Pomalé PC

Zpráva

exltus · #1 Příspěvek od **exltus** » 11 úno 2014 00:52

Dobrý den, poslední dobou jsem zaznamenal, že moje PC se značně zpomalilo. Projel jsem ho antivirem a celkem to pomohlo, ale pořád se mi zdá, že rychlost neodpovídá HW který v něm mám. Tady je log (nevěděl jsem který program použít, ale většina lidí dávala log z RSIT - doufám, že jsem zvolil správně). Předem děkuji za jakoukoli radu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by exitusSC2 at 2014-02-11 00:50:00
Microsoft Windows 7 Home Premium
System drive C: has 4 GB (10%) free of 40 GB
Total RAM: 8143 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:50:03, on 11.2.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16526)
Boot mode: Normal

Running processes:
C:\Programy\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\exitusSC2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programy\Java\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programy\Java\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Programy\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [MSStp] C:\Windows\system32\msstp.vbe
O4 - HKLM\..\Run: [mncblqupSrv] C:\Windows\inf\mncblqup.vbe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [SteelSeries Engine] C:\Programy\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Programy\MICROS~1\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Programy\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8125 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2e8
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Programy\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Programy\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Programy\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2964.0.1149591903\1959074834" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,13,23 --gpu-vendor-id=0x1002 --gpu-device-id=0x683d --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.350.1005.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_11/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/ --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2964.22.242322386\1205198228" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2964.30.1390006587\2079997200" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\exitusSC2\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\exitusSC2\AppData\Roaming\Mozilla\Firefox\Profiles\al7c9xny.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.44 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Programy\Java\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Programy\Java\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Programy\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Programy\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.44 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\Programy\MICROS~1\Office14\NPAUTHZ.DLL

C:\Users\exitusSC2\AppData\Roaming\Mozilla\Firefox\Profiles\al7c9xny.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Programy\Avast\aswWebRepIE64.dll [2013-12-14 1567016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Programy\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Programy\Java\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Programy\Avast\aswWebRepIE.dll [2013-12-14 606544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programy\Java\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Programy\Avast\aswWebRepIE64.dll [2013-12-14 1567016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Programy\Avast\aswWebRepIE.dll [2013-12-14 606544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SteelSeries Engine"=C:\Programy\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [2013-11-05 242688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\exitusSC2\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\exitusSC2\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Programy\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DrvUpdater]
C:\Users\exitusSC2\AppData\Roaming\DRPSu\DrvUpdater.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Programy\Defrag\oodtray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-12-03 7205592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk]
C:\Windows\INSTAL~1\{FBBC2~1\app_icon.ico []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Programy\Avast\AvastUI.exe [2013-12-14 3568312]
"MSStp"=C:\Windows\system32\msstp.vbe []
"mncblqupSrv"=C:\Windows\inf\mncblqup.vbe [2014-01-13 1338]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-01-31 767200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-02-11 00:47:43 ----D---- C:\rsit
2014-02-11 00:47:43 ----D---- C:\Program Files\trend micro
2014-02-11 00:40:25 ----A---- C:\Windows\system32\WPRO_41_2001woem.tmp
2014-02-10 20:37:10 ----D---- C:\ProgramData\ATI
2014-02-10 20:37:08 ----D---- C:\Program Files (x86)\AMD AVT
2014-01-31 22:07:46 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll
2014-01-31 22:07:46 ----A---- C:\Windows\system32\amdhcp64.dll
2014-01-31 22:07:44 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2014-01-31 22:07:44 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2014-01-31 22:07:44 ----A---- C:\Windows\system32\atimpc64.dll
2014-01-31 22:07:44 ----A---- C:\Windows\system32\amdpcom64.dll
2014-01-31 22:07:28 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2014-01-31 22:07:28 ----A---- C:\Windows\system32\atiuxp64.dll
2014-01-31 22:07:14 ----A---- C:\Windows\system32\atidxx64.dll
2014-01-31 22:07:10 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2014-01-31 21:57:20 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2014-01-31 21:43:36 ----A---- C:\Windows\system32\clinfo.exe
2014-01-31 21:43:20 ----A---- C:\Windows\system32\OpenVideo64.dll
2014-01-31 21:43:14 ----A---- C:\Windows\SYSWOW64\OpenVideo.dll
2014-01-31 21:43:08 ----A---- C:\Windows\system32\OVDecode64.dll
2014-01-31 21:43:04 ----A---- C:\Windows\SYSWOW64\OVDecode.dll
2014-01-31 21:42:58 ----A---- C:\Windows\system32\amdocl64.dll
2014-01-31 21:40:34 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2014-01-31 21:38:16 ----A---- C:\Windows\system32\OpenCL.dll
2014-01-31 21:38:12 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-01-31 21:26:40 ----A---- C:\Windows\system32\atiapfxx.exe
2014-01-31 21:26:30 ----A---- C:\Windows\system32\aticalrt64.dll
2014-01-31 21:26:28 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2014-01-31 21:26:20 ----A---- C:\Windows\system32\aticalcl64.dll
2014-01-31 21:26:18 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2014-01-31 21:26:04 ----A---- C:\Windows\system32\aticaldd64.dll
2014-01-31 21:24:36 ----A---- C:\Windows\system32\mantle64.dll
2014-01-31 21:24:16 ----A---- C:\Windows\SYSWOW64\mantle32.dll
2014-01-31 21:23:54 ----A---- C:\Windows\system32\amdmantle64.dll
2014-01-31 21:22:52 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2014-01-31 21:22:04 ----A---- C:\Windows\system32\atio6axx.dll
2014-01-31 21:10:46 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll
2014-01-31 21:06:22 ----A---- C:\Windows\system32\atidemgy.dll
2014-01-31 21:06:12 ----A---- C:\Windows\system32\atimuixx.dll
2014-01-31 21:06:06 ----A---- C:\Windows\system32\atieclxx.exe
2014-01-31 21:05:12 ----A---- C:\Windows\system32\atiesrxx.exe
2014-01-31 21:03:34 ----A---- C:\Windows\system32\atitmm64.dll
2014-01-31 21:03:32 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2014-01-31 20:59:12 ----A---- C:\Windows\system32\mantleaxl64.dll
2014-01-31 20:59:02 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll
2014-01-31 20:48:04 ----A---- C:\Windows\system32\amdmmcl6.dll
2014-01-31 20:47:58 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll
2014-01-31 20:37:06 ----A---- C:\Windows\system32\coinst_13.350.dll
2014-01-31 20:30:14 ----A---- C:\Windows\system32\atiadlxx.dll
2014-01-31 20:30:02 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2014-01-31 20:29:46 ----A---- C:\Windows\system32\atig6pxx.dll
2014-01-31 20:29:40 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2014-01-31 20:29:40 ----A---- C:\Windows\system32\atiglpxx.dll
2014-01-31 20:29:36 ----A---- C:\Windows\system32\atig6txx.dll
2014-01-31 20:29:14 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2014-01-31 20:28:50 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2014-01-31 20:25:02 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2014-01-31 20:23:44 ----A---- C:\Windows\system32\amdave64.dll
2014-01-31 20:23:38 ----A---- C:\Windows\SYSWOW64\amdave32.dll
2014-01-31 20:23:26 ----A---- C:\Windows\system32\atisamu64.dll
2014-01-31 20:23:20 ----A---- C:\Windows\SYSWOW64\atisamu32.dll
2014-01-31 15:53:46 ----A---- C:\Windows\system32\kdbsdk64.dll
2014-01-31 15:49:02 ----A---- C:\Windows\SYSWOW64\kdbsdk32.dll
2014-01-19 18:38:20 ----D---- C:\Users\exitusSC2\AppData\Roaming\TeamViewer
2014-01-19 18:15:36 ----D---- C:\Program Files (x86)\3DO
2014-01-19 18:07:53 ----D---- C:\Program Files (x86)\Seznam.cz
2014-01-19 18:07:35 ----D---- C:\Users\exitusSC2\AppData\Roaming\Seznam.cz
2014-01-19 18:06:39 ----D---- C:\Users\exitusSC2\AppData\Roaming\DAEMON Tools Lite
2014-01-19 18:05:57 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-01-19 17:41:36 ----D---- C:\Users\exitusSC2\AppData\Roaming\Skype
2014-01-19 17:41:31 ----RD---- C:\Program Files (x86)\Skype
2014-01-19 17:41:26 ----D---- C:\ProgramData\Skype
2014-01-19 16:31:34 ----D---- C:\ProgramData\YTD Video Downloader
2014-01-19 16:31:30 ----D---- C:\Program Files (x86)\GreenTree Applications
2014-01-19 14:32:57 ----D---- C:\Users\exitusSC2\AppData\Roaming\GameRanger
2014-01-19 00:02:44 ----D---- C:\Users\exitusSC2\AppData\Roaming\GHISLER
2014-01-19 00:02:44 ----D---- C:\totalcmd
2014-01-18 23:58:22 ----D---- C:\Users\exitusSC2\AppData\Roaming\DRPSu
2014-01-18 23:50:57 ----D---- C:\Program Files\AMD
2014-01-18 23:50:14 ----D---- C:\Program Files (x86)\ATI Technologies
2014-01-18 21:21:55 ----D---- C:\Program Files\Common Files\DESIGNER
2014-01-18 21:21:43 ----D---- C:\Windows\PCHEALTH
2014-01-18 21:18:55 ----D---- C:\Program Files\Microsoft Analysis Services
2014-01-18 21:18:55 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-01-18 21:18:50 ----D---- C:\Program Files (x86)\Microsoft Office
2014-01-18 21:18:48 ----D---- C:\ProgramData\Microsoft Help
2014-01-18 21:18:41 ----RHD---- C:\MSOCache
2014-01-16 09:34:52 ----A---- C:\Windows\system32\atiicdxx.dat

