 05:29 - 2010-07-23 22:02 - 00000000 ____D () C:\Program Files\PC Connectivity Solution
2014-05-31 05:29 - 2010-02-26 13:09 - 00000000 ____D () C:\Program Files\O2 Mobilni internet
2014-05-31 05:29 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-05-28 17:01 - 2014-05-28 17:01 - 01601592 _____ () C:\Users\Admin\Downloads\h_mcr_dosp.rar
2014-05-23 15:48 - 2014-03-12 05:29 - 00000000 ____D () C:\Users\Admin\Desktop\utilitárky septima 1213
2014-05-19 19:20 - 2014-05-19 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-19 19:19 - 2014-05-19 19:19 - 06957280 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\Silverlight.exe
2014-05-18 17:21 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-15 16:25 - 2010-02-06 23:37 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2014-05-15 15:35 - 2010-02-06 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-05-15 13:19 - 2013-07-18 19:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 13:11 - 2009-09-09 10:32 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 11:52 - 2014-01-02 18:24 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 11:52 - 2011-08-27 12:57 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 11:52 - 2011-08-27 12:57 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-15 10:36 - 2012-04-01 15:44 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-15 10:36 - 2011-08-27 13:06 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-10 21:28 - 2014-05-10 21:28 - 00015753 _____ () C:\Users\Admin\Downloads\[CzT]Captain_America_Navrat_prvniho_Avengera_Captain_America_The_Winter_Soldier_2014_TS_.torrent
2014-05-10 20:58 - 2014-05-10 20:34 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-10 20:36 - 2014-05-10 20:36 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Apple Computer
2014-05-10 20:36 - 2014-05-10 20:36 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apple Computer
2014-05-10 20:34 - 2014-05-10 20:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apple
2014-05-10 20:34 - 2014-05-10 20:34 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-05-10 20:33 - 2014-05-10 20:33 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-05-10 20:33 - 2014-05-10 20:32 - 00000000 ____D () C:\ProgramData\Apple
2014-05-10 20:29 - 2014-05-10 20:28 - 137699152 _____ (Apple Inc.) C:\Users\Admin\Downloads\iTunesSetup.exe
2014-05-07 17:16 - 2014-05-07 17:16 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-05-07 11:54 - 2014-05-07 11:54 - 00018255 _____ () C:\Users\Admin\Downloads\[CzT]Letadla_Planes_2013_CZ_.torrent
2014-05-07 11:54 - 2014-05-07 11:54 - 00017945 _____ () C:\Users\Admin\Downloads\[CzT]Ptaci_ulet_Free_Birds_2013_CZ_SK_.torrent
2014-05-07 11:54 - 2014-05-07 11:54 - 00017374 _____ () C:\Users\Admin\Downloads\[CzT]Turbo_2013_CZ_SK_.torrent
2014-05-07 11:53 - 2014-05-07 11:53 - 00018311 _____ () C:\Users\Admin\Downloads\[CzT]Zatazeno_obcas_trakare_2_Cloudy_with_a_Chance_of_Meatballs_2_2013_CZ_SK_.torrent
2014-05-07 11:53 - 2014-05-07 11:53 - 00016626 _____ () C:\Users\Admin\Downloads\[CzT]Ledove_kralovstvi_Frozen_2013_CZ_.torrent
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\NEventMessages.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:9B7E8561
AlternateDataStreams: C:\ProgramData\TEMP:AB1003B3
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Admin\Desktop" je 947 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Děkuji za pomoc
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014
Ran by Admin (administrator) on ADMIN-PC on 04-06-2014 17:27:40
Running from C:\Users\Admin\Desktop
Platform: Microsoft Windows 7 Ultimate (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe
(SOURCENEXT) C:\Windows\System32\bgsvcgen.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Nokia) C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [618496 2010-10-28] ()
HKLM\...\Run: [NokiaMServer] => C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [3200 Scan2PC] => C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe [1989120 2010-05-18] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKU\S-1-5-21-3008372348-1538280282-1265933599-1000\...\Run: [] => [X]
HKU\S-1-5-21-3008372348-1538280282-1265933599-1000\...\MountPoints2: E - E:\sources\SetupError.exe x64
