Preventivka Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Preventivka

Příspěvekod jaro3 » 04 úno 2015 18:49

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)


Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Reklama
Top
Uživatelský avatar
rhsCZ
Level 4
Level 4
Příspěvky: 1395
Registrován: červen 13
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele rhsCZ

Re: Preventivka

Příspěvekod rhsCZ » 04 úno 2015 19:15

k tomu testsigning dole(obvykle to nemá být zaplé) to mám zaplé protože 64 bit Win toto vyžaduje pro funkčnost nepodepsaných driverů jedná se konkrétně MotionJoy program pro správnou funkčnost gamepadu DualShocku3 pro PS3

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2015
Ran by rhsCZ (administrator) on RHSCZ-NTB on 04-02-2015 19:03:11
Running from C:\Users\rhsCZ\Desktop\HJT+ost
Loaded Profiles: rhsCZ (Available profiles: rhsCZ)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Quick And Easy Software) C:\Program Files (x86)\USB_Disk_Eject.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(wj32) C:\Program Files\Process Hacker 2\ProcessHacker.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-06-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216064 2014-01-06] (Realtek Semiconductor Corporation)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-08-13] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-08-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-08-13] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2014-10-08] (Power Software Ltd)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe [2089056 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\Run: [Process Hacker 2] => C:\Program Files\Process Hacker 2\ProcessHacker.exe [1448280 2013-12-22] (wj32)
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-12-22] (Glarysoft Ltd)
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40688 2015-01-15] (Overwolf LTD)
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\Run: [xNeat Clipboard Manager] => C:\Program Files (x86)\xNeat Application Builder\xNeatClipMngr.exe
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AMD Catalyst Control Center.lnk
ShortcutTarget: AMD Catalyst Control Center.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\USB_Disk_Eject.lnk
ShortcutTarget: USB_Disk_Eject.lnk -> C:\Program Files (x86)\USB_Disk_Eject.exe (Quick And Easy Software)
Startup: C:\Users\rhsCZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mozilla thunderbird.lnk
ShortcutTarget: mozilla thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL No File
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://lenovo13.msn.com/?pc=LCJB
http://www.lenovo.com
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1433280961-3815244573-1026450080-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{29ED7D3D-23D5-491F-90AC-683132DEB0D1}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{66C95BCB-D4FE-46E8-AAA6-84B2D4596E36}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\rhsCZ\AppData\Roaming\Mozilla\Firefox\Profiles\y51w03hn.default
FF Homepage: about:home
FF NetworkProxy: "backup.ftp", "212.175.88.15"
FF NetworkProxy: "backup.ftp_port", 8080
FF NetworkProxy: "backup.socks", "212.175.88.15"
FF NetworkProxy: "backup.socks_port", 8080
FF NetworkProxy: "backup.ssl", "212.175.88.15"
FF NetworkProxy: "backup.ssl_port", 8080
FF NetworkProxy: "ftp", "86.122.124.11"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "86.122.124.11"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "86.122.124.11"
FF NetworkProxy: "ssl_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1433280961-3815244573-1026450080-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\rhsCZ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Advanced Cookie Manager - C:\Users\rhsCZ\AppData\Roaming\Mozilla\Firefox\Profiles\y51w03hn.default\Extensions\cookiemgr@jayapal.com [2014-12-28]
FF Extension: LastPass - C:\Users\rhsCZ\AppData\Roaming\Mozilla\Firefox\Profiles\y51w03hn.default\Extensions\support@lastpass.com [2015-01-18]
FF Extension: Widevine Media Optimizer - C:\Users\rhsCZ\AppData\Roaming\Mozilla\Firefox\Profiles\y51w03hn.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2014-12-28]
FF Extension: AVG Do Not Track - C:\Users\rhsCZ\AppData\Roaming\Mozilla\Firefox\Profiles\y51w03hn.default\Extensions\{F53C93F1-07D5-430c-86D4-C9531B27DFAF} [2014-12-28]
FF Extension: YouTube HD - C:\Users\rhsCZ\AppData\Roaming\Mozilla\Firefox\Profiles\y51w03hn.default\Extensions\jid0-HbNL9qqBkuuKRhJ9ncTonCky1HU@jetpack.xpi [2014-12-28]
FF Extension: RAMBack - C:\Users\rhsCZ\AppData\Roaming\Mozilla\Firefox\Profiles\y51w03hn.default\Extensions\ramback@pavlov.net.xpi [2014-12-28]
FF Extension: User Style Manager - C:\Users\rhsCZ\AppData\Roaming\Mozilla\Firefox\Profiles\y51w03hn.default\Extensions\UserStyleManager@girishsharma.xpi [2014-12-28]
FF Extension: Adblock Plus - C:\Users\rhsCZ\AppData\Roaming\Mozilla\Firefox\Profiles\y51w03hn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-28]
FF Extension: Greasemonkey - C:\Users\rhsCZ\AppData\Roaming\Mozilla\Firefox\Profiles\y51w03hn.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-12-28]
FF Extension: User Agent Switcher - C:\Users\rhsCZ\AppData\Roaming\Mozilla\Firefox\Profiles\y51w03hn.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2014-12-28]
FF HKLM-x32\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager plugin - C:\Program Files (x86)\Free Download Manager\Firefox\Extension [2015-01-26]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\rhsCZ\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\rhsCZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-28]
CHR Extension: (Dokumenty Google) - C:\Users\rhsCZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-28]
CHR Extension: (Disk Google) - C:\Users\rhsCZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-28]
CHR Extension: (YouTube) - C:\Users\rhsCZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-28]
CHR Extension: (APK Downloader) - C:\Users\rhsCZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgihflhdpokeobcfimliamffejfnmfii [2015-01-18]
CHR Extension: (Vyhledávání Google) - C:\Users\rhsCZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-28]
CHR Extension: (Tabulky Google) - C:\Users\rhsCZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-28]
CHR Extension: (Authy Chrome Extension) - C:\Users\rhsCZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhgenkpocbhhddlgkjnfghpjanffonno [2014-12-29]
CHR Extension: (Authy) - C:\Users\rhsCZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2014-12-29]
CHR Extension: (Peněženka Google) - C:\Users\rhsCZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-28]
CHR Extension: (Gmail) - C:\Users\rhsCZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1486664 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [84992 2014-01-22] () [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R3 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
S3 ews-dbserver; C:\Program Files (x86)\EasyPHP-Webserver-14.1b2\binaries\dbserver\bin\ews-mysqld.exe [10958848 2014-05-06] () [File not signed]
S3 ews-httpserver; C:\Program Files (x86)\EasyPHP-Webserver-14.1b2\binaries\httpserver\bin\ews-httpd.exe [20992 2014-07-19] (Apache Software Foundation) [File not signed]
S3 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2013-03-19] (Firebird Project) [File not signed]
S3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3784704 2013-03-19] (Firebird Project) [File not signed]
S3 hMailServer; C:\Program Files (x86)\hMailServer\Bin\hMailServer.exe [5065728 2014-10-15] (hMailServer) [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
S3 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
S3 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-13] (Lenovo(beijing) Limited)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2635552 2015-01-30] (IObit)
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)
S3 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-03] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-01-15] (Overwolf LTD)
S3 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-08-13] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-08-13] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S4 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2014-08-13] ()
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-10-28] (WiseCleaner.com)
S2 PnkBstrA; No ImagePath
S2 SAService; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\windows\system32\drivers\amdacpksd.sys [294600 2014-11-21] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
S2 AODDriver4.1; No ImagePath
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [52000 2014-12-28] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R1 GUBootStartup; C:\windows\System32\drivers\GUBootStartup.sys [20160 2014-12-29] (Glarysoft Ltd)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-01-20] (LogMeIn Inc.)
R1 HWiNFO32; C:\windows\system32\drivers\HWiNFO64A.SYS [26528 2015-01-03] (REALiX(tm))
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36944 2014-03-04] (IObit)
R4 KProcessHacker2; C:\Program Files\Process Hacker 2\kprocesshacker.sys [39576 2013-11-13] (wj32)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-04-12] (Realtek Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3410136 2014-04-11] (Realtek Semiconductor Corporation )
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]
U4 CmdAgent; No ImagePath
U3 DfSdkS; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

„Zeptáš-li se, budeš 5 minut vypadat jako blbec. Nezeptáš-li se, budeš blbcem po celý život.“
„Mnozí z těch, co žijí, by zasluhovali smrt. A mnozí z těch, co zemřeli, by si zasloužili žít.“ - John Ronald Reuel Tolkien
„Je lepší být nenáviděn pro to, jaký jsi, než být milován pro to, co nejsi.“ - Kurt Cobain
https://rhscz.eu
https://github.com/rhsCZ
Nahoru
Uživatelský avatar
rhsCZ
Level 4
Level 4
Příspěvky: 1395
Registrován: červen 13
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele rhsCZ