======List of files/folders modified in the last 1 month======

2014-02-11 00:50:03 ----D---- C:\Windows\Temp
2014-02-11 00:47:43 ----RD---- C:\Program Files
2014-02-11 00:45:37 ----D---- C:\Windows\System32
2014-02-11 00:45:37 ----D---- C:\Windows\inf
2014-02-11 00:45:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-11 00:44:51 ----RD---- C:\Program Files (x86)
2014-02-11 00:44:43 ----D---- C:\Program Files (x86)\Google
2014-02-11 00:42:17 ----A---- C:\Windows\SYSWOW64\log.txt
2014-02-10 21:31:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-02-10 21:17:57 ----D---- C:\Windows\system32\catroot
2014-02-10 21:17:56 ----D---- C:\Windows\system32\catroot2
2014-02-10 21:15:53 ----D---- C:\Programy
2014-02-10 21:15:50 ----D---- C:\Windows\system32\DriverStore
2014-02-10 21:15:50 ----D---- C:\Windows\system32\drivers
2014-02-10 21:14:03 ----SHD---- C:\Windows\Installer
2014-02-10 21:09:51 ----D---- C:\Windows\Tasks
2014-02-10 21:09:51 ----D---- C:\Windows\system32\Tasks
2014-02-10 21:08:15 ----D---- C:\Windows
2014-02-10 21:07:19 ----D---- C:\Windows\SysWOW64
2014-02-10 21:07:19 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-10 20:58:06 ----D---- C:\Windows\Prefetch
2014-02-10 20:37:10 ----HD---- C:\ProgramData
2014-02-10 20:37:08 ----D---- C:\ProgramData\AMD
2014-02-10 20:37:02 ----D---- C:\Windows\Microsoft.NET
2014-02-10 20:36:34 ----D---- C:\Program Files\ATI Technologies
2014-02-10 20:35:02 ----SHD---- C:\System Volume Information
2014-02-10 20:33:47 ----RSD---- C:\Windows\assembly
2014-02-10 20:33:16 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-02-10 20:33:16 ----D---- C:\Windows\system32\cs-CZ
2014-02-10 20:32:37 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-10 20:31:53 ----D---- C:\Windows\SYSWOW64\en-US
2014-02-10 20:31:53 ----D---- C:\Windows\system32\en-US
2014-02-10 20:29:33 ----D---- C:\AMD
2014-02-10 20:25:25 ----D---- C:\Program Files\CCleaner
2014-02-10 18:35:08 ----D---- C:\Windows\system32\drivers\UMDF
2014-02-06 20:17:34 ----D---- C:\Windows\system32\config
2014-01-31 22:07:26 ----A---- C:\Windows\system32\atiu9p64.dll
2014-01-31 22:07:24 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2014-01-31 22:07:22 ----A---- C:\Windows\system32\aticfx64.dll
2014-01-31 22:07:20 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2014-01-31 22:07:02 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2014-01-31 22:06:54 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2014-01-31 22:06:38 ----A---- C:\Windows\system32\atiumd6a.dll
2014-01-31 22:06:34 ----A---- C:\Windows\system32\atiumd64.dll
2014-01-22 15:27:54 ----D---- C:\Windows\system32\LogFiles
2014-01-21 11:15:26 ----D---- C:\ProgramData\Oracle
2014-01-19 18:15:41 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-01-19 17:41:31 ----D---- C:\Program Files (x86)\Common Files
2014-01-19 17:36:08 ----D---- C:\Users\exitusSC2\AppData\Roaming\uTorrent
2014-01-19 17:05:37 ----D---- C:\Users\exitusSC2\AppData\Roaming\vlc
2014-01-18 23:49:07 ----D---- C:\Windows\system32\wbem
2014-01-18 21:40:57 ----SD---- C:\Users\exitusSC2\AppData\Roaming\Microsoft
2014-01-18 21:22:45 ----D---- C:\Windows\winsxs
2014-01-18 21:21:59 ----RSD---- C:\Windows\Fonts
2014-01-18 21:21:55 ----D---- C:\Program Files\Common Files
2014-01-18 21:21:47 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-01-18 21:21:43 ----SD---- C:\ProgramData\Microsoft
2014-01-18 21:21:43 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-01-18 21:18:59 ----D---- C:\Windows\ShellNew