HKU\S-1-5-21-3008372348-1538280282-1265933599-1000\...\MountPoints2: {142e72f1-22a6-11df-a39d-00218671774a} - F:\AutoRun.exe
HKU\S-1-5-21-3008372348-1538280282-1265933599-1000\...\MountPoints2: {142e72f6-22a6-11df-a39d-00218671774a} - F:\AutoRun.exe
HKU\S-1-5-21-3008372348-1538280282-1265933599-1000\...\MountPoints2: {142e7312-22a6-11df-a39d-00218671774a} - F:\AutoRun.exe
HKU\S-1-5-21-3008372348-1538280282-1265933599-1000\...\MountPoints2: {209c666c-08cb-11df-ac78-00218671774a} - F:\Axesstel_Setup.exe
HKU\S-1-5-21-3008372348-1538280282-1265933599-1000\...\MountPoints2: {ece57178-9d8f-11df-b113-00218671774a} - F:\autorun.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB1F4E47B2C31CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.myplaycity.com/
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKCU - {47BC6059-0F35-4E8F-B296-49F0E262E4DD} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13906
SearchScopes: HKCU - {501DB8DD-2C6C-4277-B619-2720F4A316D6} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13906
SearchScopes: HKCU - {5BB4CFAF-BA33-444C-BF2D-380E7254BC2E} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13906
SearchScopes: HKCU - {6CF82D0E-88AD-6205-BC69-EBB0A35C4A0C} URL = http://ala.asksearch.com/s/?q={searchTe ... =2-208-0-0
SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://start.myplaycity.com/results.php ... earchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKCU - {A6834752-B3E4-41EC-B114-6EA33E9B02FC} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13906
SearchScopes: HKCU - {AA986F8D-552A-4CDB-9478-2FF8B92A1D9B} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13906
SearchScopes: HKCU - {B611CB64-0BB4-43FA-A891-C53626AF215F} URL = http://search.seznam.cz/?q={searchTerms ... arch_13906
SearchScopes: HKCU - {D3D06160-BBC5-4F9D-AD90-5D5A89C67D80} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13906
SearchScopes: HKCU - {D6F2C16D-8A4D-43FD-866B-D1C6EC455E5F} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13906
SearchScopes: HKCU - {D7B3E922-1C00-4129-B3DF-F00F4B9BA2EE} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13906
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: No Name - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
Toolbar: HKLM - No Name - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
Toolbar: HKLM - No Name - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No File
Toolbar: HKLM - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
Toolbar: HKLM - No Name - {25A3A431-30BB-47C8-AD6A-E1063801134F} - No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Fishdom%20H2O%20-%20Hidden%20Odyssey/Images/stg_drm.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.sun.com/update/1.5.0/ ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Fishdom%20H2O%20-%20Hidden%20Odyssey/Images/armhelper.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\23ncdmno.default
FF DefaultSearchEngine: Search Results
FF SearchEngineOrder.1: Search Results
FF SelectedSearchEngine: MyPlayCity
FF Homepage: hxxp://start.myplaycity.com/
FF Keyword.URL: hxxp://start.myplaycity.com/results.php?category=web&s=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\23ncdmno.default\searchplugins\myplaycity.xml
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\23ncdmno.default\searchplugins\Search_Results.xml
FF Extension: Seznam lištička - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\23ncdmno.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-04-17]
FF HKLM\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
FF HKLM\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: mpcstart
CHR DefaultSearchProvider: MyPlayCity
CHR DefaultSearchURL: http://start.myplaycity.com/results.php ... earchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Unity Player) - C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Extension: (Seznam Lištička - Email) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2013-04-24]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2013-04-06]
CHR Extension: (Peněženka Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2013-04-18]
========================== Services (Whitelisted) =================
R2 bgsvcgen; C:\Windows\system32\bgsvcgen.exe [139264 2009-11-28] (SOURCENEXT)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [229458 2010-03-23] (IDT, Inc.)
