Zdravím NTB sa výrazne spomalil, v priehladačoch otvára samovoľne vyskakovacie okná a mal problémy so zapínaním (pustil sa, ale explorer.exe mi nespustil musel som ho puštať manuálne) po prečistení Malwarebytes problém zo zapínaním zmizol ale spomalenie a otvaranie okien zostalo.
Log z RSITu sa mi nepodaril vytvoriť kvoli erroru pri vytvaráni, preto prikladám log z FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-01-2014
Ran by Richard (administrator) on NAFAJCENYPC on 10-01-2014 15:31:02
Running from C:\Users\Richard\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Alcor Micro Corp.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ICQ) C:\Users\Richard\AppData\Roaming\ICQM\icq.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Program Files\Pirrit\AutoUpdater.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [258048 2011-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [3926128 2012-04-19] (VIA)
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM\...\Run: [HControlUser] - C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [NCUpdateHelper] - C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2013-09-05] (NCSOFT Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKCU\...\Run: [icq] - C:\Users\Richard\AppData\Roaming\ICQM\icq.exe [29919576 2013-12-18] (ICQ)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
MountPoints2: {2e8e1cf1-e48c-11e2-b871-806e6f6e6963} - D:\setup.exe
MountPoints2: {cc796842-e424-11e2-8833-50465d99a2c9} - E:\autoplay.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3AA2A4E65878CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC8} URL = http://search.icq.com/search/results.ph ... h_mode=web
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 91.121.69.54 l2authd.lineage2.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @t.garena.com/garenatalk - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Pirrit Suggestor - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\suggestor@suggestor.pirrit.com.xpi
FF Extension: Stylish - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF Extension: Adblock Plus - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Chrome:
=======
CHR HomePage: hxxp://www.delta-homes.com/?utm_source=b&utm_m ... 1380216822
CHR RestoreOnStartup: "hxxp://www.delta-homes.com/?utm_source=b&utm_m ... 1380216822"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Garena Talk Plugin) - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (Pirrit Suggestor) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc
CHR Extension: (Google Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
========================== Services (Whitelisted) =================
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512 2011-11-21] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462048 2012-04-20] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [4702568 2012-10-24] (INCA Internet Co., Ltd.)
R2 PirritUpdater; C:\Program Files\Pirrit\AutoUpdater.exe [55296 2013-12-02] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-23] (VIA Technologies, Inc.)
==================== Drivers (Whitelisted) ====================
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2013-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-12-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2013-12-29] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2013-12-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-29] ()
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [14464 2011-09-07] (ASUS)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-07-03] (Disc Soft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [91760 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-02] (Intel Corporation)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [113608 2013-04-15] (Power Software Ltd)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1830512 2012-03-23] (VIA Technologies, Inc.)
R2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 ASUSProcObsrv; \??\D:\I386\AsProcOb.sys [x]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [x]
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-10 15:31 - 2014-01-10 15:32 - 00015097 _____ C:\Users\Richard\Desktop\FRST.txt
2014-01-10 15:30 - 2014-01-10 15:30 - 00000000 ____D C:\FRST
2014-01-10 15:29 - 2014-01-10 15:29 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
2014-01-10 15:26 - 2014-01-10 15:26 - 01066141 _____ (Farbar) C:\Users\Richard\Desktop\FRST.exe
2014-01-10 15:16 - 2014-01-10 15:24 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 15:16 - 2014-01-10 15:16 - 00000000 ____D C:\rsit
2014-01-10 15:05 - 2014-01-10 15:15 - 00781909 _____ C:\Users\Richard\Desktop\RSIT.exe
2014-01-10 13:39 - 2014-01-10 14:18 - 675414016 _____ C:\Users\Richard\Downloads\Warcraft-3---Regin-on-Chaos-CZ.iso
2014-01-10 12:26 - 2014-01-10 15:17 - 00000000 ____D C:\Users\Richard\Downloads\Diablo II - Lord of Destruction (1.13d Direct Play)
2014-01-10 00:55 - 2014-01-10 00:55 - 01938314 _____ C:\Users\Richard\Downloads\Enfo .X3X..w3x
2014-01-10 00:55 - 2014-01-10 00:55 - 00343719 _____ C:\Users\Richard\Downloads\ETS_MT_Edition_V181.w3x
2014-01-09 23:21 - 2014-01-10 00:01 - 563946096 _____ C:\Users\Richard\Downloads\Warcraft_3_The_Frozen_Throne_ENG.iso
2014-01-09 22:06 - 2014-01-09 22:47 - 662368256 _____ C:\Users\Richard\Downloads\Warcraft-3-Reign-Of-Chaos.iso
2014-01-09 16:00 - 2014-01-09 16:00 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2014-01-09 15:45 - 2014-01-09 15:52 - 00000000 ____D C:\Users\Public\Palo tuto to JE
2014-01-09 14:39 - 2014-01-09 14:39 - 01360755 _____ C:\Users\Richard\Downloads\Jedi_Knight_Jedi_Academy_v1.01_Single_Player_Multiplayer__WWW.CRACK-LOCATOR.INFO_.zip
2014-01-09 14:27 - 2014-01-09 14:28 - 11624176 _____ (LucasArts) C:\Users\Richard\Downloads\jkacademy1_01.exe
2014-01-07 12:53 - 2014-01-07 12:54 - 00023552 ___SH C:\Users\Richard\Downloads\Thumbs.db
2014-01-07 12:40 - 2014-01-10 12:09 - 00000392 _____ C:\Windows\setupact.log
2014-01-07 12:40 - 2014-01-07 12:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-05 12:43 - 2014-01-05 12:43 - 00108680 _____ C:\Users\Richard\Downloads\1065371638.zip
2014-01-04 10:47 - 2014-01-04 10:56 - 3741745152 _____ C:\Users\Richard\Documents\CD_ROM.iso
2014-01-04 10:46 - 2014-01-04 11:16 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-31 00:41 - 2013-12-31 00:41 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 00:38 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-31 00:12 - 2013-12-31 00:12 - 00011776 ___SH C:\Users\Richard\Documents\Thumbs.db
2013-12-30 20:51 - 2013-12-30 20:51 - 00001643 _____ C:\Users\Richard\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Windows\system32\games
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Checker
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Program Files\Disk Checker
2013-12-29 14:38 - 2013-12-29 14:38 - 00000000 ____D C:\Users\Richard\AppData\Roaming\AVAST Software
2013-12-29 14:31 - 2013-12-29 14:32 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-12-29 14:31 - 2013-12-29 14:31 - 00000000 ____D C:\Program Files\Security Task Manager
2013-12-29 14:16 - 2013-12-29 14:16 - 00000673 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-12-29 14:16 - 2013-12-29 14:16 - 00000644 _____ C:\Users\Public\Desktop\Half-Life.lnk
2013-12-29 11:00 - 2013-12-30 18:06 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-25 21:20 - 2013-12-25 21:20 - 00002172 _____ C:\Users\Public\Desktop\Play The Sims™ 3.lnk
2013-12-25 19:14 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Richard\Documents\Electronic Arts
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Origin
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Local\Origin
2013-12-25 11:39 - 2013-12-25 11:40 - 00000000 ____D C:\ProgramData\Origin
2013-12-25 11:39 - 2013-12-25 11:39 - 00000937 _____ C:\Users\Public\Desktop\Origin.lnk
2013-12-25 11:38 - 2013-12-25 11:40 - 00000000 ____D C:\Program Files\Origin
2013-12-24 16:41 - 2013-12-25 11:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-24 16:38 - 2013-12-25 11:38 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-24 15:28 - 2013-12-24 15:28 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-12-24 09:45 - 2014-01-10 15:27 - 00183395 _____ C:\Windows\WindowsUpdate.log
2013-12-24 09:44 - 2013-12-24 09:44 - 00000809 _____ C:\Users\Richard\Desktop\UnrealTournament.lnk
2013-12-24 09:43 - 2013-12-24 09:43 - 00000738 _____ C:\Users\Richard\Desktop\Stronghold Crusader.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001811 _____ C:\Users\Richard\Desktop\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001669 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-18 01:01 - 2013-12-18 01:18 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ-Profile
2013-12-14 21:20 - 2013-12-14 21:20 - 00000000 ____D C:\Users\Richard\AppData\Local\Pirrit Suggestor
2013-12-14 21:19 - 2013-12-14 21:19 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Pirrit
2013-12-14 21:19 - 2013-12-14 21:19 - 00000000 ____D C:\Program Files\Pirrit
2013-12-14 21:14 - 2013-12-14 21:14 - 00000983 _____ C:\Users\Public\Desktop\Guitar and Bass.lnk
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Richard\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Public\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\ProgramData\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Program Files\Guitar and Bass
2013-12-14 19:53 - 2013-12-14 19:53 - 00001027 _____ C:\Users\Public\Desktop\Guitar FX BOX 3.LNK
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Steinberg
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Guitar FX BOX 3
==================== One Month Modified Files and Folders =======
2014-01-10 15:32 - 2014-01-10 15:31 - 00015097 _____ C:\Users\Richard\Desktop\FRST.txt
2014-01-10 15:30 - 2014-01-10 15:30 - 00000000 ____D C:\FRST
2014-01-10 15:29 - 2014-01-10 15:29 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
2014-01-10 15:27 - 2013-12-24 09:45 - 00183395 _____ C:\Windows\WindowsUpdate.log
2014-01-10 15:26 - 2014-01-10 15:26 - 01066141 _____ (Farbar) C:\Users\Richard\Desktop\FRST.exe
2014-01-10 15:24 - 2014-01-10 15:16 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 15:24 - 2013-10-17 00:08 - 00000000 ____D C:\Users\Richard\AppData\Roaming\uTorrent
2014-01-10 15:17 - 2014-01-10 12:26 - 00000000 ____D C:\Users\Richard\Downloads\Diablo II - Lord of Destruction (1.13d Direct Play)
2014-01-10 15:17 - 2013-08-05 08:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-10 15:16 - 2014-01-10 15:16 - 00000000 ____D C:\rsit
2014-01-10 15:15 - 2014-01-10 15:05 - 00781909 _____ C:\Users\Richard\Desktop\RSIT.exe
2014-01-10 14:34 - 2013-07-04 03:43 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 14:18 - 2014-01-10 13:39 - 675414016 _____ C:\Users\Richard\Downloads\Warcraft-3---Regin-on-Chaos-CZ.iso
2014-01-10 12:14 - 2009-07-14 05:34 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 12:14 - 2009-07-14 05:34 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 12:09 - 2014-01-07 12:40 - 00000392 _____ C:\Windows\setupact.log
2014-01-10 12:09 - 2013-07-04 03:43 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 12:09 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 00:55 - 2014-01-10 00:55 - 01938314 _____ C:\Users\Richard\Downloads\Enfo .X3X..w3x
2014-01-10 00:55 - 2014-01-10 00:55 - 00343719 _____ C:\Users\Richard\Downloads\ETS_MT_Edition_V181.w3x
2014-01-10 00:01 - 2014-01-09 23:21 - 563946096 _____ C:\Users\Richard\Downloads\Warcraft_3_The_Frozen_Throne_ENG.iso
2014-01-09 23:16 - 2013-11-22 22:16 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-09 22:48 - 2013-07-03 22:55 - 00000000 ____D C:\Users\Richard\AppData\Roaming\DAEMON Tools Lite
2014-01-09 22:47 - 2014-01-09 22:06 - 662368256 _____ C:\Users\Richard\Downloads\Warcraft-3-Reign-Of-Chaos.iso
2014-01-09 21:32 - 2013-07-20 16:43 - 00000000 ____D C:\Users\Public\zaloha
2014-01-09 16:00 - 2014-01-09 16:00 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2014-01-09 16:00 - 2013-11-09 09:54 - 00000000 ____D C:\ProgramData\AlawarWrapper
2014-01-09 15:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2014-01-09 15:52 - 2014-01-09 15:45 - 00000000 ____D C:\Users\Public\Palo tuto to JE
2014-01-09 15:52 - 2013-07-12 18:22 - 00000000 ____D C:\games
2014-01-09 15:46 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2014-01-09 14:39 - 2014-01-09 14:39 - 01360755 _____ C:\Users\Richard\Downloads\Jedi_Knight_Jedi_Academy_v1.01_Single_Player_Multiplayer__WWW.CRACK-LOCATOR.INFO_.zip
2014-01-09 14:28 - 2014-01-09 14:27 - 11624176 _____ (LucasArts) C:\Users\Richard\Downloads\jkacademy1_01.exe
2014-01-07 12:54 - 2014-01-07 12:53 - 00023552 ___SH C:\Users\Richard\Downloads\Thumbs.db
2014-01-07 12:40 - 2014-01-07 12:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-05 13:42 - 2013-11-10 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\vlc
2014-01-05 12:43 - 2014-01-05 12:43 - 00108680 _____ C:\Users\Richard\Downloads\1065371638.zip
2014-01-04 11:16 - 2014-01-04 10:46 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-04 10:56 - 2014-01-04 10:47 - 3741745152 _____ C:\Users\Richard\Documents\CD_ROM.iso
2014-01-04 10:47 - 2013-07-04 01:42 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-02 01:36 - 2013-07-06 18:43 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Skype
2013-12-31 19:43 - 2013-08-19 21:06 - 00000000 ____D C:\Users\Richard\Documents\WBFS Manager Covers
2013-12-31 01:08 - 2013-08-21 21:59 - 00000000 ____D C:\ProgramData\eSafe
2013-12-31 01:06 - 2013-08-21 21:59 - 00000000 ____D C:\Program Files\Common Files\337
2013-12-31 01:06 - 2013-08-21 21:55 - 00000000 ____D C:\Users\Richard\AppData\Local\SwvUpdater
2013-12-31 00:41 - 2013-12-31 00:41 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 00:12 - 2013-12-31 00:12 - 00011776 ___SH C:\Users\Richard\Documents\Thumbs.db
2013-12-30 20:51 - 2013-12-30 20:51 - 00001643 _____ C:\Users\Richard\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2013-12-30 20:51 - 2013-07-04 01:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Windows\system32\games
2013-12-30 20:50 - 2013-07-04 01:49 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-12-30 18:06 - 2013-12-29 11:00 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Checker
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Program Files\Disk Checker
2013-12-29 14:38 - 2013-12-29 14:38 - 00000000 ____D C:\Users\Richard\AppData\Roaming\AVAST Software
2013-12-29 14:32 - 2013-12-29 14:31 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-12-29 14:31 - 2013-12-29 14:31 - 00000000 ____D C:\Program Files\Security Task Manager