Re: Preventivka

Příspěvekod rhsCZ » 04 úno 2015 19:19

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-04 19:03 - 2015-02-04 19:03 - 00000000 ____D () C:\FRST
2015-02-04 18:51 - 2015-02-04 18:55 - 00000000 ____D () C:\Users\rhsCZ\Downloads\Don't Starve
2015-02-04 18:51 - 2015-02-04 18:51 - 00014693 _____ () C:\Users\rhsCZ\Downloads\[kickass.so]dont.starve.latest.with.reign.of.giants.dlc.gog.torrent
2015-02-04 18:17 - 2015-02-04 18:18 - 04940808 _____ () C:\Users\rhsCZ\Downloads\Dont_Starve_MP.rar
2015-02-04 18:16 - 2015-02-04 18:16 - 00000000 ____D () C:\Users\rhsCZ\Documents\Klei
2015-02-04 18:12 - 2015-02-04 18:12 - 00001761 _____ () C:\Users\Public\Desktop\Don't Starve.lnk
2015-02-04 18:12 - 2015-02-04 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Don't Starve [GOG.com]
2015-02-04 18:11 - 2015-02-04 18:18 - 00000000 ____D () C:\GOG Games
2015-02-04 18:09 - 2015-02-04 18:09 - 00000000 ____D () C:\Users\rhsCZ\Downloads\Dont Starve
2015-02-04 18:08 - 2015-02-04 18:08 - 00017179 _____ () C:\Users\rhsCZ\Downloads\[CzT]Dont_Starve_2_1_0_9_2013_.torrent
2015-02-04 14:35 - 2015-02-04 14:35 - 00000000 ____D () C:\Users\rhsCZ\Downloads\American sniper
2015-02-04 14:32 - 2015-02-04 14:32 - 00016310 _____ () C:\Users\rhsCZ\Downloads\[CzT]Americky_sniper_American_Sniper_2014_DVDScr_.torrent
2015-02-04 12:29 - 2015-02-04 12:29 - 02452808 _____ (Skillbrains ) C:\Users\rhsCZ\Downloads\setup-lightshot(1).exe
2015-02-04 12:22 - 2015-02-04 12:29 - 989706594 ____R () C:\Users\rhsCZ\Downloads\Birdman 2014 cz titulky.mkv
2015-02-04 12:22 - 2015-02-04 12:22 - 00019538 _____ () C:\Users\rhsCZ\Downloads\[CzT]Birdman_2014_.torrent
2015-02-04 11:10 - 2015-02-04 11:10 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\Adobe
2015-02-04 10:49 - 2015-02-04 18:04 - 00002176 _____ () C:\Users\rhsCZ\AppData\Local\BTServer.log
2015-02-04 10:49 - 2015-02-04 10:21 - 00024064 _____ () C:\windows\zoek-delete.exe
2015-02-04 10:24 - 2015-02-04 10:51 - 00012632 _____ () C:\zoek-results.log
2015-02-04 10:21 - 2015-02-04 10:44 - 00000000 ____D () C:\zoek_backup
2015-02-03 22:53 - 2015-02-04 10:06 - 00037624 _____ () C:\windows\system32\Drivers\TrueSight.sys
2015-02-03 22:53 - 2015-02-03 22:53 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-02-03 22:32 - 2015-02-03 22:32 - 00001239 _____ () C:\Users\rhsCZ\Desktop\JRT.txt
2015-02-03 18:37 - 2015-02-03 18:37 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2015-02-03 18:37 - 2015-02-03 18:37 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2015-02-03 15:23 - 2015-02-03 22:23 - 00000000 ____D () C:\AdwCleaner
2015-02-03 14:11 - 2015-02-03 14:11 - 00893594 _____ () C:\Users\rhsCZ\Downloads\OptiFine_1.8.1_HD_U_C7.jar
2015-02-03 14:04 - 2015-02-03 14:04 - 00090895 _____ () C:\Users\rhsCZ\Downloads\TooManyItems2014_09_07_1.8.zip
2015-02-03 14:02 - 2015-02-03 01:48 - 00000000 ____D () C:\Users\rhsCZ\Downloads\mcedit2-2.0.0-alpha1-win-amd64
2015-02-03 14:00 - 2015-02-03 14:01 - 36914207 _____ (Igor Pavlov) C:\Users\rhsCZ\Downloads\mcedit2-2.0.0-alpha1-win-amd64.exe
2015-02-03 13:09 - 2015-02-03 13:10 - 00004096 ____H () C:\Users\Public\Documents\bootracer.his
2015-02-03 13:06 - 2015-02-03 13:12 - 00000902 ____H () C:\Users\Public\Documents\bootracer.ini
2015-02-03 13:06 - 2015-02-03 13:11 - 00044305 ____H () C:\Users\Public\Documents\bootracer.log
2015-02-03 13:06 - 2015-02-03 13:06 - 04669510 _____ () C:\Users\rhsCZ\Downloads\bootracer_free.zip
2015-02-03 10:53 - 2015-02-04 19:03 - 00000000 ____D () C:\Users\rhsCZ\Desktop\HJT+ost
2015-02-03 10:44 - 2015-02-03 10:44 - 00707354 _____ () C:\windows\unins000.exe
2015-02-03 10:44 - 2015-02-03 10:44 - 00001532 _____ () C:\windows\unins000.dat
2015-02-03 10:44 - 2015-02-03 10:44 - 00000000 ____D () C:\windows\SysWOW64\GPBAK
2015-02-03 10:44 - 2008-04-14 02:11 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\appmgr.dll
2015-02-03 10:44 - 2001-08-23 13:00 - 00034871 _____ () C:\windows\SysWOW64\gpedit.msc
2015-02-03 10:43 - 2015-02-03 10:43 - 00876313 _____ () C:\Users\rhsCZ\Downloads\GPEI.zip
2015-02-03 09:46 - 2015-02-03 09:46 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\ESN
2015-02-03 09:44 - 2015-02-03 09:44 - 01533584 _____ () C:\Users\rhsCZ\Downloads\battlelog-web-plugins_2.6.2_157.exe
2015-02-02 18:03 - 2015-02-02 18:03 - 00001081 _____ () C:\Users\Public\Desktop\Mafia 2 Multiplayer.lnk
2015-02-02 18:03 - 2015-02-02 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia 2 Multiplayer
2015-02-02 18:03 - 2015-02-02 18:03 - 00000000 ____D () C:\Program Files (x86)\Mafia 2 Multiplayer
2015-02-02 18:01 - 2015-02-02 18:01 - 28527304 _____ () C:\Users\rhsCZ\Downloads\m2mp-01b-rc2-1.exe
2015-02-02 17:08 - 2015-02-02 17:08 - 00002083 _____ () C:\Users\rhsCZ\Desktop\MAFIA II .lnk
2015-02-02 10:26 - 2015-02-02 10:26 - 00038150 _____ () C:\Users\rhsCZ\Downloads\[CzT]Mafia_II_Special_Extended_Edition_CZ_2_DVD_.torrent
2015-02-01 20:39 - 2015-02-01 20:39 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-02-01 20:39 - 2015-02-01 20:39 - 00002107 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-02-01 20:39 - 2015-02-01 20:39 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Thunderbird
2015-02-01 20:39 - 2015-02-01 20:39 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\Thunderbird
2015-02-01 20:39 - 2015-02-01 20:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-02-01 20:38 - 2015-02-01 20:38 - 28763032 _____ (Mozilla) C:\Users\rhsCZ\Downloads\Thunderbird Setup 31.4.0.exe
2015-02-01 18:05 - 2015-02-01 18:06 - 51541407 _____ () C:\Users\rhsCZ\Downloads\UMS-5.0.0-Java7.exe
2015-02-01 15:37 - 2015-02-01 16:23 - 1644402688 ____R () C:\Users\rhsCZ\Downloads\Kovbojové a vetřelci (2011).avi
2015-02-01 15:37 - 2015-02-01 15:37 - 00016257 _____ () C:\Users\rhsCZ\Downloads\[CzT]Kovbojove_a_vetrelci_Cowboys_Aliens_2011_.torrent
2015-01-31 19:24 - 2015-01-31 19:24 - 00001542 _____ () C:\Users\rhsCZ\Desktop\Counter-Strike 1.6 NS.lnk
2015-01-31 19:19 - 2015-01-31 19:22 - 30181573 _____ (Kotel) C:\Users\rhsCZ\Downloads\CS-1.6-patch-v42.exe
2015-01-31 19:13 - 2015-01-31 19:13 - 00001575 _____ () C:\Users\rhsCZ\Desktop\Counter-Strike 1.6.lnk
2015-01-31 19:13 - 2015-01-31 19:13 - 00001521 _____ () C:\Users\rhsCZ\Desktop\Half-Life.lnk
2015-01-31 19:13 - 2015-01-31 19:13 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2015-01-31 19:12 - 2015-01-31 19:44 - 00000000 ____D () C:\Counter-Strike 1.6
2015-01-31 19:06 - 2015-01-31 19:06 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\AMD
2015-01-31 18:03 - 2015-01-31 18:03 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-01-31 18:03 - 2014-02-17 09:23 - 00060640 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\usbfilter.sys
2015-01-31 17:59 - 2015-01-31 17:59 - 00000000 ____D () C:\ProgramData\ATI
2015-01-31 17:56 - 2015-01-31 17:56 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\library_dir
2015-01-31 17:55 - 2015-01-31 18:19 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Raptr
2015-01-31 17:55 - 2015-01-31 17:55 - 00063792 _____ () C:\windows\SysWOW64\CCCInstall_201501311755414313.log
2015-01-31 17:55 - 2015-01-31 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-31 17:55 - 2015-01-31 17:55 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2015-01-31 17:53 - 2015-01-31 17:55 - 243578488 _____ (Lenovo Group Limited ) C:\Users\rhsCZ\Downloads\39z4030f.exe
2015-01-31 17:50 - 2015-01-31 17:55 - 00000000 ____D () C:\Program Files\AMD
2015-01-31 17:49 - 2014-11-21 03:44 - 11076784 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atidxx64.dll
2015-01-31 17:49 - 2014-11-21 03:44 - 09401480 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atidxx32.dll
2015-01-31 17:49 - 2014-11-21 03:44 - 01348928 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\aticfx64.dll
2015-01-31 17:49 - 2014-11-21 03:44 - 01127496 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\aticfx32.dll
2015-01-31 17:49 - 2014-11-21 03:44 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiuxp64.dll
2015-01-31 17:49 - 2014-11-21 03:44 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdhcp64.dll
2015-01-31 17:49 - 2014-11-21 03:44 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiuxpag.dll
2015-01-31 17:49 - 2014-11-21 03:44 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdhcp32.dll
2015-01-31 17:49 - 2014-11-21 03:44 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiu9p64.dll
2015-01-31 17:49 - 2014-11-21 03:44 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiu9pag.dll
2015-01-31 17:49 - 2014-11-21 03:44 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atimpc64.dll
2015-01-31 17:49 - 2014-11-21 03:44 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdpcom64.dll
2015-01-31 17:49 - 2014-11-21 03:44 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atimpc32.dll
2015-01-31 17:49 - 2014-11-21 03:44 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdpcom32.dll
2015-01-31 17:49 - 2014-11-21 03:43 - 08379720 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd6a.dll
2015-01-31 17:49 - 2014-11-21 03:43 - 08369408 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd64.dll
2015-01-31 17:49 - 2014-11-21 03:43 - 07558816 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdva.dll
2015-01-31 17:49 - 2014-11-21 03:43 - 07077776 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdag.dll
2015-01-31 17:49 - 2014-11-21 03:41 - 00294600 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdacpksd.sys
2015-01-31 17:49 - 2014-11-21 03:40 - 18959360 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmdag.sys
2015-01-31 17:49 - 2014-11-21 03:35 - 02433024 _____ () C:\windows\system32\hsaservices64.dll
2015-01-31 17:49 - 2014-11-21 03:35 - 01947136 _____ () C:\windows\SysWOW64\hsaservices.dll
2015-01-31 17:49 - 2014-11-21 03:35 - 00461312 _____ () C:\windows\system32\newhsacore64.dll
2015-01-31 17:49 - 2014-11-21 03:35 - 00088064 _____ () C:\windows\system32\hsaumd64.dll
2015-01-31 17:49 - 2014-11-21 03:35 - 00073216 _____ () C:\windows\SysWOW64\hsaumd.dll
2015-01-31 17:49 - 2014-11-21 03:34 - 00392192 _____ () C:\windows\SysWOW64\newhsacore.dll
2015-01-31 17:49 - 2014-11-21 03:33 - 00235008 _____ () C:\windows\system32\clinfo.exe
2015-01-31 17:49 - 2014-11-21 03:33 - 00098816 _____ (Advanced Micro Devices Inc.) C:\windows\system32\OpenVideo64.dll
2015-01-31 17:49 - 2014-11-21 03:33 - 00086528 _____ (Advanced Micro Devices Inc.) C:\windows\system32\OVDecode64.dll
2015-01-31 17:49 - 2014-11-21 03:33 - 00083456 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\OpenVideo.dll
2015-01-31 17:49 - 2014-11-21 03:33 - 00073216 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\OVDecode.dll
2015-01-31 17:49 - 2014-11-21 03:32 - 40987136 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\amdocl.dll
2015-01-31 17:49 - 2014-11-21 03:32 - 37005824 _____ (Advanced Micro Devices Inc.) C:\windows\system32\amdhsacl64.dll
2015-01-31 17:49 - 2014-11-21 03:32 - 29960192 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\amdhsacl.dll
2015-01-31 17:49 - 2014-11-21 03:31 - 00442368 _____ () C:\windows\system32\amdmiracast.dll
2015-01-31 17:49 - 2014-11-21 03:31 - 00058880 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2015-01-31 17:49 - 2014-11-21 03:29 - 07915520 _____ (Advanced Micro Devices Inc.) C:\windows\system32\amdhsasc64.dll
2015-01-31 17:49 - 2014-11-21 03:29 - 06375936 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\amdhsasc.dll
2015-01-31 17:49 - 2014-11-21 03:25 - 00134656 _____ () C:\windows\system32\amdhdl64.dll
2015-01-31 17:49 - 2014-11-21 03:25 - 00123392 _____ () C:\windows\SysWOW64\amdhdl32.dll
2015-01-31 17:49 - 2014-11-21 03:24 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atio6axx.dll
2015-01-31 17:49 - 2014-11-21 03:19 - 23621632 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atioglxx.dll
2015-01-31 17:49 - 2014-11-21 03:19 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmmcl6.dll
2015-01-31 17:49 - 2014-11-21 03:19 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmmcl.dll
2015-01-31 17:49 - 2014-11-21 03:18 - 05837312 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmantle64.dll
2015-01-31 17:49 - 2014-11-21 03:18 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantle64.dll
2015-01-31 17:49 - 2014-11-21 03:18 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantle32.dll
2015-01-31 17:49 - 2014-11-21 03:17 - 03437632 _____ () C:\windows\system32\atiumd6a.cap
2015-01-31 17:49 - 2014-11-21 03:17 - 00631912 _____ () C:\windows\SysWOW64\atiapfxx.blb
2015-01-31 17:49 - 2014-11-21 03:17 - 00631912 _____ () C:\windows\system32\atiapfxx.blb
2015-01-31 17:49 - 2014-11-21 03:17 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiapfxx.exe
2015-01-31 17:49 - 2014-11-21 03:17 - 00062464 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalrt64.dll
2015-01-31 17:49 - 2014-11-21 03:17 - 00052224 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalrt.dll
2015-01-31 17:49 - 2014-11-21 03:16 - 15716352 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticaldd64.dll
2015-01-31 17:49 - 2014-11-21 03:16 - 14302208 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticaldd.dll
2015-01-31 17:49 - 2014-11-21 03:16 - 00055808 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalcl64.dll
2015-01-31 17:49 - 2014-11-21 03:16 - 00049152 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalcl.dll
2015-01-31 17:49 - 2014-11-21 03:15 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmantle32.dll
2015-01-31 17:49 - 2014-11-21 03:13 - 03471376 _____ () C:\windows\SysWOW64\atiumdva.cap
2015-01-31 17:49 - 2014-11-21 03:13 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantleaxl64.dll
2015-01-31 17:49 - 2014-11-21 03:13 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantleaxl32.dll
2015-01-31 17:49 - 2014-11-21 03:12 - 00774656 _____ (AMD) C:\windows\system32\atieclxx.exe
2015-01-31 17:49 - 2014-11-21 03:12 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atidemgy.dll
2015-01-31 17:49 - 2014-11-21 03:12 - 00244736 _____ (AMD) C:\windows\system32\atiesrxx.exe
2015-01-31 17:49 - 2014-11-21 03:12 - 00190976 _____ (AMD) C:\windows\system32\atitmm64.dll
2015-01-31 17:49 - 2014-11-21 03:12 - 00031232 _____ (AMD) C:\windows\system32\atimuixx.dll
2015-01-31 17:49 - 2014-11-21 03:10 - 00843776 _____ (AMD) C:\windows\system32\coinst_14.50.dll
2015-01-31 17:49 - 2014-11-21 03:09 - 01214976 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiadlxx.dll
2015-01-31 17:49 - 2014-11-21 03:09 - 00903168 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxy.dll
2015-01-31 17:49 - 2014-11-21 03:09 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdave64.dll
2015-01-31 17:49 - 2014-11-21 03:09 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdave32.dll
2015-01-31 17:49 - 2014-11-21 03:09 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atisamu64.dll
2015-01-31 17:49 - 2014-11-21 03:09 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atisamu32.dll
2015-01-31 17:49 - 2014-11-21 03:09 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6pxx.dll
2015-01-31 17:49 - 2014-11-21 03:09 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiglpxx.dll