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-12-14 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-14 205320]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-02-22 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-12-14 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-12-14 1032416]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-12-14 409832]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-12-14 65264]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-12-14 38984]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-12-14 84328]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-01-31 13929472]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-01-31 636928]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-12-19 94720]
R3 busenum;SteelBusSvc; C:\Windows\system32\DRIVERS\SteelBus64.sys [2013-10-30 140800]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2012-10-22 20968]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2012-10-22 19944]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-12-03 3760344]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD64.sys [2012-10-22 46016]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-02-22 358896]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-02-22 792560]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-12-14 64624]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-12-14 884952]
R3 SAlphamHid;SteelHIDSvc; C:\Windows\system32\DRIVERS\SAlpham64.sys [2013-05-31 38016]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001); C:\Windows\system32\drivers\WPRO_41_2001.sys [2014-02-11 34752]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Programy\MSI\Live Update 5\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-01-31 240128]
R2 avast! Antivirus;avast! Antivirus; C:\Programy\Avast\AvastSvc.exe [2013-12-14 50344]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
R2 ISCTAgent;ISCT Always Updated Agent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-10-22 149032]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-29 165144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-29 277784]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-29 363800]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-10 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-10 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-28 118896]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-14 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 11 úno 2014 07:48

Zdravim

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukoncete vsechny programy
Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Pockejte na dokonceni PreScanu
Zvolte moznost Prohledat (scan)
Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

exltus · #3 Příspěvek od **exltus** » 11 úno 2014 19:06

RogueKiller V8.8.7 [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7600 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : exitusSC2 [Práva správce]
Mód : Kontrola -- Datum : 02/11/2014 19:05:33
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤
-> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SAM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\DEFAULT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Users\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Users\peter\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Documents and Settings\exitusSC2\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000AAKX-003CA0 ATA Device +++++
--- User ---
[MBR] 125e463387f7a42978cbc0640e6b8326
[BSP] e41503e36ecbe3ff34550b4dcc3effcb : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 Mo
1 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
2 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 206848 | Size: 386838 Mo
3 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 792451072 | Size: 40000 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_02112014_190533.txt >>

#4 Příspěvek od **vyosek** » 12 úno 2014 07:51

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

Ulozte nejlepe na Plochu a rozbalte
Spustte kliknutim na mbar
Nyni postupne kliknete na Next a Update
Po dokonceni update (aktualizace) databaze kliknete opet na Next
Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
PC bude restartovan
Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

Provedte aktualizaci
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

exltus · #5 Příspěvek od **exltus** » 12 úno 2014 18:06

takže log z Malwarebytes' Anti-Malware:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.02.12.06

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
exitusSC2 :: EXITUSSC2-PC [administrátor]

Ochrana: Povolena

12.2.2014 17:03:09
MBAM-log-2014-02-12 (18-02-40).txt

Typ: Kompletní kontrola (C:\|D:\|E:\|H:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 538264
Uplynulý čas: 58 minut, 48 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\ProgramData\YTD Video Downloader\ytd_installer.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
D:\ProgramData\DSearchLink\DSearchLink.exe (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.

(konec)

a log z Malwarebytes Anti-Rootkit
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.02.12.06

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
exitusSC2 :: EXITUSSC2-PC [administrator]

12.2.2014 16:45:46
mbar-log-2014-02-12 (16-45-46).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 219520
Time elapsed: 3 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 2
C:\Windows\inf\mncblqup (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\bitstreams (Trojan.Agent.BCM) -> Delete on reboot.

Files Detected: 22
C:\Windows\SysWOW64\msstp.vbe (Malware.Trace) -> Delete on reboot.
C:\Windows\inf\mncblqup\diablo130302.cl (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\diakgcn121016.cl (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\libcurl.dll (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\libeay32.dll (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\libidn-11.dll (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\librtmp.dll (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\libssh2.dll (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\libusb-1.0.dll (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\phatk121016.cl (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\poclbm130302.cl (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\scrypt130511.cl (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\ssleay32.dll (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\zlib1.dll (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\bitstreams\fpgaminer_top_fixed7_197MHz.ncd (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\bitstreams\ztex_ufm1_15b1.bit (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\bitstreams\ztex_ufm1_15d1.bit (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\bitstreams\ztex_ufm1_15d3.bit (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\bitstreams\ztex_ufm1_15d4.bin (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\bitstreams\ztex_ufm1_15d4.bit (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\bitstreams\ztex_ufm1_15y1.bin (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncblqup\bitstreams\ztex_ufm1_15y1.bit (Trojan.Agent.BCM) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

#6 Příspěvek od **vyosek** » 12 úno 2014 19:14

Dejte log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

exltus · #7 Příspěvek od **exltus** » 12 úno 2014 20:45

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-02-2014 01
Ran by exitusSC2 (administrator) on EXITUSSC2-PC on 12-02-2014 20:41:47
Running from C:\Users\exitusSC2\Desktop
Windows 7 Home Premium (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) C:\Programy\Avast\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Programy\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Programy\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Programy\Malwarebytes' Anti-Malware\mbamgui.exe
(SteelSeries ApS) C:\Programy\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(AVAST Software) C:\Programy\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Programy\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\exitusSC2\Desktop\FRSTLauncher (1).exe