2013-12-29 14:16 - 2013-12-29 14:16 - 00000673 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-12-29 14:16 - 2013-12-29 14:16 - 00000644 _____ C:\Users\Public\Desktop\Half-Life.lnk
2013-12-29 11:00 - 2013-07-04 14:17 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 11:00 - 2013-07-04 14:17 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00002047 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-29 11:00 - 2013-07-04 14:15 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 10:57 - 2013-07-03 10:05 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-29 10:57 - 2009-07-14 03:04 - 00002577 _____ C:\Windows\system32\config.nt
2013-12-28 13:31 - 2013-11-10 14:48 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-25 21:20 - 2013-12-25 21:20 - 00002172 _____ C:\Users\Public\Desktop\Play The Sims™ 3.lnk
2013-12-25 19:14 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Richard\Documents\Electronic Arts
2013-12-25 16:38 - 2013-11-11 03:50 - 00000000 ____D C:\Users\Richard\AppData\Local\PMB Files
2013-12-25 16:38 - 2013-11-11 03:50 - 00000000 ____D C:\ProgramData\PMB Files
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Origin
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Local\Origin
2013-12-25 11:40 - 2013-12-25 11:39 - 00000000 ____D C:\ProgramData\Origin
2013-12-25 11:40 - 2013-12-25 11:38 - 00000000 ____D C:\Program Files\Origin
2013-12-25 11:39 - 2013-12-25 11:39 - 00000937 _____ C:\Users\Public\Desktop\Origin.lnk
2013-12-25 11:39 - 2013-12-24 16:41 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-25 11:38 - 2013-12-24 16:38 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-24 15:28 - 2013-12-24 15:28 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-12-24 09:44 - 2013-12-24 09:44 - 00000809 _____ C:\Users\Richard\Desktop\UnrealTournament.lnk
2013-12-24 09:43 - 2013-12-24 09:43 - 00000738 _____ C:\Users\Richard\Desktop\Stronghold Crusader.lnk
2013-12-20 21:50 - 2013-11-06 08:10 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-19 14:11 - 2013-07-04 14:17 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-12-18 01:18 - 2013-12-18 01:01 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ-Profile
2013-12-18 01:02 - 2013-12-18 01:02 - 00001811 _____ C:\Users\Richard\Desktop\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001669 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-18 01:02 - 2013-07-15 20:25 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQM
2013-12-18 00:57 - 2013-07-15 20:36 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ
2013-12-14 21:20 - 2013-12-14 21:20 - 00000000 ____D C:\Users\Richard\AppData\Local\Pirrit Suggestor
2013-12-14 21:19 - 2013-12-14 21:19 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Pirrit
2013-12-14 21:19 - 2013-12-14 21:19 - 00000000 ____D C:\Program Files\Pirrit
2013-12-14 21:14 - 2013-12-14 21:14 - 00000983 _____ C:\Users\Public\Desktop\Guitar and Bass.lnk
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Richard\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Public\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\ProgramData\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Program Files\Guitar and Bass
2013-12-14 19:53 - 2013-12-14 19:53 - 00001027 _____ C:\Users\Public\Desktop\Guitar FX BOX 3.LNK
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Steinberg
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Guitar FX BOX 3
Some content of TEMP:
====================
C:\Users\Richard\AppData\Local\Temp\war3_Install.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Richard\Desktop" je 2 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop
C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Richard\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray
C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Richard\AppData\Roaming\ICQM\icq.exe -CU [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper
C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files\Steam\Steam.exe" -silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun
"C:\Program Files\WebcamMax\wcmmon.exe" -a [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\307523~1.318\SSSCHE~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
výrazné spomalenie NTB
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
hinatahyuuga
- Návštěvník
- Příspěvky: 84
- Registrován: 30 kvě 2008 13:37
Re: výrazné spomalenie NTB
pridavam este zazipovany addition
- Přílohy
-
- Addition.zip
- (4.87 KiB) Staženo 54 x
Re: výrazné spomalenie NTB
Zdravim 
Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Spustte tradicne dvouklikem
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
hinatahyuuga
- Návštěvník
- Příspěvky: 84
- Registrován: 30 kvě 2008 13:37
Re: výrazné spomalenie NTB
Shortcut Cleaner 1.2.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/
Windows Version: Windows 7 Ultimate Service Pack 1
Program started at: 01/10/2014 04:13:34 PM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\
* Shortcut Cleaned: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729
* Shortcut Cleaned: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
* Shortcut Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => C:\Program Files\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729
Searching C:\Users\Richard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
* Shortcut Cleaned: C:\Users\Richard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => C:\Program Files\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729
* Shortcut Cleaned: C:\Users\Richard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729
Searching C:\Users\Public\Desktop\
* Shortcut Cleaned: C:\Users\Public\Desktop\Google Chrome.lnk => C:\Program Files\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729
Searching C:\Users\Richard\Desktop
6 bad shortcuts found.
Program finished at: 01/10/2014 04:13:45 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/
Windows Version: Windows 7 Ultimate Service Pack 1
Program started at: 01/10/2014 04:13:34 PM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\
* Shortcut Cleaned: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729
* Shortcut Cleaned: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
* Shortcut Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => C:\Program Files\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729
Searching C:\Users\Richard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
* Shortcut Cleaned: C:\Users\Richard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => C:\Program Files\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729
* Shortcut Cleaned: C:\Users\Richard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729
Searching C:\Users\Public\Desktop\
* Shortcut Cleaned: C:\Users\Public\Desktop\Google Chrome.lnk => C:\Program Files\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729
Searching C:\Users\Richard\Desktop
6 bad shortcuts found.
Program finished at: 01/10/2014 04:13:45 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)
-
hinatahyuuga
- Návštěvník
- Příspěvky: 84
- Registrován: 30 kvě 2008 13:37
Re: výrazné spomalenie NTB
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Ultimate x86
Ran by Richard on pi 10. 01. 2014 at 16:21:29,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\KMPAskPIPCount_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\KMPAskPIPCount_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC8}
~~~ Files
Successfully deleted: [File] "C:\end"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\esafe"
Successfully deleted: [Folder] "C:\Users\Richard\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
~~~ FireFox
Emptied folder: C:\Users\Richard\AppData\Roaming\mozilla\firefox\profiles\u5v1u8qa.default\minidumps [36 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pi 10. 01. 2014 at 16:27:18,32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Ultimate x86
Ran by Richard on pi 10. 01. 2014 at 16:21:29,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\KMPAskPIPCount_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\KMPAskPIPCount_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC8}
~~~ Files
Successfully deleted: [File] "C:\end"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\esafe"
Successfully deleted: [Folder] "C:\Users\Richard\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
~~~ FireFox
Emptied folder: C:\Users\Richard\AppData\Roaming\mozilla\firefox\profiles\u5v1u8qa.default\minidumps [36 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pi 10. 01. 2014 at 16:27:18,32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
hinatahyuuga
- Návštěvník
- Příspěvky: 84
- Registrován: 30 kvě 2008 13:37
Re: výrazné spomalenie NTB
# AdwCleaner v3.016 - Report created 10/01/2014 at 16:31:14
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Richard - NAFAJCENYPC
# Running from : C:\Users\Richard\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : PirritUpdater
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\Program Files\Pirrit
Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Program Files\Common Files\337
Folder Deleted : C:\Users\Richard\AppData\Local\Pirrit Suggestor
Folder Deleted : C:\Users\Richard\AppData\Local\AlawarWrapper
Folder Deleted : C:\Users\Richard\AppData\Roaming\337
Folder Deleted : C:\Users\Richard\AppData\Roaming\eUpdate
Folder Deleted : C:\Users\Richard\AppData\Roaming\Pirrit
Folder Deleted : C:\Users\Richard\Documents\AlawarWrapper
File Deleted : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\suggestor@suggestor.pirrit.com.xpi
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\delta-homes.xml
File Deleted : C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Deleted : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser
***** [ Shortcuts ] *****
***** [ Registry ] *****
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F33BA52-A684-47AC-AD99-A179E950C087}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F33BA52-A684-47AC-AD99-A179E950C087}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F5B3D73-2207-44DC-906F-1BAE62B83FD0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F5B3D73-2207-44DC-906F-1BAE62B83FD0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\PirritSuggestor_InstallMonetizer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\PirritSuggestor_InstallMonetizer_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\omigaplusSvc
Key Deleted : HKLM\Software\Pirrit
Key Deleted : HKLM\Software\winzipersvc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16502
-\\ Mozilla Firefox v26.0 (sk)
[ File : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\prefs.js ]
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
Deleted : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [4052 octets] - [10/01/2014 16:28:41]
AdwCleaner[S0].txt - [3695 octets] - [10/01/2014 16:31:14]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3755 octets] ##########
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Richard - NAFAJCENYPC
# Running from : C:\Users\Richard\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : PirritUpdater
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\Program Files\Pirrit
Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Program Files\Common Files\337
Folder Deleted : C:\Users\Richard\AppData\Local\Pirrit Suggestor
Folder Deleted : C:\Users\Richard\AppData\Local\AlawarWrapper
Folder Deleted : C:\Users\Richard\AppData\Roaming\337
Folder Deleted : C:\Users\Richard\AppData\Roaming\eUpdate
Folder Deleted : C:\Users\Richard\AppData\Roaming\Pirrit
Folder Deleted : C:\Users\Richard\Documents\AlawarWrapper
File Deleted : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\suggestor@suggestor.pirrit.com.xpi
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\delta-homes.xml
File Deleted : C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Deleted : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser
***** [ Shortcuts ] *****
***** [ Registry ] *****
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F33BA52-A684-47AC-AD99-A179E950C087}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F33BA52-A684-47AC-AD99-A179E950C087}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F5B3D73-2207-44DC-906F-1BAE62B83FD0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F5B3D73-2207-44DC-906F-1BAE62B83FD0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\PirritSuggestor_InstallMonetizer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\PirritSuggestor_InstallMonetizer_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\omigaplusSvc
Key Deleted : HKLM\Software\Pirrit
Key Deleted : HKLM\Software\winzipersvc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16502
-\\ Mozilla Firefox v26.0 (sk)
[ File : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\prefs.js ]
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
Deleted : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [4052 octets] - [10/01/2014 16:28:41]
AdwCleaner[S0].txt - [3695 octets] - [10/01/2014 16:31:14]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3755 octets] ##########
Re: výrazné spomalenie NTB
Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
hinatahyuuga
- Návštěvník
- Příspěvky: 84
- Registrován: 30 kvě 2008 13:37
Re: výrazné spomalenie NTB
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-01-2014
Ran by Richard (administrator) on NAFAJCENYPC on 10-01-2014 18:27:45
Running from C:\Users\Richard\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Alcor Micro Corp.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Blizzard Entertainment) C:\Users\Public\Palo tuto to JE\Warcraft III\war3.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [258048 2011-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [3926128 2012-04-19] (VIA)
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM\...\Run: [HControlUser] - C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [NCUpdateHelper] - C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2013-09-05] (NCSOFT Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKCU\...\Run: [icq] - C:\Users\Richard\AppData\Roaming\ICQM\icq.exe [29919576 2013-12-18] (ICQ)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
MountPoints2: {2e8e1cf1-e48c-11e2-b871-806e6f6e6963} - D:\setup.exe
MountPoints2: {cc796842-e424-11e2-8833-50465d99a2c9} - E:\autoplay.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3AA2A4E65878CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM - DefaultScope value is missing.