2015-01-31 17:49 - 2014-11-21 03:09 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiglpxx.dll
2015-01-31 17:49 - 2014-11-21 03:08 - 00589312 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmpag.sys
2015-01-31 17:49 - 2014-11-21 03:08 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6txx.dll
2015-01-31 17:49 - 2014-11-21 03:08 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atigktxx.dll
2015-01-31 17:49 - 2014-11-21 03:08 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\ati2erec.dll
2015-01-31 17:49 - 2014-10-28 00:46 - 00062152 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\amdkmpfd.sys
2015-01-31 17:49 - 2014-09-24 07:36 - 00765851 _____ () C:\windows\system32\amdicdxx.dat
2015-01-31 17:49 - 2014-09-18 17:22 - 00238144 _____ () C:\windows\system32\ativvaxy_cz_nd.dat
2015-01-31 17:49 - 2014-09-03 20:26 - 00323252 _____ () C:\windows\system32\ativvaxy_vi.dat
2015-01-31 17:49 - 2014-09-03 19:40 - 00321712 _____ () C:\windows\system32\ativvaxy_vi_nd.dat
2015-01-31 17:49 - 2014-08-29 16:43 - 00158944 _____ () C:\windows\system32\ativce03.dat
2015-01-31 17:49 - 2014-08-29 15:08 - 00157248 _____ () C:\windows\system32\amde31a.dat
2015-01-31 17:49 - 2014-08-20 20:35 - 00234292 _____ () C:\windows\system32\ativvaxy_cik.dat
2015-01-31 17:49 - 2014-08-20 20:33 - 00232624 _____ () C:\windows\system32\ativvaxy_cik_nd.dat
2015-01-31 17:49 - 2014-08-14 18:54 - 00083312 _____ () C:\windows\system32\ativce02.dat
2015-01-31 17:49 - 2014-07-10 21:02 - 00046128 _____ () C:\windows\system32\kapp_ci.sbin
2015-01-31 17:49 - 2014-07-10 21:02 - 00041936 _____ () C:\windows\system32\kapp_si.sbin
2015-01-31 17:49 - 2014-06-21 18:02 - 00223232 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\AtihdWB6.sys
2015-01-31 17:49 - 2014-06-21 18:01 - 00142848 _____ (Windows (R) Win 7 DDK provider) C:\windows\system32\Drivers\amdacpksl.sys
2015-01-31 17:49 - 2014-06-21 18:00 - 00110080 _____ (Advanced Micro Devices) C:\windows\system32\DelayAPO.dll
2015-01-31 17:49 - 2014-06-18 18:28 - 00140240 _____ () C:\windows\system32\samu_krnl_ci.sbin
2015-01-31 17:49 - 2012-09-23 00:17 - 00021160 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\amdkmafd.sys
2015-01-31 17:41 - 2015-01-31 17:41 - 00060628 _____ () C:\windows\SysWOW64\CCCInstall_201501311741420127.log
2015-01-31 17:31 - 2015-01-31 17:30 - 251885568 _____ (AMD Inc.) C:\Users\rhsCZ\Desktop\amd-catalyst-omega-14.12-without-dotnet45-win8.1-64bit.exe
2015-01-31 17:18 - 2015-01-31 17:18 - 05451464 _____ (Advanced Micro Devices, Inc.) C:\Users\rhsCZ\Downloads\autodetectutility.exe
2015-01-31 15:01 - 2015-01-31 15:01 - 00000000 ____D () C:\Users\rhsCZ\Documents\Hitman Blood Money
2015-01-31 14:45 - 2015-01-31 14:45 - 00000000 ____D () C:\Users\rhsCZ\Documents\Empire Interactive
2015-01-31 14:39 - 2015-01-31 14:39 - 00000916 _____ () C:\Users\Public\Desktop\Hitman Blood Money.lnk
2015-01-31 14:39 - 2015-01-31 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos
2015-01-31 14:38 - 2015-01-31 14:57 - 00000000 ____D () C:\Program Files (x86)\Hitman Blood Money
2015-01-31 14:35 - 2015-01-31 14:35 - 00001973 _____ () C:\Users\rhsCZ\Desktop\Starship Troopers.lnk
2015-01-31 14:35 - 2015-01-31 14:35 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopCD
2015-01-31 14:22 - 2015-01-31 14:35 - 00000000 ____D () C:\Program Files (x86)\Starship Troopers
2015-01-31 09:54 - 2015-01-31 09:54 - 15756870 _____ (Portál soe.cz ) C:\Users\rhsCZ\Downloads\cs16_patch_v36.exe
2015-01-30 23:14 - 2015-01-30 23:14 - 02092229 _____ (FileZilla Project) C:\Users\rhsCZ\Downloads\FileZilla_Server-0_9_49 [1].exe
2015-01-30 23:13 - 2015-01-30 23:13 - 00742056 _____ ( ) C:\Users\rhsCZ\Downloads\FileZilla_Server-0_9_49.exe
2015-01-30 23:13 - 2015-01-30 23:13 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\FileZilla
2015-01-30 23:12 - 2015-01-30 23:12 - 00002021 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2015-01-30 23:11 - 2015-01-30 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-01-30 23:11 - 2015-01-30 23:12 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2015-01-30 23:11 - 2015-01-30 23:11 - 06381120 _____ (Tim Kosse) C:\Users\rhsCZ\Downloads\FileZilla_3.10.0.2_win32-setup [1].exe
2015-01-30 23:09 - 2015-01-30 23:09 - 00742056 _____ ( ) C:\Users\rhsCZ\Downloads\FileZilla_3.10.0.2_win32-setup.exe
2015-01-30 20:17 - 2015-01-30 20:17 - 00000000 ____D () C:\games
2015-01-30 20:11 - 2015-01-30 20:15 - 257129400 ____R (Valve ) C:\Users\rhsCZ\Downloads\CS1.6 FULL v42 - Protocol 48 Clean.exe
2015-01-30 20:10 - 2015-01-30 20:10 - 00020214 _____ () C:\Users\rhsCZ\Downloads\[kickass.so]counter.strike.1.6.v42.protocol.48.clean.torrent
2015-01-30 19:50 - 2015-01-30 19:57 - 283740531 _____ (Valve ) C:\Users\rhsCZ\Downloads\cs16full_v42h_cskocz.exe
2015-01-30 19:45 - 2015-01-30 20:01 - 00001700 _____ () C:\Users\rhsCZ\Desktop\Counter Strike 1.6 Non Steam.lnk
2015-01-30 19:45 - 2015-01-30 19:45 - 00001668 _____ () C:\Users\rhsCZ\Desktop\Dedicated Server.lnk
2015-01-30 19:43 - 2015-01-30 19:45 - 21416075 _____ () C:\Users\rhsCZ\Downloads\Counter-Strike-1.6-Patch-v21-Full.rar
2015-01-30 15:54 - 2015-02-04 10:50 - 00004908 _____ () C:\windows\PFRO.log
2015-01-30 15:52 - 2015-01-30 15:52 - 00042152 _____ (Connectify) C:\windows\system32\Drivers\cnnctfy3.sys
2015-01-30 15:50 - 2015-01-30 15:51 - 10330464 _____ (Connectify) C:\Users\rhsCZ\Downloads\Connectify2015Installer.exe
2015-01-30 14:50 - 2015-01-30 14:50 - 00001090 _____ () C:\Users\Public\Desktop\State of Decay.lnk
2015-01-30 14:50 - 2015-01-30 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\State of Decay
2015-01-30 14:38 - 2015-02-01 11:25 - 00000000 ____D () C:\Program Files (x86)\State of Decay
2015-01-30 14:38 - 2015-01-30 14:38 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Opera Software
2015-01-30 14:38 - 2015-01-30 14:38 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\Opera Software
2015-01-30 14:37 - 2015-02-04 10:55 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-30 14:37 - 2015-02-03 13:15 - 00003834 _____ () C:\windows\System32\Tasks\Opera scheduled Autoupdate 1422625067
2015-01-30 14:37 - 2015-02-03 13:15 - 00001062 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-01-30 14:37 - 2015-01-30 14:37 - 00001156 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-01-30 14:36 - 2015-01-30 14:37 - 00713392 _____ (Opera Software) C:\Users\rhsCZ\Downloads\Opera_NI_stable.exe
2015-01-30 14:30 - 2015-01-30 14:30 - 00001277 _____ () C:\Users\rhsCZ\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2015-01-30 14:30 - 2015-01-30 14:30 - 00001253 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-01-30 14:29 - 2015-01-30 14:30 - 15971616 _____ (IObit) C:\Users\rhsCZ\Downloads\iobituninstaller(1).exe
2015-01-30 14:20 - 2015-01-30 14:20 - 00016046 _____ () C:\Users\rhsCZ\Downloads\[CzT]State_of_Decay_DLC_Breakdown_02_2014_CZ_.torrent
2015-01-29 19:19 - 2015-01-29 19:19 - 00015328 _____ () C:\Users\rhsCZ\Downloads\hijackthis.log
2015-01-29 19:18 - 2015-01-29 19:19 - 00388608 _____ (Trend Micro Inc.) C:\Users\rhsCZ\Downloads\hijackthis.exe
2015-01-29 19:14 - 2013-01-29 01:04 - 00000000 ____D () C:\Program Files\OneLateNight
2015-01-29 18:54 - 2015-01-29 18:56 - 114763930 _____ () C:\Users\rhsCZ\Downloads\OneLateNight_dx11(1).zip
2015-01-29 18:26 - 2015-01-29 18:26 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2015-01-29 18:26 - 2015-01-29 18:26 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2015-01-29 18:24 - 2015-01-29 18:25 - 36210245 _____ () C:\Users\rhsCZ\Downloads\MSIAfterburnerSetup410.zip
2015-01-28 23:16 - 2015-01-28 23:16 - 00642632 _____ (EFD Software ) C:\Users\rhsCZ\Downloads\hdtune_255.exe
2015-01-28 23:16 - 2015-01-28 23:16 - 00000947 _____ () C:\Users\rhsCZ\Desktop\HD Tune.lnk
2015-01-28 23:16 - 2015-01-28 23:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2015-01-28 23:16 - 2015-01-28 23:16 - 00000000 ____D () C:\Program Files (x86)\HD Tune
2015-01-28 21:23 - 2015-01-28 21:23 - 00000000 ____D () C:\Program Files (x86)\PuTTy
2015-01-28 16:44 - 2015-02-02 17:10 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\SKIDROW
2015-01-28 16:42 - 2015-01-28 16:42 - 00000000 ____D () C:\Users\rhsCZ\Documents\Square Enix
2015-01-28 16:37 - 2015-01-28 16:37 - 00001113 _____ () C:\Users\rhsCZ\Desktop\Just Cause 2.lnk
2015-01-28 16:33 - 2015-02-03 17:19 - 00000000 ____D () C:\Program Files (x86)\Just Cause 2
2015-01-28 14:33 - 2015-01-28 14:33 - 00281160 _____ () C:\windows\Minidump\012815-55406-01.dmp
2015-01-28 14:32 - 2015-01-28 14:32 - 875256196 _____ () C:\windows\MEMORY.DMP
2015-01-28 11:54 - 2015-01-28 11:54 - 00001849 _____ () C:\Users\rhsCZ\Desktop\easyphp.lnk
2015-01-28 11:51 - 2015-01-28 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyPHP Devserver 14.1 beta 2
2015-01-28 11:50 - 2015-01-28 11:51 - 00000000 ____D () C:\Program Files (x86)\EasyPHP-Webserver-14.1b2
2015-01-28 11:48 - 2015-01-28 21:18 - 00000304 _____ () C:\windows\Tasks\powersuite_monitor.job
2015-01-28 11:48 - 2015-01-28 21:17 - 00002520 _____ () C:\windows\System32\Tasks\powersuite_monitor
2015-01-28 11:45 - 2015-01-28 11:48 - 40328071 _____ (EasyPHP Team ) C:\Users\rhsCZ\Downloads\EasyPHP-Webserver-14.1b2-setup(1).exe
2015-01-28 11:42 - 2015-01-28 11:43 - 01541624 _____ (Uniblue Systems Limited ) C:\Users\rhsCZ\Downloads\powersuite.exe
2015-01-28 11:40 - 2015-01-28 11:45 - 19007723 _____ (EasyPHP Team ) C:\Users\rhsCZ\Downloads\EasyPHP-Webserver-14.1b2-setup.exe
2015-01-28 11:37 - 2015-01-28 11:37 - 00001140 _____ () C:\Users\Public\Desktop\Smart Install Maker.lnk
2015-01-28 11:37 - 2015-01-28 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Install Maker 5.04
2015-01-28 11:37 - 2015-01-28 11:37 - 00000000 ____D () C:\Program Files (x86)\Smart Install Maker
2015-01-28 11:27 - 2015-01-28 11:27 - 01601784 _____ (InstallBuilders ) C:\Users\rhsCZ\Downloads\simsetup.exe
2015-01-28 11:22 - 2015-01-28 11:22 - 00000000 ____D () C:\Users\rhsCZ\Downloads\WinUtilities Professional Edition ★ License Key
2015-01-28 11:21 - 2015-01-28 11:21 - 00000597 _____ () C:\Users\rhsCZ\Downloads\[kickass.so]winutilities.professional.edition.11.33.license.keys.torrent
2015-01-28 11:17 - 2015-01-28 11:23 - 00000171 _____ () C:\windows\SysWOW64\_WKERNEL.SYL
2015-01-28 11:17 - 2015-01-28 11:18 - 00000000 ____D () C:\Program Files (x86)\WinUtilities
2015-01-28 11:17 - 2015-01-28 11:17 - 00001049 _____ () C:\Users\Public\Desktop\WinUtilities.lnk
2015-01-28 11:17 - 2015-01-28 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinUtilities
2015-01-28 11:17 - 2010-07-25 22:23 - 00544768 _____ (Stardock Corporation) C:\windows\SysWOW64\wbocx.ocx
2015-01-28 11:17 - 2010-07-25 22:23 - 00258352 _____ (Microsoft Corporation) C:\windows\SysWOW64\unicows.dll
2015-01-28 11:17 - 2010-07-25 22:23 - 00056496 _____ (Stardock.Net, Inc) C:\windows\SysWOW64\wbhelp2.dll
2015-01-28 11:17 - 2010-07-25 22:23 - 00033968 _____ (Neil Banfield) C:\windows\SysWOW64\anim.dll
2015-01-28 11:17 - 2010-07-25 22:23 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\W95INF32.DLL
2015-01-28 11:17 - 2010-07-25 22:23 - 00002272 _____ (Microsoft Corporation) C:\windows\SysWOW64\W95INF16.DLL
2015-01-28 11:16 - 2015-01-28 11:16 - 06386208 _____ (YL Computing, Inc ) C:\Users\rhsCZ\Downloads\wuinstall.exe
2015-01-28 10:51 - 2015-01-28 10:51 - 00001197 _____ () C:\Users\rhsCZ\Desktop\firebird start.lnk
2015-01-28 10:51 - 2015-01-28 10:51 - 00001188 _____ () C:\Users\rhsCZ\Desktop\firebird stop.lnk
2015-01-28 10:19 - 2015-01-28 10:19 - 00001207 _____ () C:\Users\rhsCZ\Desktop\xNeat Application Builder.lnk
2015-01-28 10:19 - 2015-01-28 10:19 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\xNeat Application Builder
2015-01-28 10:19 - 2015-01-28 10:19 - 00000000 ____D () C:\Program Files (x86)\xNeat Application Builder
2015-01-28 10:16 - 2015-01-28 10:16 - 00000034 _____ () C:\windows\system32\NULL
2015-01-28 10:02 - 2015-01-28 10:02 - 09005624 _____ (Adersoft) C:\Users\rhsCZ\Downloads\vbsedit.exe
2015-01-28 10:02 - 2015-01-28 10:02 - 00001024 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vbsedit 32-bit.lnk
2015-01-28 10:02 - 2015-01-28 10:02 - 00001024 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Htaedit 32-bit.lnk
2015-01-28 10:02 - 2015-01-28 10:02 - 00001012 _____ () C:\Users\Public\Desktop\Vbsedit 32-bit.lnk
2015-01-28 10:02 - 2015-01-28 10:02 - 00001012 _____ () C:\Users\Public\Desktop\Htaedit 32-bit.lnk
2015-01-28 10:02 - 2015-01-28 10:02 - 00000982 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vbsedit.lnk
2015-01-28 10:02 - 2015-01-28 10:02 - 00000982 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Htaedit.lnk
2015-01-28 10:02 - 2015-01-28 10:02 - 00000970 _____ () C:\Users\Public\Desktop\Vbsedit.lnk
2015-01-28 10:02 - 2015-01-28 10:02 - 00000970 _____ () C:\Users\Public\Desktop\Htaedit.lnk
2015-01-28 10:02 - 2015-01-28 10:02 - 00000000 ____D () C:\ProgramData\Vbsedit
2015-01-28 10:02 - 2015-01-28 10:02 - 00000000 ____D () C:\Program Files\Vbsedit
2015-01-28 10:02 - 2015-01-28 10:02 - 00000000 ____D () C:\Program Files (x86)\Vbsedit
2015-01-28 09:58 - 2015-01-28 09:58 - 00000034 _____ () C:\Users\rhsCZ\NULL
2015-01-28 09:40 - 2015-01-28 12:27 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\OBS
2015-01-28 09:40 - 2015-01-28 09:40 - 00000956 _____ () C:\Users\rhsCZ\Desktop\Open Broadcaster Software.lnk
2015-01-28 09:40 - 2015-01-28 09:40 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2015-01-28 09:40 - 2015-01-28 09:40 - 00000000 ____D () C:\Program Files\OBS
2015-01-28 09:40 - 2015-01-28 09:40 - 00000000 ____D () C:\Program Files (x86)\OBS
2015-01-28 08:07 - 2015-01-28 08:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-27 23:21 - 2015-01-27 23:21 - 00001413 _____ () C:\Users\Public\Desktop\EaseUS Partition Master 10.2.lnk
2015-01-27 23:21 - 2015-01-27 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.2
2015-01-27 23:21 - 2015-01-27 23:21 - 00000000 ____D () C:\Program Files (x86)\EaseUS
2015-01-27 23:21 - 2014-11-18 14:46 - 03384928 _____ () C:\windows\system32\BootMan.exe
2015-01-27 23:21 - 2014-11-18 14:46 - 02502240 _____ () C:\windows\SysWOW64\BootMan.exe
2015-01-27 23:21 - 2014-11-18 14:46 - 00021088 _____ () C:\windows\SysWOW64\EuEpmGdi.dll
2015-01-27 23:21 - 2014-11-18 14:46 - 00017504 _____ () C:\windows\system32\EuEpmGdi.dll
2015-01-27 23:21 - 2014-11-18 14:39 - 00018528 _____ () C:\windows\system32\epmntdrv.sys
2015-01-27 23:21 - 2014-11-18 14:39 - 00014944 _____ () C:\windows\SysWOW64\epmntdrv.sys
2015-01-27 23:21 - 2014-11-18 14:39 - 00010848 _____ () C:\windows\system32\EuGdiDrv.sys
2015-01-27 23:21 - 2014-11-18 14:39 - 00010208 _____ () C:\windows\SysWOW64\EuGdiDrv.sys
2015-01-27 23:21 - 2014-11-18 14:38 - 00101984 _____ () C:\windows\system32\setupempdrvx64.exe
2015-01-27 23:21 - 2014-11-18 14:38 - 00088160 _____ () C:\windows\SysWOW64\setupempdrv03.exe
2015-01-27 23:14 - 2015-01-27 23:19 - 30603720 _____ (EaseUS ) C:\Users\rhsCZ\Downloads\epm(1).exe
2015-01-27 23:01 - 2015-01-27 23:01 - 00002505 _____ () C:\Users\Public\Desktop\inSSIDer Home.lnk