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [AvastUI.exe] - C:\Programy\Avast\AvastUI.exe [3568312 2013-12-14] (AVAST Software)
HKLM-x32\...\Run: [MSStp] - C:\Windows\system32\msstp.vbe
HKLM-x32\...\Run: [mncblqupSrv] - C:\Windows\inf\mncblqup.vbe [1338 2014-01-13] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] - "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-01-31] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1781401960-2412987468-1120610218-1000\...\Run: [SteelSeries Engine] - C:\Programy\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [242688 2013-11-05] (SteelSeries ApS)
HKU\S-1-5-21-1781401960-2412987468-1120610218-1000\...\MountPoints2: {3aad1374-807b-11e3-9527-8c89a5c7f321} - G:\_AUTORUN\AUTORUN.EXE
HKU\S-1-5-21-1781401960-2412987468-1120610218-1000\...\MountPoints2: {710e40b2-9346-11e3-9bc7-8c89a5c7f321} - G:\autoplay.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?utf8in=1&fr=ie ... earchTerms}
SearchScopes: HKCU - {02001339-39D8-4285-9936-507507ED0929} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {5AE4EC42-0EA0-4EBF-99F3-B13853213919} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {5F801B4D-46BA-4DCD-B5C6-AB0689D22D53} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {9A5A5F5C-2D4E-48FF-843B-878A63457F27} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKCU - {AA5039C3-B772-4AB9-A593-2CA268493DFC} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKCU - {B1C5F501-8A56-4F4D-A146-60DE7476447B} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKCU - {BF9DD3CC-0D3D-4D87-AB14-79916158ADD6} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKCU - {E76AA528-72A6-44D4-B755-C05D482A8409} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {F01BF5E7-D54C-4B54-BE8A-BFCBE521CDB0} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?utf8in=1&fr=ie ... earchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programy\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programy\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programy\Java\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programy\Java\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programy\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\exitusSC2\AppData\Roaming\Mozilla\Firefox\Profiles\al7c9xny.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Programy\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Programy\Java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Programy\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Programy\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Programy\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: Seznam lištička - C:\Users\exitusSC2\AppData\Roaming\Mozilla\Firefox\Profiles\al7c9xny.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-01-19]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Programy\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Programy\Avast\WebRep\FF [2013-12-14]
FF StartMenuInternet: FIREFOX.EXE - C:\Programy\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR DefaultSearchKeyword: google
CHR DefaultSearchURL: https://www.google.cz/#q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Dokumenty Google) - C:\Users\exitusSC2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-14]
CHR Extension: (Disk Google) - C:\Users\exitusSC2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-14]
CHR Extension: (YouTube) - C:\Users\exitusSC2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-14]
CHR Extension: (Vyhledávání Google) - C:\Users\exitusSC2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-14]
CHR Extension: (AdBlock) - C:\Users\exitusSC2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-12]
CHR Extension: (avast! Online Security) - C:\Users\exitusSC2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-11]
CHR Extension: (Peněženka Google) - C:\Users\exitusSC2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-14]
CHR Extension: (Gmail) - C:\Users\exitusSC2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Programy\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-14]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Programy\Avast\AvastSvc.exe [50344 2013-12-14] (AVAST Software)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-10-22] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-29] (Intel Corporation)
R2 MBAMScheduler; C:\Programy\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Programy\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-14] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-14] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-11] (Disc Soft Ltd)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-10-22] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-10-22] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-10-22] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-02-12] ()
S3 NTIOLib_1_0_4; \??\C:\Programy\MSI\Live Update 5\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-12 20:41 - 2014-02-12 20:41 - 00013143 _____ () C:\Users\exitusSC2\Desktop\FRST.txt
2014-02-12 20:41 - 2014-02-12 20:41 - 00000000 ____D () C:\FRST
2014-02-12 20:40 - 2014-02-12 20:40 - 00112640 _____ (forum.viry.cz) C:\Users\exitusSC2\Desktop\FRSTLauncher (1).exe
2014-02-12 20:39 - 2014-02-12 20:39 - 00112640 _____ (forum.viry.cz) C:\Users\exitusSC2\Downloads\Nepotvrzeno 414037.crdownload
2014-02-12 20:34 - 2014-02-12 20:34 - 02151424 _____ (Farbar) C:\Users\exitusSC2\Desktop\FRST64.exe
2014-02-12 19:33 - 2014-02-12 19:33 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-02-12 18:40 - 2014-02-12 18:40 - 00000000 _____ () C:\Users\exitusSC2\Desktop\Nový textový dokument.txt
2014-02-12 16:52 - 2014-02-12 16:52 - 00000839 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-12 16:52 - 2014-02-12 16:52 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\Malwarebytes
2014-02-12 16:52 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-12 16:34 - 2014-02-12 16:56 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-12 16:34 - 2014-02-12 16:34 - 00000000 ____D () C:\Users\exitusSC2\Desktop\mb
2014-02-12 16:34 - 2014-02-12 16:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-12 16:33 - 2014-02-12 16:33 - 12589848 _____ (Malwarebytes Corp.) C:\Users\exitusSC2\Desktop\mbar-1.07.0.1009.exe
2014-02-11 19:24 - 2014-02-11 19:25 - 00019280 _____ () C:\Windows\War3Unin.dat
2014-02-11 19:24 - 2014-02-11 19:24 - 00126976 _____ (Blizzard Entertainment) C:\Windows\War3Unin.exe
2014-02-11 19:24 - 2014-02-11 19:24 - 00002829 _____ () C:\Windows\War3Unin.pif
2014-02-11 19:24 - 2014-02-11 19:24 - 00000732 _____ () C:\Users\exitusSC2\Desktop\Warcraft III.lnk
2014-02-11 19:24 - 2014-02-11 19:24 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
2014-02-11 19:24 - 2014-02-11 19:24 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-02-11 19:05 - 2014-02-11 19:05 - 00002964 _____ () C:\Users\exitusSC2\Desktop\RKreport[0]_S_02112014_190533.txt
2014-02-11 19:04 - 2014-02-11 19:17 - 00000000 ____D () C:\Users\exitusSC2\Desktop\RK_Quarantine
2014-02-11 01:26 - 2014-02-11 01:26 - 00395976 _____ () C:\Windows\Minidump\021114-19952-01.dmp
2014-02-11 00:47 - 2014-02-11 00:50 - 00000000 ____D () C:\Program Files\trend micro
2014-02-11 00:47 - 2014-02-11 00:47 - 00000000 ____D () C:\rsit
2014-02-11 00:44 - 2014-02-11 00:44 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-10 21:14 - 2014-02-10 21:14 - 00000000 ____H () C:\Users\exitusSC2\AppData\Local\BITABA9.tmp
2014-02-10 21:14 - 2014-02-10 21:14 - 00000000 _____ () C:\Users\exitusSC2\AppData\Local\{7C8EDECF-51BA-4EA5-BF3B-415DDE995A96}
2014-02-10 21:09 - 2014-02-12 20:14 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-10 21:09 - 2014-02-12 19:33 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-10 21:09 - 2014-02-10 21:09 - 00003954 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-10 21:09 - 2014-02-10 21:09 - 00003702 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-10 20:53 - 2014-02-10 20:53 - 00016798 _____ () C:\Users\exitusSC2\Documents\cc_20140210_205314.reg
2014-02-10 20:37 - 2014-02-10 20:37 - 00055273 _____ () C:\Windows\SysWOW64\CCCInstall_201402102037006118.log
2014-02-10 20:37 - 2014-02-10 20:37 - 00000000 ____D () C:\ProgramData\ATI
2014-02-10 20:37 - 2014-02-10 20:37 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-02-10 18:35 - 2014-02-10 18:35 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-01-31 22:07 - 2014-01-31 22:07 - 10171456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 08760320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 00127872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 00117560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-01-31 21:57 - 2014-01-31 21:57 - 13929472 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-01-31 21:43 - 2014-01-31 21:43 - 00230912 _____ () C:\Windows\system32\clinfo.exe