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 91.121.69.54 l2authd.lineage2.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @t.garena.com/garenatalk - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Stylish - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF Extension: Adblock Plus - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Garena Talk Plugin) - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (Pirrit Suggestor) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc
CHR Extension: (Google Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
========================== Services (Whitelisted) =================
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512 2011-11-21] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462048 2012-04-20] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [4702568 2012-10-24] (INCA Internet Co., Ltd.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-23] (VIA Technologies, Inc.)
==================== Drivers (Whitelisted) ====================
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2013-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-12-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2013-12-29] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2013-12-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-29] ()
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [14464 2011-09-07] (ASUS)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-07-03] (Disc Soft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [91760 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-02] (Intel Corporation)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [113608 2013-04-15] (Power Software Ltd)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1830512 2012-03-23] (VIA Technologies, Inc.)
R2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 ASUSProcObsrv; \??\D:\I386\AsProcOb.sys [x]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [x]
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-10 18:27 - 2014-01-10 18:27 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
2014-01-10 18:25 - 2014-01-10 15:29 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\trzFF2A.tmp
2014-01-10 16:28 - 2014-01-10 16:31 - 00000000 ____D C:\AdwCleaner
2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt
2014-01-10 16:14 - 2014-01-10 16:14 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt
2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe
2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip
2014-01-10 15:31 - 2014-01-10 18:28 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt
2014-01-10 15:30 - 2014-01-10 15:30 - 00000000 ____D C:\FRST
2014-01-10 15:26 - 2014-01-10 15:26 - 01066141 _____ (Farbar) C:\Users\Richard\Desktop\FRST.exe
2014-01-10 15:16 - 2014-01-10 15:24 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 15:16 - 2014-01-10 15:16 - 00000000 ____D C:\rsit
2014-01-10 15:05 - 2014-01-10 15:15 - 00781909 _____ C:\Users\Richard\Desktop\RSIT.exe
2014-01-10 13:39 - 2014-01-10 14:18 - 675414016 _____ C:\Users\Richard\Downloads\Warcraft-3---Regin-on-Chaos-CZ.iso
2014-01-10 12:26 - 2014-01-10 15:17 - 00000000 ____D C:\Users\Richard\Downloads\Diablo II - Lord of Destruction (1.13d Direct Play)
2014-01-10 00:55 - 2014-01-10 00:55 - 01938314 _____ C:\Users\Richard\Downloads\Enfo .X3X..w3x
2014-01-10 00:55 - 2014-01-10 00:55 - 00343719 _____ C:\Users\Richard\Downloads\ETS_MT_Edition_V181.w3x
2014-01-09 23:21 - 2014-01-10 00:01 - 563946096 _____ C:\Users\Richard\Downloads\Warcraft_3_The_Frozen_Throne_ENG.iso
2014-01-09 22:06 - 2014-01-09 22:47 - 662368256 _____ C:\Users\Richard\Downloads\Warcraft-3-Reign-Of-Chaos.iso
2014-01-09 16:00 - 2014-01-09 16:00 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2014-01-09 15:45 - 2014-01-09 15:52 - 00000000 ____D C:\Users\Public\Palo tuto to JE
2014-01-09 14:39 - 2014-01-09 14:39 - 01360755 _____ C:\Users\Richard\Downloads\Jedi_Knight_Jedi_Academy_v1.01_Single_Player_Multiplayer__WWW.CRACK-LOCATOR.INFO_.zip
2014-01-09 14:27 - 2014-01-09 14:28 - 11624176 _____ (LucasArts) C:\Users\Richard\Downloads\jkacademy1_01.exe
2014-01-07 12:53 - 2014-01-07 12:54 - 00023552 ___SH C:\Users\Richard\Downloads\Thumbs.db
2014-01-07 12:40 - 2014-01-10 16:35 - 00000504 _____ C:\Windows\setupact.log
2014-01-07 12:40 - 2014-01-07 12:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-05 12:43 - 2014-01-05 12:43 - 00108680 _____ C:\Users\Richard\Downloads\1065371638.zip
2014-01-04 10:47 - 2014-01-04 10:56 - 3741745152 _____ C:\Users\Richard\Documents\CD_ROM.iso
2014-01-04 10:46 - 2014-01-04 11:16 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-31 00:41 - 2013-12-31 00:41 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 00:38 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-31 00:12 - 2013-12-31 00:12 - 00011776 ___SH C:\Users\Richard\Documents\Thumbs.db
2013-12-30 20:51 - 2013-12-30 20:51 - 00001643 _____ C:\Users\Richard\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Windows\system32\games
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Checker
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Program Files\Disk Checker
2013-12-29 14:38 - 2013-12-29 14:38 - 00000000 ____D C:\Users\Richard\AppData\Roaming\AVAST Software
2013-12-29 14:31 - 2013-12-29 14:32 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-12-29 14:31 - 2013-12-29 14:31 - 00000000 ____D C:\Program Files\Security Task Manager
2013-12-29 14:16 - 2013-12-29 14:16 - 00000673 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-12-29 14:16 - 2013-12-29 14:16 - 00000644 _____ C:\Users\Public\Desktop\Half-Life.lnk
2013-12-29 11:00 - 2013-12-30 18:06 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-25 21:20 - 2013-12-25 21:20 - 00002172 _____ C:\Users\Public\Desktop\Play The Sims™ 3.lnk
2013-12-25 19:14 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Richard\Documents\Electronic Arts
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Origin
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Local\Origin
2013-12-25 11:39 - 2013-12-25 11:40 - 00000000 ____D C:\ProgramData\Origin
2013-12-25 11:39 - 2013-12-25 11:39 - 00000937 _____ C:\Users\Public\Desktop\Origin.lnk
2013-12-25 11:38 - 2013-12-25 11:40 - 00000000 ____D C:\Program Files\Origin
2013-12-24 16:41 - 2013-12-25 11:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-24 16:38 - 2013-12-25 11:38 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-24 15:28 - 2013-12-24 15:28 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-12-24 09:45 - 2014-01-10 17:32 - 00191151 _____ C:\Windows\WindowsUpdate.log
2013-12-24 09:44 - 2013-12-24 09:44 - 00000809 _____ C:\Users\Richard\Desktop\UnrealTournament.lnk
2013-12-24 09:43 - 2013-12-24 09:43 - 00000738 _____ C:\Users\Richard\Desktop\Stronghold Crusader.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001811 _____ C:\Users\Richard\Desktop\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001669 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-18 01:01 - 2013-12-18 01:18 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ-Profile
2013-12-14 21:14 - 2013-12-14 21:14 - 00000983 _____ C:\Users\Public\Desktop\Guitar and Bass.lnk
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Richard\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Public\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\ProgramData\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Program Files\Guitar and Bass
2013-12-14 19:53 - 2013-12-14 19:53 - 00001027 _____ C:\Users\Public\Desktop\Guitar FX BOX 3.LNK
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Steinberg
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Guitar FX BOX 3
==================== One Month Modified Files and Folders =======
2014-01-10 18:28 - 2014-01-10 15:31 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt
2014-01-10 18:27 - 2014-01-10 18:27 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
2014-01-10 18:17 - 2013-08-05 08:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-10 17:34 - 2013-07-04 03:43 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 17:32 - 2013-12-24 09:45 - 00191151 _____ C:\Windows\WindowsUpdate.log
2014-01-10 16:41 - 2009-07-14 05:34 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 16:41 - 2009-07-14 05:34 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 16:36 - 2013-07-04 03:43 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 16:36 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 16:35 - 2014-01-07 12:40 - 00000504 _____ C:\Windows\setupact.log
2014-01-10 16:31 - 2014-01-10 16:28 - 00000000 ____D C:\AdwCleaner
2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt
2014-01-10 16:14 - 2014-01-10 16:14 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt
2014-01-10 16:13 - 2013-07-04 03:44 - 00002141 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-10 16:13 - 2013-07-04 01:38 - 00001413 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe
2014-01-10 15:43 - 2013-11-22 22:16 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip
2014-01-10 15:30 - 2014-01-10 15:30 - 00000000 ____D C:\FRST
2014-01-10 15:29 - 2014-01-10 18:25 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\trzFF2A.tmp
2014-01-10 15:26 - 2014-01-10 15:26 - 01066141 _____ (Farbar) C:\Users\Richard\Desktop\FRST.exe
2014-01-10 15:24 - 2014-01-10 15:16 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 15:24 - 2013-10-17 00:08 - 00000000 ____D C:\Users\Richard\AppData\Roaming\uTorrent
2014-01-10 15:17 - 2014-01-10 12:26 - 00000000 ____D C:\Users\Richard\Downloads\Diablo II - Lord of Destruction (1.13d Direct Play)
2014-01-10 15:16 - 2014-01-10 15:16 - 00000000 ____D C:\rsit
2014-01-10 15:15 - 2014-01-10 15:05 - 00781909 _____ C:\Users\Richard\Desktop\RSIT.exe
2014-01-10 14:18 - 2014-01-10 13:39 - 675414016 _____ C:\Users\Richard\Downloads\Warcraft-3---Regin-on-Chaos-CZ.iso
2014-01-10 00:55 - 2014-01-10 00:55 - 01938314 _____ C:\Users\Richard\Downloads\Enfo .X3X..w3x
2014-01-10 00:55 - 2014-01-10 00:55 - 00343719 _____ C:\Users\Richard\Downloads\ETS_MT_Edition_V181.w3x
2014-01-10 00:01 - 2014-01-09 23:21 - 563946096 _____ C:\Users\Richard\Downloads\Warcraft_3_The_Frozen_Throne_ENG.iso
2014-01-09 22:48 - 2013-07-03 22:55 - 00000000 ____D C:\Users\Richard\AppData\Roaming\DAEMON Tools Lite
2014-01-09 22:47 - 2014-01-09 22:06 - 662368256 _____ C:\Users\Richard\Downloads\Warcraft-3-Reign-Of-Chaos.iso
2014-01-09 21:32 - 2013-07-20 16:43 - 00000000 ____D C:\Users\Public\zaloha
2014-01-09 16:00 - 2014-01-09 16:00 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2014-01-09 15:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2014-01-09 15:52 - 2014-01-09 15:45 - 00000000 ____D C:\Users\Public\Palo tuto to JE
2014-01-09 15:52 - 2013-07-12 18:22 - 00000000 ____D C:\games
2014-01-09 15:46 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2014-01-09 14:39 - 2014-01-09 14:39 - 01360755 _____ C:\Users\Richard\Downloads\Jedi_Knight_Jedi_Academy_v1.01_Single_Player_Multiplayer__WWW.CRACK-LOCATOR.INFO_.zip
2014-01-09 14:28 - 2014-01-09 14:27 - 11624176 _____ (LucasArts) C:\Users\Richard\Downloads\jkacademy1_01.exe
2014-01-07 12:54 - 2014-01-07 12:53 - 00023552 ___SH C:\Users\Richard\Downloads\Thumbs.db
2014-01-07 12:40 - 2014-01-07 12:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-05 13:42 - 2013-11-10 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\vlc
2014-01-05 12:43 - 2014-01-05 12:43 - 00108680 _____ C:\Users\Richard\Downloads\1065371638.zip
2014-01-04 11:16 - 2014-01-04 10:46 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-04 10:56 - 2014-01-04 10:47 - 3741745152 _____ C:\Users\Richard\Documents\CD_ROM.iso
2014-01-04 10:47 - 2013-07-04 01:42 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-02 01:36 - 2013-07-06 18:43 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Skype
2013-12-31 19:43 - 2013-08-19 21:06 - 00000000 ____D C:\Users\Richard\Documents\WBFS Manager Covers
2013-12-31 00:41 - 2013-12-31 00:41 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 00:12 - 2013-12-31 00:12 - 00011776 ___SH C:\Users\Richard\Documents\Thumbs.db
2013-12-30 20:51 - 2013-12-30 20:51 - 00001643 _____ C:\Users\Richard\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2013-12-30 20:51 - 2013-07-04 01:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Windows\system32\games
2013-12-30 20:50 - 2013-07-04 01:49 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-12-30 18:06 - 2013-12-29 11:00 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Checker
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Program Files\Disk Checker
2013-12-29 14:38 - 2013-12-29 14:38 - 00000000 ____D C:\Users\Richard\AppData\Roaming\AVAST Software
2013-12-29 14:32 - 2013-12-29 14:31 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-12-29 14:31 - 2013-12-29 14:31 - 00000000 ____D C:\Program Files\Security Task Manager
2013-12-29 14:16 - 2013-12-29 14:16 - 00000673 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-12-29 14:16 - 2013-12-29 14:16 - 00000644 _____ C:\Users\Public\Desktop\Half-Life.lnk