2015-01-27 23:01 - 2015-01-27 23:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
2015-01-27 23:01 - 2015-01-27 23:01 - 00000000 ____D () C:\Program Files (x86)\MetaGeek
2015-01-27 23:00 - 2015-01-27 23:00 - 04767744 _____ () C:\Users\rhsCZ\Downloads\inSSIDer-installer.msi
2015-01-27 18:50 - 2015-01-27 18:50 - 00004140 _____ () C:\ProgramData\cdggdqsx.jep
2015-01-27 18:50 - 2015-01-27 18:50 - 00002073 _____ () C:\Users\rhsCZ\Desktop\SAM Broadcaster STUDIO.lnk
2015-01-27 18:50 - 2015-01-27 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.5 (Win32)
2015-01-27 18:50 - 2015-01-27 18:50 - 00000000 ____D () C:\Program Files (x86)\Firebird
2015-01-27 18:50 - 2013-03-19 11:02 - 00552960 _____ (Firebird Project) C:\windows\SysWOW64\GDS32.DLL
2015-01-27 18:49 - 2015-01-27 18:50 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAM Broadcaster
2015-01-27 18:46 - 2015-01-27 18:49 - 32535682 _____ () C:\Users\rhsCZ\Downloads\SBS20147.rar
2015-01-27 18:42 - 2015-01-27 18:50 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\SpacialAudio
2015-01-27 18:41 - 2015-01-27 18:49 - 00000000 ____D () C:\Program Files (x86)\SpacialAudio
2015-01-27 18:41 - 2015-01-27 18:41 - 00004110 _____ () C:\ProgramData\ubzyegls.kzt
2015-01-27 18:41 - 2015-01-27 18:41 - 00002081 _____ () C:\Users\rhsCZ\Desktop\SAM Cast.lnk
2015-01-27 18:41 - 2015-01-27 18:41 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAM Cast
2015-01-27 18:40 - 2015-01-27 18:41 - 11070043 _____ () C:\Users\rhsCZ\Downloads\SCast.Pro.2014.7.rar
2015-01-27 18:21 - 2015-01-27 18:31 - 150202684 ____C () C:\Users\rhsCZ\Downloads\simple tv.rar
2015-01-27 16:21 - 2015-01-27 16:44 - 00000000 ____D () C:\Users\rhsCZ\Desktop\aj
2015-01-26 16:53 - 2015-01-26 16:53 - 00768006 _____ () C:\Users\rhsCZ\Downloads\Minevolution 1.3.4.zip
2015-01-26 16:38 - 2015-01-26 16:38 - 00825375 _____ () C:\Users\rhsCZ\Downloads\Minevolution Beta 1.011.zip
2015-01-26 15:49 - 2015-01-26 15:49 - 00001043 _____ () C:\Users\rhsCZ\Desktop\PSPad.lnk
2015-01-26 15:49 - 2015-01-26 15:49 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\PSpad
2015-01-26 15:49 - 2015-01-26 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSPad editor
2015-01-26 15:48 - 2015-01-26 15:49 - 00000000 ____D () C:\Program Files (x86)\PSPad editor
2015-01-26 15:48 - 2015-01-26 15:48 - 04078315 _____ (Jan Fiala ) C:\Users\rhsCZ\Downloads\pspad458inst_cz.exe
2015-01-26 15:42 - 2015-01-26 15:42 - 00011148 _____ () C:\windows\system32\winsat.txt
2015-01-26 15:24 - 2015-02-03 10:56 - 00000000 ____D () C:\Program Files (x86)\Free Download Manager
2015-01-26 15:24 - 2015-01-31 11:58 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Free Download Manager
2015-01-26 15:24 - 2015-01-26 15:24 - 00001094 _____ () C:\Users\rhsCZ\Desktop\Free Download Manager.lnk
2015-01-26 15:24 - 2015-01-26 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2015-01-26 15:22 - 2015-01-26 15:23 - 08059224 _____ (FreeDownloadManager.ORG ) C:\Users\rhsCZ\Downloads\fdminst.exe
2015-01-26 13:34 - 2015-01-26 14:51 - 00000000 __RHD () C:\ESD
2015-01-26 13:33 - 2015-01-26 13:33 - 01483336 _____ (Microsoft Corporation) C:\Users\rhsCZ\Downloads\mediacreationtool.exe
2015-01-25 23:12 - 2015-01-25 23:12 - 00000000 ____D () C:\Users\rhsCZ\Desktop\Defraggler
2015-01-25 21:31 - 2015-01-25 21:31 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\FlatOut Ultimate Carnage
2015-01-25 21:31 - 2015-01-25 21:22 - 00001209 _____ () C:\Users\rhsCZ\Desktop\Flatout Ultimate Carnage.lnk
2015-01-25 21:23 - 2015-01-25 21:23 - 00011096 _____ () C:\Users\rhsCZ\Downloads\[CzT]Just_Cause_2_CZ.torrent
2015-01-25 21:23 - 2015-01-25 21:23 - 00000000 ____D () C:\windows\SysWOW64\xlive
2015-01-25 21:22 - 2015-02-04 18:14 - 00300286 _____ () C:\windows\DirectX.log
2015-01-25 21:22 - 2015-01-25 21:22 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Empire Interactive
2015-01-25 16:29 - 2015-01-25 16:29 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\Purplizer
2015-01-25 16:24 - 2015-01-25 19:59 - 00003730 _____ () C:\windows\System32\Tasks\Overwolf Updater Task
2015-01-25 16:24 - 2015-01-25 16:25 - 00000000 ____D () C:\ProgramData\Overwolf
2015-01-25 16:24 - 2015-01-25 16:24 - 00001998 _____ () C:\Users\Public\Desktop\Overwolf.lnk
2015-01-25 16:24 - 2015-01-25 16:24 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2015-01-25 16:24 - 2015-01-25 16:24 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-01-25 16:18 - 2015-01-25 16:29 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\Overwolf
2015-01-25 16:13 - 2015-01-25 16:13 - 01250529 _____ () C:\Users\rhsCZ\Downloads\YaTQA_setup(1).exe
2015-01-25 16:02 - 2015-02-04 18:03 - 00002758 _____ () C:\windows\setupact.log
2015-01-25 16:02 - 2015-01-25 16:02 - 00000000 _____ () C:\windows\setuperr.log
2015-01-25 16:01 - 2015-01-25 16:01 - 00000949 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-01-25 16:01 - 2015-01-25 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-01-25 16:00 - 2015-01-25 16:01 - 08544256 _____ () C:\Users\rhsCZ\Downloads\hamachi(1).msi
2015-01-25 15:40 - 2015-01-25 15:41 - 07516302 _____ () C:\Users\rhsCZ\Downloads\OBS_0_64b_Installer.exe
2015-01-24 23:18 - 2015-01-24 23:18 - 00041281 _____ () C:\Users\rhsCZ\Documents\netscan.xml
2015-01-24 22:58 - 2015-01-24 22:59 - 02879207 _____ () C:\Users\rhsCZ\Downloads\netscan.zip
2015-01-24 22:46 - 2015-01-27 15:22 - 00000000 ____D () C:\Users\rhsCZ\Heaven
2015-01-24 22:45 - 2015-01-24 22:48 - 01065984 _____ () C:\Users\rhsCZ\AppData\Local\file__0.localstorage
2015-01-24 21:54 - 2015-01-24 21:56 - 32748703 _____ (Igor Pavlov) C:\Users\rhsCZ\Downloads\Pack_cs-CZ.exe
2015-01-24 21:53 - 2015-01-24 22:24 - 258728440 ____R (Unigine Corp. ) C:\Users\rhsCZ\Downloads\Unigine_Heaven-4.0.exe
2015-01-24 21:52 - 2015-01-24 21:52 - 00019913 _____ () C:\Users\rhsCZ\Downloads\Unigine_Heaven-4.0.exe.torrent
2015-01-24 21:14 - 2015-01-24 21:26 - 356299551 _____ (Lupo Team) C:\Users\rhsCZ\Downloads\Lupo_PenSuite_v2014.05_Full.exe
2015-01-24 17:55 - 2013-05-18 19:04 - 21272064 ____C (Silicon Power) C:\Users\rhsCZ\Desktop\spwidgt.exe
2015-01-24 17:54 - 2014-08-04 12:48 - 02478784 _____ (Sysinternals - www.sysinternals.com) C:\Users\rhsCZ\Desktop\ProcExp.exe
2015-01-24 17:53 - 2014-08-21 22:32 - 00027136 _____ () C:\Users\rhsCZ\Desktop\ascii-tabulka.xls
2015-01-24 17:53 - 2014-08-21 22:24 - 00427520 _____ () C:\Users\rhsCZ\Desktop\ascii.exe
2015-01-24 17:32 - 2015-01-24 17:33 - 00000385 _____ () C:\windows\sysinfo.txt
2015-01-24 17:21 - 2015-02-04 09:36 - 01410679 _____ () C:\windows\WindowsUpdate.log
2015-01-23 22:19 - 2015-01-23 22:29 - 00014154 _____ () C:\Users\rhsCZ\Desktop\sysinfo.txt
2015-01-23 22:19 - 2014-09-29 16:02 - 00322048 _____ () C:\Users\rhsCZ\Desktop\runme_64.exe
2015-01-23 22:12 - 2015-01-24 17:41 - 00000000 ____D () C:\Users\rhsCZ\Desktop\upx
2015-01-23 20:09 - 2015-01-23 20:09 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\Microsoft_Corporation
2015-01-21 21:34 - 2015-01-21 21:34 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\abelhadigital.com
2015-01-21 20:38 - 2015-01-21 20:39 - 02349565 _____ () C:\Users\rhsCZ\Downloads\pidgen.v1.1.3.590.rar
2015-01-21 20:30 - 2015-02-03 22:34 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-21 20:30 - 2015-01-21 20:30 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-21 20:30 - 2015-01-21 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-21 20:30 - 2015-01-21 20:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-21 20:30 - 2015-01-21 20:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-21 20:30 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-01-21 20:30 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-01-21 20:30 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-01-21 20:24 - 2015-01-21 20:30 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\rhsCZ\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-20 13:44 - 2015-01-20 13:44 - 05138600 _____ () C:\windows\system32\FNTCACHE.DAT
2015-01-20 13:16 - 2015-01-20 13:16 - 00044296 ____H (LogMeIn Inc.) C:\windows\system32\Drivers\Hamdrv.sys
2015-01-19 18:47 - 2015-01-19 18:49 - 00000000 ____D () C:\Users\rhsCZ\Desktop\gpupi
2015-01-19 18:46 - 2015-01-19 18:46 - 00741226 _____ () C:\Users\rhsCZ\Downloads\GPUPI 1.4.1.zip
2015-01-19 18:34 - 2015-01-19 18:34 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2015-01-19 18:33 - 2015-01-19 18:31 - 01310267 _____ (pendrivelinux.com) C:\Users\rhsCZ\Desktop\YUMI-2.0.1.4.exe
2015-01-19 18:30 - 2015-01-19 18:31 - 01310267 _____ (pendrivelinux.com) C:\Users\rhsCZ\Downloads\YUMI-2.0.1.4.exe
2015-01-19 18:28 - 2015-01-19 18:28 - 00000000 ____D () C:\adbtk
2015-01-19 18:27 - 2015-01-19 18:27 - 00001070 _____ () C:\Users\Public\Desktop\MultiHasher.lnk
2015-01-19 18:27 - 2015-01-19 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiHasher
2015-01-19 18:27 - 2015-01-19 18:27 - 00000000 ____D () C:\Program Files (x86)\MultiHasher
2015-01-19 18:26 - 2015-01-19 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hMailServer
2015-01-19 18:26 - 2015-01-19 18:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-01-19 18:26 - 2015-01-19 18:26 - 00000000 ____D () C:\Program Files (x86)\hMailServer
2015-01-19 18:26 - 2014-10-15 15:11 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\atl70.dll
2015-01-19 18:24 - 2015-01-19 18:25 - 02454246 _____ () C:\Users\rhsCZ\Downloads\MultiHasher_2.7_win_installer.zip
2015-01-19 18:24 - 2015-01-19 18:24 - 00001640 _____ () C:\Users\rhsCZ\Desktop\CFF Explorer.lnk
2015-01-19 18:22 - 2015-01-19 18:22 - 00001543 _____ () C:\Users\rhsCZ\Desktop\ResHacker.lnk
2015-01-19 18:22 - 2015-01-19 18:22 - 00000000 ____D () C:\Users\Public\Documents\Explorer Suite Signatures
2015-01-19 18:22 - 2015-01-19 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite
2015-01-19 18:22 - 2015-01-19 18:22 - 00000000 ____D () C:\Program Files\NTCore
2015-01-19 18:20 - 2015-01-19 18:22 - 03613174 _____ ( ) C:\Users\rhsCZ\Downloads\ExplorerSuite.exe
2015-01-19 18:20 - 2015-01-19 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
2015-01-19 18:20 - 2015-01-19 18:20 - 00000000 ____D () C:\Program Files (x86)\Resource Hacker
2015-01-19 18:17 - 2015-01-19 18:19 - 00748246 _____ ( ) C:\Users\rhsCZ\Downloads\reshack_setup.exe
2015-01-19 18:12 - 2015-01-19 18:12 - 00000522 _____ () C:\Program Files (x86)\USB_Disk_Eject.cfg
2015-01-19 18:10 - 2015-01-19 18:10 - 00946453 _____ () C:\Users\rhsCZ\Downloads\USBDiskEjector1.3.0.3.zip
2015-01-19 18:10 - 2011-12-10 13:23 - 00976384 _____ (Quick And Easy Software) C:\Program Files (x86)\USB_Disk_Eject.exe
2015-01-18 21:21 - 2015-01-18 21:21 - 00000000 ____D () C:\Users\rhsCZ\Documents\Security
2015-01-18 21:20 - 2015-01-18 21:21 - 00721268 _____ () C:\windows\system32\all.msc
2015-01-18 21:20 - 2015-01-18 21:21 - 00719895 _____ () C:\Users\rhsCZ\Desktop\all.msc
2015-01-18 21:03 - 2015-01-18 21:07 - 35791765 _____ () C:\Users\rhsCZ\Downloads\com.viber.voip-85.apk
2015-01-18 19:46 - 2015-01-18 19:54 - 00000526 _____ () C:\Users\rhsCZ\Desktop\po spuštění.txt
2015-01-18 19:43 - 2015-01-18 19:43 - 00000000 ___DL () C:\Users\rhsCZ\Desktop\rhs
2015-01-18 19:37 - 2015-01-18 19:37 - 00000000 ____D () C:\Users\rhsCZ\Desktop\Síťová připojení.{7007ACC7-3202-11D1-AAD2-00805FC1270E}
2015-01-18 19:32 - 2015-01-18 19:32 - 00000000 ____D () C:\Users\rhsCZ\Desktop\rozšířený ovladací panely.{ED7BA470-8E54-465E-825C-99712043E01C}
2015-01-18 19:25 - 2015-01-18 19:25 - 08119778 _____ () C:\Users\rhsCZ\Desktop\clsid.reg
2015-01-18 19:09 - 2015-01-26 12:52 - 00000050 _____ () C:\Users\rhsCZ\Desktop\stáhnout.txt
2015-01-18 18:41 - 2015-01-26 19:23 - 00000000 ____D () C:\Users\rhsCZ\VirtualBox VMs
2015-01-18 18:29 - 2015-01-18 18:30 - 05976550 _____ () C:\Users\rhsCZ\Downloads\wifenus.zip
2015-01-17 19:28 - 2015-01-17 19:28 - 00000000 ____D () C:\Program Files (x86)\Windows Resource Kits
2015-01-17 19:25 - 2015-01-17 19:28 - 00379392 _____ () C:\Users\rhsCZ\Downloads\subinacl.msi
2015-01-17 18:57 - 2015-01-17 18:57 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-01-17 18:55 - 2015-01-17 18:55 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Sony
2015-01-17 18:53 - 2015-01-17 18:55 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\Sony
2015-01-17 18:53 - 2015-01-17 18:53 - 00001065 _____ () C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk
2015-01-17 18:53 - 2015-01-17 18:53 - 00000000 ____D () C:\ProgramData\Sony
2015-01-17 18:53 - 2015-01-17 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-01-17 18:53 - 2015-01-17 18:53 - 00000000 ____D () C:\Program Files\Sony
2015-01-17 18:53 - 2015-01-17 18:53 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-01-16 18:04 - 2015-01-16 18:04 - 00020401 _____ () C:\Users\rhsCZ\Downloads\[CzT]TechSmith_Camtasia_Studio_v8_4_3_1792.torrent
2015-01-16 18:03 - 2015-01-16 18:03 - 00020797 _____ () C:\Users\rhsCZ\Downloads\[CzT]Adobe_After_Effects_CS6_11_0_0_378_LS7.torrent
2015-01-16 17:58 - 2015-01-16 17:58 - 00013051 _____ () C:\Users\rhsCZ\Downloads\[CzT]Sony_Vegas_Pro_13_0_Build_373_x64_.torrent
2015-01-16 15:11 - 2015-01-16 15:11 - 00000155 _____ () C:\Users\rhsCZ\Desktop\wifi.txt
2015-01-16 14:20 - 2015-02-03 12:58 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\SpinTires
2015-01-16 14:17 - 2015-01-16 14:19 - 00000000 ____D () C:\Program Files (x86)\Spintires
2015-01-16 14:17 - 2015-01-16 14:17 - 00001046 _____ () C:\Users\rhsCZ\Desktop\Spintires.lnk
2015-01-16 14:17 - 2015-01-16 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spintires
2015-01-16 14:05 - 2015-02-03 09:15 - 00000439 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2015-01-15 23:29 - 2015-01-15 23:29 - 00000992 _____ () C:\Users\rhsCZ\Downloads\ErrorReportingEnable.reg
2015-01-15 23:07 - 2015-01-15 23:07 - 00048985 _____ () C:\Users\rhsCZ\Downloads\[CzT]Spintires_2014_CZ_.torrent
2015-01-15 17:25 - 2015-01-15 17:25 - 00061488 _____ () C:\windows\SysWOW64\CCCInstall_201501151725038437.log
2015-01-15 17:18 - 2015-01-15 17:18 - 00060628 _____ () C:\windows\SysWOW64\CCCInstall_201501151718260517.log
2015-01-15 16:28 - 2015-01-15 16:28 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\AppEx Networks
2015-01-14 21:12 - 2015-01-14 21:12 - 00001015 _____ () C:\Users\rhsCZ\Desktop\up.txt
2015-01-14 21:07 - 2015-01-14 21:11 - 114763930 _____ () C:\Users\rhsCZ\Downloads\OneLateNight_dx11.zip
2015-01-14 21:07 - 2015-01-14 21:11 - 114760879 _____ () C:\Users\rhsCZ\Downloads\OneLateNight.zip
2015-01-14 21:07 - 2015-01-14 21:07 - 00001130 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scorpion's WinCheater 2.lnk
2015-01-14 21:07 - 2015-01-14 21:07 - 00001118 _____ () C:\Users\rhsCZ\Desktop\Scorpion's WinCheater 2.lnk
2015-01-14 21:07 - 2015-01-14 21:07 - 00000000 ____D () C:\Program Files (x86)\Scorpions WinCheater
2015-01-14 20:45 - 2015-01-14 20:47 - 21631130 _____ ( ) C:\Users\rhsCZ\Downloads\WinCH2_setup.exe
2015-01-14 20:43 - 2015-01-14 20:48 - 00001997 _____ () C:\windows\_isenv31.ini
2015-01-14 20:40 - 2015-01-14 20:42 - 05949744 _____ () C:\Users\rhsCZ\Downloads\cmstudnt.zip