2014-01-31 21:43 - 2014-01-31 21:43 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-01-31 21:43 - 2014-01-31 21:43 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-01-31 21:43 - 2014-01-31 21:43 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-01-31 21:43 - 2014-01-31 21:43 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-01-31 21:42 - 2014-01-31 21:42 - 28424704 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-01-31 21:40 - 2014-01-31 21:40 - 23903232 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-01-31 21:38 - 2014-01-31 21:38 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-01-31 21:38 - 2014-01-31 21:38 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-01-31 21:27 - 2014-01-31 21:27 - 00576040 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-01-31 21:27 - 2014-01-31 21:27 - 00576040 _____ () C:\Windows\system32\atiapfxx.blb
2014-01-31 21:26 - 2014-01-31 21:26 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-01-31 21:26 - 2014-01-31 21:26 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-01-31 21:26 - 2014-01-31 21:26 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-01-31 21:26 - 2014-01-31 21:26 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-01-31 21:26 - 2014-01-31 21:26 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-01-31 21:26 - 2014-01-31 21:26 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-01-31 21:24 - 2014-01-31 21:24 - 00126464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-01-31 21:24 - 2014-01-31 21:24 - 00113152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-01-31 21:23 - 2014-01-31 21:23 - 05350400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-01-31 21:22 - 2014-01-31 21:22 - 27152384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-01-31 21:22 - 2014-01-31 21:22 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-01-31 21:10 - 2014-01-31 21:10 - 04286976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-01-31 21:06 - 2014-01-31 21:06 - 00586240 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-01-31 21:06 - 2014-01-31 21:06 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-01-31 21:06 - 2014-01-31 21:06 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-01-31 21:05 - 2014-01-31 21:05 - 00240128 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-01-31 21:03 - 2014-01-31 21:03 - 22834688 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-01-31 21:03 - 2014-01-31 21:03 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-01-31 20:59 - 2014-01-31 20:59 - 00081920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-01-31 20:59 - 2014-01-31 20:59 - 00079360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-01-31 20:48 - 2014-01-31 20:48 - 00044544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-01-31 20:47 - 2014-01-31 20:47 - 00035840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-01-31 20:43 - 2014-01-31 20:43 - 03434288 _____ () C:\Windows\system32\atiumd6a.cap
2014-01-31 20:37 - 2014-01-31 20:37 - 00806912 _____ (AMD) C:\Windows\system32\coinst_13.350.dll
2014-01-31 20:32 - 2014-01-31 20:32 - 03468336 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-01-31 20:30 - 2014-01-31 20:30 - 01148416 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-01-31 20:30 - 2014-01-31 20:30 - 00828416 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-01-31 20:29 - 2014-01-31 20:29 - 00146432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-01-31 20:29 - 2014-01-31 20:29 - 00133120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-01-31 20:29 - 2014-01-31 20:29 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-01-31 20:29 - 2014-01-31 20:29 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-01-31 20:29 - 2014-01-31 20:29 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-01-31 20:28 - 2014-01-31 20:28 - 00636928 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-01-31 20:25 - 2014-01-31 20:25 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-01-31 20:23 - 2014-01-31 20:23 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-01-31 20:23 - 2014-01-31 20:23 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-01-31 20:23 - 2014-01-31 20:23 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-01-31 20:23 - 2014-01-31 20:23 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-01-31 15:53 - 2014-01-31 15:53 - 00051200 _____ () C:\Windows\system32\kdbsdk64.dll
2014-01-31 15:49 - 2014-01-31 15:49 - 00038912 _____ () C:\Windows\SysWOW64\kdbsdk32.dll
2014-01-21 09:29 - 2014-01-21 09:29 - 00005138 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 15:10 - 2014-02-12 16:32 - 00001380 _____ () C:\Users\exitusSC2\rgmnr
2014-01-20 00:00 - 2014-01-20 00:01 - 00000959 _____ () C:\Users\exitusSC2\Desktop\HEROES3 – zástupce.lnk
2014-01-19 18:38 - 2014-01-19 18:42 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\TeamViewer
2014-01-19 18:15 - 2014-01-19 18:15 - 00000672 _____ () C:\Users\exitusSC2\Desktop\Heroes of Might and Magic® III Complete.lnk
2014-01-19 18:15 - 2014-01-19 18:15 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-01-19 18:15 - 2014-01-19 18:15 - 00000000 ____D () C:\Program Files (x86)\3DO
2014-01-19 18:15 - 2007-02-01 16:53 - 02732032 ____R (The 3DO Company) C:\Users\exitusSC2\Documents\HEROES3.EXE
2014-01-19 18:07 - 2014-02-10 21:13 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\Seznam.cz
2014-01-19 18:07 - 2014-02-10 21:13 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-01-19 18:07 - 2014-01-19 18:07 - 00001039 _____ () C:\Users\Public\Desktop\Heroes of Might and Magic III Complete NO CD CRACK.lnk
2014-01-19 18:06 - 2014-01-19 18:09 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\DAEMON Tools Lite
2014-01-19 18:05 - 2014-01-19 18:08 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-01-19 17:41 - 2014-02-12 19:14 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\Skype
2014-01-19 17:41 - 2014-01-19 17:41 - 00002731 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-01-19 17:41 - 2014-01-19 17:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-01-19 17:41 - 2014-01-19 17:41 - 00000000 ____D () C:\ProgramData\Skype
2014-01-19 16:34 - 2014-01-19 16:34 - 00000000 ____D () C:\Users\exitusSC2\Nová složka
2014-01-19 16:31 - 2014-01-19 16:33 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-01-19 16:31 - 2014-01-19 16:32 - 00001293 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-01-19 16:31 - 2014-01-19 16:31 - 00000000 ____D () C:\Program Files (x86)\GreenTree Applications
2014-01-19 14:33 - 2014-01-19 14:33 - 00001036 _____ () C:\Users\exitusSC2\Desktop\GameRanger.lnk
2014-01-19 14:33 - 2014-01-19 14:33 - 00001022 _____ () C:\Users\exitusSC2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk
2014-01-19 14:32 - 2014-01-19 14:33 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\GameRanger
2014-01-19 13:33 - 2014-01-19 13:33 - 00000710 _____ () C:\Users\exitusSC2\Desktop\HEROES3 HD.lnk
2014-01-19 13:32 - 2014-01-19 18:33 - 00000633 _____ () C:\Users\Public\Desktop\HoMM3 HD.lnk
2014-01-19 00:17 - 2014-01-19 00:17 - 00000000 ____D () C:\Users\exitusSC2\AppData\Local\GHISLER
2014-01-19 00:02 - 2014-01-19 00:02 - 00000646 _____ () C:\Users\exitusSC2\Desktop\Total Commander 64 bit.lnk
2014-01-19 00:02 - 2014-01-19 00:02 - 00000632 _____ () C:\Users\exitusSC2\Desktop\Total Commander.lnk
2014-01-19 00:02 - 2014-01-19 00:02 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-01-19 00:02 - 2014-01-19 00:02 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\GHISLER
2014-01-19 00:02 - 2014-01-19 00:02 - 00000000 ____D () C:\totalcmd
2014-01-18 23:58 - 2014-02-10 21:15 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\DRPSu
2014-01-18 23:52 - 2014-01-18 23:52 - 00055273 _____ () C:\Windows\SysWOW64\CCCInstall_201401182352295871.log
2014-01-18 23:50 - 2014-02-10 20:37 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-01-18 23:50 - 2014-01-19 06:04 - 00000000 ____D () C:\Users\exitusSC2\.aria2
2014-01-18 23:50 - 2014-01-18 23:50 - 00000000 ____D () C:\Program Files\AMD
2014-01-18 22:48 - 2014-01-18 22:55 - 00000600 _____ () C:\Users\exitusSC2\AppData\Local\PUTTY.RND
2014-01-18 22:07 - 2014-01-18 22:14 - 00000000 ____D () C:\Users\exitusSC2\rmd
2014-01-18 21:55 - 2014-01-18 21:55 - 00030340 _____ () C:\Users\exitusSC2\Desktop\dane.xlsx
2014-01-18 21:40 - 2014-01-18 21:55 - 00039699 _____ () C:\Users\exitusSC2\Desktop\dane.csv
2014-01-18 21:22 - 2014-01-18 21:22 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-01-18 21:21 - 2014-01-18 21:21 - 00000000 ____D () C:\Windows\PCHEALTH
2014-01-18 21:21 - 2014-01-18 21:21 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-01-18 21:18 - 2014-01-18 21:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-18 21:18 - 2014-01-18 21:18 - 00000000 __RHD () C:\MSOCache
2014-01-18 21:18 - 2014-01-18 21:18 - 00000000 ____D () C:\Users\exitusSC2\AppData\Local\Microsoft Help
2014-01-18 21:18 - 2014-01-18 21:18 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-01-18 21:18 - 2014-01-18 21:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-18 21:18 - 2014-01-18 21:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-01-18 21:16 - 2014-01-18 21:16 - 00000000 ____D () C:\Users\exitusSC2\Desktop\word
2014-01-18 21:05 - 2014-01-18 21:05 - 00002502 _____ () C:\Users\exitusSC2\Documents\cc_20140118_210522.reg
2014-01-16 09:34 - 2014-01-16 09:34 - 00723841 _____ () C:\Windows\system32\atiicdxx.dat