2013-12-29 11:00 - 2013-07-04 14:17 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 11:00 - 2013-07-04 14:17 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00002047 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-29 11:00 - 2013-07-04 14:15 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 10:57 - 2013-07-03 10:05 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-29 10:57 - 2009-07-14 03:04 - 00002577 _____ C:\Windows\system32\config.nt
2013-12-28 13:31 - 2013-11-10 14:48 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-25 21:20 - 2013-12-25 21:20 - 00002172 _____ C:\Users\Public\Desktop\Play The Sims™ 3.lnk
2013-12-25 19:14 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Richard\Documents\Electronic Arts
2013-12-25 16:38 - 2013-11-11 03:50 - 00000000 ____D C:\Users\Richard\AppData\Local\PMB Files
2013-12-25 16:38 - 2013-11-11 03:50 - 00000000 ____D C:\ProgramData\PMB Files
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Origin
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Local\Origin
2013-12-25 11:40 - 2013-12-25 11:39 - 00000000 ____D C:\ProgramData\Origin
2013-12-25 11:40 - 2013-12-25 11:38 - 00000000 ____D C:\Program Files\Origin
2013-12-25 11:39 - 2013-12-25 11:39 - 00000937 _____ C:\Users\Public\Desktop\Origin.lnk
2013-12-25 11:39 - 2013-12-24 16:41 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-25 11:38 - 2013-12-24 16:38 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-24 15:28 - 2013-12-24 15:28 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-12-24 09:44 - 2013-12-24 09:44 - 00000809 _____ C:\Users\Richard\Desktop\UnrealTournament.lnk
2013-12-24 09:43 - 2013-12-24 09:43 - 00000738 _____ C:\Users\Richard\Desktop\Stronghold Crusader.lnk
2013-12-20 21:50 - 2013-11-06 08:10 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-19 14:11 - 2013-07-04 14:17 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-12-18 01:18 - 2013-12-18 01:01 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ-Profile
2013-12-18 01:02 - 2013-12-18 01:02 - 00001811 _____ C:\Users\Richard\Desktop\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001669 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-18 01:02 - 2013-07-15 20:25 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQM
2013-12-18 00:57 - 2013-07-15 20:36 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ
2013-12-14 21:14 - 2013-12-14 21:14 - 00000983 _____ C:\Users\Public\Desktop\Guitar and Bass.lnk
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Richard\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Public\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\ProgramData\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Program Files\Guitar and Bass
2013-12-14 19:53 - 2013-12-14 19:53 - 00001027 _____ C:\Users\Public\Desktop\Guitar FX BOX 3.LNK
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Steinberg
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Guitar FX BOX 3
Some content of TEMP:
====================
C:\Users\Richard\AppData\Local\Temp\Quarantine.exe
C:\Users\Richard\AppData\Local\Temp\war3_Install.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-09 00:54
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:204.78 GB) (Free:76.88 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (New Disc) (CDROM) (Total:0.63 GB) (Free:0 GB) CDFS
Available physical RAM: 1074.46 MB
Total physical RAM: 1929.67 MB
Percentage of memory in use: 44%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 298 GB) (Disk ID: B05CD80C)
Partition 1: (Active) - (Size=205 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=93 GB) - (Type=05)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Richard\Desktop" je 4 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop
C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Richard\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray
C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Richard\AppData\Roaming\ICQM\icq.exe -CU [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper
C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files\Steam\Steam.exe" -silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun
"C:\Program Files\WebcamMax\wcmmon.exe" -a [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\307523~1.318\SSSCHE~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-01-2014
Ran by Richard (administrator) on NAFAJCENYPC on 10-01-2014 18:27:45
Running from C:\Users\Richard\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Alcor Micro Corp.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Blizzard Entertainment) C:\Users\Public\Palo tuto to JE\Warcraft III\war3.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [258048 2011-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [3926128 2012-04-19] (VIA)
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM\...\Run: [HControlUser] - C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [NCUpdateHelper] - C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2013-09-05] (NCSOFT Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKCU\...\Run: [icq] - C:\Users\Richard\AppData\Roaming\ICQM\icq.exe [29919576 2013-12-18] (ICQ)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
MountPoints2: {2e8e1cf1-e48c-11e2-b871-806e6f6e6963} - D:\setup.exe
MountPoints2: {cc796842-e424-11e2-8833-50465d99a2c9} - E:\autoplay.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3AA2A4E65878CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM - DefaultScope value is missing.
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 91.121.69.54 l2authd.lineage2.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @t.garena.com/garenatalk - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Stylish - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF Extension: Adblock Plus - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Garena Talk Plugin) - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (Pirrit Suggestor) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc
CHR Extension: (Google Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
========================== Services (Whitelisted) =================
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512 2011-11-21] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462048 2012-04-20] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [4702568 2012-10-24] (INCA Internet Co., Ltd.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-23] (VIA Technologies, Inc.)
==================== Drivers (Whitelisted) ====================
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2013-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-12-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2013-12-29] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2013-12-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-29] ()
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [14464 2011-09-07] (ASUS)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-07-03] (Disc Soft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [91760 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-02] (Intel Corporation)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [113608 2013-04-15] (Power Software Ltd)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1830512 2012-03-23] (VIA Technologies, Inc.)
R2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 ASUSProcObsrv; \??\D:\I386\AsProcOb.sys [x]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [x]
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-10 18:27 - 2014-01-10 18:27 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
2014-01-10 18:25 - 2014-01-10 15:29 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\trzFF2A.tmp
2014-01-10 16:28 - 2014-01-10 16:31 - 00000000 ____D C:\AdwCleaner
2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt
2014-01-10 16:14 - 2014-01-10 16:14 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt
2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe
2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip
2014-01-10 15:31 - 2014-01-10 18:28 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt
2014-01-10 15:30 - 2014-01-10 15:30 - 00000000 ____D C:\FRST
2014-01-10 15:26 - 2014-01-10 15:26 - 01066141 _____ (Farbar) C:\Users\Richard\Desktop\FRST.exe
2014-01-10 15:16 - 2014-01-10 15:24 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 15:16 - 2014-01-10 15:16 - 00000000 ____D C:\rsit
2014-01-10 15:05 - 2014-01-10 15:15 - 00781909 _____ C:\Users\Richard\Desktop\RSIT.exe
2014-01-10 13:39 - 2014-01-10 14:18 - 675414016 _____ C:\Users\Richard\Downloads\Warcraft-3---Regin-on-Chaos-CZ.iso
2014-01-10 12:26 - 2014-01-10 15:17 - 00000000 ____D C:\Users\Richard\Downloads\Diablo II - Lord of Destruction (1.13d Direct Play)
2014-01-10 00:55 - 2014-01-10 00:55 - 01938314 _____ C:\Users\Richard\Downloads\Enfo .X3X..w3x
2014-01-10 00:55 - 2014-01-10 00:55 - 00343719 _____ C:\Users\Richard\Downloads\ETS_MT_Edition_V181.w3x
2014-01-09 23:21 - 2014-01-10 00:01 - 563946096 _____ C:\Users\Richard\Downloads\Warcraft_3_The_Frozen_Throne_ENG.iso
2014-01-09 22:06 - 2014-01-09 22:47 - 662368256 _____ C:\Users\Richard\Downloads\Warcraft-3-Reign-Of-Chaos.iso
2014-01-09 16:00 - 2014-01-09 16:00 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2014-01-09 15:45 - 2014-01-09 15:52 - 00000000 ____D C:\Users\Public\Palo tuto to JE
2014-01-09 14:39 - 2014-01-09 14:39 - 01360755 _____ C:\Users\Richard\Downloads\Jedi_Knight_Jedi_Academy_v1.01_Single_Player_Multiplayer__WWW.CRACK-LOCATOR.INFO_.zip
2014-01-09 14:27 - 2014-01-09 14:28 - 11624176 _____ (LucasArts) C:\Users\Richard\Downloads\jkacademy1_01.exe
2014-01-07 12:53 - 2014-01-07 12:54 - 00023552 ___SH C:\Users\Richard\Downloads\Thumbs.db
2014-01-07 12:40 - 2014-01-10 16:35 - 00000504 _____ C:\Windows\setupact.log
2014-01-07 12:40 - 2014-01-07 12:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-05 12:43 - 2014-01-05 12:43 - 00108680 _____ C:\Users\Richard\Downloads\1065371638.zip
2014-01-04 10:47 - 2014-01-04 10:56 - 3741745152 _____ C:\Users\Richard\Documents\CD_ROM.iso
2014-01-04 10:46 - 2014-01-04 11:16 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-31 00:41 - 2013-12-31 00:41 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 00:38 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-31 00:12 - 2013-12-31 00:12 - 00011776 ___SH C:\Users\Richard\Documents\Thumbs.db
2013-12-30 20:51 - 2013-12-30 20:51 - 00001643 _____ C:\Users\Richard\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Windows\system32\games
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Checker
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Program Files\Disk Checker
2013-12-29 14:38 - 2013-12-29 14:38 - 00000000 ____D C:\Users\Richard\AppData\Roaming\AVAST Software
2013-12-29 14:31 - 2013-12-29 14:32 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-12-29 14:31 - 2013-12-29 14:31 - 00000000 ____D C:\Program Files\Security Task Manager
2013-12-29 14:16 - 2013-12-29 14:16 - 00000673 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-12-29 14:16 - 2013-12-29 14:16 - 00000644 _____ C:\Users\Public\Desktop\Half-Life.lnk
2013-12-29 11:00 - 2013-12-30 18:06 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-25 21:20 - 2013-12-25 21:20 - 00002172 _____ C:\Users\Public\Desktop\Play The Sims™ 3.lnk
2013-12-25 19:14 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Richard\Documents\Electronic Arts
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Origin
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Local\Origin
2013-12-25 11:39 - 2013-12-25 11:40 - 00000000 ____D C:\ProgramData\Origin
2013-12-25 11:39 - 2013-12-25 11:39 - 00000937 _____ C:\Users\Public\Desktop\Origin.lnk
2013-12-25 11:38 - 2013-12-25 11:40 - 00000000 ____D C:\Program Files\Origin
2013-12-24 16:41 - 2013-12-25 11:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-24 16:38 - 2013-12-25 11:38 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-24 15:28 - 2013-12-24 15:28 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-12-24 09:45 - 2014-01-10 17:32 - 00191151 _____ C:\Windows\WindowsUpdate.log
2013-12-24 09:44 - 2013-12-24 09:44 - 00000809 _____ C:\Users\Richard\Desktop\UnrealTournament.lnk
2013-12-24 09:43 - 2013-12-24 09:43 - 00000738 _____ C:\Users\Richard\Desktop\Stronghold Crusader.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001811 _____ C:\Users\Richard\Desktop\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001669 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-18 01:01 - 2013-12-18 01:18 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ-Profile
2013-12-14 21:14 - 2013-12-14 21:14 - 00000983 _____ C:\Users\Public\Desktop\Guitar and Bass.lnk
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Richard\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Public\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\ProgramData\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Program Files\Guitar and Bass