„Zeptáš-li se, budeš 5 minut vypadat jako blbec. Nezeptáš-li se, budeš blbcem po celý život.“
„Mnozí z těch, co žijí, by zasluhovali smrt. A mnozí z těch, co zemřeli, by si zasloužili žít.“ - John Ronald Reuel Tolkien
„Je lepší být nenáviděn pro to, jaký jsi, než být milován pro to, co nejsi.“ - Kurt Cobain
https://rhscz.eu
https://github.com/rhsCZ
Nahoru
Uživatelský avatar
rhsCZ
Level 4
Level 4
Příspěvky: 1395
Registrován: červen 13
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele rhsCZ

Re: Preventivka

Příspěvekod rhsCZ » 04 úno 2015 19:20

2015-01-14 17:40 - 2015-01-14 17:58 - 4255410176 ____R () C:\Users\rhsCZ\Downloads\The.Hobbit.The.Battle.of.the.Five.Armies.1.46.CAMRip.CZ.avi
2015-01-14 17:39 - 2015-01-14 17:39 - 00020994 _____ () C:\Users\rhsCZ\Downloads\[CzT]Hobit_Bitva_peti_armad_The_Hobbit_The_Battle_of_the_Five_Armies_2014_CZ_CAM_.torrent
2015-01-14 16:46 - 2015-01-14 16:46 - 00003584 _____ () C:\Users\rhsCZ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-13 23:37 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll
2015-01-13 23:37 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2015-01-13 23:36 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-13 23:36 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-13 23:36 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ahcache.sys
2015-01-13 23:36 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-13 23:36 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2015-01-13 23:36 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-01-13 23:36 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2015-01-13 23:36 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2015-01-13 23:36 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2015-01-13 23:36 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-01-13 23:36 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
2015-01-13 23:36 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
2015-01-13 23:36 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2015-01-13 23:36 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-13 23:36 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2015-01-13 22:53 - 2015-01-13 22:54 - 00066913 _____ () C:\Users\rhsCZ\Downloads\bluescreenview.zip
2015-01-13 22:50 - 2015-01-13 22:51 - 38593453 ____R () C:\Users\rhsCZ\Downloads\The.Sims.4.Crack.Only-RELOADED.rar
2015-01-13 22:50 - 2015-01-13 22:50 - 00007030 _____ () C:\Users\rhsCZ\Downloads\[kickass.so]the.sims.4.crack.only.reloaded.rar.torrent
2015-01-13 16:44 - 2015-01-28 14:33 - 00000000 ____D () C:\windows\Minidump
2015-01-12 21:17 - 2015-01-12 21:17 - 00000000 ____D () C:\Users\rhsCZ\Documents\Vlastní šablony Office
2015-01-12 20:41 - 2015-01-12 20:41 - 00001888 _____ () C:\Users\rhsCZ\Desktop\Trove.lnk
2015-01-12 20:40 - 2015-01-12 20:40 - 00001024 _____ () C:\Users\rhsCZ\Desktop\Glyph.lnk
2015-01-12 20:40 - 2015-01-12 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2015-01-12 20:40 - 2015-01-12 20:40 - 00000000 ____D () C:\ProgramData\Glyph
2015-01-12 20:19 - 2015-01-12 20:19 - 00001681 _____ () C:\Users\rhsCZ\Desktop\Photoshop.lnk
2015-01-12 20:17 - 2015-01-12 20:19 - 31731312 _____ (Trion Worlds Inc.) C:\Users\rhsCZ\Downloads\GlyphInstall-0-131.exe
2015-01-12 20:12 - 2015-01-12 20:12 - 00001226 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
2015-01-12 20:12 - 2015-01-12 20:12 - 00001214 _____ () C:\Users\Public\Desktop\The Sims 4.lnk
2015-01-12 20:12 - 2014-10-19 15:54 - 00447752 _____ (On2.com) C:\windows\SysWOW64\vp6vfw.dll
2015-01-12 20:07 - 2015-01-12 20:07 - 00000878 _____ () C:\Users\Public\Desktop\Car Mechanic Simulator.lnk
2015-01-12 20:07 - 2015-01-12 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Car Mechanic Simulator
2015-01-12 19:13 - 2015-01-12 19:13 - 00000000 ____D () C:\Users\rhsCZ\Documents\Electronic Arts
2015-01-12 17:30 - 2015-01-12 20:07 - 00000000 ____D () C:\Program Files (x86)\The Sims 4
2015-01-12 15:36 - 2015-01-12 20:41 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Trove
2015-01-12 14:33 - 2015-01-28 18:51 - 00000000 ____D () C:\Program Files (x86)\Glyph
2015-01-12 14:33 - 2015-01-12 20:40 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\Glyph
2015-01-12 13:59 - 2015-01-12 13:59 - 00045688 _____ () C:\Users\rhsCZ\Downloads\[CzT]The_Sims_4_Deluxe_Edition_2014_CZ_.torrent
2015-01-11 19:02 - 2015-01-11 19:02 - 00016679 _____ () C:\Users\rhsCZ\Downloads\[CzT]Mirror_s_Edge_v1_01_CZ_2009_.torrent
2015-01-11 17:23 - 2015-01-12 20:07 - 00000000 ____D () C:\Program Files (x86)\Car Mechanic Simulator
2015-01-11 17:16 - 2015-01-11 17:16 - 00019519 _____ () C:\Users\rhsCZ\Downloads\[CzT]Car_Mechanic_Simulator_Complete_Edition_v1_2_0_4_2014_CZ_.torrent
2015-01-10 17:05 - 2015-01-10 17:05 - 00000000 ____D () C:\Users\rhsCZ\Documents\Lenovo
2015-01-10 17:05 - 2015-01-10 17:05 - 00000000 ____D () C:\Users\rhsCZ\Documents\CyberLink
2015-01-10 17:05 - 2015-01-10 17:05 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Lenovo
2015-01-10 17:05 - 2015-01-10 17:05 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\CyberLink
2015-01-10 16:42 - 2015-02-02 22:58 - 00000132 _____ () C:\Users\rhsCZ\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-01-10 10:42 - 2015-01-10 10:42 - 02972672 _____ () C:\Users\rhsCZ\Downloads\05a-Vlnove_vlastnosti_svetla.ppt
2015-01-10 10:41 - 2015-01-10 10:41 - 01637376 _____ () C:\Users\rhsCZ\Downloads\04-Disperze_svetla.ppt
2015-01-10 10:41 - 2015-01-10 10:41 - 01014272 _____ () C:\Users\rhsCZ\Downloads\01-Elektromagneticke_zareni_a_jeho_spektrum.ppt
2015-01-10 10:41 - 2015-01-10 10:41 - 00698368 _____ () C:\Users\rhsCZ\Downloads\03-Odraz_a_lom_svetla.ppt
2015-01-10 10:41 - 2015-01-10 10:41 - 00313344 _____ () C:\Users\rhsCZ\Downloads\02-Svetlo-zakladni_vlastnosti.ppt
2015-01-09 18:45 - 2015-01-09 18:45 - 00017802 _____ () C:\Users\rhsCZ\Downloads\[CzT]22_Jump_Street_2014_CZ_WebRip_.torrent
2015-01-09 17:08 - 2015-01-09 17:11 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\.technic
2015-01-09 17:07 - 2015-01-09 17:07 - 23039052 _____ () C:\Users\rhsCZ\Downloads\Technic_Launcher_64bit.zip
2015-01-08 23:27 - 2015-02-01 18:05 - 00000000 ____D () C:\ProgramData\UMS
2015-01-08 23:26 - 2015-01-12 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth
2015-01-08 23:26 - 2015-01-08 23:26 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth
2015-01-08 23:21 - 2015-01-12 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLMediaServer
2015-01-08 23:21 - 2015-01-12 19:58 - 00000000 ____D () C:\Program Files (x86)\ALLMediaServer
2015-01-08 23:20 - 2015-01-08 23:20 - 00494478 _____ () C:\Users\rhsCZ\Downloads\minidlna-1.1.4.tar.gz
2015-01-08 18:29 - 2015-01-08 18:29 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Unity
2015-01-08 16:18 - 2015-01-12 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-01-08 16:18 - 2015-01-12 19:58 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2015-01-08 16:18 - 2015-01-08 16:20 - 78435557 _____ () C:\Users\rhsCZ\Downloads\MeGUI_2507_x86.zip
2015-01-08 16:18 - 2015-01-08 16:18 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-01-07 20:34 - 2015-01-28 08:07 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\LogMeIn Hamachi
2015-01-07 20:34 - 2015-01-07 20:34 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\LogMeIn
2015-01-07 20:34 - 2015-01-07 20:34 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-01-07 20:33 - 2015-01-25 16:01 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-01-07 20:30 - 2015-01-07 20:31 - 08536064 _____ () C:\Users\rhsCZ\Downloads\hamachi.msi
2015-01-06 23:05 - 2015-01-06 23:05 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\Blizzard
2015-01-06 22:54 - 2015-01-06 22:54 - 00001208 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2015-01-06 22:53 - 2015-02-03 11:44 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-01-06 22:53 - 2015-01-06 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-01-06 22:49 - 2015-02-03 12:31 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\Battle.net
2015-01-06 22:49 - 2015-01-12 19:58 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Battle.net
2015-01-06 22:49 - 2015-01-06 22:49 - 00001171 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2015-01-06 22:49 - 2015-01-06 22:49 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\Blizzard Entertainment
2015-01-06 22:49 - 2015-01-06 22:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-01-06 22:49 - 2015-01-06 22:49 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-01-06 22:49 - 2015-01-06 22:49 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-01-06 22:41 - 2015-01-06 22:41 - 03099552 _____ (Blizzard Entertainment) C:\Users\rhsCZ\Downloads\Hearthstone-Setup-enGB.exe
2015-01-06 22:41 - 2015-01-06 22:41 - 00000000 ____D () C:\ProgramData\Battle.net
2015-01-06 15:31 - 2015-01-06 15:32 - 09064712 _____ (Connectify) C:\Users\rhsCZ\Downloads\ConnectifyInstaller.exe
2015-01-05 23:30 - 2015-01-05 23:31 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2013
2015-01-05 23:30 - 2015-01-05 23:31 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2013
2015-01-05 22:16 - 2015-01-31 18:32 - 00000000 ____D () C:\Program Files\Unlocker
2015-01-05 22:16 - 2015-01-05 22:16 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2015-01-05 22:08 - 2015-01-05 22:09 - 00000000 ____D () C:\Program Files (x86)\CrystalDiskInfo
2015-01-05 22:08 - 2015-01-05 22:08 - 00001213 _____ () C:\Users\rhsCZ\Desktop\CrystalDiskInfo.lnk
2015-01-05 22:08 - 2015-01-05 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-01-05 22:05 - 2015-01-05 22:07 - 03014272 _____ (Crystal Dew World ) C:\Users\rhsCZ\Downloads\CrystalDiskInfo6_3_0-en.exe
2015-01-05 22:05 - 2015-01-05 22:05 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\CrystalDiskMark
2015-01-05 22:04 - 2015-01-23 22:01 - 00001861 _____ () C:\Users\rhsCZ\Desktop\CrystalDiskMark.lnk
2015-01-05 22:04 - 2015-01-05 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark
2015-01-05 22:04 - 2015-01-05 22:04 - 00000000 ____D () C:\Program Files\CrystalDiskMark
2015-01-05 22:03 - 2015-01-05 22:04 - 01659040 _____ (Crystal Dew World ) C:\Users\rhsCZ\Downloads\CrystalDiskMark3_0_3b-en.exe
2015-01-05 21:54 - 2015-01-27 23:01 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\MetaGeek,_LLC
2015-01-05 21:54 - 2015-01-05 21:54 - 00000038 ___SH () C:\Users\rhsCZ\AppData\Local\69ff07055291669bb2b218.72821112
2015-01-05 21:51 - 2015-01-05 21:52 - 00028058 _____ () C:\Users\rhsCZ\Downloads\PrivaZer.ini
2015-01-05 21:49 - 2015-01-05 21:52 - 05718016 _____ () C:\Users\rhsCZ\Downloads\inSSIDer4-installer.msi
2015-01-05 21:49 - 2015-01-05 21:49 - 14300296 _____ (Goversoft LLC) C:\Users\rhsCZ\Downloads\PrivaZer.exe
2015-01-05 21:48 - 2015-01-05 21:49 - 07505544 _____ (Goversoft LLC) C:\Users\rhsCZ\Downloads\privazer_free.exe
2015-01-05 21:19 - 2015-01-05 21:19 - 00001200 _____ () C:\Users\rhsCZ\Desktop\Auslogics BoostSpeed 7.lnk
2015-01-05 21:19 - 2015-01-05 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2015-01-05 21:19 - 2015-01-05 21:19 - 00000000 ____D () C:\ProgramData\Auslogics
2015-01-05 21:18 - 2015-01-05 21:18 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2015-01-05 21:16 - 2015-01-05 21:16 - 18663312 _____ (Auslogics Labs Pty Ltd ) C:\Users\rhsCZ\Downloads\boost-speed-setup.exe
2015-01-05 20:23 - 2015-01-05 20:23 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\Unity
2015-01-05 19:51 - 2015-01-26 12:55 - 00002085 _____ () C:\Users\Public\Desktop\Wise Care 365.lnk
2015-01-05 19:51 - 2015-01-05 20:19 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Wise Care 365
2015-01-05 19:51 - 2015-01-05 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2015-01-05 19:51 - 2015-01-05 19:51 - 00000000 ____D () C:\Program Files (x86)\Wise
2015-01-05 19:50 - 2015-01-05 19:50 - 00001515 _____ () C:\Users\Public\Desktop\One-Click-Optimizer.lnk
2015-01-05 19:50 - 2015-01-05 19:50 - 00001283 _____ () C:\Users\Public\Desktop\Ashampoo WinOptimizer 2014.lnk
2015-01-05 19:50 - 2009-08-24 22:13 - 00034304 _____ (mst software GmbH, Germany) C:\windows\system32\DfSdkBt.exe
2015-01-05 19:49 - 2015-01-05 19:50 - 05686648 _____ (WiseCleaner.com ) C:\Users\rhsCZ\Downloads\WiseCare365.exe
2015-01-05 19:49 - 2015-01-05 19:49 - 00001271 _____ () C:\Users\Public\Desktop\Ashampoo Photo Commander 11.lnk
2015-01-05 19:47 - 2015-01-05 19:47 - 00001211 _____ () C:\Users\Public\Desktop\Ashampoo Snap 7.lnk
2015-01-05 19:44 - 2015-01-05 19:50 - 00001884 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk
2015-01-05 19:44 - 2015-01-05 19:50 - 00001228 _____ () C:\Users\Public\Desktop\CleverReach.com.lnk
2015-01-05 19:44 - 2015-01-05 19:44 - 00001289 _____ () C:\Users\Public\Desktop\Ashampoo Music Studio 4.lnk
2015-01-05 19:43 - 2015-01-05 19:44 - 13087456 _____ (Microsoft Corporation) C:\Users\rhsCZ\Downloads\Silverlight_x64.exe
2015-01-05 19:41 - 2015-01-05 19:46 - 164129816 _____ (Ashampoo GmbH & Co. KG ) C:\Users\rhsCZ\Downloads\ashampoo_photo_commander_11_18514.exe
2015-01-05 19:41 - 2015-01-05 19:43 - 27498016 _____ (Ashampoo GmbH & Co. KG ) C:\Users\rhsCZ\Downloads\ashampoo_winoptimizer_2014_1.0.0_16876.exe
2015-01-05 19:40 - 2015-01-05 19:43 - 43875848 _____ (Ashampoo GmbH & Co. KG ) C:\Users\rhsCZ\Downloads\ashampoo_music_studio_4_4.1.2_16904.exe
2015-01-05 19:40 - 2015-01-05 19:43 - 32410776 _____ (Ashampoo GmbH & Co. KG ) C:\Users\rhsCZ\Downloads\ashampoo_snap_7_18498.exe
2015-01-05 18:30 - 2015-02-04 18:04 - 00000000 ____D () C:\Users\rhsCZ\OneDrive
2015-01-05 15:41 - 2015-01-05 16:03 - 935454928 _____ () C:\Users\rhsCZ\Downloads\EuroTruckSimulator2_1_15_1_patch.exe
2015-01-05 13:25 - 2015-01-05 13:25 - 00001217 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2015-01-05 13:25 - 2015-01-05 13:25 - 00000049 _____ () C:\windows\SysWOW64\ScrRecX.log
2015-01-05 13:25 - 2015-01-05 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-01-05 13:25 - 2015-01-05 13:25 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2015-01-05 13:25 - 2008-08-18 18:18 - 00077824 _____ (Fox Magic Software) C:\windows\SysWOW64\fmcodec.DLL
2015-01-05 13:24 - 2015-01-05 13:24 - 17114432 _____ (DsNET Corp ) C:\Users\rhsCZ\Downloads\aTubeCatcher.exe
2015-01-05 13:18 - 2015-01-05 13:18 - 01342943 _____ (PowTools ) C:\Users\rhsCZ\Downloads\encrypt_files_setup.exe
2015-01-05 13:18 - 2015-01-05 13:18 - 00000988 _____ () C:\Users\rhsCZ\Desktop\Encrypt Files.lnk
2015-01-05 13:18 - 2015-01-05 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Encrypt Files
2015-01-05 13:18 - 2015-01-05 13:18 - 00000000 ____D () C:\Program Files (x86)\Encrypt Files
2015-01-05 13:13 - 2015-01-05 13:13 - 00001348 _____ () C:\Users\Public\Desktop\Random Password Generator.lnk
2015-01-05 13:13 - 2015-01-05 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Random Password Generator
2015-01-05 13:12 - 2015-01-05 13:12 - 02201632 _____ (IObit ) C:\Users\rhsCZ\Downloads\rpg-setup.exe
2015-01-05 10:30 - 2015-01-23 09:43 - 00000000 ____D () C:\Users\rhsCZ\Documents\Euro Truck Simulator 2
2015-01-05 10:30 - 2015-01-05 10:30 - 00001367 _____ () C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
2015-01-05 10:30 - 2015-01-05 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
2015-01-05 10:28 - 2015-01-05 16:06 - 00000000 ____D () C:\Program Files (x86)\Euro Truck Simulator 2
2015-01-05 10:05 - 2015-01-05 10:05 - 00011619 _____ () C:\Users\rhsCZ\Downloads\[CzT]Euro_Truck_Simulator_2_FULL_2012_.torrent