S3 ServiceLayer; "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe" [X]
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-04-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-04-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-04-30] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-04-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-05-15] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [56080 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-04-30] ()
S3 Axtmvflt; C:\Windows\System32\DRIVERS\Axtmvflt.sys [3456 2007-03-22] (Axesstel)
S3 Axtmvmdm; C:\Windows\System32\DRIVERS\Axtmvmdm.sys [40064 2007-03-26] (Axesstel)
S3 Axtmvprt; C:\Windows\System32\Drivers\Axtmvprt.sys [38784 2007-03-26] (Axesstel)
R1 cdrbsdrv; C:\Windows\system32\Drivers\cdrbsdrv.sys [38944 2009-11-28] (B.H.A Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
S1 prodrv06; C:\Windows\System32\drivers\prodrv06.sys [52128 2003-10-10] (Protection Technology)
S0 prohlp02; C:\Windows\System32\drivers\prohlp02.sys [62720 2003-10-10] (Protection Technology)
S0 prosync1; C:\Windows\System32\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology)
S0 sfhlp01; C:\Windows\System32\drivers\sfhlp01.sys [4832 2003-09-06] (Protection Technology)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-08-01] ()
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
U3 a9fgzwf5; No ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-04 17:27 - 2014-06-04 17:28 - 00016924 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-06-04 17:26 - 2014-06-04 17:27 - 00000000 ____D () C:\FRST
2014-06-04 17:24 - 2014-06-04 17:24 - 00112640 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2014-06-04 17:21 - 2014-06-04 17:21 - 01059840 _____ (Farbar) C:\Users\Admin\Desktop\FRST.exe
2014-06-04 16:55 - 2014-06-04 16:55 - 00000000 ____D () C:\Program Files\Google
2014-06-04 16:54 - 2014-06-04 16:55 - 00000000 ____D () C:\Users\Admin\AppData\Local\Deployment
2014-06-04 16:54 - 2014-06-04 16:54 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apps\2.0
2014-06-04 16:53 - 2012-01-04 11:03 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-06-04 16:53 - 2012-01-03 07:44 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-06-04 16:53 - 2011-06-16 06:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-06-04 16:53 - 2011-05-04 06:53 - 01553920 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-06-04 16:53 - 2011-05-04 06:52 - 01401856 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-06-04 16:53 - 2011-05-04 06:52 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-06-04 16:53 - 2011-05-04 06:52 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-06-04 16:53 - 2011-05-04 06:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-06-04 16:53 - 2011-05-04 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-06-04 16:53 - 2011-05-04 06:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-06-04 16:53 - 2011-05-04 06:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-06-04 16:53 - 2011-05-04 06:52 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-06-04 16:41 - 2011-04-22 21:36 - 00026496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-06-04 16:41 - 2011-03-25 05:06 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-06-04 16:41 - 2011-03-25 05:06 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-06-04 16:41 - 2011-03-25 05:06 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-06-04 16:41 - 2011-03-25 05:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-06-04 16:41 - 2011-03-25 05:06 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-06-04 16:41 - 2011-03-25 05:06 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-06-04 16:41 - 2011-03-25 05:06 - 00005888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-06-04 16:41 - 2011-03-12 13:31 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-06-04 16:35 - 2014-06-04 16:35 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-04 16:33 - 2014-06-04 16:33 - 00000000 ____D () C:\Program Files\VideoLAN