2013-12-14 19:53 - 2013-12-14 19:53 - 00001027 _____ C:\Users\Public\Desktop\Guitar FX BOX 3.LNK
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Steinberg
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Guitar FX BOX 3
==================== One Month Modified Files and Folders =======
2014-01-10 18:28 - 2014-01-10 15:31 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt
2014-01-10 18:27 - 2014-01-10 18:27 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
2014-01-10 18:17 - 2013-08-05 08:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-10 17:34 - 2013-07-04 03:43 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 17:32 - 2013-12-24 09:45 - 00191151 _____ C:\Windows\WindowsUpdate.log
2014-01-10 16:41 - 2009-07-14 05:34 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 16:41 - 2009-07-14 05:34 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 16:36 - 2013-07-04 03:43 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 16:36 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 16:35 - 2014-01-07 12:40 - 00000504 _____ C:\Windows\setupact.log
2014-01-10 16:31 - 2014-01-10 16:28 - 00000000 ____D C:\AdwCleaner
2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt
2014-01-10 16:14 - 2014-01-10 16:14 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt
2014-01-10 16:13 - 2013-07-04 03:44 - 00002141 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-10 16:13 - 2013-07-04 01:38 - 00001413 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe
2014-01-10 15:43 - 2013-11-22 22:16 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip
2014-01-10 15:30 - 2014-01-10 15:30 - 00000000 ____D C:\FRST
2014-01-10 15:29 - 2014-01-10 18:25 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\trzFF2A.tmp
2014-01-10 15:26 - 2014-01-10 15:26 - 01066141 _____ (Farbar) C:\Users\Richard\Desktop\FRST.exe
2014-01-10 15:24 - 2014-01-10 15:16 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 15:24 - 2013-10-17 00:08 - 00000000 ____D C:\Users\Richard\AppData\Roaming\uTorrent
2014-01-10 15:17 - 2014-01-10 12:26 - 00000000 ____D C:\Users\Richard\Downloads\Diablo II - Lord of Destruction (1.13d Direct Play)
2014-01-10 15:16 - 2014-01-10 15:16 - 00000000 ____D C:\rsit
2014-01-10 15:15 - 2014-01-10 15:05 - 00781909 _____ C:\Users\Richard\Desktop\RSIT.exe
2014-01-10 14:18 - 2014-01-10 13:39 - 675414016 _____ C:\Users\Richard\Downloads\Warcraft-3---Regin-on-Chaos-CZ.iso
2014-01-10 00:55 - 2014-01-10 00:55 - 01938314 _____ C:\Users\Richard\Downloads\Enfo .X3X..w3x
2014-01-10 00:55 - 2014-01-10 00:55 - 00343719 _____ C:\Users\Richard\Downloads\ETS_MT_Edition_V181.w3x
2014-01-10 00:01 - 2014-01-09 23:21 - 563946096 _____ C:\Users\Richard\Downloads\Warcraft_3_The_Frozen_Throne_ENG.iso
2014-01-09 22:48 - 2013-07-03 22:55 - 00000000 ____D C:\Users\Richard\AppData\Roaming\DAEMON Tools Lite
2014-01-09 22:47 - 2014-01-09 22:06 - 662368256 _____ C:\Users\Richard\Downloads\Warcraft-3-Reign-Of-Chaos.iso
2014-01-09 21:32 - 2013-07-20 16:43 - 00000000 ____D C:\Users\Public\zaloha
2014-01-09 16:00 - 2014-01-09 16:00 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2014-01-09 15:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2014-01-09 15:52 - 2014-01-09 15:45 - 00000000 ____D C:\Users\Public\Palo tuto to JE
2014-01-09 15:52 - 2013-07-12 18:22 - 00000000 ____D C:\games
2014-01-09 15:46 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2014-01-09 14:39 - 2014-01-09 14:39 - 01360755 _____ C:\Users\Richard\Downloads\Jedi_Knight_Jedi_Academy_v1.01_Single_Player_Multiplayer__WWW.CRACK-LOCATOR.INFO_.zip
2014-01-09 14:28 - 2014-01-09 14:27 - 11624176 _____ (LucasArts) C:\Users\Richard\Downloads\jkacademy1_01.exe
2014-01-07 12:54 - 2014-01-07 12:53 - 00023552 ___SH C:\Users\Richard\Downloads\Thumbs.db
2014-01-07 12:40 - 2014-01-07 12:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-05 13:42 - 2013-11-10 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\vlc
2014-01-05 12:43 - 2014-01-05 12:43 - 00108680 _____ C:\Users\Richard\Downloads\1065371638.zip
2014-01-04 11:16 - 2014-01-04 10:46 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-04 10:56 - 2014-01-04 10:47 - 3741745152 _____ C:\Users\Richard\Documents\CD_ROM.iso
2014-01-04 10:47 - 2013-07-04 01:42 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-02 01:36 - 2013-07-06 18:43 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Skype
2013-12-31 19:43 - 2013-08-19 21:06 - 00000000 ____D C:\Users\Richard\Documents\WBFS Manager Covers
2013-12-31 00:41 - 2013-12-31 00:41 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 00:12 - 2013-12-31 00:12 - 00011776 ___SH C:\Users\Richard\Documents\Thumbs.db
2013-12-30 20:51 - 2013-12-30 20:51 - 00001643 _____ C:\Users\Richard\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2013-12-30 20:51 - 2013-07-04 01:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Windows\system32\games
2013-12-30 20:50 - 2013-07-04 01:49 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-12-30 18:06 - 2013-12-29 11:00 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Checker
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Program Files\Disk Checker
2013-12-29 14:38 - 2013-12-29 14:38 - 00000000 ____D C:\Users\Richard\AppData\Roaming\AVAST Software
2013-12-29 14:32 - 2013-12-29 14:31 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-12-29 14:31 - 2013-12-29 14:31 - 00000000 ____D C:\Program Files\Security Task Manager
2013-12-29 14:16 - 2013-12-29 14:16 - 00000673 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-12-29 14:16 - 2013-12-29 14:16 - 00000644 _____ C:\Users\Public\Desktop\Half-Life.lnk
2013-12-29 11:00 - 2013-07-04 14:17 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 11:00 - 2013-07-04 14:17 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00002047 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-29 11:00 - 2013-07-04 14:15 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 10:57 - 2013-07-03 10:05 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-29 10:57 - 2009-07-14 03:04 - 00002577 _____ C:\Windows\system32\config.nt
2013-12-28 13:31 - 2013-11-10 14:48 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-25 21:20 - 2013-12-25 21:20 - 00002172 _____ C:\Users\Public\Desktop\Play The Sims™ 3.lnk
2013-12-25 19:14 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Richard\Documents\Electronic Arts
2013-12-25 16:38 - 2013-11-11 03:50 - 00000000 ____D C:\Users\Richard\AppData\Local\PMB Files
2013-12-25 16:38 - 2013-11-11 03:50 - 00000000 ____D C:\ProgramData\PMB Files
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Origin
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Local\Origin
2013-12-25 11:40 - 2013-12-25 11:39 - 00000000 ____D C:\ProgramData\Origin
2013-12-25 11:40 - 2013-12-25 11:38 - 00000000 ____D C:\Program Files\Origin
2013-12-25 11:39 - 2013-12-25 11:39 - 00000937 _____ C:\Users\Public\Desktop\Origin.lnk
2013-12-25 11:39 - 2013-12-24 16:41 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-25 11:38 - 2013-12-24 16:38 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-24 15:28 - 2013-12-24 15:28 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-12-24 09:44 - 2013-12-24 09:44 - 00000809 _____ C:\Users\Richard\Desktop\UnrealTournament.lnk
2013-12-24 09:43 - 2013-12-24 09:43 - 00000738 _____ C:\Users\Richard\Desktop\Stronghold Crusader.lnk
2013-12-20 21:50 - 2013-11-06 08:10 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-19 14:11 - 2013-07-04 14:17 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-12-18 01:18 - 2013-12-18 01:01 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ-Profile
2013-12-18 01:02 - 2013-12-18 01:02 - 00001811 _____ C:\Users\Richard\Desktop\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001669 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-18 01:02 - 2013-07-15 20:25 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQM
2013-12-18 00:57 - 2013-07-15 20:36 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ
2013-12-14 21:14 - 2013-12-14 21:14 - 00000983 _____ C:\Users\Public\Desktop\Guitar and Bass.lnk
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Richard\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Public\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\ProgramData\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Program Files\Guitar and Bass
2013-12-14 19:53 - 2013-12-14 19:53 - 00001027 _____ C:\Users\Public\Desktop\Guitar FX BOX 3.LNK
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Steinberg
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Guitar FX BOX 3
Some content of TEMP:
====================
C:\Users\Richard\AppData\Local\Temp\Quarantine.exe
C:\Users\Richard\AppData\Local\Temp\war3_Install.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-09 00:54
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:204.78 GB) (Free:76.88 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (New Disc) (CDROM) (Total:0.63 GB) (Free:0 GB) CDFS
Available physical RAM: 1074.46 MB
Total physical RAM: 1929.67 MB
Percentage of memory in use: 44%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 298 GB) (Disk ID: B05CD80C)
Partition 1: (Active) - (Size=205 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=93 GB) - (Type=05)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Richard\Desktop" je 4 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop
C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Richard\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray
C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Richard\AppData\Roaming\ICQM\icq.exe -CU [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper
C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files\Steam\Steam.exe" -silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun
"C:\Program Files\WebcamMax\wcmmon.exe" -a [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\307523~1.318\SSSCHE~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Richard (administrator) on NAFAJCENYPC on 10-01-2014 18:27:45
Running from C:\Users\Richard\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Alcor Micro Corp.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Blizzard Entertainment) C:\Users\Public\Palo tuto to JE\Warcraft III\war3.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [258048 2011-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [3926128 2012-04-19] (VIA)
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM\...\Run: [HControlUser] - C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [NCUpdateHelper] - C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2013-09-05] (NCSOFT Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKCU\...\Run: [icq] - C:\Users\Richard\AppData\Roaming\ICQM\icq.exe [29919576 2013-12-18] (ICQ)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
MountPoints2: {2e8e1cf1-e48c-11e2-b871-806e6f6e6963} - D:\setup.exe
MountPoints2: {cc796842-e424-11e2-8833-50465d99a2c9} - E:\autoplay.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3AA2A4E65878CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM - DefaultScope value is missing.
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 91.121.69.54 l2authd.lineage2.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @t.garena.com/garenatalk - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Stylish - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF Extension: Adblock Plus - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Garena Talk Plugin) - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (Pirrit Suggestor) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc
CHR Extension: (Google Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
========================== Services (Whitelisted) =================
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512 2011-11-21] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462048 2012-04-20] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [4702568 2012-10-24] (INCA Internet Co., Ltd.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-23] (VIA Technologies, Inc.)
==================== Drivers (Whitelisted) ====================
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2013-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-12-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2013-12-29] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2013-12-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-29] ()
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [14464 2011-09-07] (ASUS)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-07-03] (Disc Soft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [91760 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-02] (Intel Corporation)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [113608 2013-04-15] (Power Software Ltd)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1830512 2012-03-23] (VIA Technologies, Inc.)