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-04 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\sru
2015-02-04 18:56 - 2014-12-29 10:09 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\BitTorrent
2015-02-04 18:36 - 2014-12-28 17:18 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-04 18:18 - 2014-12-25 11:32 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1433280961-3815244573-1026450080-1002
2015-02-04 18:07 - 2014-12-24 22:15 - 00003974 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{408E6157-2AA1-4DC5-BB52-1492526A0A35}
2015-02-04 18:04 - 2014-12-28 17:58 - 00000978 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-04 18:03 - 2013-08-22 15:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-04 15:29 - 2014-08-13 21:29 - 00065536 _____ () C:\windows\system32\spu_storage.bin
2015-02-04 15:28 - 2014-08-13 21:33 - 03336284 _____ () C:\Users\Public\CAFADEBUG.log
2015-02-04 14:55 - 2014-08-13 21:36 - 00968046 _____ () C:\windows\system32\perfh005.dat
2015-02-04 14:55 - 2014-08-13 21:36 - 00232670 _____ () C:\windows\system32\perfc005.dat
2015-02-04 14:55 - 2014-03-18 10:53 - 02059262 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-04 14:28 - 2014-12-31 19:13 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\vlc
2015-02-04 12:04 - 2013-08-22 14:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-02-04 11:20 - 2014-12-28 20:06 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-04 10:44 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2015-02-04 09:25 - 2014-12-28 17:59 - 00002208 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-03 22:19 - 2014-12-28 17:58 - 00003954 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-03 22:19 - 2014-12-28 17:58 - 00003718 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 22:19 - 2014-12-28 17:58 - 00000982 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-03 17:06 - 2014-12-28 20:16 - 00000000 ____D () C:\ProgramData\Origin
2015-02-03 17:06 - 2014-12-25 13:21 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\.minecraft
2015-02-03 16:14 - 2014-12-28 20:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-03 13:14 - 2015-01-01 19:12 - 00000298 _____ () C:\windows\Tasks\Uninstaller_SkipUac_rhsCZ.job
2015-02-03 13:12 - 2015-01-01 19:12 - 00002398 _____ () C:\windows\System32\Tasks\Uninstaller_SkipUac_rhsCZ
2015-02-03 13:08 - 2014-12-31 19:46 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-02-03 09:11 - 2014-12-28 23:37 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-03 09:10 - 2014-12-24 22:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-02 22:58 - 2014-12-25 11:27 - 00000000 ____D () C:\Users\rhsCZ\Documents\My Bluetooth
2015-02-02 16:57 - 2015-01-02 20:56 - 00000000 ____D () C:\Program Files (x86)\2K Games
2015-02-01 21:34 - 2014-12-28 23:37 - 00003804 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-02-01 18:11 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\NDF
2015-01-31 21:06 - 2013-08-22 14:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2015-01-31 17:55 - 2014-08-13 21:29 - 00000000 ____D () C:\ProgramData\AMD
2015-01-31 17:51 - 2015-01-03 21:48 - 00000000 ____D () C:\Program Files (x86)\AMD
2015-01-31 17:42 - 2014-08-13 21:28 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-01-31 17:42 - 2014-08-13 21:28 - 00000000 ____D () C:\Program Files\ATI
2015-01-31 14:35 - 2015-01-03 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopCD
2015-01-31 10:37 - 2014-12-29 10:48 - 00000600 _____ () C:\Users\rhsCZ\AppData\Roaming\winscp.rnd
2015-01-30 14:49 - 2014-08-13 22:00 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-01-30 14:48 - 2014-08-13 22:09 - 00008000 _____ () C:\windows\SysWOW64\VisualDiscovery.ini
2015-01-30 14:48 - 2014-08-13 22:09 - 00005488 _____ () C:\windows\SysWOW64\VisualDiscoveryOff.ini
2015-01-30 14:48 - 2014-08-13 22:09 - 00005488 _____ () C:\windows\system32\VisualDiscoveryOff.ini
2015-01-30 14:41 - 2014-08-13 22:01 - 00000000 ____D () C:\Program Files\Lenovo
2015-01-30 14:41 - 2014-08-13 22:00 - 00000000 ____D () C:\windows\System32\Tasks\Lenovo
2015-01-29 19:19 - 2014-12-25 11:27 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\VirtualStore
2015-01-29 18:26 - 2014-12-28 23:33 - 00000000 ____D () C:\windows\SysWOW64\directx
2015-01-28 21:45 - 2014-12-30 11:32 - 00000600 _____ () C:\Users\rhsCZ\AppData\Local\PUTTY.RND
2015-01-28 21:14 - 2014-12-25 11:26 - 00000000 ____D () C:\Users\rhsCZ
2015-01-28 19:43 - 2014-08-13 22:01 - 00002560 _____ () C:\windows\system32\VfService.trf
2015-01-28 14:17 - 2013-08-22 16:20 - 00000000 ____D () C:\windows\CbsTemp
2015-01-28 12:30 - 2015-01-02 10:14 - 00000000 ____D () C:\Program Files (x86)\Fraps
2015-01-28 10:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-28 09:37 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\rescache
2015-01-27 15:31 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\AppReadiness
2015-01-27 15:23 - 2014-12-25 13:07 - 00000000 ____D () C:\rhs
2015-01-26 19:26 - 2014-12-29 09:29 - 00000348 _____ () C:\windows\Tasks\GlaryInitialize 5.job
2015-01-26 19:23 - 2014-12-30 13:08 - 00000000 ____D () C:\Users\rhsCZ\.VirtualBox
2015-01-26 16:18 - 2014-12-25 11:26 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\Packages
2015-01-25 19:59 - 2014-12-29 11:08 - 00003618 _____ () C:\windows\System32\Tasks\HPCustParticipation HP Deskjet 3520 series
2015-01-25 19:59 - 2014-08-13 22:08 - 00003058 _____ () C:\windows\System32\Tasks\PDVDServ Task
2015-01-25 19:58 - 2014-12-29 09:29 - 00002628 _____ () C:\windows\System32\Tasks\GlaryInitialize 5
2015-01-25 17:39 - 2015-01-01 16:22 - 00000000 ____D () C:\Users\rhsCZ\AppData\Local\PAYDAY 2
2015-01-25 17:01 - 2014-12-29 12:04 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\TS3Client
2015-01-25 17:01 - 2014-12-28 20:08 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Skype
2015-01-25 16:13 - 2014-12-29 11:53 - 00001002 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YaTQA.lnk
2015-01-24 21:20 - 2014-12-28 21:25 - 00714720 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2014-12-28 21:25 - 00106976 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 21:18 - 2015-01-02 15:27 - 00000000 ____D () C:\Program Files (x86)\World_of_Tanks
2015-01-23 22:09 - 2014-12-29 12:41 - 00000000 ____D () C:\Users\rhsCZ\Documents\Visual Studio 2013
2015-01-23 22:01 - 2015-01-03 15:33 - 00001051 _____ () C:\Users\rhsCZ\Desktop\18 Wheels of Steel American Long Haul.lnk
2015-01-23 20:08 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\registration
2015-01-21 17:45 - 2014-08-13 22:13 - 00000000 ____D () C:\ProgramData\Energy Manager
2015-01-20 19:27 - 2014-12-26 15:33 - 00000490 _____ () C:\Users\rhsCZ\Desktop\cpuz.ini
2015-01-20 13:41 - 2014-12-31 19:47 - 00280904 _____ () C:\windows\SysWOW64\PnkBstrB.xtr
2015-01-20 13:41 - 2014-12-31 12:34 - 00280904 _____ () C:\windows\SysWOW64\PnkBstrB.exe
2015-01-19 20:14 - 2014-12-31 19:36 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Notepad++
2015-01-19 18:26 - 2014-12-29 12:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-01-17 18:57 - 2014-12-31 19:36 - 00001080 _____ () C:\Users\rhsCZ\Desktop\Notepad++.lnk
2015-01-15 15:44 - 2015-01-04 15:04 - 00000000 _____ () C:\Recovery.txt
2015-01-14 21:09 - 2015-01-03 10:45 - 00000000 ____D () C:\Program Files (x86)\pawno
2015-01-14 16:51 - 2014-12-28 23:59 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Seznam.cz
2015-01-14 15:33 - 2014-12-28 21:03 - 00000000 ____D () C:\windows\system32\MRT
2015-01-14 15:25 - 2014-12-28 21:03 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-12 20:09 - 2014-12-29 10:58 - 00000000 __RHD () C:\MSOCache
2015-01-12 19:58 - 2014-12-25 11:27 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2015-01-12 19:58 - 2014-12-25 11:27 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-01-12 19:58 - 2014-08-13 22:14 - 00000000 ____D () C:\ProgramData\LU
2015-01-12 19:58 - 2014-08-13 22:02 - 00000000 ____D () C:\Program Files\mcafee
2015-01-12 19:58 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\AppCompat
2015-01-12 19:52 - 2014-08-13 22:08 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-10 17:05 - 2014-08-13 22:01 - 00000000 ____D () C:\ProgramData\Lenovo
2015-01-05 19:50 - 2014-12-29 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-01-05 19:50 - 2014-12-29 10:22 - 00000000 ____D () C:\ProgramData\Ashampoo
2015-01-05 19:50 - 2014-12-29 10:22 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2015-01-05 19:49 - 2014-12-29 10:26 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\Ashampoo
2015-01-05 13:13 - 2015-01-01 19:11 - 00000000 ____D () C:\Users\rhsCZ\AppData\Roaming\IObit
2015-01-05 13:13 - 2015-01-01 19:02 - 00000000 ____D () C:\Program Files (x86)\IObit
==================== Files in the root of some directories =======