2014-06-04 14:32 - 2012-03-08 18:32 - 00039272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2014-06-04 14:31 - 2014-06-04 14:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-06-04 14:31 - 2014-06-04 14:31 - 00001222 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2014-06-04 14:31 - 2014-06-04 14:31 - 00000000 ____D () C:\Windows\cs
2014-06-04 14:30 - 2014-06-04 14:31 - 00001291 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2014-06-04 14:30 - 2014-06-04 14:30 - 00001375 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-06-04 14:30 - 2014-06-04 14:30 - 00000020 _____ () C:\Windows\ řg
2014-06-04 14:30 - 2014-06-04 14:30 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-06-04 14:29 - 2014-06-04 14:29 - 00002403 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-06-04 14:28 - 2014-06-04 14:32 - 00000000 ____D () C:\Program Files\Windows Live
2014-06-04 14:24 - 2014-06-04 16:20 - 00002088 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-04 14:24 - 2014-06-04 16:20 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-06-04 14:24 - 2014-06-04 16:20 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-04 14:24 - 2014-06-04 14:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\Windows Live
2014-06-04 14:24 - 2014-06-04 14:24 - 00000000 ____D () C:\Program Files\Common Files\Windows Live
2014-06-04 14:22 - 2010-04-09 09:24 - 00240008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-04 14:00 - 2014-06-04 14:12 - 00000000 ____D () C:\Windows\pss
2014-06-04 12:53 - 2014-06-04 12:54 - 94714880 _____ (AVAST Software) C:\Users\Admin\Downloads\avast_free_antivirus_setup.exe
2014-06-04 12:33 - 2014-06-04 12:34 - 03343796 _____ () C:\Users\Admin\Documents\záloha registru cc 4.6.14.reg
2014-06-04 12:30 - 2014-06-04 12:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-04 12:30 - 2014-06-04 12:30 - 00000940 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-04 12:30 - 2014-06-04 12:30 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-04 12:29 - 2014-06-04 12:30 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-04 12:29 - 2014-06-04 12:29 - 00000000 ____D () C:\Program Files\Adobe
2014-06-04 12:24 - 2014-06-04 12:24 - 00000000 ____D () C:\Program Files\PDFCreator
2014-06-04 12:24 - 2014-04-25 17:44 - 00095416 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2014-06-04 02:37 - 2014-06-04 09:09 - 00000000 ____D () C:\Users\Admin\Desktop\šablony
2014-06-02 20:05 - 2014-06-02 21:02 - 464414720 _____ () C:\Users\Admin\Downloads\Hra-o-trůny-S04E08-cz-tit..avi
2014-05-31 06:52 - 2014-05-31 06:52 - 00000840 _____ () C:\Users\Admin\Desktop\obrázky kvarta – zástupce.lnk
2014-05-31 05:47 - 2014-05-31 05:47 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-05-31 05:46 - 2014-06-02 20:05 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-05-31 05:46 - 2014-05-31 05:46 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-05-28 17:01 - 2014-05-28 17:01 - 01601592 _____ () C:\Users\Admin\Downloads\h_mcr_dosp.rar
2014-05-19 19:20 - 2014-05-19 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-19 19:19 - 2014-05-19 19:19 - 06957280 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\Silverlight.exe
2014-05-17 21:22 - 2014-06-04 00:23 - 00000000 ____D () C:\Users\Admin\Desktop\obrázky kvarta
2014-05-17 21:13 - 2014-06-04 06:54 - 00000000 ____D () C:\Users\Admin\Desktop\utilitárky kvarta1
2014-05-15 15:35 - 2014-06-04 16:33 - 00000999 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-05-15 13:10 - 2011-02-24 07:32 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-05-15 13:10 - 2011-02-18 07:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-05-10 21:28 - 2014-05-10 21:28 - 00015753 _____ () C:\Users\Admin\Downloads\[CzT]Captain_America_Navrat_prvniho_Avengera_Captain_America_The_Winter_Soldier_2014_TS_.torrent