R2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 ASUSProcObsrv; \??\D:\I386\AsProcOb.sys [x]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [x]
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-10 18:27 - 2014-01-10 18:27 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
2014-01-10 18:25 - 2014-01-10 15:29 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\trzFF2A.tmp
2014-01-10 16:28 - 2014-01-10 16:31 - 00000000 ____D C:\AdwCleaner
2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt
2014-01-10 16:14 - 2014-01-10 16:14 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt
2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe
2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip
2014-01-10 15:31 - 2014-01-10 18:28 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt
2014-01-10 15:30 - 2014-01-10 15:30 - 00000000 ____D C:\FRST
2014-01-10 15:26 - 2014-01-10 15:26 - 01066141 _____ (Farbar) C:\Users\Richard\Desktop\FRST.exe
2014-01-10 15:16 - 2014-01-10 15:24 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 15:16 - 2014-01-10 15:16 - 00000000 ____D C:\rsit
2014-01-10 15:05 - 2014-01-10 15:15 - 00781909 _____ C:\Users\Richard\Desktop\RSIT.exe
2014-01-10 13:39 - 2014-01-10 14:18 - 675414016 _____ C:\Users\Richard\Downloads\Warcraft-3---Regin-on-Chaos-CZ.iso
2014-01-10 12:26 - 2014-01-10 15:17 - 00000000 ____D C:\Users\Richard\Downloads\Diablo II - Lord of Destruction (1.13d Direct Play)
2014-01-10 00:55 - 2014-01-10 00:55 - 01938314 _____ C:\Users\Richard\Downloads\Enfo .X3X..w3x
2014-01-10 00:55 - 2014-01-10 00:55 - 00343719 _____ C:\Users\Richard\Downloads\ETS_MT_Edition_V181.w3x
2014-01-09 23:21 - 2014-01-10 00:01 - 563946096 _____ C:\Users\Richard\Downloads\Warcraft_3_The_Frozen_Throne_ENG.iso
2014-01-09 22:06 - 2014-01-09 22:47 - 662368256 _____ C:\Users\Richard\Downloads\Warcraft-3-Reign-Of-Chaos.iso
2014-01-09 16:00 - 2014-01-09 16:00 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2014-01-09 15:45 - 2014-01-09 15:52 - 00000000 ____D C:\Users\Public\Palo tuto to JE
2014-01-09 14:39 - 2014-01-09 14:39 - 01360755 _____ C:\Users\Richard\Downloads\Jedi_Knight_Jedi_Academy_v1.01_Single_Player_Multiplayer__WWW.CRACK-LOCATOR.INFO_.zip
2014-01-09 14:27 - 2014-01-09 14:28 - 11624176 _____ (LucasArts) C:\Users\Richard\Downloads\jkacademy1_01.exe
2014-01-07 12:53 - 2014-01-07 12:54 - 00023552 ___SH C:\Users\Richard\Downloads\Thumbs.db
2014-01-07 12:40 - 2014-01-10 16:35 - 00000504 _____ C:\Windows\setupact.log
2014-01-07 12:40 - 2014-01-07 12:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-05 12:43 - 2014-01-05 12:43 - 00108680 _____ C:\Users\Richard\Downloads\1065371638.zip
2014-01-04 10:47 - 2014-01-04 10:56 - 3741745152 _____ C:\Users\Richard\Documents\CD_ROM.iso
2014-01-04 10:46 - 2014-01-04 11:16 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-31 00:41 - 2013-12-31 00:41 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 00:38 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-31 00:12 - 2013-12-31 00:12 - 00011776 ___SH C:\Users\Richard\Documents\Thumbs.db
2013-12-30 20:51 - 2013-12-30 20:51 - 00001643 _____ C:\Users\Richard\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Windows\system32\games
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Checker
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Program Files\Disk Checker
2013-12-29 14:38 - 2013-12-29 14:38 - 00000000 ____D C:\Users\Richard\AppData\Roaming\AVAST Software
2013-12-29 14:31 - 2013-12-29 14:32 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-12-29 14:31 - 2013-12-29 14:31 - 00000000 ____D C:\Program Files\Security Task Manager
2013-12-29 14:16 - 2013-12-29 14:16 - 00000673 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-12-29 14:16 - 2013-12-29 14:16 - 00000644 _____ C:\Users\Public\Desktop\Half-Life.lnk
2013-12-29 11:00 - 2013-12-30 18:06 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-25 21:20 - 2013-12-25 21:20 - 00002172 _____ C:\Users\Public\Desktop\Play The Sims™ 3.lnk
2013-12-25 19:14 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Richard\Documents\Electronic Arts
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Origin
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Local\Origin
2013-12-25 11:39 - 2013-12-25 11:40 - 00000000 ____D C:\ProgramData\Origin
2013-12-25 11:39 - 2013-12-25 11:39 - 00000937 _____ C:\Users\Public\Desktop\Origin.lnk
2013-12-25 11:38 - 2013-12-25 11:40 - 00000000 ____D C:\Program Files\Origin
2013-12-24 16:41 - 2013-12-25 11:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-24 16:38 - 2013-12-25 11:38 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-24 15:28 - 2013-12-24 15:28 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-12-24 09:45 - 2014-01-10 17:32 - 00191151 _____ C:\Windows\WindowsUpdate.log
2013-12-24 09:44 - 2013-12-24 09:44 - 00000809 _____ C:\Users\Richard\Desktop\UnrealTournament.lnk
2013-12-24 09:43 - 2013-12-24 09:43 - 00000738 _____ C:\Users\Richard\Desktop\Stronghold Crusader.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001811 _____ C:\Users\Richard\Desktop\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001669 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-18 01:01 - 2013-12-18 01:18 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ-Profile
2013-12-14 21:14 - 2013-12-14 21:14 - 00000983 _____ C:\Users\Public\Desktop\Guitar and Bass.lnk
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Richard\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Public\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\ProgramData\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Program Files\Guitar and Bass
2013-12-14 19:53 - 2013-12-14 19:53 - 00001027 _____ C:\Users\Public\Desktop\Guitar FX BOX 3.LNK
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Steinberg
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Guitar FX BOX 3
==================== One Month Modified Files and Folders =======
2014-01-10 18:28 - 2014-01-10 15:31 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt
2014-01-10 18:27 - 2014-01-10 18:27 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
2014-01-10 18:17 - 2013-08-05 08:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-10 17:34 - 2013-07-04 03:43 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 17:32 - 2013-12-24 09:45 - 00191151 _____ C:\Windows\WindowsUpdate.log
2014-01-10 16:41 - 2009-07-14 05:34 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 16:41 - 2009-07-14 05:34 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 16:36 - 2013-07-04 03:43 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 16:36 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 16:35 - 2014-01-07 12:40 - 00000504 _____ C:\Windows\setupact.log
2014-01-10 16:31 - 2014-01-10 16:28 - 00000000 ____D C:\AdwCleaner
2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt
2014-01-10 16:14 - 2014-01-10 16:14 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt
2014-01-10 16:13 - 2013-07-04 03:44 - 00002141 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-10 16:13 - 2013-07-04 01:38 - 00001413 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe
2014-01-10 15:43 - 2013-11-22 22:16 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip
2014-01-10 15:30 - 2014-01-10 15:30 - 00000000 ____D C:\FRST
2014-01-10 15:29 - 2014-01-10 18:25 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\trzFF2A.tmp
2014-01-10 15:26 - 2014-01-10 15:26 - 01066141 _____ (Farbar) C:\Users\Richard\Desktop\FRST.exe
2014-01-10 15:24 - 2014-01-10 15:16 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 15:24 - 2013-10-17 00:08 - 00000000 ____D C:\Users\Richard\AppData\Roaming\uTorrent
2014-01-10 15:17 - 2014-01-10 12:26 - 00000000 ____D C:\Users\Richard\Downloads\Diablo II - Lord of Destruction (1.13d Direct Play)
2014-01-10 15:16 - 2014-01-10 15:16 - 00000000 ____D C:\rsit
2014-01-10 15:15 - 2014-01-10 15:05 - 00781909 _____ C:\Users\Richard\Desktop\RSIT.exe
2014-01-10 14:18 - 2014-01-10 13:39 - 675414016 _____ C:\Users\Richard\Downloads\Warcraft-3---Regin-on-Chaos-CZ.iso
2014-01-10 00:55 - 2014-01-10 00:55 - 01938314 _____ C:\Users\Richard\Downloads\Enfo .X3X..w3x
2014-01-10 00:55 - 2014-01-10 00:55 - 00343719 _____ C:\Users\Richard\Downloads\ETS_MT_Edition_V181.w3x
2014-01-10 00:01 - 2014-01-09 23:21 - 563946096 _____ C:\Users\Richard\Downloads\Warcraft_3_The_Frozen_Throne_ENG.iso
2014-01-09 22:48 - 2013-07-03 22:55 - 00000000 ____D C:\Users\Richard\AppData\Roaming\DAEMON Tools Lite
2014-01-09 22:47 - 2014-01-09 22:06 - 662368256 _____ C:\Users\Richard\Downloads\Warcraft-3-Reign-Of-Chaos.iso
2014-01-09 21:32 - 2013-07-20 16:43 - 00000000 ____D C:\Users\Public\zaloha
2014-01-09 16:00 - 2014-01-09 16:00 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2014-01-09 15:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2014-01-09 15:52 - 2014-01-09 15:45 - 00000000 ____D C:\Users\Public\Palo tuto to JE
2014-01-09 15:52 - 2013-07-12 18:22 - 00000000 ____D C:\games
2014-01-09 15:46 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2014-01-09 14:39 - 2014-01-09 14:39 - 01360755 _____ C:\Users\Richard\Downloads\Jedi_Knight_Jedi_Academy_v1.01_Single_Player_Multiplayer__WWW.CRACK-LOCATOR.INFO_.zip
2014-01-09 14:28 - 2014-01-09 14:27 - 11624176 _____ (LucasArts) C:\Users\Richard\Downloads\jkacademy1_01.exe
2014-01-07 12:54 - 2014-01-07 12:53 - 00023552 ___SH C:\Users\Richard\Downloads\Thumbs.db
2014-01-07 12:40 - 2014-01-07 12:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-05 13:42 - 2013-11-10 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\vlc
2014-01-05 12:43 - 2014-01-05 12:43 - 00108680 _____ C:\Users\Richard\Downloads\1065371638.zip
2014-01-04 11:16 - 2014-01-04 10:46 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-04 10:56 - 2014-01-04 10:47 - 3741745152 _____ C:\Users\Richard\Documents\CD_ROM.iso
2014-01-04 10:47 - 2013-07-04 01:42 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-02 01:36 - 2013-07-06 18:43 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Skype
2013-12-31 19:43 - 2013-08-19 21:06 - 00000000 ____D C:\Users\Richard\Documents\WBFS Manager Covers
2013-12-31 00:41 - 2013-12-31 00:41 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 00:12 - 2013-12-31 00:12 - 00011776 ___SH C:\Users\Richard\Documents\Thumbs.db
2013-12-30 20:51 - 2013-12-30 20:51 - 00001643 _____ C:\Users\Richard\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2013-12-30 20:51 - 2013-07-04 01:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Windows\system32\games
2013-12-30 20:50 - 2013-07-04 01:49 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-12-30 18:06 - 2013-12-29 11:00 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Checker
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Program Files\Disk Checker
2013-12-29 14:38 - 2013-12-29 14:38 - 00000000 ____D C:\Users\Richard\AppData\Roaming\AVAST Software
2013-12-29 14:32 - 2013-12-29 14:31 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-12-29 14:31 - 2013-12-29 14:31 - 00000000 ____D C:\Program Files\Security Task Manager
2013-12-29 14:16 - 2013-12-29 14:16 - 00000673 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-12-29 14:16 - 2013-12-29 14:16 - 00000644 _____ C:\Users\Public\Desktop\Half-Life.lnk
2013-12-29 11:00 - 2013-07-04 14:17 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 11:00 - 2013-07-04 14:17 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00002047 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-29 11:00 - 2013-07-04 14:15 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 10:57 - 2013-07-03 10:05 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-29 10:57 - 2009-07-14 03:04 - 00002577 _____ C:\Windows\system32\config.nt
2013-12-28 13:31 - 2013-11-10 14:48 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-25 21:20 - 2013-12-25 21:20 - 00002172 _____ C:\Users\Public\Desktop\Play The Sims™ 3.lnk
2013-12-25 19:14 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Richard\Documents\Electronic Arts
2013-12-25 16:38 - 2013-11-11 03:50 - 00000000 ____D C:\Users\Richard\AppData\Local\PMB Files
2013-12-25 16:38 - 2013-11-11 03:50 - 00000000 ____D C:\ProgramData\PMB Files
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Origin
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Local\Origin
2013-12-25 11:40 - 2013-12-25 11:39 - 00000000 ____D C:\ProgramData\Origin
2013-12-25 11:40 - 2013-12-25 11:38 - 00000000 ____D C:\Program Files\Origin
2013-12-25 11:39 - 2013-12-25 11:39 - 00000937 _____ C:\Users\Public\Desktop\Origin.lnk
2013-12-25 11:39 - 2013-12-24 16:41 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-25 11:38 - 2013-12-24 16:38 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-24 15:28 - 2013-12-24 15:28 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-12-24 09:44 - 2013-12-24 09:44 - 00000809 _____ C:\Users\Richard\Desktop\UnrealTournament.lnk
2013-12-24 09:43 - 2013-12-24 09:43 - 00000738 _____ C:\Users\Richard\Desktop\Stronghold Crusader.lnk
2013-12-20 21:50 - 2013-11-06 08:10 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-19 14:11 - 2013-07-04 14:17 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-12-18 01:18 - 2013-12-18 01:01 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ-Profile
2013-12-18 01:02 - 2013-12-18 01:02 - 00001811 _____ C:\Users\Richard\Desktop\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001669 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-18 01:02 - 2013-07-15 20:25 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQM
2013-12-18 00:57 - 2013-07-15 20:36 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ
2013-12-14 21:14 - 2013-12-14 21:14 - 00000983 _____ C:\Users\Public\Desktop\Guitar and Bass.lnk
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Richard\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Public\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\ProgramData\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Program Files\Guitar and Bass
2013-12-14 19:53 - 2013-12-14 19:53 - 00001027 _____ C:\Users\Public\Desktop\Guitar FX BOX 3.LNK
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Steinberg
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Guitar FX BOX 3
Some content of TEMP:
====================
C:\Users\Richard\AppData\Local\Temp\Quarantine.exe
C:\Users\Richard\AppData\Local\Temp\war3_Install.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-09 00:54
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:204.78 GB) (Free:76.88 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (New Disc) (CDROM) (Total:0.63 GB) (Free:0 GB) CDFS
Available physical RAM: 1074.46 MB
Total physical RAM: 1929.67 MB
Percentage of memory in use: 44%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 298 GB) (Disk ID: B05CD80C)
Partition 1: (Active) - (Size=205 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=93 GB) - (Type=05)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Richard\Desktop" je 4 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop
C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Richard\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray
C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Richard\AppData\Roaming\ICQM\icq.exe -CU [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper
C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files\Steam\Steam.exe" -silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun
"C:\Program Files\WebcamMax\wcmmon.exe" -a [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\307523~1.318\SSSCHE~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-01-2014
Ran by Richard (administrator) on NAFAJCENYPC on 10-01-2014 18:27:45
Running from C:\Users\Richard\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Alcor Micro Corp.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Blizzard Entertainment) C:\Users\Public\Palo tuto to JE\Warcraft III\war3.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [258048 2011-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [3926128 2012-04-19] (VIA)
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM\...\Run: [HControlUser] - C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [NCUpdateHelper] - C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2013-09-05] (NCSOFT Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKCU\...\Run: [icq] - C:\Users\Richard\AppData\Roaming\ICQM\icq.exe [29919576 2013-12-18] (ICQ)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
MountPoints2: {2e8e1cf1-e48c-11e2-b871-806e6f6e6963} - D:\setup.exe
MountPoints2: {cc796842-e424-11e2-8833-50465d99a2c9} - E:\autoplay.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3AA2A4E65878CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM - DefaultScope value is missing.