2015-01-19 18:12 - 2015-01-19 18:12 - 0000522 _____ () C:\Program Files (x86)\USB_Disk_Eject.cfg
2015-01-19 18:10 - 2011-12-10 13:23 - 0976384 _____ (Quick And Easy Software) C:\Program Files (x86)\USB_Disk_Eject.exe
2015-01-10 16:42 - 2015-02-02 22:58 - 0000132 _____ () C:\Users\rhsCZ\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-12-29 10:48 - 2015-01-31 10:37 - 0000600 _____ () C:\Users\rhsCZ\AppData\Roaming\winscp.rnd
2015-01-05 21:54 - 2015-01-05 21:54 - 0000038 ___SH () C:\Users\rhsCZ\AppData\Local\69ff07055291669bb2b218.72821112
2015-02-04 10:49 - 2015-02-04 18:04 - 0002176 _____ () C:\Users\rhsCZ\AppData\Local\BTServer.log
2015-01-14 16:46 - 2015-01-14 16:46 - 0003584 _____ () C:\Users\rhsCZ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-24 22:45 - 2015-01-24 22:48 - 1065984 _____ () C:\Users\rhsCZ\AppData\Local\file__0.localstorage
2014-12-30 11:32 - 2015-01-28 21:45 - 0000600 _____ () C:\Users\rhsCZ\AppData\Local\PUTTY.RND
2014-12-25 11:47 - 2014-12-30 13:32 - 0007602 _____ () C:\Users\rhsCZ\AppData\Local\Resmon.ResmonCfg
2015-01-02 15:02 - 2015-01-02 15:02 - 0000425 _____ () C:\Users\rhsCZ\AppData\Local\UserProducts.xml
2014-12-29 11:06 - 2014-12-29 11:06 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-01-27 18:50 - 2015-01-27 18:50 - 0004140 _____ () C:\ProgramData\cdggdqsx.jep
2014-08-13 21:33 - 2014-08-13 21:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-27 18:41 - 2015-01-27 18:41 - 0004110 _____ () C:\ProgramData\ubzyegls.kzt

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> testsigning is on. Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2015-02-01 10:55

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2015
Ran by rhsCZ at 2015-02-04 19:04:38
Running from C:\Users\rhsCZ\Desktop\HJT+ost
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Internet Security 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2015 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
18 Wheels of Steel American Long Haul (HKLM-x32\...\{31610C80-309D-40C5-8CF4-9D1EA19DBA0B}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
ACP Application (Version: 2.15.10.0003 - Advanced Micro Devices, Inc.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Afterfall InSanity Extended Edition (HKLM-x32\...\Steam App 224420) (Version: - Intoxicate Studios)
AIDA64 Extreme v4.70 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.70 - FinalWire Ltd.)
AMD Catalyst Install Manager (HKLM\...\{8CCFD59F-470B-1950-1CAD-888E51307E6E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - Reloaded Productions)
Ashampoo Burning Studio 2015 v.1.15.0 (HKLM-x32\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.0 - Ashampoo GmbH & Co. KG)
Ashampoo Music Studio 4 v.4.1.2 (HKLM-x32\...\{91B33C97-7650-0EB0-B6C7-DDBA2932B7B4}_is1) (Version: 4.1.2 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 11 v.11.1.8 (HKLM-x32\...\{C92AB6F1-0F9C-8526-5DF1-0A2FD0FB33D9}_is1) (Version: 11.1.8 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 7 v.7.0.10 (HKLM-x32\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2014 v.1.0.0 (HKLM-x32\...\{4209F371-99CD-68CB-1C29-9910F8F9BD96}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Auslogics BoostSpeed 7 (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 7.6.0.0 - Auslogics Labs Pty Ltd)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies CZ, s.r.o.)
AVG 2015 (Version: 15.0.4281 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies CZ, s.r.o.) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.5.7 - AVG Technologies)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.0.0.638 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
BitTorrent (HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\BitTorrent) (Version: 7.9.2.37755 - BitTorrent Inc.)
Borderlands Game of the Year Edition verze 1.41 (HKLM-x32\...\{ABD7D95F-43BC-4482-9622-83911B8240EA}_is1) (Version: 1.41 - 2K Games)
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Car Mechanic Simulator verze 1.0.0.0 (HKLM-x32\...\Car Mechanic Simulator_is1) (Version: 1.0.0.0 - Repacky)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
Counter-Strike 1.6 v42 (HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\Counter-Strike 1.6_is1) (Version: - Valve)
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Crash Time II (HKLM-x32\...\Steam App 11390) (Version: - RTL interactive)
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
CrystalDiskMark 3.0.3b (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.3b - Crystal Dew World)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.32.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Don't Starve (HKLM-x32\...\GOGPACKDONTSTARVE_is1) (Version: 2.1.0.9 - GOG.com)
EaseUS Partition Master 10.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Encrypt Files v1.5 (HKLM-x32\...\Encrypt Files_is1) (Version: - PowTools)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo)
Energy Manager (x32 Version: 1.5.0.17 - Lenovo) Hidden
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version: - )
Far Cry 4 (HKLM-x32\...\RmFyQ3J5NA==_is1) (Version: 1 - )
FEAR 2 Project Origin (HKLM-x32\...\{F72D25D6-8E5A-48B4-9DB6-E1474B618082}) (Version: 1.04 - WB Games)
FileZilla Client 3.10.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse)
Firebird 2.5.2.26540 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.2.26540 - Firebird Project)
FlatOut Ultimate Carnage (HKLM-x32\...\FlatOut Ultimate Carnage) (Version: - Empire Interactive)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Download Manager 3.9.4 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Glary Utilities 5.15 (HKLM-x32\...\Glary Utilities 5) (Version: 5.15.0.28 - Glarysoft Ltd)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
GTA:SanAndreas_CZ (HKLM-x32\...\GTA:SanAndreas_CZ) (Version: - )
GTR Evolution (HKLM-x32\...\Steam App 8660) (Version: - SimBin)
HashTab 5.2.0.14 (HKLM\...\HashTab) (Version: 5.2.0.14 - Implbits Software)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hitman Blood Money (HKLM-x32\...\{30BA90A9-E6B4-4FFC-8BC5-B7F2E014F432}) (Version: 1.10.000 - )
hMailServer 5.5.2-B2129 (HKLM-x32\...\hMailServer_is1) (Version: - )
HP Deskjet 3520 series Nápověda (HKLM-x32\...\{D259C419-D776-4163-B27C-19722C555237}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HWiNFO64 Version 4.48 (HKLM\...\HWiNFO64_is1) (Version: 4.48 - Martin Malík - REALiX)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.1 - IObit)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Just Cause 2 1.20 (HKLM-x32\...\Just Cause 2 1.20) (Version: - )
Kits Configuration Installer (x32 Version: 8.100.26846 - Microsoft) Hidden
Kodi (HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\Kodi) (Version: - XBMC-Foundation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.2 - Lenovo) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.44.3 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo)
Lenovo Updates (x32 Version: 1.0.0.65 - Lenovo) Hidden
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.1.14.3211 - Lenovo)
Lenovo Web Start (HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.303 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 4 (HKLM-x32\...\{b8a9dbc1-1fd4-4103-a83b-a2896f193ea0}) (Version: 12.0.31101.0 - Microsoft Corporation)
Minecraft Tweaker Lite for Minecraft 1.8.1, ver. 1.8.1_11.5 (HKLM-x32\...\{6428D19C-67AF-44FB-9496-E255C5D1E553}_is1) (Version: - Michal Charvát)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 35.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 cs)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.4.0 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 cs)) (Version: 31.4.0 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MultiHasher 2.7 (HKLM-x32\...\{6D8A77EC-1D83-4F07-9038-6913EFEACA1F}_is1) (Version: 2.7.0.0 - abelhadigital.com)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 27.0.1689.66 (HKLM-x32\...\Opera 27.0.1689.66) (Version: 27.0.1689.66 - Opera Software ASA)
Oracle VM VirtualBox 4.3.20 (HKLM\...\{DD8F7A7A-852F-4648-8A73-B8FC1DF5F082}) (Version: 4.3.20 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.82.106.0 - Overwolf Ltd.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd)
Powersuite (HKLM-x32\...\{793A260C-CDBF-499C-ABBA-B51E8E076867}_is1) (Version: 4.3.0.0 - Uniblue Systems Limited)
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Process Hacker 2.33 (r5590) (HKLM\...\Process_Hacker2_is1) (Version: 2.33.0.5590 - wj32)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.8.2500 - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
RACE 07 (HKLM-x32\...\Steam App 8600) (Version: - SimBin)
Random Password Generator (HKLM-x32\...\Random Password Generator_is1) (Version: 1.0 - IObit)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.806.012214 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39058 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.30.0239 - REALTEK Semiconductor Corp.)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
SAM Broadcaster 2014.7 (HKLM-x32\...\SAM3) (Version: 2014.7 - Spacial Audio Solutions, LLC)
SAM Cast 2014.7 (HKLM-x32\...\SAMCast) (Version: 2014.7 - Spacial Audio Solutions, LLC)
Scorpions WinCheater (HKLM-x32\...\Scorpions WinCheater 2.07 (s databází 163)_is1) (Version: - )
SDK ARM Additions (x32 Version: 8.100.26846 - Microsoft Corporation) Hidden
SDK ARM Additions EULA (x32 Version: 8.100.26846 - Microsoft Corporations) Hidden
SDK ARM Redistributables (x32 Version: 8.100.26846 - Microsoft Corporation) Hidden
SDK Debuggers ARM (x32 Version: 8.100.26846 - Microsoft Corporation) Hidden
Seznam Software (HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\SeznamInstall) (Version: - Seznam.cz)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Install Maker 5.04 (HKLM-x32\...\Smart Install Maker 5.04) (Version: 5.04 - InstallBuilders)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Spintires (HKLM-x32\...\Spintires_is1) (Version: - )
Splinter Cell - Blacklist 1.01 (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}_is1) (Version: - )
Starship Troopers (HKLM-x32\...\{STARSHIP_TROOPERS_30112005}) (Version: 1.00.000 - )
Start Menu (HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\Pokki_Start_Menu) (Version: 0.269.5.339 - Pokki)
State of Decay verzia 14.2.11.5126 (HKLM-x32\...\State of Decay_is1) (Version: 14.2.11.5126 - CzTorrent.net)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie vylepšování produktu HP Deskjet 3520 series (HKLM\...\{B7AED02F-7D1B-4806-831B-C06841A282C4}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - )
Sublime Text Build 3065 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Tom Clancy's Splinter Cell Chaos Theory (HKLM-x32\...\{888DD888-82BE-4D85-BCB2-2E042CD3E844}) (Version: 1.05.157 - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.01 - Ubisoft)
Trove (HKLM-x32\...\Glyph Trove) (Version: - Trion Worlds, Inc.)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\UnityWebPlayer) (Version: 4.6.0f3 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Vbsedit (HKLM\...\Vbsedit) (Version: 6.3.2.0 - Adersoft)
Vbsedit 32-bit (HKLM-x32\...\Vbsedit 32-bit) (Version: 6.3.2.0 - Adersoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{3814DB30-091D-11E4-BDE0-F04DA23A5C58}) (Version: 13.0.373 - Sony)
Verbatim GREEN BUTTON 1.68 (HKLM-x32\...\Verbatim GREEN BUTTON_is1) (Version: - Verbatim)
Verbatim Hard Drive Eraser 1.08 (HKLM-x32\...\Verbatim Hard Drive Eraser_is1) (Version: - Verbatim)
Verbatim Hard Drive Formatter 1.41 (HKLM-x32\...\Verbatim Hard Drive Formatter_is1) (Version: - Verbatim)
Verbatim Hard Drive Info 1.04 (HKLM-x32\...\Verbatim Hard Drive Info_is1) (Version: - Verbatim)
Verbatim Product Update 1.06 (HKLM-x32\...\Verbatim Product Update_is1) (Version: - Verbatim)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Windows Driver Kit for Windows 8.1 (HKLM-x32\...\{aba88724-37eb-4f03-b83b-45199c5a7cf5}) (Version: 8.100.26846 - Microsoft Corporation)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinSCP 5.5.6 (HKLM-x32\...\winscp3_is1) (Version: 5.5.6 - Martin Prikryl)
WinUtilities Professional Edition 11.33 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-4424A5043009}_is1) (Version: 11.33 - YL Computing, Inc)
Wise Care 365 3.43 (HKLM-x32\...\Wise Care 365_is1) (Version: 3.43 - WiseCleaner.com, Inc.)
World of Tanks (HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
xNeat Application Builder (HKLM-x32\...\xNeat Application Builder) (Version: - )
Základní software zařízení HP Deskjet 3520 series (HKLM\...\{7EBD8BA7-DF64-4BF9-9BC1-B0D53984FC6E}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Zint (HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\Zint) (Version: 2.4.3.0 - Robin Stuart & BogDan Vatra)

„Zeptáš-li se, budeš 5 minut vypadat jako blbec. Nezeptáš-li se, budeš blbcem po celý život.“
„Mnozí z těch, co žijí, by zasluhovali smrt. A mnozí z těch, co zemřeli, by si zasloužili žít.“ - John Ronald Reuel Tolkien
„Je lepší být nenáviděn pro to, jaký jsi, než být milován pro to, co nejsi.“ - Kurt Cobain
https://rhscz.eu
https://github.com/rhsCZ
Nahoru
Uživatelský avatar
rhsCZ
Level 4
Level 4
Příspěvky: 1395
Registrován: červen 13
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele rhsCZ

Re: Preventivka

Příspěvekod rhsCZ » 04 úno 2015 19:21

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1433280961-3815244573-1026450080-1002_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()

==================== Restore Points =========================

03-02-2015 10:34:58 main-3.2.2015
04-02-2015 18:12:35 Nainstalováno rozhraní DirectX