2014-05-10 20:36 - 2014-05-10 20:36 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Apple Computer
2014-05-10 20:36 - 2014-05-10 20:36 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apple Computer
2014-05-10 20:34 - 2014-05-10 20:58 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-10 20:34 - 2014-05-10 20:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apple
2014-05-10 20:34 - 2014-05-10 20:34 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-05-10 20:33 - 2014-05-10 20:33 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-05-10 20:32 - 2014-05-10 20:33 - 00000000 ____D () C:\ProgramData\Apple
2014-05-10 20:28 - 2014-05-10 20:29 - 137699152 _____ (Apple Inc.) C:\Users\Admin\Downloads\iTunesSetup.exe
2014-05-07 17:16 - 2014-05-07 17:16 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-05-07 11:54 - 2014-05-07 11:54 - 00018255 _____ () C:\Users\Admin\Downloads\[CzT]Letadla_Planes_2013_CZ_.torrent
2014-05-07 11:54 - 2014-05-07 11:54 - 00017945 _____ () C:\Users\Admin\Downloads\[CzT]Ptaci_ulet_Free_Birds_2013_CZ_SK_.torrent
2014-05-07 11:54 - 2014-05-07 11:54 - 00017374 _____ () C:\Users\Admin\Downloads\[CzT]Turbo_2013_CZ_SK_.torrent
2014-05-07 11:53 - 2014-05-07 11:53 - 00018311 _____ () C:\Users\Admin\Downloads\[CzT]Zatazeno_obcas_trakare_2_Cloudy_with_a_Chance_of_Meatballs_2_2013_CZ_SK_.torrent
2014-05-07 11:53 - 2014-05-07 11:53 - 00016626 _____ () C:\Users\Admin\Downloads\[CzT]Ledove_kralovstvi_Frozen_2013_CZ_.torrent
==================== One Month Modified Files and Folders =======
2014-06-04 17:28 - 2014-06-04 17:27 - 00016924 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-06-04 17:28 - 2009-09-09 09:23 - 00000000 ____D () C:\Users\Admin\AppData\Local\Temp
2014-06-04 17:27 - 2014-06-04 17:26 - 00000000 ____D () C:\FRST
2014-06-04 17:24 - 2014-06-04 17:24 - 00112640 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2014-06-04 17:21 - 2014-06-04 17:21 - 01059840 _____ (Farbar) C:\Users\Admin\Desktop\FRST.exe
2014-06-04 17:20 - 2009-07-14 06:34 - 00010208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-04 17:20 - 2009-07-14 06:34 - 00010208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-04 17:17 - 2009-09-09 09:15 - 01843606 _____ () C:\Windows\WindowsUpdate.log
2014-06-04 17:12 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2014-06-04 17:10 - 2009-12-12 00:25 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-04 17:03 - 2009-09-09 16:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-04 17:03 - 2009-09-09 16:47 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-04 17:03 - 2009-07-14 04:04 - 00000478 _____ () C:\Windows\win.ini
2014-06-04 17:00 - 2009-12-12 00:25 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-04 16:59 - 2014-01-02 21:37 - 00016418 _____ () C:\Windows\setupact.log
2014-06-04 16:59 - 2011-09-24 09:27 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-06-04 16:59 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-04 16:58 - 2014-01-02 21:36 - 00341690 _____ () C:\Windows\PFRO.log
2014-06-04 16:56 - 2009-12-12 00:27 - 00002176 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-04 16:55 - 2014-06-04 16:55 - 00000000 ____D () C:\Program Files\Google
2014-06-04 16:55 - 2014-06-04 16:54 - 00000000 ____D () C:\Users\Admin\AppData\Local\Deployment
2014-06-04 16:54 - 2014-06-04 16:54 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apps\2.0
2014-06-04 16:45 - 2009-07-14 06:33 - 01752688 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-04 16:36 - 2013-05-01 18:10 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-04 16:35 - 2014-06-04 16:35 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-04 16:33 - 2014-06-04 16:33 - 00000000 ____D () C:\Program Files\VideoLAN