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 91.121.69.54 l2authd.lineage2.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @t.garena.com/garenatalk - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Stylish - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF Extension: Adblock Plus - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Garena Talk Plugin) - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (Pirrit Suggestor) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc
CHR Extension: (Google Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
========================== Services (Whitelisted) =================
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512 2011-11-21] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462048 2012-04-20] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [4702568 2012-10-24] (INCA Internet Co., Ltd.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-23] (VIA Technologies, Inc.)
==================== Drivers (Whitelisted) ====================
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2013-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-12-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2013-12-29] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2013-12-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-29] ()
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [14464 2011-09-07] (ASUS)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-07-03] (Disc Soft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [91760 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-02] (Intel Corporation)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [113608 2013-04-15] (Power Software Ltd)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1830512 2012-03-23] (VIA Technologies, Inc.)
R2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 ASUSProcObsrv; \??\D:\I386\AsProcOb.sys [x]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [x]
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-10 18:27 - 2014-01-10 18:27 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
2014-01-10 18:25 - 2014-01-10 15:29 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\trzFF2A.tmp
2014-01-10 16:28 - 2014-01-10 16:31 - 00000000 ____D C:\AdwCleaner
2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt
2014-01-10 16:14 - 2014-01-10 16:14 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt
2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe
2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip
2014-01-10 15:31 - 2014-01-10 18:28 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt
2014-01-10 15:30 - 2014-01-10 15:30 - 00000000 ____D C:\FRST
2014-01-10 15:26 - 2014-01-10 15:26 - 01066141 _____ (Farbar) C:\Users\Richard\Desktop\FRST.exe
2014-01-10 15:16 - 2014-01-10 15:24 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 15:16 - 2014-01-10 15:16 - 00000000 ____D C:\rsit
2014-01-10 15:05 - 2014-01-10 15:15 - 00781909 _____ C:\Users\Richard\Desktop\RSIT.exe
2014-01-10 13:39 - 2014-01-10 14:18 - 675414016 _____ C:\Users\Richard\Downloads\Warcraft-3---Regin-on-Chaos-CZ.iso
2014-01-10 12:26 - 2014-01-10 15:17 - 00000000 ____D C:\Users\Richard\Downloads\Diablo II - Lord of Destruction (1.13d Direct Play)
2014-01-10 00:55 - 2014-01-10 00:55 - 01938314 _____ C:\Users\Richard\Downloads\Enfo .X3X..w3x
2014-01-10 00:55 - 2014-01-10 00:55 - 00343719 _____ C:\Users\Richard\Downloads\ETS_MT_Edition_V181.w3x
2014-01-09 23:21 - 2014-01-10 00:01 - 563946096 _____ C:\Users\Richard\Downloads\Warcraft_3_The_Frozen_Throne_ENG.iso
2014-01-09 22:06 - 2014-01-09 22:47 - 662368256 _____ C:\Users\Richard\Downloads\Warcraft-3-Reign-Of-Chaos.iso
2014-01-09 16:00 - 2014-01-09 16:00 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2014-01-09 15:45 - 2014-01-09 15:52 - 00000000 ____D C:\Users\Public\Palo tuto to JE
2014-01-09 14:39 - 2014-01-09 14:39 - 01360755 _____ C:\Users\Richard\Downloads\Jedi_Knight_Jedi_Academy_v1.01_Single_Player_Multiplayer__WWW.CRACK-LOCATOR.INFO_.zip
2014-01-09 14:27 - 2014-01-09 14:28 - 11624176 _____ (LucasArts) C:\Users\Richard\Downloads\jkacademy1_01.exe
2014-01-07 12:53 - 2014-01-07 12:54 - 00023552 ___SH C:\Users\Richard\Downloads\Thumbs.db
2014-01-07 12:40 - 2014-01-10 16:35 - 00000504 _____ C:\Windows\setupact.log
2014-01-07 12:40 - 2014-01-07 12:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-05 12:43 - 2014-01-05 12:43 - 00108680 _____ C:\Users\Richard\Downloads\1065371638.zip
2014-01-04 10:47 - 2014-01-04 10:56 - 3741745152 _____ C:\Users\Richard\Documents\CD_ROM.iso
2014-01-04 10:46 - 2014-01-04 11:16 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-31 00:41 - 2013-12-31 00:41 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 00:38 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-31 00:12 - 2013-12-31 00:12 - 00011776 ___SH C:\Users\Richard\Documents\Thumbs.db
2013-12-30 20:51 - 2013-12-30 20:51 - 00001643 _____ C:\Users\Richard\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Windows\system32\games
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Checker
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Program Files\Disk Checker
2013-12-29 14:38 - 2013-12-29 14:38 - 00000000 ____D C:\Users\Richard\AppData\Roaming\AVAST Software
2013-12-29 14:31 - 2013-12-29 14:32 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-12-29 14:31 - 2013-12-29 14:31 - 00000000 ____D C:\Program Files\Security Task Manager
2013-12-29 14:16 - 2013-12-29 14:16 - 00000673 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-12-29 14:16 - 2013-12-29 14:16 - 00000644 _____ C:\Users\Public\Desktop\Half-Life.lnk
2013-12-29 11:00 - 2013-12-30 18:06 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-25 21:20 - 2013-12-25 21:20 - 00002172 _____ C:\Users\Public\Desktop\Play The Sims™ 3.lnk
2013-12-25 19:14 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Richard\Documents\Electronic Arts
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Origin
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Local\Origin
2013-12-25 11:39 - 2013-12-25 11:40 - 00000000 ____D C:\ProgramData\Origin
2013-12-25 11:39 - 2013-12-25 11:39 - 00000937 _____ C:\Users\Public\Desktop\Origin.lnk
2013-12-25 11:38 - 2013-12-25 11:40 - 00000000 ____D C:\Program Files\Origin
2013-12-24 16:41 - 2013-12-25 11:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-24 16:38 - 2013-12-25 11:38 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-24 15:28 - 2013-12-24 15:28 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-12-24 09:45 - 2014-01-10 17:32 - 00191151 _____ C:\Windows\WindowsUpdate.log
2013-12-24 09:44 - 2013-12-24 09:44 - 00000809 _____ C:\Users\Richard\Desktop\UnrealTournament.lnk
2013-12-24 09:43 - 2013-12-24 09:43 - 00000738 _____ C:\Users\Richard\Desktop\Stronghold Crusader.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001811 _____ C:\Users\Richard\Desktop\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001669 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-18 01:01 - 2013-12-18 01:18 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ-Profile
2013-12-14 21:14 - 2013-12-14 21:14 - 00000983 _____ C:\Users\Public\Desktop\Guitar and Bass.lnk
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Richard\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Public\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\ProgramData\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Program Files\Guitar and Bass
2013-12-14 19:53 - 2013-12-14 19:53 - 00001027 _____ C:\Users\Public\Desktop\Guitar FX BOX 3.LNK
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Steinberg
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Guitar FX BOX 3
==================== One Month Modified Files and Folders =======
2014-01-10 18:28 - 2014-01-10 15:31 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt
2014-01-10 18:27 - 2014-01-10 18:27 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
2014-01-10 18:17 - 2013-08-05 08:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-10 17:34 - 2013-07-04 03:43 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 17:32 - 2013-12-24 09:45 - 00191151 _____ C:\Windows\WindowsUpdate.log
2014-01-10 16:41 - 2009-07-14 05:34 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 16:41 - 2009-07-14 05:34 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 16:36 - 2013-07-04 03:43 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 16:36 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 16:35 - 2014-01-07 12:40 - 00000504 _____ C:\Windows\setupact.log
2014-01-10 16:31 - 2014-01-10 16:28 - 00000000 ____D C:\AdwCleaner
2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt
2014-01-10 16:14 - 2014-01-10 16:14 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt
2014-01-10 16:13 - 2013-07-04 03:44 - 00002141 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-10 16:13 - 2013-07-04 01:38 - 00001413 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe
2014-01-10 15:43 - 2013-11-22 22:16 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip
2014-01-10 15:30 - 2014-01-10 15:30 - 00000000 ____D C:\FRST
2014-01-10 15:29 - 2014-01-10 18:25 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\trzFF2A.tmp
2014-01-10 15:26 - 2014-01-10 15:26 - 01066141 _____ (Farbar) C:\Users\Richard\Desktop\FRST.exe
2014-01-10 15:24 - 2014-01-10 15:16 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 15:24 - 2013-10-17 00:08 - 00000000 ____D C:\Users\Richard\AppData\Roaming\uTorrent
2014-01-10 15:17 - 2014-01-10 12:26 - 00000000 ____D C:\Users\Richard\Downloads\Diablo II - Lord of Destruction (1.13d Direct Play)
2014-01-10 15:16 - 2014-01-10 15:16 - 00000000 ____D C:\rsit
2014-01-10 15:15 - 2014-01-10 15:05 - 00781909 _____ C:\Users\Richard\Desktop\RSIT.exe
2014-01-10 14:18 - 2014-01-10 13:39 - 675414016 _____ C:\Users\Richard\Downloads\Warcraft-3---Regin-on-Chaos-CZ.iso
2014-01-10 00:55 - 2014-01-10 00:55 - 01938314 _____ C:\Users\Richard\Downloads\Enfo .X3X..w3x
2014-01-10 00:55 - 2014-01-10 00:55 - 00343719 _____ C:\Users\Richard\Downloads\ETS_MT_Edition_V181.w3x
2014-01-10 00:01 - 2014-01-09 23:21 - 563946096 _____ C:\Users\Richard\Downloads\Warcraft_3_The_Frozen_Throne_ENG.iso
2014-01-09 22:48 - 2013-07-03 22:55 - 00000000 ____D C:\Users\Richard\AppData\Roaming\DAEMON Tools Lite
2014-01-09 22:47 - 2014-01-09 22:06 - 662368256 _____ C:\Users\Richard\Downloads\Warcraft-3-Reign-Of-Chaos.iso
2014-01-09 21:32 - 2013-07-20 16:43 - 00000000 ____D C:\Users\Public\zaloha
2014-01-09 16:00 - 2014-01-09 16:00 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2014-01-09 15:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2014-01-09 15:52 - 2014-01-09 15:45 - 00000000 ____D C:\Users\Public\Palo tuto to JE
2014-01-09 15:52 - 2013-07-12 18:22 - 00000000 ____D C:\games
2014-01-09 15:46 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2014-01-09 14:39 - 2014-01-09 14:39 - 01360755 _____ C:\Users\Richard\Downloads\Jedi_Knight_Jedi_Academy_v1.01_Single_Player_Multiplayer__WWW.CRACK-LOCATOR.INFO_.zip
2014-01-09 14:28 - 2014-01-09 14:27 - 11624176 _____ (LucasArts) C:\Users\Richard\Downloads\jkacademy1_01.exe
2014-01-07 12:54 - 2014-01-07 12:53 - 00023552 ___SH C:\Users\Richard\Downloads\Thumbs.db
2014-01-07 12:40 - 2014-01-07 12:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-05 13:42 - 2013-11-10 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\vlc
2014-01-05 12:43 - 2014-01-05 12:43 - 00108680 _____ C:\Users\Richard\Downloads\1065371638.zip
2014-01-04 11:16 - 2014-01-04 10:46 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-04 10:56 - 2014-01-04 10:47 - 3741745152 _____ C:\Users\Richard\Documents\CD_ROM.iso
2014-01-04 10:47 - 2013-07-04 01:42 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-02 01:36 - 2013-07-06 18:43 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Skype
2013-12-31 19:43 - 2013-08-19 21:06 - 00000000 ____D C:\Users\Richard\Documents\WBFS Manager Covers
2013-12-31 00:41 - 2013-12-31 00:41 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 00:12 - 2013-12-31 00:12 - 00011776 ___SH C:\Users\Richard\Documents\Thumbs.db
2013-12-30 20:51 - 2013-12-30 20:51 - 00001643 _____ C:\Users\Richard\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2013-12-30 20:51 - 2013-07-04 01:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Windows\system32\games
2013-12-30 20:50 - 2013-07-04 01:49 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-12-30 18:06 - 2013-12-29 11:00 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Checker