==================== One Month Modified Files and Folders =======

2014-02-12 20:41 - 2014-02-12 20:41 - 00013143 _____ () C:\Users\exitusSC2\Desktop\FRST.txt
2014-02-12 20:41 - 2014-02-12 20:41 - 00000000 ____D () C:\FRST
2014-02-12 20:40 - 2014-02-12 20:40 - 00112640 _____ (forum.viry.cz) C:\Users\exitusSC2\Desktop\FRSTLauncher (1).exe
2014-02-12 20:39 - 2014-02-12 20:39 - 00112640 _____ (forum.viry.cz) C:\Users\exitusSC2\Downloads\Nepotvrzeno 414037.crdownload
2014-02-12 20:34 - 2014-02-12 20:34 - 02151424 _____ (Farbar) C:\Users\exitusSC2\Desktop\FRST64.exe
2014-02-12 20:14 - 2014-02-10 21:09 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-12 19:37 - 2009-07-14 16:18 - 00668138 _____ () C:\Windows\system32\perfh005.dat
2014-02-12 19:37 - 2009-07-14 16:18 - 00140798 _____ () C:\Windows\system32\perfc005.dat
2014-02-12 19:37 - 2009-07-14 06:13 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-12 19:36 - 2013-12-14 11:34 - 02049649 _____ () C:\Windows\WindowsUpdate.log
2014-02-12 19:33 - 2014-02-12 19:33 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-02-12 19:33 - 2014-02-10 21:09 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-12 19:33 - 2013-12-14 12:52 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-02-12 19:32 - 2013-12-18 18:53 - 00022288 _____ () C:\Windows\PFRO.log
2014-02-12 19:32 - 2013-12-18 18:53 - 00004520 _____ () C:\Windows\setupact.log
2014-02-12 19:32 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-12 19:14 - 2014-01-19 17:41 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\Skype
2014-02-12 18:40 - 2014-02-12 18:40 - 00000000 _____ () C:\Users\exitusSC2\Desktop\Nový textový dokument.txt
2014-02-12 16:56 - 2014-02-12 16:34 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-12 16:52 - 2014-02-12 16:52 - 00000839 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-12 16:52 - 2014-02-12 16:52 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\Malwarebytes
2014-02-12 16:52 - 2013-12-14 11:45 - 00000000 ____D () C:\Programy
2014-02-12 16:51 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-02-12 16:34 - 2014-02-12 16:34 - 00000000 ____D () C:\Users\exitusSC2\Desktop\mb
2014-02-12 16:34 - 2014-02-12 16:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-12 16:33 - 2014-02-12 16:33 - 12589848 _____ (Malwarebytes Corp.) C:\Users\exitusSC2\Desktop\mbar-1.07.0.1009.exe
2014-02-12 16:32 - 2014-01-20 15:10 - 00001380 _____ () C:\Users\exitusSC2\rgmnr
2014-02-12 00:59 - 2013-12-14 12:17 - 00000000 ____D () C:\Users\exitusSC2\AppData\Local\Battle.net
2014-02-11 21:00 - 2013-12-14 11:41 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\uTorrent
2014-02-11 19:25 - 2014-02-11 19:24 - 00019280 _____ () C:\Windows\War3Unin.dat
2014-02-11 19:24 - 2014-02-11 19:24 - 00126976 _____ (Blizzard Entertainment) C:\Windows\War3Unin.exe
2014-02-11 19:24 - 2014-02-11 19:24 - 00002829 _____ () C:\Windows\War3Unin.pif
2014-02-11 19:24 - 2014-02-11 19:24 - 00000732 _____ () C:\Users\exitusSC2\Desktop\Warcraft III.lnk
2014-02-11 19:24 - 2014-02-11 19:24 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
2014-02-11 19:24 - 2014-02-11 19:24 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-02-11 19:21 - 2013-11-19 14:18 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-02-11 19:17 - 2014-02-11 19:04 - 00000000 ____D () C:\Users\exitusSC2\Desktop\RK_Quarantine
2014-02-11 19:05 - 2014-02-11 19:05 - 00002964 _____ () C:\Users\exitusSC2\Desktop\RKreport[0]_S_02112014_190533.txt
2014-02-11 01:26 - 2014-02-11 01:26 - 00395976 _____ () C:\Windows\Minidump\021114-19952-01.dmp
2014-02-11 01:26 - 2013-12-14 14:47 - 00000000 ____D () C:\Windows\Minidump
2014-02-11 00:50 - 2014-02-11 00:47 - 00000000 ____D () C:\Program Files\trend micro
2014-02-11 00:47 - 2014-02-11 00:47 - 00000000 ____D () C:\rsit
2014-02-11 00:44 - 2014-02-11 00:44 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-11 00:44 - 2013-12-14 11:39 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-10 21:31 - 2013-12-17 23:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-10 21:31 - 2013-12-17 23:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-10 21:31 - 2013-12-17 23:00 - 00000000 ____D () C:\Users\exitusSC2\AppData\Local\Adobe
2014-02-10 21:31 - 2013-12-14 15:30 - 00000000 ____D () C:\Users\exitusSC2\AppData\Local\CrashDumps
2014-02-10 21:29 - 2013-12-14 14:36 - 00000796 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-10 21:15 - 2014-01-18 23:58 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\DRPSu
2014-02-10 21:14 - 2014-02-10 21:14 - 00000000 ____H () C:\Users\exitusSC2\AppData\Local\BITABA9.tmp
2014-02-10 21:14 - 2014-02-10 21:14 - 00000000 _____ () C:\Users\exitusSC2\AppData\Local\{7C8EDECF-51BA-4EA5-BF3B-415DDE995A96}
2014-02-10 21:13 - 2014-01-19 18:07 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\Seznam.cz
2014-02-10 21:13 - 2014-01-19 18:07 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-02-10 21:09 - 2014-02-10 21:09 - 00003954 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-10 21:09 - 2014-02-10 21:09 - 00003702 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-10 21:07 - 2013-12-17 22:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-10 20:58 - 2013-12-17 22:58 - 00000849 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-10 20:53 - 2014-02-10 20:53 - 00016798 _____ () C:\Users\exitusSC2\Documents\cc_20140210_205314.reg
2014-02-10 20:37 - 2014-02-10 20:37 - 00055273 _____ () C:\Windows\SysWOW64\CCCInstall_201402102037006118.log
2014-02-10 20:37 - 2014-02-10 20:37 - 00000000 ____D () C:\ProgramData\ATI
2014-02-10 20:37 - 2014-02-10 20:37 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-02-10 20:37 - 2014-01-18 23:50 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-02-10 20:37 - 2013-12-14 11:52 - 00000000 ____D () C:\ProgramData\AMD
2014-02-10 20:36 - 2013-12-14 14:28 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-02-10 20:32 - 2013-12-14 11:50 - 01557208 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-10 20:29 - 2013-12-14 14:28 - 00000000 ____D () C:\AMD
2014-02-10 20:25 - 2013-12-14 12:03 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-10 20:25 - 2013-12-14 12:03 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-10 18:35 - 2014-02-10 18:35 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-02-10 18:07 - 2013-12-14 13:21 - 00004142 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-04 19:49 - 2013-12-14 12:23 - 00000000 ____D () C:\Users\exitusSC2\Documents\StarCraft II
2014-01-31 22:07 - 2014-01-31 22:07 - 10171456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 08760320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 00127872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 00117560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-01-31 22:07 - 2014-01-31 22:07 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-01-31 22:07 - 2013-12-06 23:02 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-01-31 22:07 - 2013-12-06 23:01 - 01106360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-01-31 22:07 - 2013-12-06 22:59 - 10145128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-01-31 22:07 - 2013-11-29 18:53 - 00116024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-01-31 22:07 - 2013-11-29 18:52 - 01328328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-01-31 22:06 - 2013-12-06 22:58 - 06716264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-01-31 22:06 - 2013-11-29 18:47 - 10899624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-01-31 22:06 - 2013-11-29 18:46 - 07892000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-01-31 21:57 - 2014-01-31 21:57 - 13929472 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-01-31 21:43 - 2014-01-31 21:43 - 00230912 _____ () C:\Windows\system32\clinfo.exe
2014-01-31 21:43 - 2014-01-31 21:43 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-01-31 21:43 - 2014-01-31 21:43 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-01-31 21:43 - 2014-01-31 21:43 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-01-31 21:43 - 2014-01-31 21:43 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-01-31 21:42 - 2014-01-31 21:42 - 28424704 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-01-31 21:40 - 2014-01-31 21:40 - 23903232 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-01-31 21:38 - 2014-01-31 21:38 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-01-31 21:38 - 2014-01-31 21:38 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-01-31 21:27 - 2014-01-31 21:27 - 00576040 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-01-31 21:27 - 2014-01-31 21:27 - 00576040 _____ () C:\Windows\system32\atiapfxx.blb