2014-06-04 16:33 - 2014-05-15 15:35 - 00000999 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-04 16:20 - 2014-06-04 14:24 - 00002088 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-04 16:20 - 2014-06-04 14:24 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-06-04 16:20 - 2014-06-04 14:24 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-04 14:39 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-04 14:32 - 2014-06-04 14:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-06-04 14:32 - 2014-06-04 14:28 - 00000000 ____D () C:\Program Files\Windows Live
2014-06-04 14:31 - 2014-06-04 14:31 - 00001222 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2014-06-04 14:31 - 2014-06-04 14:31 - 00000000 ____D () C:\Windows\cs
2014-06-04 14:31 - 2014-06-04 14:30 - 00001291 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2014-06-04 14:30 - 2014-06-04 14:30 - 00001375 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-06-04 14:30 - 2014-06-04 14:30 - 00000020 _____ () C:\Windows\ řg
2014-06-04 14:30 - 2014-06-04 14:30 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-06-04 14:29 - 2014-06-04 14:29 - 00002403 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-06-04 14:28 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-04 14:24 - 2014-06-04 14:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\Windows Live
2014-06-04 14:24 - 2014-06-04 14:24 - 00000000 ____D () C:\Program Files\Common Files\Windows Live
2014-06-04 14:12 - 2014-06-04 14:00 - 00000000 ____D () C:\Windows\pss
2014-06-04 14:06 - 2011-10-11 21:10 - 00931328 ___SH () C:\Users\Admin\Desktop\Thumbs.db
2014-06-04 12:54 - 2014-06-04 12:53 - 94714880 _____ (AVAST Software) C:\Users\Admin\Downloads\avast_free_antivirus_setup.exe
2014-06-04 12:34 - 2014-06-04 12:33 - 03343796 _____ () C:\Users\Admin\Documents\záloha registru cc 4.6.14.reg
2014-06-04 12:30 - 2014-06-04 12:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-04 12:30 - 2014-06-04 12:30 - 00000940 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-04 12:30 - 2014-06-04 12:30 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-04 12:30 - 2014-06-04 12:29 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-04 12:29 - 2014-06-04 12:29 - 00000000 ____D () C:\Program Files\Adobe
2014-06-04 12:29 - 2009-09-09 13:46 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-04 12:24 - 2014-06-04 12:24 - 00000000 ____D () C:\Program Files\PDFCreator
2014-06-04 12:24 - 2014-04-28 05:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-06-04 09:09 - 2014-06-04 02:37 - 00000000 ____D () C:\Users\Admin\Desktop\šablony
2014-06-04 06:54 - 2014-05-17 21:13 - 00000000 ____D () C:\Users\Admin\Desktop\utilitárky kvarta1
2014-06-04 06:50 - 2009-09-09 10:24 - 01585934 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-04 02:15 - 2009-09-09 13:02 - 00108824 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-04 01:48 - 2014-03-12 05:33 - 00000000 ____D () C:\Users\Admin\Desktop\utilitárky septima 1314
2014-06-04 00:23 - 2014-05-17 21:22 - 00000000 ____D () C:\Users\Admin\Desktop\obrázky kvarta
2014-06-02 21:32 - 2009-09-09 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-06-02 21:02 - 2014-06-02 20:05 - 464414720 _____ () C:\Users\Admin\Downloads\Hra-o-trůny-S04E08-cz-tit..avi
2014-06-02 20:07 - 2009-09-09 16:52 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-06-02 20:05 - 2014-05-31 05:46 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-06-02 20:05 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-06-02 19:49 - 2012-08-24 19:12 - 00000000 ____D () C:\Program Files\Java
2014-06-02 19:49 - 2009-10-27 11:16 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-06-02 19:49 - 2009-09-09 13:12 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-05-31 06:52 - 2014-05-31 06:52 - 00000840 _____ () C:\Users\Admin\Desktop\obrázky kvarta – zástupce.lnk