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2015-02-04 10:24 - 00000753 ____A C:\windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {065B6095-76B0-4D60-B793-138552C37B40} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {14F41D27-4A4E-404E-996F-C87410CC04BD} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {3C0FD51B-F62D-4DDC-A2F8-43800520F69D} - System32\Tasks\Uninstaller_SkipUac_rhsCZ => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-30] (IObit)
Task: {44E8DD4F-C015-40F5-BA22-1DC28A87570A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {5A9B504E-0480-404D-9C59-9543BD36C2A1} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-12-22] (Glarysoft Ltd)
Task: {6C7D48DB-BC1F-435F-B430-BD92E2BB5414} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-28] (Google Inc.)
Task: {8B229E69-4616-48BC-BCA9-CF66237B28EC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {94389095-433E-4928-900E-A943BF58C359} - System32\Tasks\powersuite_monitor => C:\Program Files (x86)\Uniblue\Powersuite\powersuite_monitor.exe
Task: {9EF00D33-B086-44B6-A14F-EBFCEF9B4572} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {AB375DC0-0A0E-46A1-8A75-A70C69A75538} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-12-29] (Microsoft Corporation)
Task: {AF95436B-3C50-4034-B805-28FDC11BAF34} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-12-22] (Glarysoft Ltd)
Task: {B57B22C8-35F4-4F51-8CEA-85A09F5F442B} - System32\Tasks\Opera scheduled Autoupdate 1422625067 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-02] (Opera Software)
Task: {B6138E80-CBE4-4977-90A3-F4865DE469B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-28] (Google Inc.)
Task: {C236A72A-D34F-47DB-BF7E-C99818C2EACB} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-01] (Adobe Systems Incorporated)
Task: {D930D0A7-D1C0-48F0-A524-86E5AC501BBC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-12-29] (Microsoft Corporation)
Task: {D9863886-3EA3-4230-B7B5-BF38752C33BF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-01-14] (Microsoft Corporation)
Task: {EFF7E0E3-A671-4B25-A835-96BEA58B2955} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-12-29] (Microsoft Corporation)
Task: {F202ABFB-B202-414A-BE72-839174F01042} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {F5383B11-FB38-49EA-8042-7941522BCAD2} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-01-15] (Overwolf LTD)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\powersuite_monitor.job => C:\Program Files (x86)\Uniblue\Powersuite\powersuite_monitor.exe
Task: C:\windows\Tasks\Uninstaller_SkipUac_rhsCZ.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) =============

2014-11-20 21:23 - 2014-11-20 21:23 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-08-13 21:37 - 2014-01-22 22:04 - 00084992 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-08-13 22:05 - 2012-04-25 03:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-12-08 11:10 - 2014-12-08 11:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2015-01-26 15:48 - 2014-07-07 19:11 - 00027648 _____ () C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-08-13 21:33 - 2010-10-26 21:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-12-29 10:51 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-20 21:23 - 2014-11-20 21:23 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-12-29 11:48 - 2014-12-29 11:48 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\rhsCZ\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "PhoneCompanion"
HKLM\...\StartupApproved\Run: => "Lenovo Utility"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "vProt"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM Tray Agent"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\StartupApproved\StartupFolder: => "Verbatim GREEN BUTTON.lnk"
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\StartupApproved\StartupFolder: => "Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk"
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\StartupApproved\Run: => "HP Deskjet 3520 series (NET)"
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\StartupApproved\Run: => "Application Restart #2"
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\StartupApproved\Run: => "Process Hacker 2"
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\StartupApproved\Run: => "AppEx Accelerator UI"
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\StartupApproved\Run: => "xNeat Clipboard Manager"

========================= Accounts: ==========================

Administrator (S-1-5-21-1433280961-3815244573-1026450080-500 - Administrator - Disabled)
Guest (S-1-5-21-1433280961-3815244573-1026450080-501 - Limited - Disabled)
rhsCZ (S-1-5-21-1433280961-3815244573-1026450080-1002 - Administrator - Enabled) => C:\Users\rhsCZ
Táta (S-1-5-21-1433280961-3815244573-1026450080-1003 - Administrator - Enabled)

==================== Faulty Device Manager Devices =============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/04/2015 06:04:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VfsysLogon.exe, verze: 5.0.0.1, časové razítko: 0x530bffc9
Název chybujícího modulu: VfSysLogonDll.dll, verze: 1.0.0.1, časové razítko: 0x530bffde
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000453a
ID chybujícího procesu: 0xe40
Čas spuštění chybující aplikace: 0xVfsysLogon.exe0
Cesta k chybující aplikaci: VfsysLogon.exe1
Cesta k chybujícímu modulu: VfsysLogon.exe2
ID zprávy: VfsysLogon.exe3
Úplný název chybujícího balíčku: VfsysLogon.exe4
ID aplikace související s chybujícím balíčkem: VfsysLogon.exe5

Error: (02/04/2015 03:18:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (02/04/2015 03:18:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (02/04/2015 03:17:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (02/04/2015 03:17:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (02/04/2015 03:17:27 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1 se nezdařilo. Chyba v souboru manifestu nebo zásady UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2 na řádku UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (02/04/2015 00:12:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program backgroundTaskHost.exe verze 6.3.9600.17415 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 16b8

Čas spuštění: 01d0406ac75bafc2

Čas ukončení: 4294967295

Cesta k aplikaci: C:\windows\system32\backgroundTaskHost.exe

ID hlášení: baef0d78-ac5e-11e4-829f-28d244ce61b1

Úplný název chybujícího balíčku: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt

ID aplikace související s chybujícím balíčkem: App

Error: (02/04/2015 00:05:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VfsysLogon.exe, verze: 5.0.0.1, časové razítko: 0x530bffc9
Název chybujícího modulu: VfSysLogonDll.dll, verze: 1.0.0.1, časové razítko: 0x530bffde
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000453a
ID chybujícího procesu: 0xd10
Čas spuštění chybující aplikace: 0xVfsysLogon.exe0
Cesta k chybující aplikaci: VfsysLogon.exe1
Cesta k chybujícímu modulu: VfsysLogon.exe2
ID zprávy: VfsysLogon.exe3
Úplný název chybujícího balíčku: VfsysLogon.exe4
ID aplikace související s chybujícím balíčkem: VfsysLogon.exe5

Error: (02/04/2015 11:47:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (02/04/2015 11:47:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (02/04/2015 06:03:58 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (02/04/2015 06:03:58 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (02/04/2015 06:03:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Conexant SmartAudio service neuspěla při spuštění v důsledku následující chyby:
%%3

Error: (02/04/2015 06:03:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PnkBstrA neuspěla při spuštění v důsledku následující chyby:
%%3

Error: (02/04/2015 06:03:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.1 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (02/04/2015 06:03:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AppEx Networks Accelerator LWF neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (02/04/2015 00:05:11 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (02/04/2015 00:05:11 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (02/04/2015 00:05:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Conexant SmartAudio service neuspěla při spuštění v důsledku následující chyby:
%%3

Error: (02/04/2015 00:05:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PnkBstrA neuspěla při spuštění v důsledku následující chyby:
%%3


Microsoft Office Sessions:
=========================
Error: (02/04/2015 06:04:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VfsysLogon.exe5.0.0.1530bffc9VfSysLogonDll.dll1.0.0.1530bffdec0000005000000000000453ae4001d0409c919f1f20C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfsysLogon.exeC:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfSysLogon\1920\VfSysLogonDll.dlld00a649d-ac8f-11e4-82a0-28d244ce61b1

Error: (02/04/2015 03:18:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files (x86)\Windows Kits\8.1\bin\arm\filetypeverifier.exe

Error: (02/04/2015 03:18:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files (x86)\Windows Kits\8.1\bin\arm\WiLogUtl.exe

Error: (02/04/2015 03:17:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files (x86)\Windows Kits\8.1\Tools\arm\traceview.exe

Error: (02/04/2015 03:17:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files (x86)\Windows Kits\8.1\Tools\arm\wiatrcvw.exe

Error: (02/04/2015 03:17:27 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (02/04/2015 00:12:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.1741516b801d0406ac75bafc24294967295C:\windows\system32\backgroundTaskHost.exebaef0d78-ac5e-11e4-829f-28d244ce61b1Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp

Error: (02/04/2015 00:05:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VfsysLogon.exe5.0.0.1530bffc9VfSysLogonDll.dll1.0.0.1530bffdec0000005000000000000453ad1001d0406a719a7b7bC:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfsysLogon.exeC:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfSysLogon\1920\VfSysLogonDll.dllafad8d6a-ac5d-11e4-829f-28d244ce61b1

Error: (02/04/2015 11:47:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files (x86)\Windows Kits\8.1\bin\arm\filetypeverifier.exe

Error: (02/04/2015 11:47:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files (x86)\Windows Kits\8.1\bin\arm\WiLogUtl.exe


CodeIntegrity Errors:
===================================
Date: 2014-12-28 21:42:14.057
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-12-28 21:34:56.681
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD FX-7500 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 25%
Total physical RAM: 7098.54 MB
Available physical RAM: 5286.48 MB
Total Pagefile: 13240.54 MB
Available Pagefile: 10909.85 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (rhsCZ) (Fixed) (Total:890.09 GB) (Free:478.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.54 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: AC6655F5)

Partition: GPT Partition Type.

==================== End Of Log ============================

„Zeptáš-li se, budeš 5 minut vypadat jako blbec. Nezeptáš-li se, budeš blbcem po celý život.“
„Mnozí z těch, co žijí, by zasluhovali smrt. A mnozí z těch, co zemřeli, by si zasloužili žít.“ - John Ronald Reuel Tolkien
„Je lepší být nenáviděn pro to, jaký jsi, než být milován pro to, co nejsi.“ - Kurt Cobain
https://rhscz.eu
https://github.com/rhsCZ
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Preventivka

Příspěvekod jaro3 » 04 úno 2015 21:58

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL No File
BootExecute: autocheck autochk *
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1433280961-3815244573-1026450080-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
C:\ProgramData\cdggdqsx.jep
C:\ProgramData\ubzyegls.kzt
C:\windows\system32\Drivers\etc\hosts.ics
C:\windows\_isenv31.ini
C:\ProgramData\DP45977C.lfl

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

FF NetworkProxy: "backup.ftp", "212.175.88.15"
FF NetworkProxy: "backup.ftp_port", 8080
FF NetworkProxy: "backup.socks", "212.175.88.15"
FF NetworkProxy: "backup.socks_port", 8080
FF NetworkProxy: "backup.ssl", "212.175.88.15"
FF NetworkProxy: "backup.ssl_port", 8080
FF NetworkProxy: "ftp", "86.122.124.11"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "86.122.124.11"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "86.122.124.11"
FF NetworkProxy: "ssl_port", 80


To si nastavoval sám?

C:\windows\system32\NULL
C:\Users\rhsCZ\NULL
C:\windows\system32\all.msc
C:\Users\rhsCZ\AppData\Local\69ff07055291669bb2b218.72821112

Podívej se do těchto složek co tam je.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
rhsCZ
Level 4
Level 4
Příspěvky: 1395
Registrován: červen 13
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele rhsCZ

Re: Preventivka

Příspěvekod rhsCZ » 05 úno 2015 09:24

Ano proxy ve firefoxu jsem nastavil, na určitou věc jsem to potřeboval jinak proxy server nepoužívám jen vyjímečně.
C:\windows\system32\NULL je soubor který obsahuje jenom "Press any key to continue . . . ", jinak tam nic není.
C:\Users\rhsCZ\NULL je to sáme co výše.
Myslím, že tyto soubory mají společné něco s tím, že když mám davkový soubor nebo si jen otevřu příkazovou řádku a zadám např. "pause >> NULL "
tak docílím toho že mi to nic nevypíše a pošle se to do zmíněného souboru.
C:\windows\system32\all.msc to je moje dílo trošku jsme experimentoval s Microsoft managment console, kde jsme dal soubor->nový tam jsem přidával všechny moduly snap-in, které šli a pak jsem to uloži do již zmíněné složky
C:\Users\rhsCZ\AppData\Local\69ff07055291669bb2b218.72821112 je soubor označen atributem jako systémový a obsahuje různé znaky pravděpodobně něco zakódovaného "TATFV1 2;!Őˇą”9őL?{ˇĆKz €˙" v kódování ANSI

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-02-2015
Ran by rhsCZ at 2015-02-05 09:21:19 Run:1
Running from C:\Users\rhsCZ\Desktop
Loaded Profiles: rhsCZ (Available profiles: rhsCZ)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL No File
BootExecute: autocheck autochk *
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1433280961-3815244573-1026450080-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
C:\ProgramData\cdggdqsx.jep
C:\ProgramData\ubzyegls.kzt
C:\windows\system32\Drivers\etc\hosts.ics
C:\windows\_isenv31.ini
C:\ProgramData\DP45977C.lfl

*****************

HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict)" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}" => Key deleted successfully.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro2 (SyncInProgress)" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" => Key deleted successfully.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro3 (InSync)" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-1433280961-3815244573-1026450080-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => Key not found.
C:\ProgramData\cdggdqsx.jep => Moved successfully.
C:\ProgramData\ubzyegls.kzt => Moved successfully.
C:\windows\system32\Drivers\etc\hosts.ics => Moved successfully.
C:\windows\_isenv31.ini => Moved successfully.
C:\ProgramData\DP45977C.lfl => Moved successfully.

==== End of Fixlog 09:21:19 ====

„Zeptáš-li se, budeš 5 minut vypadat jako blbec. Nezeptáš-li se, budeš blbcem po celý život.“
„Mnozí z těch, co žijí, by zasluhovali smrt. A mnozí z těch, co zemřeli, by si zasloužili žít.“ - John Ronald Reuel Tolkien
„Je lepší být nenáviděn pro to, jaký jsi, než být milován pro to, co nejsi.“ - Kurt Cobain
https://rhscz.eu
https://github.com/rhsCZ
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Preventivka

Příspěvekod jaro3 » 05 úno 2015 09:40

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Users\rhsCZ\AppData\Local\69ff07055291669bb2b218.72821112

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
rhsCZ
Level 4
Level 4
Příspěvky: 1395
Registrován: červen 13
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele rhsCZ

Re: Preventivka

Příspěvekod rhsCZ » 05 úno 2015 10:23

https://www.virustotal.com/cs/file/6255 ... 423127833/ čistý
a chtěl jsem nahrát i na virscan.org, ale čínsky to psalo "文件名中有违法或广告关键字 "07055291669" 请修改文件名重新上传" což podle překladače je "Nelegální název souboru nebo reklama na klíčová slova "07055291669" Prosím, změňte název souboru re-upload!" zkusil jsme ho zkopírovat na plochu a přejmenovat ale nešlo nebralo to

„Zeptáš-li se, budeš 5 minut vypadat jako blbec. Nezeptáš-li se, budeš blbcem po celý život.“
„Mnozí z těch, co žijí, by zasluhovali smrt. A mnozí z těch, co zemřeli, by si zasloužili žít.“ - John Ronald Reuel Tolkien
„Je lepší být nenáviděn pro to, jaký jsi, než být milován pro to, co nejsi.“ - Kurt Cobain
https://rhscz.eu
https://github.com/rhsCZ
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Preventivka

Příspěvekod jaro3 » 05 úno 2015 18:46

Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
rhsCZ
Level 4
Level 4
Příspěvky: 1395
Registrován: červen 13
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele rhsCZ

Re: Preventivka

Příspěvekod rhsCZ » 05 úno 2015 18:59

Já jsem nepsal o žádných problémech viz. název tématu "Preventivka" jen taková previtivní kontrola.
Jinak žádný problémy se neobjevili vše funguje jak má, jestli to myslíš takto.

„Zeptáš-li se, budeš 5 minut vypadat jako blbec. Nezeptáš-li se, budeš blbcem po celý život.“
„Mnozí z těch, co žijí, by zasluhovali smrt. A mnozí z těch, co zemřeli, by si zasloužili žít.“ - John Ronald Reuel Tolkien
„Je lepší být nenáviděn pro to, jaký jsi, než být milován pro to, co nejsi.“ - Kurt Cobain
https://rhscz.eu
https://github.com/rhsCZ
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Preventivka

Příspěvekod jaro3 » 05 úno 2015 21:46

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 124 hostů