2014-01-31 21:26 - 2014-01-31 21:26 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-01-31 21:26 - 2014-01-31 21:26 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-01-31 21:26 - 2014-01-31 21:26 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-01-31 21:26 - 2014-01-31 21:26 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-01-31 21:26 - 2014-01-31 21:26 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-01-31 21:26 - 2014-01-31 21:26 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-01-31 21:24 - 2014-01-31 21:24 - 00126464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-01-31 21:24 - 2014-01-31 21:24 - 00113152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-01-31 21:23 - 2014-01-31 21:23 - 05350400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-01-31 21:22 - 2014-01-31 21:22 - 27152384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-01-31 21:22 - 2014-01-31 21:22 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-01-31 21:10 - 2014-01-31 21:10 - 04286976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-01-31 21:06 - 2014-01-31 21:06 - 00586240 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-01-31 21:06 - 2014-01-31 21:06 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-01-31 21:06 - 2014-01-31 21:06 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-01-31 21:05 - 2014-01-31 21:05 - 00240128 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-01-31 21:03 - 2014-01-31 21:03 - 22834688 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-01-31 21:03 - 2014-01-31 21:03 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-01-31 20:59 - 2014-01-31 20:59 - 00081920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-01-31 20:59 - 2014-01-31 20:59 - 00079360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-01-31 20:48 - 2014-01-31 20:48 - 00044544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-01-31 20:47 - 2014-01-31 20:47 - 00035840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-01-31 20:43 - 2014-01-31 20:43 - 03434288 _____ () C:\Windows\system32\atiumd6a.cap
2014-01-31 20:37 - 2014-01-31 20:37 - 00806912 _____ (AMD) C:\Windows\system32\coinst_13.350.dll
2014-01-31 20:32 - 2014-01-31 20:32 - 03468336 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-01-31 20:30 - 2014-01-31 20:30 - 01148416 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-01-31 20:30 - 2014-01-31 20:30 - 00828416 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-01-31 20:29 - 2014-01-31 20:29 - 00146432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-01-31 20:29 - 2014-01-31 20:29 - 00133120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-01-31 20:29 - 2014-01-31 20:29 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-01-31 20:29 - 2014-01-31 20:29 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-01-31 20:29 - 2014-01-31 20:29 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-01-31 20:28 - 2014-01-31 20:28 - 00636928 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-01-31 20:25 - 2014-01-31 20:25 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-01-31 20:23 - 2014-01-31 20:23 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-01-31 20:23 - 2014-01-31 20:23 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-01-31 20:23 - 2014-01-31 20:23 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-01-31 20:23 - 2014-01-31 20:23 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-01-31 15:53 - 2014-01-31 15:53 - 00051200 _____ () C:\Windows\system32\kdbsdk64.dll
2014-01-31 15:49 - 2014-01-31 15:49 - 00038912 _____ () C:\Windows\SysWOW64\kdbsdk32.dll
2014-01-21 15:50 - 2009-07-14 05:45 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-21 15:50 - 2009-07-14 05:45 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-21 11:15 - 2013-12-14 11:52 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-21 09:29 - 2014-01-21 09:29 - 00005138 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 15:10 - 2013-12-14 11:35 - 00000000 ____D () C:\Users\exitusSC2
2014-01-20 15:08 - 2009-07-14 05:45 - 00285024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-20 00:01 - 2014-01-20 00:00 - 00000959 _____ () C:\Users\exitusSC2\Desktop\HEROES3 – zástupce.lnk
2014-01-19 18:42 - 2014-01-19 18:38 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\TeamViewer
2014-01-19 18:33 - 2014-01-19 13:32 - 00000633 _____ () C:\Users\Public\Desktop\HoMM3 HD.lnk
2014-01-19 18:15 - 2014-01-19 18:15 - 00000672 _____ () C:\Users\exitusSC2\Desktop\Heroes of Might and Magic® III Complete.lnk
2014-01-19 18:15 - 2014-01-19 18:15 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-01-19 18:15 - 2014-01-19 18:15 - 00000000 ____D () C:\Program Files (x86)\3DO
2014-01-19 18:15 - 2013-12-14 11:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-19 18:09 - 2014-01-19 18:06 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\DAEMON Tools Lite
2014-01-19 18:08 - 2014-01-19 18:05 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-01-19 18:07 - 2014-01-19 18:07 - 00001039 _____ () C:\Users\Public\Desktop\Heroes of Might and Magic III Complete NO CD CRACK.lnk
2014-01-19 17:41 - 2014-01-19 17:41 - 00002731 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-01-19 17:41 - 2014-01-19 17:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-01-19 17:41 - 2014-01-19 17:41 - 00000000 ____D () C:\ProgramData\Skype
2014-01-19 17:05 - 2013-12-14 17:19 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\vlc
2014-01-19 16:34 - 2014-01-19 16:34 - 00000000 ____D () C:\Users\exitusSC2\Nová složka
2014-01-19 16:33 - 2014-01-19 16:31 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-01-19 16:32 - 2014-01-19 16:31 - 00001293 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-01-19 16:31 - 2014-01-19 16:31 - 00000000 ____D () C:\Program Files (x86)\GreenTree Applications
2014-01-19 14:33 - 2014-01-19 14:33 - 00001036 _____ () C:\Users\exitusSC2\Desktop\GameRanger.lnk
2014-01-19 14:33 - 2014-01-19 14:33 - 00001022 _____ () C:\Users\exitusSC2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk
2014-01-19 14:33 - 2014-01-19 14:32 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\GameRanger
2014-01-19 13:33 - 2014-01-19 13:33 - 00000710 _____ () C:\Users\exitusSC2\Desktop\HEROES3 HD.lnk
2014-01-19 06:04 - 2014-01-18 23:50 - 00000000 ____D () C:\Users\exitusSC2\.aria2
2014-01-19 00:17 - 2014-01-19 00:17 - 00000000 ____D () C:\Users\exitusSC2\AppData\Local\GHISLER
2014-01-19 00:02 - 2014-01-19 00:02 - 00000646 _____ () C:\Users\exitusSC2\Desktop\Total Commander 64 bit.lnk
2014-01-19 00:02 - 2014-01-19 00:02 - 00000632 _____ () C:\Users\exitusSC2\Desktop\Total Commander.lnk
2014-01-19 00:02 - 2014-01-19 00:02 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-01-19 00:02 - 2014-01-19 00:02 - 00000000 ____D () C:\Users\exitusSC2\AppData\Roaming\GHISLER
2014-01-19 00:02 - 2014-01-19 00:02 - 00000000 ____D () C:\totalcmd
2014-01-18 23:52 - 2014-01-18 23:52 - 00055273 _____ () C:\Windows\SysWOW64\CCCInstall_201401182352295871.log
2014-01-18 23:50 - 2014-01-18 23:50 - 00000000 ____D () C:\Program Files\AMD
2014-01-18 23:49 - 2013-12-14 11:38 - 00062968 _____ () C:\Users\exitusSC2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-18 22:55 - 2014-01-18 22:48 - 00000600 _____ () C:\Users\exitusSC2\AppData\Local\PUTTY.RND
2014-01-18 22:14 - 2014-01-18 22:07 - 00000000 ____D () C:\Users\exitusSC2\rmd
2014-01-18 21:55 - 2014-01-18 21:55 - 00030340 _____ () C:\Users\exitusSC2\Desktop\dane.xlsx
2014-01-18 21:55 - 2014-01-18 21:40 - 00039699 _____ () C:\Users\exitusSC2\Desktop\dane.csv
2014-01-18 21:22 - 2014-01-18 21:22 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-01-18 21:22 - 2014-01-18 21:18 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-18 21:21 - 2014-01-18 21:21 - 00000000 ____D () C:\Windows\PCHEALTH
2014-01-18 21:21 - 2014-01-18 21:21 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-01-18 21:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-01-18 21:18 - 2014-01-18 21:18 - 00000000 __RHD () C:\MSOCache
2014-01-18 21:18 - 2014-01-18 21:18 - 00000000 ____D () C:\Users\exitusSC2\AppData\Local\Microsoft Help
2014-01-18 21:18 - 2014-01-18 21:18 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-01-18 21:18 - 2014-01-18 21:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-18 21:18 - 2014-01-18 21:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-01-18 21:18 - 2009-07-14 16:36 - 00000000 ____D () C:\Windows\ShellNew
2014-01-18 21:16 - 2014-01-18 21:16 - 00000000 ____D () C:\Users\exitusSC2\Desktop\word
2014-01-18 21:05 - 2014-01-18 21:05 - 00002502 _____ () C:\Users\exitusSC2\Documents\cc_20140118_210522.reg
2014-01-16 09:34 - 2014-01-16 09:34 - 00723841 _____ () C:\Windows\system32\atiicdxx.dat