2014-05-31 05:47 - 2014-05-31 05:47 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-05-31 05:47 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-31 05:46 - 2014-05-31 05:46 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-05-31 05:30 - 2009-09-09 22:16 - 00000000 ____D () C:\Program Files\Common Files\Nokia
2014-05-31 05:30 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-05-31 05:29 - 2012-01-14 12:50 - 00000000 ____D () C:\Program Files\Scan Assistant
2014-05-31 05:29 - 2010-09-26 13:12 - 00000000 ___RD () C:\Program Files\Skype
2014-05-31 05:29 - 2010-07-23 22:02 - 00000000 ____D () C:\Program Files\PC Connectivity Solution
2014-05-31 05:29 - 2010-02-26 13:09 - 00000000 ____D () C:\Program Files\O2 Mobilni internet
2014-05-31 05:29 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-05-28 17:01 - 2014-05-28 17:01 - 01601592 _____ () C:\Users\Admin\Downloads\h_mcr_dosp.rar
2014-05-23 15:48 - 2014-03-12 05:29 - 00000000 ____D () C:\Users\Admin\Desktop\utilitárky septima 1213
2014-05-19 19:20 - 2014-05-19 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-19 19:19 - 2014-05-19 19:19 - 06957280 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\Silverlight.exe
2014-05-18 17:21 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-15 16:25 - 2010-02-06 23:37 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2014-05-15 15:35 - 2010-02-06 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-05-15 13:19 - 2013-07-18 19:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 13:11 - 2009-09-09 10:32 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 11:52 - 2014-01-02 18:24 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 11:52 - 2011-08-27 12:57 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 11:52 - 2011-08-27 12:57 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-15 10:36 - 2012-04-01 15:44 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-15 10:36 - 2011-08-27 13:06 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-10 21:28 - 2014-05-10 21:28 - 00015753 _____ () C:\Users\Admin\Downloads\[CzT]Captain_America_Navrat_prvniho_Avengera_Captain_America_The_Winter_Soldier_2014_TS_.torrent
2014-05-10 20:58 - 2014-05-10 20:34 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-10 20:36 - 2014-05-10 20:36 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Apple Computer
2014-05-10 20:36 - 2014-05-10 20:36 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apple Computer
2014-05-10 20:34 - 2014-05-10 20:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apple
2014-05-10 20:34 - 2014-05-10 20:34 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-05-10 20:33 - 2014-05-10 20:33 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-05-10 20:33 - 2014-05-10 20:32 - 00000000 ____D () C:\ProgramData\Apple
2014-05-10 20:29 - 2014-05-10 20:28 - 137699152 _____ (Apple Inc.) C:\Users\Admin\Downloads\iTunesSetup.exe
2014-05-07 17:16 - 2014-05-07 17:16 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-05-07 11:54 - 2014-05-07 11:54 - 00018255 _____ () C:\Users\Admin\Downloads\[CzT]Letadla_Planes_2013_CZ_.torrent
2014-05-07 11:54 - 2014-05-07 11:54 - 00017945 _____ () C:\Users\Admin\Downloads\[CzT]Ptaci_ulet_Free_Birds_2013_CZ_SK_.torrent
2014-05-07 11:54 - 2014-05-07 11:54 - 00017374 _____ () C:\Users\Admin\Downloads\[CzT]Turbo_2013_CZ_SK_.torrent
2014-05-07 11:53 - 2014-05-07 11:53 - 00018311 _____ () C:\Users\Admin\Downloads\[CzT]Zatazeno_obcas_trakare_2_Cloudy_with_a_Chance_of_Meatballs_2_2013_CZ_SK_.torrent
2014-05-07 11:53 - 2014-05-07 11:53 - 00016626 _____ () C:\Users\Admin\Downloads\[CzT]Ledove_kralovstvi_Frozen_2013_CZ_.torrent
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\NEventMessages.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:9B7E8561
AlternateDataStreams: C:\ProgramData\TEMP:AB1003B3
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Admin\Desktop" je 947 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