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Program Files\Disk Checker
2013-12-29 14:38 - 2013-12-29 14:38 - 00000000 ____D C:\Users\Richard\AppData\Roaming\AVAST Software
2013-12-29 14:32 - 2013-12-29 14:31 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-12-29 14:31 - 2013-12-29 14:31 - 00000000 ____D C:\Program Files\Security Task Manager
2013-12-29 14:16 - 2013-12-29 14:16 - 00000673 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-12-29 14:16 - 2013-12-29 14:16 - 00000644 _____ C:\Users\Public\Desktop\Half-Life.lnk
2013-12-29 11:00 - 2013-07-04 14:17 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 11:00 - 2013-07-04 14:17 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00002047 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-29 11:00 - 2013-07-04 14:15 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 10:57 - 2013-07-03 10:05 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-29 10:57 - 2009-07-14 03:04 - 00002577 _____ C:\Windows\system32\config.nt
2013-12-28 13:31 - 2013-11-10 14:48 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-25 21:20 - 2013-12-25 21:20 - 00002172 _____ C:\Users\Public\Desktop\Play The Sims™ 3.lnk
2013-12-25 19:14 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Richard\Documents\Electronic Arts
2013-12-25 16:38 - 2013-11-11 03:50 - 00000000 ____D C:\Users\Richard\AppData\Local\PMB Files
2013-12-25 16:38 - 2013-11-11 03:50 - 00000000 ____D C:\ProgramData\PMB Files
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Origin
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Local\Origin
2013-12-25 11:40 - 2013-12-25 11:39 - 00000000 ____D C:\ProgramData\Origin
2013-12-25 11:40 - 2013-12-25 11:38 - 00000000 ____D C:\Program Files\Origin
2013-12-25 11:39 - 2013-12-25 11:39 - 00000937 _____ C:\Users\Public\Desktop\Origin.lnk
2013-12-25 11:39 - 2013-12-24 16:41 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-25 11:38 - 2013-12-24 16:38 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-24 15:28 - 2013-12-24 15:28 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-12-24 09:44 - 2013-12-24 09:44 - 00000809 _____ C:\Users\Richard\Desktop\UnrealTournament.lnk
2013-12-24 09:43 - 2013-12-24 09:43 - 00000738 _____ C:\Users\Richard\Desktop\Stronghold Crusader.lnk
2013-12-20 21:50 - 2013-11-06 08:10 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-19 14:11 - 2013-07-04 14:17 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-12-18 01:18 - 2013-12-18 01:01 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ-Profile
2013-12-18 01:02 - 2013-12-18 01:02 - 00001811 _____ C:\Users\Richard\Desktop\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001669 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-18 01:02 - 2013-07-15 20:25 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQM
2013-12-18 00:57 - 2013-07-15 20:36 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ
2013-12-14 21:14 - 2013-12-14 21:14 - 00000983 _____ C:\Users\Public\Desktop\Guitar and Bass.lnk
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Richard\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Public\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\ProgramData\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Program Files\Guitar and Bass
2013-12-14 19:53 - 2013-12-14 19:53 - 00001027 _____ C:\Users\Public\Desktop\Guitar FX BOX 3.LNK
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Steinberg
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Guitar FX BOX 3
Some content of TEMP:
====================
C:\Users\Richard\AppData\Local\Temp\Quarantine.exe
C:\Users\Richard\AppData\Local\Temp\war3_Install.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-09 00:54
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:204.78 GB) (Free:76.88 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (New Disc) (CDROM) (Total:0.63 GB) (Free:0 GB) CDFS
Available physical RAM: 1074.46 MB
Total physical RAM: 1929.67 MB
Percentage of memory in use: 44%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 298 GB) (Disk ID: B05CD80C)
Partition 1: (Active) - (Size=205 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=93 GB) - (Type=05)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Richard\Desktop" je 4 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop
C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Richard\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray
C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Richard\AppData\Roaming\ICQM\icq.exe -CU [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper
C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files\Steam\Steam.exe" -silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun
"C:\Program Files\WebcamMax\wcmmon.exe" -a [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\307523~1.318\SSSCHE~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (4.02 KiB) Staženo 56 x
Re: výrazné spomalenie NTB
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM\...\Run: [NCUpdateHelper] - C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2013-09-05] (NCSOFT Corporation) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKCU\...\Run: [icq] - C:\Users\Richard\AppData\Roaming\ICQM\icq.exe [29919576 2013-12-18] (ICQ) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd) MountPoints2: {2e8e1cf1-e48c-11e2-b871-806e6f6e6963} - D:\setup.exe MountPoints2: {cc796842-e424-11e2-8833-50465d99a2c9} - E:\autoplay.exe HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3AA2A4E65878CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us SearchScopes: HKLM - DefaultScope value is missing. 2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt 2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt 2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe 2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe 2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe 2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip 2014-01-10 15:31 - 2014-01-10 18:28 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate "C:\Users\Richard\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x] REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
hinatahyuuga
- Návštěvník
- Příspěvky: 84
- Registrován: 30 kvě 2008 13:37
Re: výrazné spomalenie NTB
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-01-2014
Ran by Richard at 2014-01-10 23:54:45 Run:1
Running from C:\Users\Richard\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [NCUpdateHelper] - C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2013-09-05] (NCSOFT Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [icq] - C:\Users\Richard\AppData\Roaming\ICQM\icq.exe [29919576 2013-12-18] (ICQ)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
MountPoints2: {2e8e1cf1-e48c-11e2-b871-806e6f6e6963} - D:\setup.exe
MountPoints2: {cc796842-e424-11e2-8833-50465d99a2c9} - E:\autoplay.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3AA2A4E65878CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM - DefaultScope value is missing.
2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt
2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt
2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe
2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip
2014-01-10 15:31 - 2014-01-10 18:28 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Richard\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NCUpdateHelper => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\icq => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2e8e1cf1-e48c-11e2-b871-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{2e8e1cf1-e48c-11e2-b871-806e6f6e6963} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc796842-e424-11e2-8833-50465d99a2c9} => Key deleted successfully.
HKCR\CLSID\{cc796842-e424-11e2-8833-50465d99a2c9} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Users\Richard\Desktop\JRT.txt => Moved successfully.
C:\Users\Richard\Desktop\sc-cleaner.txt => Moved successfully.
C:\Users\Richard\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Richard\Desktop\JRT.exe => Moved successfully.
C:\Users\Richard\Desktop\sc-cleaner.exe => Moved successfully.
C:\Users\Richard\Desktop\Addition.zip => Moved successfully.
C:\Users\Richard\Desktop\FRST.txt => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"C:\Users\Richard\AppData\Roaming\Seznam.cz\szninstall.exe -c [x]" => File/Directory not found.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========
Oper cia sa £spesne dokoncila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray" /f =========
Oper cia sa £spesne dokoncila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq" /f =========
Oper cia sa £spesne dokoncila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper" /f =========
Oper cia sa £spesne dokoncila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f =========
Oper cia sa £spesne dokoncila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun" /f =========
Oper cia sa £spesne dokoncila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f =========
Oper cia sa £spesne dokoncila.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Ran by Richard at 2014-01-10 23:54:45 Run:1
Running from C:\Users\Richard\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [NCUpdateHelper] - C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2013-09-05] (NCSOFT Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [icq] - C:\Users\Richard\AppData\Roaming\ICQM\icq.exe [29919576 2013-12-18] (ICQ)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
MountPoints2: {2e8e1cf1-e48c-11e2-b871-806e6f6e6963} - D:\setup.exe
MountPoints2: {cc796842-e424-11e2-8833-50465d99a2c9} - E:\autoplay.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3AA2A4E65878CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM - DefaultScope value is missing.
2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt
2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt
2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe
2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip
2014-01-10 15:31 - 2014-01-10 18:28 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Richard\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NCUpdateHelper => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\icq => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2e8e1cf1-e48c-11e2-b871-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{2e8e1cf1-e48c-11e2-b871-806e6f6e6963} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc796842-e424-11e2-8833-50465d99a2c9} => Key deleted successfully.
HKCR\CLSID\{cc796842-e424-11e2-8833-50465d99a2c9} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Users\Richard\Desktop\JRT.txt => Moved successfully.
C:\Users\Richard\Desktop\sc-cleaner.txt => Moved successfully.
C:\Users\Richard\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Richard\Desktop\JRT.exe => Moved successfully.
C:\Users\Richard\Desktop\sc-cleaner.exe => Moved successfully.
C:\Users\Richard\Desktop\Addition.zip => Moved successfully.
C:\Users\Richard\Desktop\FRST.txt => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"C:\Users\Richard\AppData\Roaming\Seznam.cz\szninstall.exe -c [x]" => File/Directory not found.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========
Oper cia sa £spesne dokoncila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray" /f =========
Oper cia sa £spesne dokoncila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq" /f =========
Oper cia sa £spesne dokoncila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper" /f =========
Oper cia sa £spesne dokoncila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f =========
Oper cia sa £spesne dokoncila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun" /f =========
Oper cia sa £spesne dokoncila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f =========
Oper cia sa £spesne dokoncila.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: výrazné spomalenie NTB
Tak jeste uklidime 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
Napiste co PC
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Napiste co PC"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
hinatahyuuga
- Návštěvník
- Příspěvky: 84
- Registrován: 30 kvě 2008 13:37
Re: výrazné spomalenie NTB
Vyzerá to tak ze PC ide v pohode zrychlil sa a nemam problem ani z vyskakovaním okien 
Re: výrazné spomalenie NTB
Zase nekdy 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?