Some content of TEMP:
====================
C:\Users\exitusSC2\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\exitusSC2\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\exitusSC2\AppData\Local\Temp\ntdll_dump.dll
C:\Users\exitusSC2\AppData\Local\Temp\SIntf16.dll
C:\Users\exitusSC2\AppData\Local\Temp\SIntf32.dll
C:\Users\exitusSC2\AppData\Local\Temp\SIntfNT.dll
C:\Users\exitusSC2\AppData\Local\Temp\war3_Install.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-02-11 22:32

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:39.06 GB) (Free:3.71 GB) NTFS
Drive d: () (Fixed) (Total:97.56 GB) (Free:57.24 GB) NTFS
Drive e: () (Fixed) (Total:280.21 GB) (Free:73.14 GB) NTFS
Drive h: (Nový svazek) (Fixed) (Total:48.83 GB) (Free:9.98 GB) NTFS

Available physical RAM: 5976.27 MB
Total physical RAM: 8142.93 MB
Percentage of memory in use: 26%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 421B0AD2)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=100 MB) - (Type=42)
Partition 3: (Not Active) - (Size=378 GB) - (Type=42)
Partition 4: (Not Active) - (Size=39 GB) - (Type=42)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\exitusSC2\Desktop" je 783 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\exitusSC2\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\exitusSC2\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DrvUpdater
C:\Users\exitusSC2\AppData\Roaming\DRPSu\DrvUpdater.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray
C:\Programy\Defrag\oodtray.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk
C:\Windows\INSTAL~1\{FBBC2~1\app_icon.ico [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#8 Příspěvek od **vyosek** » 15 úno 2014 08:14

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [MSStp] - C:\Windows\system32\msstp.vbe
HKLM-x32\...\Run: [mncblqupSrv] - C:\Windows\inf\mncblqup.vbe [1338 2014-01-13] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] - "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-1781401960-2412987468-1120610218-1000\...\MountPoints2: {3aad1374-807b-11e3-9527-8c89a5c7f321} - G:\_AUTORUN\AUTORUN.EXE
HKU\S-1-5-21-1781401960-2412987468-1120610218-1000\...\MountPoints2: {710e40b2-9346-11e3-9bc7-8c89a5c7f321} - G:\autoplay.exe

SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?utf8in=1&fr=ietb&q={SearchTerms}

2014-02-12 20:40 - 2014-02-12 20:40 - 00112640 _____ (forum.viry.cz) C:\Users\exitusSC2\Desktop\FRSTLauncher (1).exe
2014-02-12 20:39 - 2014-02-12 20:39 - 00112640 _____ (forum.viry.cz) C:\Users\exitusSC2\Downloads\Nepotvrzeno 414037.crdownload
C:\Windows\system32\msstp.vbe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Users\exitusSC2\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\exitusSC2\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\exitusSC2\AppData\Local\Temp\ntdll_dump.dll
C:\Users\exitusSC2\AppData\Local\Temp\SIntf16.dll
C:\Users\exitusSC2\AppData\Local\Temp\SIntf32.dll
C:\Users\exitusSC2\AppData\Local\Temp\SIntfNT.dll
C:\Users\exitusSC2\AppData\Local\Temp\war3_Install.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DrvUpdater" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk" /f

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

VIRY.CZ

Pomalé PC

Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC