prosim o kontrolu

Zpráva

Jameson_cz · #1 Příspěvek od **Jameson_cz** » 22 dub 2014 10:53

Je to neskutecny, pred mesicem jsem tady byl naposledy. PC jsem pouzival minimalne, zadny podivny stranky. Vymenil jsem Avast za Security Essentials.
Diky za pomoc.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Kuba at 2014-04-22 11:50:49
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 64 GB (42%) free of 153 GB
Total RAM: 8120 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:51:09, on 22.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Windows\System32\firefaceusb.exe
C:\Windows\System32\TotalMixFX.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Kuba\AppData\Local\PirritSuggestor\PirritDesktop.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
C:\Program Files\trend micro\Kuba.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://127.0.0.1:9880
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 216.239.32.20 google.com
O1 - Hosts: 216.239.32.20 google.com www.google.ad
O1 - Hosts: 216.239.32.20 google.com www.google.ae
O1 - Hosts: 216.239.32.20 google.com www.google.com.af
O1 - Hosts: 216.239.32.20 google.com www.google.com.ag
O1 - Hosts: 216.239.32.20 google.com www.google.com.ai
O1 - Hosts: 216.239.32.20 google.com www.google.al
O1 - Hosts: 216.239.32.20 google.com www.google.am
O1 - Hosts: 216.239.32.20 google.com www.google.co.ao
O1 - Hosts: 216.239.32.20 google.com www.google.com.ar
O1 - Hosts: 216.239.32.20 google.com www.google.as
O1 - Hosts: 216.239.32.20 google.com www.google.at
O1 - Hosts: 216.239.32.20 google.com www.google.com.au
O1 - Hosts: 216.239.32.20 google.com www.google.az
O1 - Hosts: 216.239.32.20 google.com www.google.ba
O1 - Hosts: 216.239.32.20 google.com www.google.com.bd
O1 - Hosts: 216.239.32.20 google.com www.google.be
O1 - Hosts: 216.239.32.20 google.com www.google.bf
O1 - Hosts: 216.239.32.20 google.com www.google.bg
O1 - Hosts: 216.239.32.20 google.com www.google.com.bh
O1 - Hosts: 216.239.32.20 google.com www.google.bi
O1 - Hosts: 216.239.32.20 google.com www.google.bj
O1 - Hosts: 216.239.32.20 google.com www.google.com.bn
O1 - Hosts: 216.239.32.20 google.com www.google.com.bo
O1 - Hosts: 216.239.32.20 google.com www.google.com.br
O1 - Hosts: 216.239.32.20 google.com www.google.bs
O1 - Hosts: 216.239.32.20 google.com www.google.bt
O1 - Hosts: 216.239.32.20 google.com www.google.co.bw
O1 - Hosts: 216.239.32.20 google.com www.google.by
O1 - Hosts: 216.239.32.20 google.com www.google.com.bz
O1 - Hosts: 216.239.32.20 google.com www.google.ca
O1 - Hosts: 216.239.32.20 google.com www.google.cd
O1 - Hosts: 216.239.32.20 google.com www.google.cf
O1 - Hosts: 216.239.32.20 google.com www.google.cg
O1 - Hosts: 216.239.32.20 google.com www.google.ch
O1 - Hosts: 216.239.32.20 google.com www.google.ci
O1 - Hosts: 216.239.32.20 google.com www.google.co.ck
O1 - Hosts: 216.239.32.20 google.com www.google.cl
O1 - Hosts: 216.239.32.20 google.com www.google.cm
O1 - Hosts: 216.239.32.20 google.com www.google.cn
O1 - Hosts: 216.239.32.20 google.com www.google.com.co
O1 - Hosts: 216.239.32.20 google.com www.google.co.cr
O1 - Hosts: 216.239.32.20 google.com www.google.com.cu
O1 - Hosts: 216.239.32.20 google.com www.google.cv
O1 - Hosts: 216.239.32.20 google.com www.google.com.cy
O1 - Hosts: 216.239.32.20 google.com www.google.cz
O1 - Hosts: 216.239.32.20 google.com www.google.de
O1 - Hosts: 216.239.32.20 google.com www.google.dj
O1 - Hosts: 216.239.32.20 google.com www.google.dk
O1 - Hosts: 216.239.32.20 google.com www.google.dm
O1 - Hosts: 216.239.32.20 google.com www.google.com.do
O1 - Hosts: 216.239.32.20 google.com www.google.dz
O1 - Hosts: 216.239.32.20 google.com www.google.com.ec
O1 - Hosts: 216.239.32.20 google.com www.google.ee
O1 - Hosts: 216.239.32.20 google.com www.google.com.eg
O1 - Hosts: 216.239.32.20 google.com www.google.es
O1 - Hosts: 216.239.32.20 google.com www.google.com.et
O1 - Hosts: 216.239.32.20 google.com www.google.fi
O1 - Hosts: 216.239.32.20 google.com www.google.com.fj
O1 - Hosts: 216.239.32.20 google.com www.google.fm
O1 - Hosts: 216.239.32.20 google.com www.google.fr
O1 - Hosts: 216.239.32.20 google.com www.google.ga
O1 - Hosts: 216.239.32.20 google.com www.google.ge
O1 - Hosts: 216.239.32.20 google.com www.google.gg
O1 - Hosts: 216.239.32.20 google.com www.google.com.gh
O1 - Hosts: 216.239.32.20 google.com www.google.com.gi
O1 - Hosts: 216.239.32.20 google.com www.google.gl
O1 - Hosts: 216.239.32.20 google.com www.google.gm
O1 - Hosts: 216.239.32.20 google.com www.google.gp
O1 - Hosts: 216.239.32.20 google.com www.google.gr
O1 - Hosts: 216.239.32.20 google.com www.google.com.gt
O1 - Hosts: 216.239.32.20 google.com www.google.gy
O1 - Hosts: 216.239.32.20 google.com www.google.com.hk
O1 - Hosts: 216.239.32.20 google.com www.google.hn
O1 - Hosts: 216.239.32.20 google.com www.google.hr
O1 - Hosts: 216.239.32.20 google.com www.google.ht
O1 - Hosts: 216.239.32.20 google.com www.google.hu
O1 - Hosts: 216.239.32.20 google.com www.google.co.id
O1 - Hosts: 216.239.32.20 google.com www.google.ie
O1 - Hosts: 216.239.32.20 google.com www.google.co.il
O1 - Hosts: 216.239.32.20 google.com www.google.im
O1 - Hosts: 216.239.32.20 google.com www.google.co.in
O1 - Hosts: 216.239.32.20 google.com www.google.iq
O1 - Hosts: 216.239.32.20 google.com www.google.is
O1 - Hosts: 216.239.32.20 google.com www.google.it
O1 - Hosts: 216.239.32.20 google.com www.google.je
O1 - Hosts: 216.239.32.20 google.com www.google.com.jm
O1 - Hosts: 216.239.32.20 google.com www.google.jo
O1 - Hosts: 216.239.32.20 google.com www.google.co.jp
O1 - Hosts: 216.239.32.20 google.com www.google.co.ke
O1 - Hosts: 216.239.32.20 google.com www.google.com.kh
O1 - Hosts: 216.239.32.20 google.com www.google.ki
O1 - Hosts: 216.239.32.20 google.com www.google.kg
O1 - Hosts: 216.239.32.20 google.com www.google.co.kr
O1 - Hosts: 216.239.32.20 google.com www.google.com.kw
O1 - Hosts: 216.239.32.20 google.com www.google.kz
O1 - Hosts: 216.239.32.20 google.com www.google.la
O1 - Hosts: 216.239.32.20 google.com www.google.com.lb
O1 - Hosts: 216.239.32.20 google.com www.google.li
O1 - Hosts: 216.239.32.20 google.com www.google.lk
O1 - Hosts: 216.239.32.20 google.com www.google.co.ls
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ZDWlan.EXE] "C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.EXE"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: PirritDesktop - Unknown owner - C:\Users\Kuba\AppData\Local\PirritSuggestor\PirritService.exe
O23 - Service: PirritUpdater - Unknown owner - C:\Program Files (x86)\Pirrit\AutoUpdater.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WinRST - Unknown owner - C:\Program Files (x86)\WinRST\WinRST.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13090 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Windows\System32\firefaceusb.exe"
"C:\Windows\System32\TotalMixFX.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe"
C:\Users\Kuba\AppData\Local\PirritSuggestor\PirritService.exe
"C:\Program Files (x86)\Pirrit\AutoUpdater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\WinRST\WinRST.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2428
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe" KMPProcess
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\System32\alg.exe
C:/Users/Kuba/AppData/Local/PirritSuggestor\PirritDesktop.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2276.1927def0.1122188832 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 2276 "\\.\pipe\gecko-crash-server-pipe.2276" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe" --proxy-stub-channel=Flash5004.6F267F48.5720 --host-broker-channel=Flash5004.6F267F48.25376 --host-pid=5004 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe" --channel=5040.0019F690.861873967 --proxy-stub-channel=Flash5004.6F267F48.5720 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\notepad.exe"
"C:\Users\Kuba\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\njjz8xlu.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.182 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.182 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d}]
IEExtension.Extension - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-06-18 165872]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-06-18 407536]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-06-18 444400]
"FirefaceUsbTray1"=C:\Windows\system32\firefaceusb.exe [2014-03-14 97280]
"FirefaceMixTray2"=C:\Windows\system32\TotalMixFX.exe [2014-03-14 22900952]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-02-12 43848]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-02-21 152392]
"ZDWlan.EXE"=C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.EXE [2009-01-14 491520]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-06-14 441344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux7"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-04-22 11:50:49 ----D---- C:\rsit
2014-04-21 15:21:38 ----D---- C:\Windows\cs
2014-04-21 15:21:15 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-21 15:20:43 ----D---- C:\Windows\PCHEALTH
2014-04-21 15:20:22 ----D---- C:\Program Files (x86)\Windows Live
2014-04-20 14:02:04 ----SH---- C:\Windows\SYSWOW64\devil.dll
2014-04-20 14:02:04 ----SH---- C:\Windows\SYSWOW64\avisynth.dll
2014-04-20 14:02:03 ----SH---- C:\Windows\SYSWOW64\yv12vfw.dll
2014-04-20 14:02:03 ----SH---- C:\Windows\SYSWOW64\AVSredirect.dll
2014-04-20 14:02:02 ----SH---- C:\Windows\SYSWOW64\i420vfw.dll
2014-04-20 14:02:00 ----D---- C:\Program Files (x86)\AviSynth 2.5
2014-04-20 14:00:47 ----D---- C:\Program Files (x86)\WinRST
2014-04-20 14:00:35 ----D---- C:\Users\Kuba\AppData\Roaming\Pirrit
2014-04-20 14:00:24 ----D---- C:\Program Files (x86)\Pirrit
2014-04-20 14:00:15 ----RASH---- C:\Windows\SYSWOW64\winDCE32.dll
2014-04-20 14:00:15 ----RASH---- C:\Windows\SYSWOW64\swscale-lav-2.dll
2014-04-20 14:00:15 ----RASH---- C:\Windows\SYSWOW64\OptimFROG.dll
2014-04-20 14:00:15 ----RASH---- C:\Windows\SYSWOW64\libbluray.dll
2014-04-20 14:00:15 ----RASH---- C:\Windows\SYSWOW64\IntelQuickSyncDecoder.dll
2014-04-20 14:00:15 ----RASH---- C:\Windows\SYSWOW64\HLvideo.dll
2014-04-20 14:00:15 ----RASH---- C:\Windows\SYSWOW64\HLsplit.dll
2014-04-20 14:00:15 ----RASH---- C:\Windows\SYSWOW64\HLaudio.dll
2014-04-20 14:00:15 ----RASH---- C:\Windows\SYSWOW64\avutil-lav-52.dll
2014-04-20 14:00:15 ----RASH---- C:\Windows\SYSWOW64\avresample-lav-1.dll
2014-04-20 14:00:15 ----RASH---- C:\Windows\SYSWOW64\avformat-lav-55.dll
2014-04-20 14:00:15 ----RASH---- C:\Windows\SYSWOW64\avfilter-lav-3.dll
2014-04-20 14:00:15 ----RASH---- C:\Windows\SYSWOW64\avcodec-lav-55.dll
2014-04-20 14:00:15 ----A---- C:\Windows\SYSWOW64\drvc.dll
2014-04-20 14:00:07 ----D---- C:\Program Files (x86)\eRightSoft
2014-04-19 18:12:12 ----D---- C:\Program Files (x86)\AMD AVT
2014-04-19 18:10:37 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-04-19 18:10:37 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2014-04-19 18:10:37 ----A---- C:\Windows\system32\OpenCL.dll
2014-04-19 18:10:37 ----A---- C:\Windows\system32\clinfo.exe
2014-04-19 18:10:36 ----A---- C:\Windows\system32\OpenVideo64.dll
2014-04-19 18:10:36 ----A---- C:\Windows\system32\ativvaxy_cik_nd.dat
2014-04-19 18:10:35 ----A---- C:\Windows\SYSWOW64\OpenVideo.dll
2014-04-19 18:10:35 ----A---- C:\Windows\system32\OVDecode64.dll
2014-04-19 18:10:35 ----A---- C:\Windows\system32\coinst_13.20.dll
2014-04-19 18:10:34 ----A---- C:\Windows\SYSWOW64\OVDecode.dll
2014-04-19 18:10:34 ----A---- C:\Windows\system32\ativvaxy_cik.dat
2014-04-19 18:10:34 ----A---- C:\Windows\system32\atidemgy.dll
2014-04-19 18:10:33 ----A---- C:\Windows\system32\ativce02.dat
2014-04-19 18:10:33 ----A---- C:\Windows\system32\amdocl64.dll
2014-04-19 18:09:43 ----D---- C:\Program Files (x86)\ATI Technologies
2014-04-19 18:08:46 ----D---- C:\Program Files\ATI
2014-04-19 18:07:33 ----D---- C:\Program Files\ATI Technologies
2014-04-17 16:53:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-04-17 16:53:05 ----A---- C:\Windows\system32\mshtml.dll
2014-04-17 16:52:54 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-04-17 16:52:54 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-17 16:52:54 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-17 16:52:54 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-17 16:52:54 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-17 16:52:50 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-04-17 16:52:50 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-04-17 16:52:50 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-04-17 16:52:50 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-04-17 16:52:50 ----A---- C:\Windows\system32\wow64win.dll
2014-04-17 16:52:50 ----A---- C:\Windows\system32\wow64cpu.dll
2014-04-17 16:52:50 ----A---- C:\Windows\system32\wow64.dll
2014-04-17 16:52:50 ----A---- C:\Windows\system32\ntvdm64.dll
2014-04-17 16:52:50 ----A---- C:\Windows\system32\kernel32.dll
2014-04-17 16:52:49 ----A---- C:\Windows\SYSWOW64\user.exe
2014-04-17 16:52:49 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-04-17 16:52:49 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-03-31 21:34:22 ----A---- C:\Windows\WLXPGSS.SCR
2014-03-30 13:31:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-03-25 00:19:12 ----D---- C:\Users\Kuba\AppData\Roaming\vlc
2014-03-25 00:19:12 ----D---- C:\Users\Kuba\AppData\Roaming\FLV and Media Player
2014-03-25 00:18:47 ----D---- C:\Program Files (x86)\Applian Technologies

======List of files/folders modified in the last 1 month======

2014-04-22 11:51:08 ----D---- C:\Windows\temp
2014-04-22 11:50:50 ----D---- C:\Program Files\trend micro
2014-04-22 11:00:11 ----D---- C:\Windows\system32\config
2014-04-22 10:29:42 ----D---- C:\Windows\System32
2014-04-22 10:29:42 ----D---- C:\Windows\inf
2014-04-22 10:29:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-21 18:08:41 ----SHD---- C:\System Volume Information
2014-04-21 15:21:50 ----SHD---- C:\Windows\Installer
2014-04-21 15:21:50 ----RSD---- C:\Windows\assembly
2014-04-21 15:21:42 ----D---- C:\Windows\winsxs
2014-04-21 15:21:38 ----D---- C:\Windows
2014-04-21 15:21:15 ----RD---- C:\Program Files (x86)
2014-04-21 15:20:50 ----SD---- C:\ProgramData\Microsoft
2014-04-21 15:20:45 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-04-21 15:20:11 ----D---- C:\Windows\SysWOW64
2014-04-21 15:18:26 ----D---- C:\Windows\Prefetch
2014-04-21 15:16:37 ----D---- C:\Program Files (x86)\Common Files
2014-04-20 14:01:07 ----D---- C:\Windows\system32\drivers\etc
2014-04-20 14:00:25 ----RSD---- C:\Windows\Fonts
2014-04-19 18:12:13 ----D---- C:\ProgramData\AMD
2014-04-19 18:12:02 ----D---- C:\Windows\system32\catroot
2014-04-19 18:11:18 ----D---- C:\Windows\system32\drivers
2014-04-19 18:11:03 ----D---- C:\Windows\system32\catroot2
2014-04-19 18:11:00 ----D---- C:\Windows\system32\DriverStore
2014-04-19 18:09:13 ----D---- C:\ProgramData\Package Cache
2014-04-19 18:08:46 ----RD---- C:\Program Files
2014-04-18 10:46:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-04-18 03:55:27 ----D---- C:\Windows\rescache
2014-04-18 03:17:01 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-04-18 03:17:01 ----D---- C:\Windows\system32\cs-CZ
2014-04-18 03:17:01 ----D---- C:\Windows\AppPatch
2014-04-18 03:01:48 ----D---- C:\Windows\system32\MRT
2014-04-18 03:00:53 ----A---- C:\Windows\system32\MRT.exe
2014-04-04 00:29:47 ----D---- C:\Program Files\Microsoft Security Client
2014-04-04 00:29:46 ----D---- C:\Program Files (x86)\Microsoft Security Client
2014-04-01 11:35:42 ----D---- C:\Windows\system32\NDF
2014-03-30 20:52:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-23 13:55:49 ----D---- C:\ProgramData\TP-LINK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-12-16 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-09-12 12760576]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-09-12 619008]
R3 athr;Wireless PCI Adapter Driver Service; C:\Windows\system32\DRIVERS\athrx.sys [2011-04-11 1579520]
R3 firefaceu64;RME Fireface USB Audio Device; C:\Windows\system32\drivers\fireface_usb_64.sys [2014-03-16 101376]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-01-11 64624]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-04-10 849992]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ASAPIW2K;ASAPIW2K; C:\Windows\System32\Drivers\ASAPIW2K.sys []
S3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrxusb.sys [2008-07-29 1075712]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-09-24 94208]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GPCIDrv;GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-06-14 4441856]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-05-22 452088]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 rspLLL;rspLLL; C:\Windows\system32\DRIVERS\rspLLL64.sys [2013-10-21 25504]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-09-12 239616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-04-07 5352960]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]
R2 PirritDesktop;PirritDesktop; C:\Users\Kuba\AppData\Local\PirritSuggestor\PirritService.exe [2014-02-20 52568]
R2 PirritUpdater;PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [2014-02-20 59904]
R2 WinRST;WinRST; C:\Program Files (x86)\WinRST\WinRST.exe [2014-02-26 59904]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-02-21 641352]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-18 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-06-18 279024]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-01 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-30 119408]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-13 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 22 dub 2014 13:14

Zdravim

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

resetIEproxy;
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Jameson_cz · #3 Příspěvek od **Jameson_cz** » 22 dub 2014 13:54

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Kuba on Łt 22.04.2014 at 14:44:50,00.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kuba\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

22.4.2014 14:45:19 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1993827299-2147907179-2969249044-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-1993827299-2147907179-2969249044-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PirritDesktop deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PirritDesktop deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PirritUpdater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PirritUpdater deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\njjz8xlu.default\prefs.js:
user_pref("browser.startup.homepage", "www.seznam.cz");

Added to C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\njjz8xlu.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\njjz8xlu.default

user.js not found
---- Lines suggestor modified from prefs.js ----

user_pref("extensions.enabledAddons", "suggestor%40suggestor.pirrit.com:2.2.5,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0");
user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program
---- Lines pirrit modified from prefs.js ----

user_pref("extensions.enabledAddons", "disabled%40disabled.pirrit.com:2.2.5,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0");
user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program
---- FireFox user.js and prefs.js backups ----

prefs_22.04.2014_1449_.backup

==== Deleting Files \ Folders ======================

C:\Users\Kuba\AppData\Roaming\Pirrit deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Kuba\AppData\Local\PackageAware deleted
C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\njjz8xlu.default\extensions\suggestor@suggestor.pirrit.com.xpi deleted
"C:\PROGRA~2\Pirrit\AutoUpdater.exe" deleted
"C:\PROGRA~2\Pirrit\msvcp100.dll" deleted
"C:\PROGRA~2\Pirrit\msvcr100.dll" not deleted
"C:\PROGRA~2\Pirrit\QtCore4.dll" deleted
"C:\PROGRA~2\Pirrit\QtNetwork4.dll" deleted
"C:\PROGRA~2\Pirrit\AutoUpdater.exe" deleted
"C:\PROGRA~2\Pirrit\msvcp100.dll" deleted
"C:\PROGRA~2\Pirrit\msvcr100.dll" not deleted
"C:\PROGRA~2\Pirrit\QtCore4.dll" deleted
"C:\PROGRA~2\Pirrit\QtNetwork4.dll" deleted
"C:\Users\Kuba\AppData\Local\PirritSuggestor\msvcp100.dll" deleted
"C:\Users\Kuba\AppData\Local\PirritSuggestor\msvcr100.dll" not deleted
"C:\Users\Kuba\AppData\Local\PirritSuggestor\PirritDesktop.exe" deleted
"C:\Users\Kuba\AppData\Local\PirritSuggestor\PirritService.exe" deleted
"C:\Users\Kuba\AppData\Local\PirritSuggestor\QtCore4.dll" deleted
"C:\Users\Kuba\AppData\Local\PirritSuggestor\QtNetwork4.dll" deleted
"C:\PROGRA~2\Pirrit" not deleted
"C:\PROGRA~2\Pirrit" not deleted
"C:\Users\Kuba\AppData\Local\PirritSuggestor" not deleted

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\njjz8xlu.default
ABE2E50533899C45DFA03E1D8767648F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll - Shockwave Flash
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=http://127.0.0.1:9880"
"ProxyOverride"="<local>"
"ProxyEnable"=dword:00000001

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kuba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kuba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Kuba\AppData\Local\Mozilla\Firefox\Profiles\njjz8xlu.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=39 folders=27 40890575 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Kuba\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Kuba\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\Pirrit\msvcr100.dll" not found
"C:\PROGRA~2\Pirrit\msvcr100.dll" not found
"C:\Users\Kuba\AppData\Local\PirritSuggestor\msvcr100.dll" not found
"C:\PROGRA~2\Pirrit" not found
"C:\PROGRA~2\Pirrit" not found
"C:\Users\Kuba\AppData\Local\PirritSuggestor" not found

==== EOF on Łt 22.04.2014 at 14:53:18,78 ======================

#4 Příspěvek od **vyosek** » 22 dub 2014 14:10

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Jameson_cz · #5 Příspěvek od **Jameson_cz** » 22 dub 2014 14:16

# AdwCleaner v3.200 - Report created 22/04/2014 at 15:14:27
# Updated 22/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Kuba - KUBA-PC
# Running from : C:\Users\Kuba\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\WinRST
Folder Deleted : C:\Users\Kuba\AppData\Local\WinRST

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\Software\Pirrit
Key Deleted : [x64] HKLM\SOFTWARE\Pirrit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521

-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\njjz8xlu.default\prefs.js ]

*************************

AdwCleaner[R1].txt - [1587 octets] - [22/04/2014 15:13:59]
AdwCleaner[S1].txt - [1413 octets] - [22/04/2014 15:14:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1473 octets] ##########

#6 Příspěvek od **vyosek** » 22 dub 2014 14:19

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101

Jameson_cz · #7 Příspěvek od **Jameson_cz** » 22 dub 2014 14:24

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2014
Ran by Kuba at 2014-04-22 15:23:54
Running from C:\Users\Kuba\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.20.100.30911 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{47F6824F-CA45-FAD2-2F5B-906D36BA3393}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80911.2216 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Antares Autotune VST RTAS TDM v5.08 (HKLM-x32\...\Antares Autotune VST RTAS TDM_is1) (Version: - Team AiR 2007)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
ASAPI (HKLM-x32\...\{8A7E941F-2BB4-47D0-B732-8AE5F3513B68}) (Version: 6.0.0 - Pinnacle Systems GmbH)
Balíček ovladače systému Windows - RME Fireface USB (02/27/2014 1.0.43.0) (HKLM\...\5FBFDE2C34738B4974E4B64B7E3E5056154519E5) (Version: 02/27/2014 1.0.43.0 - RME)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center InstallProxy (x32 Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
CPUID CPU-Z 1.67.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Cubase 5 (HKLM\...\{51AC53CA-6D26-459A-9BDF-53BAEB3E11A3}) (Version: 5.1.2 - Steinberg)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
EZdrummer (HKLM-x32\...\{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}) (Version: 1.0 - Toontrack)
EZXCocktail (HKLM-x32\...\{147567F0-8575-4BE0-B5B3-62706C67FA5A}) (Version: 1.0 - Toontrack)
EZXNashville (HKLM-x32\...\{82DF9225-13EC-41BD-BE31-AAB121B38166}) (Version: 1.0 - Toontrack)
EZXPercussion (HKLM-x32\...\{2CC4BC82-41CF-43D3-B533-7283AA8BB86F}) (Version: 1.0 - Toontrack)
EZXTwisted (HKLM-x32\...\{D1EBF11E-8CE3-4EF5-8E2D-FD5B8D6BD294}) (Version: 1.0 - Toontrack)
EZXVintage (HKLM-x32\...\{430399DC-98BC-4A7F-8F8E-77981CABAE05}) (Version: 1.0 - Toontrack)
FLV and Media Player (3.2.0.3) (HKLM-x32\...\FLV and Media Player) (Version: 3.2.0.3 - Applian Technologies)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Hitman Absolution v1.0 (HKLM-x32\...\Hitman Absolution_is1) (Version: 1.0 - Eidos Interactive)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3215 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
KMP Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - KMP)
LatencyMon 6.00 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
Lexicon Pantheon Reverb DX (HKLM-x32\...\Lexicon Pantheon Reverb DX) (Version: - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
MIDI-OX (HKLM-x32\...\{A6457851-5EA9-45B0-AF1D-D2A0A4781CFB}) (Version: 7.02.372 - MIDIOX Computing)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 28.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 cs)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MW3 (HKLM-x32\...\MW3v1.4.382) (Version: v1.4.382 - iMortaluz)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments)
Native Instruments Controller Editor (Version: 1.3.5.667 - Native Instruments) Hidden
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments)
Native Instruments Guitar Rig 5 (Version: 5.0.1.2447 - Native Instruments) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.3.0.6464 - Native Instruments)
Native Instruments Kontakt 5 (Version: 5.3.0.6464 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Native Instruments Service Center (Version: 2.2.6.676 - Native Instruments) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
Pharaoh Gold Bundle (HKLM-x32\...\Pharaoh Gold Bundle_is1) (Version: - GOG.com)
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
RME Fireface USB (HKLM\...\FIREFACE_USB) (Version: 1.0.43.0 - RME Intelligent Audio Solutions)
SUPER © v2014.build.60+Recorder (2014/02/18) verze v2014.build. (HKLM-x32\...\{8E2A18E2-96AF-8549-4DE7-5C06B75719A4}_is1) (Version: v2014.build.60+Recorder - eRightSoft)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.7.0.113 - KMP Media co., Ltd)
TL-WN851ND Driver (HKLM-x32\...\{4BAE4C76-44C3-418F-B715-6BBF5A65323E}) (Version: 1.00.0000 - TP-LINK)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
TP-LINK Wireless Client Utility (HKLM-x32\...\{C1EB6825-9339-4B18-99B0-C455B2288FF9}) (Version: 1.00.4323 - TP-LINK TECHNOLOGIES CO., LTD.)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 2.01.0012 - TP-LINK)
WaveLab 6 (HKLM-x32\...\WaveLab) (Version: 6.0.0.291 - Steinberg)
Waves Complete V9r14 (HKLM-x32\...\{91000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.1.14 - Waves)
Waves Mercury Complete VST DX RTAS v1.01 (HKLM-x32\...\Waves Mercury Complete VST DX RTAS_is1) (Version: - Waves Ltd.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Restore Points =========================

02-04-2014 21:25:50 Windows Update
03-04-2014 22:29:11 Windows Update
17-04-2014 14:50:27 Windows Update
18-04-2014 01:00:23 Windows Update
19-04-2014 16:08:53 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
19-04-2014 16:10:44 Instalace balíčku ovladače zařízení: Advanced Micro Devices, Inc. Grafické adaptéry
21-04-2014 13:16:57 Windows Live Essentials
21-04-2014 13:17:48 Nainstalováno rozhraní DirectX
21-04-2014 13:18:39 Nainstalováno rozhraní DirectX
21-04-2014 13:19:22 Nainstalováno rozhraní DirectX
21-04-2014 13:20:29 WLSetup
21-04-2014 16:08:30 Windows Update
22-04-2014 12:45:09 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-04-22 14:45 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {760A909C-60A4-4313-919E-3E024E73D0ED} - System32\Tasks\{73273EBD-591F-425F-B931-D7CCC31441F0} => B:\Program Files (x86)\PC Games - Mortal Kombat 4\Mortal Kombat 4.exe [1998-06-26] ()
Task: {B2E0D913-CEDB-4FFE-B58F-02EB481F5354} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-18] (Adobe Systems Incorporated)
Task: {BABB67CA-9436-45D1-85A0-0800BDC452E6} - System32\Tasks\{FAC1EBC0-EB05-4869-B9B7-A175E44DDFCE} => C:\Hry\Hitman Absolution\HMA.exe [2012-11-21] ()
Task: {CD029AC8-3330-456B-B23E-27F3026EC849} - System32\Tasks\{FFFD4D37-25A2-4BA5-AB2A-543026D78EFF} => B:\Program Files (x86)\PC Games - Mortal Kombat 4\MK4Install\Mortal Kombat 4.exe [1998-06-26] ()
Task: {FC62E4C1-4AAD-48F8-AEE3-7CA3AB778131} - System32\Tasks\{1DAC7552-BAAC-493F-A48A-1B0A4EDD8BA9} => B:\Program Files (x86)\PC Games - Mortal Kombat 4\Mortal Kombat 4.exe [1998-06-26] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-12-09 21:52 - 2011-08-17 20:38 - 00788992 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-09 16:29 - 2012-10-22 12:21 - 01277952 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avformat-53.dll
2013-12-09 16:29 - 2012-07-09 18:57 - 02090496 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avcodec-53.dll
2013-12-09 16:29 - 2011-12-06 17:19 - 00133632 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avutil-51.dll
2013-12-09 16:29 - 2012-03-23 11:07 - 00224768 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\libupnp.dll
2013-12-09 21:52 - 2011-08-17 20:38 - 01410048 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2013-12-09 21:52 - 2011-08-17 20:38 - 00167424 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2013-12-09 21:52 - 2011-08-17 20:38 - 00128000 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
2013-12-09 21:52 - 2011-08-17 20:38 - 00111616 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL
2014-03-17 18:03 - 2009-01-05 15:54 - 00212992 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\dot1x_dll.dll
2014-03-17 18:03 - 2009-01-05 15:54 - 00045056 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\ZDWLAN.dll
2014-03-30 13:31 - 2014-03-30 13:31 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-18 10:46 - 2014-04-18 10:46 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Kuba\Soubory cookie:GUnMlDGKY2aJs4gLAxD7UaX
AlternateDataStreams: C:\Users\Kuba\AppData\Local\nYUQ0gUR:854ezDQrvKQZ8yISakrmyiu8KA2t
AlternateDataStreams: C:\Users\Kuba\AppData\Local\peJOgag3XA75k:Xx0d6MNnK0Fb9tTFLr5Gl7B

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Řadič USB (Universal Serial Bus)
Description: Řadič USB (Universal Serial Bus)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/22/2014 03:22:35 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (04/22/2014 03:22:35 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (04/22/2014 03:18:21 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (04/22/2014 03:18:21 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (04/22/2014 03:17:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2014 03:15:42 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1 se nezdařilo. Chyba v souboru manifestu nebo zásady WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2 na řádku WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definice je WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/22/2014 03:15:41 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1 se nezdařilo. Chyba v souboru manifestu nebo zásady WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2 na řádku WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definice je WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/22/2014 03:15:34 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (04/22/2014 03:15:34 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (04/22/2014 03:15:30 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

System errors:
=============
Error: (04/22/2014 03:15:28 PM) (Source: Service Control Manager) (User: )
Description: Služba WinRST neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (04/22/2014 03:15:14 PM) (Source: Application Popup) (User: )
Description: Načtení \SystemRoot\SysWow64\Drivers\ASAPIW2K.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (04/22/2014 03:15:11 PM) (Source: Application Popup) (User: )
Description: Načtení \SystemRoot\SysWow64\Drivers\ASAPIW2K.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (04/22/2014 02:58:28 PM) (Source: Service Control Manager) (User: )
Description: Služba WinRST přestala během spouštění reagovat.

Error: (04/22/2014 02:56:21 PM) (Source: Application Popup) (User: )
Description: Načtení \SystemRoot\SysWow64\Drivers\ASAPIW2K.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (04/22/2014 02:56:18 PM) (Source: Application Popup) (User: )
Description: Načtení \SystemRoot\SysWow64\Drivers\ASAPIW2K.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (04/22/2014 02:56:31 PM) (Source: EventLog) (User: )
Description: Předchozí vypnutí systému (14:54:14, ‎22.‎4.‎2014) bylo neočekávané.

Error: (04/22/2014 02:51:19 PM) (Source: Application Popup) (User: )
Description: Načtení \SystemRoot\SysWow64\Drivers\ASAPIW2K.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (04/22/2014 02:51:17 PM) (Source: Application Popup) (User: )
Description: Načtení \SystemRoot\SysWow64\Drivers\ASAPIW2K.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (04/22/2014 02:49:11 PM) (Source: Service Control Manager) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Microsoft Office Sessions:
=========================
Error: (04/22/2014 03:22:35 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (04/22/2014 03:22:35 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (04/22/2014 03:18:21 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (04/22/2014 03:18:21 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (04/22/2014 03:17:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2014 03:15:42 PM) (Source: SideBySide)(User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"B:\Program Files (x86)\Waves\Applications\GTRSolo 3.5.exeB:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8

Error: (04/22/2014 03:15:41 PM) (Source: SideBySide)(User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"B:\Program Files (x86)\Waves\Applications\GTR 3.5.exeB:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8

Error: (04/22/2014 03:15:34 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (04/22/2014 03:15:34 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (04/22/2014 03:15:30 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."

CodeIntegrity Errors:
===================================
Date: 2014-03-15 22:14:28.277
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-15 22:14:28.249
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 20%
Total physical RAM: 8120.08 MB
Available physical RAM: 6415.39 MB
Total Pagefile: 16238.34 MB
Available Pagefile: 14393.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive b: () (Fixed) (Total:465.76 GB) (Free:87.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive c: () (Fixed) (Total:149.05 GB) (Free:63.99 GB) NTFS
Drive f: (Nový svazek) (Fixed) (Total:1863.01 GB) (Free:1794.24 GB) NTFS
Drive h: (XLNAD153LIB) (CDROM) (Total:5.48 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 009003B5)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 909E070F)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 149 GB) (Disk ID: A726A726)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#8 Příspěvek od **vyosek** » 22 dub 2014 15:13

Jeste dejte log FRST.txt

Jameson_cz · #9 Příspěvek od **Jameson_cz** » 22 dub 2014 15:16

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by Kuba (administrator) on KUBA-PC on 22-04-2014 15:23:21
Running from C:\Users\Kuba\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(RME) C:\Windows\System32\firefaceusb.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(RME GmbH) C:\Windows\System32\TotalMixFX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(TP-LINK TECHNOLOGIES CO., LTD.) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [FirefaceUsbTray1] => C:\Windows\system32\firefaceusb.exe [97280 2014-03-14] (RME)
HKLM\...\Run: [FirefaceMixTray2] => C:\Windows\system32\TotalMixFX.exe [22900952 2014-03-14] (RME GmbH)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [ZDWlan.EXE] => C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.EXE [491520 2009-01-14] (TP-LINK TECHNOLOGIES CO., LTD.)
HKLM-x32\...\runonceex: [Flags] - 8
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1993827299-2147907179-2969249044-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 62.113.218.34 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\njjz8xlu.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml

==================== Services (Whitelisted) =================

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
S2 WinRST; C:\Program Files (x86)\WinRST\WinRST.exe [X]

==================== Drivers (Whitelisted) ====================

S3 ASAPIW2K; C:\Windows\SysWOW64\Drivers\ASAPIW2K.sys [11264 2003-11-28] (Pinnacle Systems GmbH)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-16] (Disc Soft Ltd)
R3 firefaceu64; C:\Windows\System32\drivers\fireface_usb_64.sys [101376 2014-03-16] (RME)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [25504 2013-10-21] (Resplendence Software Projects Sp.)
S3 GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-22 15:23 - 2014-04-22 15:23 - 00007336 _____ () C:\Users\Kuba\Downloads\FRST.txt
2014-04-22 15:23 - 2014-04-22 15:23 - 00000000 ____D () C:\FRST
2014-04-22 15:22 - 2014-04-22 15:22 - 02061312 _____ (Farbar) C:\Users\Kuba\Downloads\FRST64.exe
2014-04-22 15:13 - 2014-04-22 15:14 - 00000000 ____D () C:\AdwCleaner
2014-04-22 15:13 - 2014-04-22 15:13 - 01335637 _____ () C:\Users\Kuba\Downloads\adwcleaner.exe
2014-04-22 14:50 - 2014-04-22 14:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-22 14:45 - 2014-04-22 14:53 - 00010039 _____ () C:\zoek-results.log
2014-04-22 14:44 - 2014-04-22 14:49 - 00000000 ____D () C:\zoek_backup
2014-04-22 14:44 - 2014-04-22 14:44 - 01285120 _____ () C:\Users\Kuba\Downloads\zoek.exe
2014-04-22 11:50 - 2014-04-22 11:51 - 00000000 ____D () C:\rsit
2014-04-22 11:47 - 2014-04-22 11:47 - 02228224 _____ (Malwarebytes Corporation ) C:\Users\Kuba\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-22 10:25 - 2014-04-22 10:29 - 399834736 _____ () C:\Users\Kuba\Downloads\JPEG.zip
2014-04-21 15:58 - 2014-04-21 15:58 - 00003483 _____ () C:\Users\Kuba\Documents\The Inner Side.wlmp
2014-04-21 15:21 - 2014-04-21 15:21 - 00000000 ____D () C:\Windows\cs
2014-04-21 15:21 - 2014-04-21 15:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-21 15:20 - 2014-04-21 15:21 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-04-21 15:20 - 2014-04-21 15:20 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-21 15:16 - 2014-04-21 15:22 - 00000000 ____D () C:\Users\Kuba\AppData\Local\Windows Live
2014-04-21 15:16 - 2014-04-21 15:16 - 01243336 _____ (společnost Microsoft Corporation) C:\Users\Kuba\Downloads\wlsetup-web.exe
2014-04-21 15:15 - 2014-04-21 15:15 - 02781184 _____ () C:\Users\Kuba\Downloads\MM26_CS.msi
2014-04-20 14:02 - 2014-04-20 14:02 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-04-20 14:02 - 2009-09-27 09:39 - 00415744 ___SH (The Public) C:\Windows\SysWOW64\avisynth.dll
2014-04-20 14:02 - 2005-07-14 12:31 - 00032256 ___SH () C:\Windows\SysWOW64\AVSredirect.dll
2014-04-20 14:02 - 2004-02-22 10:11 - 00764416 ___SH (Abysmal Software) C:\Windows\SysWOW64\devil.dll
2014-04-20 14:02 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2014-04-20 14:02 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll
2014-04-20 14:00 - 2014-04-20 14:00 - 00000000 ____D () C:\Users\Kuba\Documents\eRightSoft
2014-04-20 14:00 - 2014-04-20 14:00 - 00000000 ____D () C:\Program Files (x86)\eRightSoft
2014-04-20 14:00 - 2014-02-13 14:21 - 00000493 __RSH () C:\Windows\SysWOW64\LAVFilters.Dependencies.manifest
2014-04-20 14:00 - 2014-02-13 14:20 - 03057808 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avcodec-lav-55.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00539280 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avformat-lav-55.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00313520 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLvideo.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00202384 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLsplit.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00180368 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avutil-lav-52.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00152720 __RSH (Intel Corp.) C:\Windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00122512 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLaudio.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00110224 __RSH () C:\Windows\SysWOW64\libbluray.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00109200 __RSH (FFmpeg Project) C:\Windows\SysWOW64\swscale-lav-2.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00098960 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avfilter-lav-3.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00059536 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avresample-lav-1.dll
2014-04-20 14:00 - 2012-10-05 19:54 - 00188416 __RSH () C:\Windows\SysWOW64\winDCE32.dll
2014-04-20 14:00 - 2012-07-11 23:00 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Olepau32.ax
2014-04-20 14:00 - 2011-02-11 10:26 - 00112128 __RSH () C:\Windows\SysWOW64\OptimFROG.dll
2014-04-20 14:00 - 2009-08-10 23:00 - 00352768 __RSH () C:\Windows\SysWOW64\ac3DX.ax
2014-04-20 14:00 - 2005-02-22 17:55 - 00081920 __RSH () C:\Windows\SysWOW64\aac_parser.ax
2014-04-20 14:00 - 2004-07-02 16:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2014-04-20 14:00 - 2004-04-27 16:03 - 00017408 __RSH (RadLight) C:\Windows\SysWOW64\RLOFRDec.ax
2014-04-20 13:56 - 2014-04-20 13:59 - 67155686 _____ (eRightSoft ) C:\Users\Kuba\Downloads\SUPERsetup(1).exe
2014-04-20 13:51 - 2014-04-20 13:51 - 51532039 _____ (eRightSoft ) C:\Users\Kuba\Downloads\SUPERsetup.exe
2014-04-19 18:12 - 2014-04-19 18:12 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-04-19 18:10 - 2013-09-12 04:26 - 00229888 _____ () C:\Windows\system32\clinfo.exe
2014-04-19 18:10 - 2013-09-12 04:26 - 00129536 _____ (AMD) C:\Windows\system32\coinst_13.20.dll
2014-04-19 18:10 - 2013-09-12 04:26 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-04-19 18:10 - 2013-09-12 04:26 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-04-19 18:10 - 2013-09-12 04:25 - 28469248 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-04-19 18:10 - 2013-09-12 04:25 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-04-19 18:10 - 2013-09-12 04:25 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-04-19 18:10 - 2013-09-12 04:23 - 24008704 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-04-19 18:10 - 2013-09-12 04:21 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-04-19 18:10 - 2013-09-12 04:21 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-04-19 18:10 - 2013-09-12 04:09 - 00555744 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-04-19 18:10 - 2013-09-12 04:09 - 00555744 _____ () C:\Windows\system32\atiapfxx.blb
2014-04-19 18:10 - 2013-09-12 03:48 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-04-19 18:10 - 2013-08-27 22:15 - 00083392 _____ () C:\Windows\system32\ativce02.dat
2014-04-19 18:10 - 2013-07-25 23:50 - 00234292 _____ () C:\Windows\system32\ativvaxy_cik.dat
2014-04-19 18:10 - 2013-07-18 17:47 - 00231856 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat
2014-04-19 18:09 - 2014-04-19 18:09 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-04-19 18:09 - 2013-08-14 04:23 - 00047427 _____ () C:\Windows\atiogl.xml
2014-04-19 18:08 - 2014-04-19 18:08 - 00000000 ____D () C:\Program Files\ATI
2014-04-19 18:07 - 2014-04-19 18:07 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-04-17 17:16 - 2014-04-17 17:16 - 46922444 _____ () C:\Users\Kuba\Downloads\Escape Master 1.wav
2014-04-17 16:53 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-17 16:53 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-17 16:53 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-17 16:53 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-17 16:52 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-17 16:52 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-17 16:52 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-17 16:52 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-17 16:52 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-17 16:52 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-17 16:52 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-17 16:52 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-17 16:52 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-17 16:52 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-17 16:52 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-17 16:52 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-17 16:52 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-17 16:52 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-17 16:52 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-17 16:52 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-17 16:52 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-04 11:21 - 2014-04-04 11:21 - 00129007 _____ () C:\Users\Kuba\Downloads\Barnique - Mask my pain (final).mid
2014-04-04 11:21 - 2014-04-04 11:21 - 00091719 _____ () C:\Users\Kuba\Downloads\barnique - the fortune tellers lies [+Daniil].mid
2014-04-04 00:30 - 2014-04-04 00:30 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-02 20:19 - 2014-04-02 20:31 - 55003752 _____ (Free Time) C:\Users\Kuba\Downloads\FFSetup3.3.4.0.exe
2014-03-31 21:34 - 2014-03-31 21:34 - 00322248 _____ (společnost Microsoft Corporation) C:\Windows\WLXPGSS.SCR
2014-03-30 13:31 - 2014-03-30 13:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-25 00:19 - 2014-04-02 11:04 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\FLV and Media Player
2014-03-25 00:19 - 2014-03-25 00:19 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\vlc
2014-03-25 00:18 - 2014-03-25 00:18 - 00000000 ____D () C:\Program Files (x86)\Applian Technologies
2014-03-25 00:16 - 2014-03-25 00:16 - 01958688 _____ (Applian Technologies Inc.) C:\Users\Kuba\Downloads\FLVPlayerSetupStubMDV.exe
2014-03-24 23:08 - 2014-03-24 23:14 - 106532949 _____ () C:\Users\Kuba\Downloads\DRAGOUN-ROMAN---Stin-my-krve-(CZ-1995).rar
2014-03-24 14:04 - 2014-04-22 15:15 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-03-23 13:53 - 2014-03-23 13:54 - 21631817 _____ () C:\Users\Kuba\Downloads\TL-WN851ND_v1_110825.zip

==================== One Month Modified Files and Folders =======

2014-04-22 15:23 - 2014-04-22 15:23 - 00007336 _____ () C:\Users\Kuba\Downloads\FRST.txt
2014-04-22 15:23 - 2014-04-22 15:23 - 00000000 ____D () C:\FRST
2014-04-22 15:22 - 2014-04-22 15:22 - 02061312 _____ (Farbar) C:\Users\Kuba\Downloads\FRST64.exe
2014-04-22 15:22 - 2009-07-14 06:45 - 00022224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-22 15:22 - 2009-07-14 06:45 - 00022224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-22 15:21 - 2010-11-21 11:27 - 00668542 _____ () C:\Windows\system32\perfh005.dat
2014-04-22 15:21 - 2010-11-21 11:27 - 00141202 _____ () C:\Windows\system32\perfc005.dat
2014-04-22 15:21 - 2009-07-14 07:13 - 01583226 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-22 15:18 - 2013-12-09 21:45 - 01382686 _____ () C:\Windows\WindowsUpdate.log
2014-04-22 15:15 - 2014-03-24 14:04 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-22 15:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-22 15:15 - 2009-07-14 06:51 - 00028354 _____ () C:\Windows\setupact.log
2014-04-22 15:14 - 2014-04-22 15:13 - 00000000 ____D () C:\AdwCleaner
2014-04-22 15:13 - 2014-04-22 15:13 - 01335637 _____ () C:\Users\Kuba\Downloads\adwcleaner.exe
2014-04-22 15:03 - 2013-12-09 23:07 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-22 14:53 - 2014-04-22 14:45 - 00010039 _____ () C:\zoek-results.log
2014-04-22 14:51 - 2010-11-21 05:47 - 00477660 _____ () C:\Windows\PFRO.log
2014-04-22 14:49 - 2014-04-22 14:44 - 00000000 ____D () C:\zoek_backup
2014-04-22 14:44 - 2014-04-22 14:50 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-22 14:44 - 2014-04-22 14:44 - 01285120 _____ () C:\Users\Kuba\Downloads\zoek.exe
2014-04-22 11:51 - 2014-04-22 11:50 - 00000000 ____D () C:\rsit
2014-04-22 11:50 - 2014-03-15 16:28 - 00000000 ____D () C:\Program Files\trend micro
2014-04-22 11:47 - 2014-04-22 11:47 - 02228224 _____ (Malwarebytes Corporation ) C:\Users\Kuba\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-22 10:29 - 2014-04-22 10:25 - 399834736 _____ () C:\Users\Kuba\Downloads\JPEG.zip
2014-04-21 15:58 - 2014-04-21 15:58 - 00003483 _____ () C:\Users\Kuba\Documents\The Inner Side.wlmp
2014-04-21 15:22 - 2014-04-21 15:16 - 00000000 ____D () C:\Users\Kuba\AppData\Local\Windows Live
2014-04-21 15:21 - 2014-04-21 15:21 - 00000000 ____D () C:\Windows\cs
2014-04-21 15:21 - 2014-04-21 15:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-21 15:21 - 2014-04-21 15:20 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-04-21 15:20 - 2014-04-21 15:20 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-21 15:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-21 15:18 - 2013-12-16 00:41 - 00116283 _____ () C:\Windows\DirectX.log
2014-04-21 15:16 - 2014-04-21 15:16 - 01243336 _____ (společnost Microsoft Corporation) C:\Users\Kuba\Downloads\wlsetup-web.exe
2014-04-21 15:15 - 2014-04-21 15:15 - 02781184 _____ () C:\Users\Kuba\Downloads\MM26_CS.msi
2014-04-20 14:02 - 2014-04-20 14:02 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-04-20 14:00 - 2014-04-20 14:00 - 00000000 ____D () C:\Users\Kuba\Documents\eRightSoft
2014-04-20 14:00 - 2014-04-20 14:00 - 00000000 ____D () C:\Program Files (x86)\eRightSoft
2014-04-20 13:59 - 2014-04-20 13:56 - 67155686 _____ (eRightSoft ) C:\Users\Kuba\Downloads\SUPERsetup(1).exe
2014-04-20 13:51 - 2014-04-20 13:51 - 51532039 _____ (eRightSoft ) C:\Users\Kuba\Downloads\SUPERsetup.exe
2014-04-20 11:56 - 2013-12-16 01:31 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-04-19 18:12 - 2014-04-19 18:12 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-04-19 18:12 - 2013-12-16 00:03 - 00000000 ____D () C:\ProgramData\AMD
2014-04-19 18:09 - 2014-04-19 18:09 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-04-19 18:08 - 2014-04-19 18:08 - 00000000 ____D () C:\Program Files\ATI
2014-04-19 18:07 - 2014-04-19 18:07 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-04-18 10:47 - 2013-12-09 19:35 - 00000000 ____D () C:\Users\Kuba\AppData\Local\Adobe
2014-04-18 10:46 - 2013-12-09 23:07 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-18 10:46 - 2013-12-09 23:07 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-18 10:46 - 2013-12-09 23:07 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-18 03:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-18 03:01 - 2013-12-17 15:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-18 03:00 - 2013-12-17 15:03 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-17 17:16 - 2014-04-17 17:16 - 46922444 _____ () C:\Users\Kuba\Downloads\Escape Master 1.wav
2014-04-04 11:21 - 2014-04-04 11:21 - 00129007 _____ () C:\Users\Kuba\Downloads\Barnique - Mask my pain (final).mid
2014-04-04 11:21 - 2014-04-04 11:21 - 00091719 _____ () C:\Users\Kuba\Downloads\barnique - the fortune tellers lies [+Daniil].mid
2014-04-04 00:30 - 2014-04-04 00:30 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-04 00:29 - 2014-03-16 21:54 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-04 00:29 - 2014-03-16 21:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-02 20:31 - 2014-04-02 20:19 - 55003752 _____ (Free Time) C:\Users\Kuba\Downloads\FFSetup3.3.4.0.exe
2014-04-02 11:04 - 2014-03-25 00:19 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\FLV and Media Player
2014-04-01 11:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-31 21:34 - 2014-03-31 21:34 - 00322248 _____ (společnost Microsoft Corporation) C:\Windows\WLXPGSS.SCR
2014-03-31 03:16 - 2014-04-17 16:53 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-17 16:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-17 16:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-17 16:53 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-30 20:52 - 2014-03-16 20:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-30 13:31 - 2014-03-30 13:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-25 00:19 - 2014-03-25 00:19 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\vlc
2014-03-25 00:18 - 2014-03-25 00:18 - 00000000 ____D () C:\Program Files (x86)\Applian Technologies
2014-03-25 00:16 - 2014-03-25 00:16 - 01958688 _____ (Applian Technologies Inc.) C:\Users\Kuba\Downloads\FLVPlayerSetupStubMDV.exe
2014-03-24 23:14 - 2014-03-24 23:08 - 106532949 _____ () C:\Users\Kuba\Downloads\DRAGOUN-ROMAN---Stin-my-krve-(CZ-1995).rar
2014-03-23 13:55 - 2013-12-09 21:51 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-03-23 13:54 - 2014-03-23 13:53 - 21631817 _____ () C:\Users\Kuba\Downloads\TL-WN851ND_v1_110825.zip

Some content of TEMP:
====================
C:\Users\Kuba\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-19 15:24

==================== End Of Log ============================

Jameson_cz · #10 Příspěvek od **Jameson_cz** » 22 dub 2014 15:21

Pardon, nevim jestli jsem sem nedal starej nebo nejakej jinej...tohle je aktualni po scanu.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by Kuba (administrator) on KUBA-PC on 22-04-2014 16:20:33
Running from C:\Users\Kuba\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(RME) C:\Windows\System32\firefaceusb.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(RME GmbH) C:\Windows\System32\TotalMixFX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(TP-LINK TECHNOLOGIES CO., LTD.) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [FirefaceUsbTray1] => C:\Windows\system32\firefaceusb.exe [97280 2014-03-14] (RME)
HKLM\...\Run: [FirefaceMixTray2] => C:\Windows\system32\TotalMixFX.exe [22900952 2014-03-14] (RME GmbH)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [ZDWlan.EXE] => C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.EXE [491520 2009-01-14] (TP-LINK TECHNOLOGIES CO., LTD.)
HKLM-x32\...\runonceex: [Flags] - 8
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1993827299-2147907179-2969249044-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 62.113.218.34 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\njjz8xlu.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml

==================== Services (Whitelisted) =================

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
S2 WinRST; C:\Program Files (x86)\WinRST\WinRST.exe [X]

==================== Drivers (Whitelisted) ====================

S3 ASAPIW2K; C:\Windows\SysWOW64\Drivers\ASAPIW2K.sys [11264 2003-11-28] (Pinnacle Systems GmbH)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-16] (Disc Soft Ltd)
R3 firefaceu64; C:\Windows\System32\drivers\fireface_usb_64.sys [101376 2014-03-16] (RME)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [25504 2013-10-21] (Resplendence Software Projects Sp.)
S3 GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-22 15:23 - 2014-04-22 16:20 - 00007253 _____ () C:\Users\Kuba\Downloads\FRST.txt
2014-04-22 15:23 - 2014-04-22 16:20 - 00000000 ____D () C:\FRST
2014-04-22 15:23 - 2014-04-22 15:24 - 00026325 _____ () C:\Users\Kuba\Downloads\Addition.txt
2014-04-22 15:22 - 2014-04-22 15:22 - 02061312 _____ (Farbar) C:\Users\Kuba\Downloads\FRST64.exe
2014-04-22 15:13 - 2014-04-22 15:14 - 00000000 ____D () C:\AdwCleaner
2014-04-22 15:13 - 2014-04-22 15:13 - 01335637 _____ () C:\Users\Kuba\Downloads\adwcleaner.exe
2014-04-22 14:50 - 2014-04-22 14:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-22 14:45 - 2014-04-22 14:53 - 00010039 _____ () C:\zoek-results.log
2014-04-22 14:44 - 2014-04-22 14:49 - 00000000 ____D () C:\zoek_backup
2014-04-22 14:44 - 2014-04-22 14:44 - 01285120 _____ () C:\Users\Kuba\Downloads\zoek.exe
2014-04-22 11:50 - 2014-04-22 11:51 - 00000000 ____D () C:\rsit
2014-04-22 11:47 - 2014-04-22 11:47 - 02228224 _____ (Malwarebytes Corporation ) C:\Users\Kuba\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-22 10:25 - 2014-04-22 10:29 - 399834736 _____ () C:\Users\Kuba\Downloads\JPEG.zip
2014-04-21 15:58 - 2014-04-21 15:58 - 00003483 _____ () C:\Users\Kuba\Documents\The Inner Side.wlmp
2014-04-21 15:21 - 2014-04-21 15:21 - 00000000 ____D () C:\Windows\cs
2014-04-21 15:21 - 2014-04-21 15:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-21 15:20 - 2014-04-21 15:21 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-04-21 15:20 - 2014-04-21 15:20 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-21 15:16 - 2014-04-21 15:22 - 00000000 ____D () C:\Users\Kuba\AppData\Local\Windows Live
2014-04-21 15:16 - 2014-04-21 15:16 - 01243336 _____ (společnost Microsoft Corporation) C:\Users\Kuba\Downloads\wlsetup-web.exe
2014-04-21 15:15 - 2014-04-21 15:15 - 02781184 _____ () C:\Users\Kuba\Downloads\MM26_CS.msi
2014-04-20 14:02 - 2014-04-20 14:02 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-04-20 14:02 - 2009-09-27 09:39 - 00415744 ___SH (The Public) C:\Windows\SysWOW64\avisynth.dll
2014-04-20 14:02 - 2005-07-14 12:31 - 00032256 ___SH () C:\Windows\SysWOW64\AVSredirect.dll
2014-04-20 14:02 - 2004-02-22 10:11 - 00764416 ___SH (Abysmal Software) C:\Windows\SysWOW64\devil.dll
2014-04-20 14:02 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2014-04-20 14:02 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll
2014-04-20 14:00 - 2014-04-20 14:00 - 00000000 ____D () C:\Users\Kuba\Documents\eRightSoft
2014-04-20 14:00 - 2014-04-20 14:00 - 00000000 ____D () C:\Program Files (x86)\eRightSoft
2014-04-20 14:00 - 2014-02-13 14:21 - 00000493 __RSH () C:\Windows\SysWOW64\LAVFilters.Dependencies.manifest
2014-04-20 14:00 - 2014-02-13 14:20 - 03057808 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avcodec-lav-55.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00539280 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avformat-lav-55.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00313520 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLvideo.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00202384 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLsplit.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00180368 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avutil-lav-52.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00152720 __RSH (Intel Corp.) C:\Windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00122512 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLaudio.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00110224 __RSH () C:\Windows\SysWOW64\libbluray.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00109200 __RSH (FFmpeg Project) C:\Windows\SysWOW64\swscale-lav-2.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00098960 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avfilter-lav-3.dll
2014-04-20 14:00 - 2014-02-13 14:20 - 00059536 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avresample-lav-1.dll
2014-04-20 14:00 - 2012-10-05 19:54 - 00188416 __RSH () C:\Windows\SysWOW64\winDCE32.dll
2014-04-20 14:00 - 2012-07-11 23:00 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Olepau32.ax
2014-04-20 14:00 - 2011-02-11 10:26 - 00112128 __RSH () C:\Windows\SysWOW64\OptimFROG.dll
2014-04-20 14:00 - 2009-08-10 23:00 - 00352768 __RSH () C:\Windows\SysWOW64\ac3DX.ax
2014-04-20 14:00 - 2005-02-22 17:55 - 00081920 __RSH () C:\Windows\SysWOW64\aac_parser.ax
2014-04-20 14:00 - 2004-07-02 16:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2014-04-20 14:00 - 2004-04-27 16:03 - 00017408 __RSH (RadLight) C:\Windows\SysWOW64\RLOFRDec.ax
2014-04-20 13:56 - 2014-04-20 13:59 - 67155686 _____ (eRightSoft ) C:\Users\Kuba\Downloads\SUPERsetup(1).exe
2014-04-20 13:51 - 2014-04-20 13:51 - 51532039 _____ (eRightSoft ) C:\Users\Kuba\Downloads\SUPERsetup.exe
2014-04-19 18:12 - 2014-04-19 18:12 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-04-19 18:10 - 2013-09-12 04:26 - 00229888 _____ () C:\Windows\system32\clinfo.exe
2014-04-19 18:10 - 2013-09-12 04:26 - 00129536 _____ (AMD) C:\Windows\system32\coinst_13.20.dll
2014-04-19 18:10 - 2013-09-12 04:26 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-04-19 18:10 - 2013-09-12 04:26 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-04-19 18:10 - 2013-09-12 04:25 - 28469248 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-04-19 18:10 - 2013-09-12 04:25 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-04-19 18:10 - 2013-09-12 04:25 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-04-19 18:10 - 2013-09-12 04:23 - 24008704 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-04-19 18:10 - 2013-09-12 04:21 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-04-19 18:10 - 2013-09-12 04:21 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-04-19 18:10 - 2013-09-12 04:09 - 00555744 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-04-19 18:10 - 2013-09-12 04:09 - 00555744 _____ () C:\Windows\system32\atiapfxx.blb
2014-04-19 18:10 - 2013-09-12 03:48 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-04-19 18:10 - 2013-08-27 22:15 - 00083392 _____ () C:\Windows\system32\ativce02.dat
2014-04-19 18:10 - 2013-07-25 23:50 - 00234292 _____ () C:\Windows\system32\ativvaxy_cik.dat
2014-04-19 18:10 - 2013-07-18 17:47 - 00231856 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat
2014-04-19 18:09 - 2014-04-19 18:09 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-04-19 18:09 - 2013-08-14 04:23 - 00047427 _____ () C:\Windows\atiogl.xml
2014-04-19 18:08 - 2014-04-19 18:08 - 00000000 ____D () C:\Program Files\ATI
2014-04-19 18:07 - 2014-04-19 18:07 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-04-17 17:16 - 2014-04-17 17:16 - 46922444 _____ () C:\Users\Kuba\Downloads\Escape Master 1.wav
2014-04-17 16:53 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-17 16:53 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-17 16:53 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-17 16:53 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-17 16:52 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-17 16:52 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-17 16:52 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-17 16:52 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-17 16:52 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-17 16:52 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-17 16:52 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-17 16:52 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-17 16:52 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-17 16:52 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-17 16:52 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-17 16:52 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-17 16:52 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-17 16:52 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-17 16:52 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-17 16:52 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-17 16:52 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-04 11:21 - 2014-04-04 11:21 - 00129007 _____ () C:\Users\Kuba\Downloads\Barnique - Mask my pain (final).mid
2014-04-04 11:21 - 2014-04-04 11:21 - 00091719 _____ () C:\Users\Kuba\Downloads\barnique - the fortune tellers lies [+Daniil].mid
2014-04-04 00:30 - 2014-04-04 00:30 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-02 20:19 - 2014-04-02 20:31 - 55003752 _____ (Free Time) C:\Users\Kuba\Downloads\FFSetup3.3.4.0.exe
2014-03-31 21:34 - 2014-03-31 21:34 - 00322248 _____ (společnost Microsoft Corporation) C:\Windows\WLXPGSS.SCR
2014-03-30 13:31 - 2014-03-30 13:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-25 00:19 - 2014-04-02 11:04 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\FLV and Media Player
2014-03-25 00:19 - 2014-03-25 00:19 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\vlc
2014-03-25 00:18 - 2014-03-25 00:18 - 00000000 ____D () C:\Program Files (x86)\Applian Technologies
2014-03-25 00:16 - 2014-03-25 00:16 - 01958688 _____ (Applian Technologies Inc.) C:\Users\Kuba\Downloads\FLVPlayerSetupStubMDV.exe
2014-03-24 23:08 - 2014-03-24 23:14 - 106532949 _____ () C:\Users\Kuba\Downloads\DRAGOUN-ROMAN---Stin-my-krve-(CZ-1995).rar
2014-03-24 14:04 - 2014-04-22 15:15 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-03-23 13:53 - 2014-03-23 13:54 - 21631817 _____ () C:\Users\Kuba\Downloads\TL-WN851ND_v1_110825.zip

==================== One Month Modified Files and Folders =======

2014-04-22 16:20 - 2014-04-22 15:23 - 00007253 _____ () C:\Users\Kuba\Downloads\FRST.txt
2014-04-22 16:20 - 2014-04-22 15:23 - 00000000 ____D () C:\FRST
2014-04-22 16:03 - 2013-12-09 23:07 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-22 15:24 - 2014-04-22 15:23 - 00026325 _____ () C:\Users\Kuba\Downloads\Addition.txt
2014-04-22 15:22 - 2014-04-22 15:22 - 02061312 _____ (Farbar) C:\Users\Kuba\Downloads\FRST64.exe
2014-04-22 15:22 - 2009-07-14 06:45 - 00022224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-22 15:22 - 2009-07-14 06:45 - 00022224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-22 15:21 - 2010-11-21 11:27 - 00668542 _____ () C:\Windows\system32\perfh005.dat
2014-04-22 15:21 - 2010-11-21 11:27 - 00141202 _____ () C:\Windows\system32\perfc005.dat
2014-04-22 15:21 - 2009-07-14 07:13 - 01583226 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-22 15:18 - 2013-12-09 21:45 - 01382686 _____ () C:\Windows\WindowsUpdate.log
2014-04-22 15:15 - 2014-03-24 14:04 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-22 15:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-22 15:15 - 2009-07-14 06:51 - 00028354 _____ () C:\Windows\setupact.log
2014-04-22 15:14 - 2014-04-22 15:13 - 00000000 ____D () C:\AdwCleaner
2014-04-22 15:13 - 2014-04-22 15:13 - 01335637 _____ () C:\Users\Kuba\Downloads\adwcleaner.exe
2014-04-22 14:53 - 2014-04-22 14:45 - 00010039 _____ () C:\zoek-results.log
2014-04-22 14:51 - 2010-11-21 05:47 - 00477660 _____ () C:\Windows\PFRO.log
2014-04-22 14:49 - 2014-04-22 14:44 - 00000000 ____D () C:\zoek_backup
2014-04-22 14:44 - 2014-04-22 14:50 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-22 14:44 - 2014-04-22 14:44 - 01285120 _____ () C:\Users\Kuba\Downloads\zoek.exe
2014-04-22 11:51 - 2014-04-22 11:50 - 00000000 ____D () C:\rsit
2014-04-22 11:50 - 2014-03-15 16:28 - 00000000 ____D () C:\Program Files\trend micro
2014-04-22 11:47 - 2014-04-22 11:47 - 02228224 _____ (Malwarebytes Corporation ) C:\Users\Kuba\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-22 10:29 - 2014-04-22 10:25 - 399834736 _____ () C:\Users\Kuba\Downloads\JPEG.zip
2014-04-21 15:58 - 2014-04-21 15:58 - 00003483 _____ () C:\Users\Kuba\Documents\The Inner Side.wlmp
2014-04-21 15:22 - 2014-04-21 15:16 - 00000000 ____D () C:\Users\Kuba\AppData\Local\Windows Live
2014-04-21 15:21 - 2014-04-21 15:21 - 00000000 ____D () C:\Windows\cs
2014-04-21 15:21 - 2014-04-21 15:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-21 15:21 - 2014-04-21 15:20 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-04-21 15:20 - 2014-04-21 15:20 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-21 15:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-21 15:18 - 2013-12-16 00:41 - 00116283 _____ () C:\Windows\DirectX.log
2014-04-21 15:16 - 2014-04-21 15:16 - 01243336 _____ (společnost Microsoft Corporation) C:\Users\Kuba\Downloads\wlsetup-web.exe
2014-04-21 15:15 - 2014-04-21 15:15 - 02781184 _____ () C:\Users\Kuba\Downloads\MM26_CS.msi
2014-04-20 14:02 - 2014-04-20 14:02 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-04-20 14:00 - 2014-04-20 14:00 - 00000000 ____D () C:\Users\Kuba\Documents\eRightSoft
2014-04-20 14:00 - 2014-04-20 14:00 - 00000000 ____D () C:\Program Files (x86)\eRightSoft
2014-04-20 13:59 - 2014-04-20 13:56 - 67155686 _____ (eRightSoft ) C:\Users\Kuba\Downloads\SUPERsetup(1).exe
2014-04-20 13:51 - 2014-04-20 13:51 - 51532039 _____ (eRightSoft ) C:\Users\Kuba\Downloads\SUPERsetup.exe
2014-04-20 11:56 - 2013-12-16 01:31 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-04-19 18:12 - 2014-04-19 18:12 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-04-19 18:12 - 2013-12-16 00:03 - 00000000 ____D () C:\ProgramData\AMD
2014-04-19 18:09 - 2014-04-19 18:09 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-04-19 18:08 - 2014-04-19 18:08 - 00000000 ____D () C:\Program Files\ATI
2014-04-19 18:07 - 2014-04-19 18:07 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-04-18 10:47 - 2013-12-09 19:35 - 00000000 ____D () C:\Users\Kuba\AppData\Local\Adobe
2014-04-18 10:46 - 2013-12-09 23:07 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-18 10:46 - 2013-12-09 23:07 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-18 10:46 - 2013-12-09 23:07 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-18 03:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-18 03:01 - 2013-12-17 15:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-18 03:00 - 2013-12-17 15:03 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-17 17:16 - 2014-04-17 17:16 - 46922444 _____ () C:\Users\Kuba\Downloads\Escape Master 1.wav
2014-04-04 11:21 - 2014-04-04 11:21 - 00129007 _____ () C:\Users\Kuba\Downloads\Barnique - Mask my pain (final).mid
2014-04-04 11:21 - 2014-04-04 11:21 - 00091719 _____ () C:\Users\Kuba\Downloads\barnique - the fortune tellers lies [+Daniil].mid
2014-04-04 00:30 - 2014-04-04 00:30 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-04 00:29 - 2014-03-16 21:54 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-04 00:29 - 2014-03-16 21:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-02 20:31 - 2014-04-02 20:19 - 55003752 _____ (Free Time) C:\Users\Kuba\Downloads\FFSetup3.3.4.0.exe
2014-04-02 11:04 - 2014-03-25 00:19 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\FLV and Media Player
2014-04-01 11:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-31 21:34 - 2014-03-31 21:34 - 00322248 _____ (společnost Microsoft Corporation) C:\Windows\WLXPGSS.SCR
2014-03-31 03:16 - 2014-04-17 16:53 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-17 16:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-17 16:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-17 16:53 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-30 20:52 - 2014-03-16 20:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-30 13:31 - 2014-03-30 13:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-25 00:19 - 2014-03-25 00:19 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\vlc
2014-03-25 00:18 - 2014-03-25 00:18 - 00000000 ____D () C:\Program Files (x86)\Applian Technologies
2014-03-25 00:16 - 2014-03-25 00:16 - 01958688 _____ (Applian Technologies Inc.) C:\Users\Kuba\Downloads\FLVPlayerSetupStubMDV.exe
2014-03-24 23:14 - 2014-03-24 23:08 - 106532949 _____ () C:\Users\Kuba\Downloads\DRAGOUN-ROMAN---Stin-my-krve-(CZ-1995).rar
2014-03-23 13:55 - 2013-12-09 21:51 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-03-23 13:54 - 2014-03-23 13:53 - 21631817 _____ () C:\Users\Kuba\Downloads\TL-WN851ND_v1_110825.zip

Some content of TEMP:
====================
C:\Users\Kuba\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-19 15:24

==================== End Of Log ============================

#11 Příspěvek od **vyosek** » 23 dub 2014 05:51

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\S-1-5-21-1993827299-2147907179-2969249044-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)

R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
S2 WinRST; C:\Program Files (x86)\WinRST\WinRST.exe [X]
C:\Program Files (x86)\PANDORA.TV
C:\Program Files (x86)\WinRST

2014-04-22 15:23 - 2014-04-22 16:20 - 00007253 _____ () C:\Users\Kuba\Downloads\FRST.txt
2014-04-22 15:23 - 2014-04-22 15:24 - 00026325 _____ () C:\Users\Kuba\Downloads\Addition.txt
2014-04-22 15:13 - 2014-04-22 15:13 - 01335637 _____ () C:\Users\Kuba\Downloads\adwcleaner.exe
2014-04-22 14:50 - 2014-04-22 14:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-22 14:45 - 2014-04-22 14:53 - 00010039 _____ () C:\zoek-results.log
2014-04-22 14:44 - 2014-04-22 14:49 - 00000000 ____D () C:\zoek_backup
2014-04-22 14:44 - 2014-04-22 14:44 - 01285120 _____ () C:\Users\Kuba\Downloads\zoek.exe
2014-04-22 11:50 - 2014-04-22 11:51 - 00000000 ____D () C:\rsit
2014-04-22 11:47 - 2014-04-22 11:47 - 02228224 _____ (Malwarebytes Corporation ) C:\Users\Kuba\Downloads\mbam-setup-2.0.1.1004.exe

C:\Windows\tasks\Adobe Flash Player Updater.job

Hosts:
CMD: shutdown /r /f /t 2

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Jameson_cz · #12 Příspěvek od **Jameson_cz** » 23 dub 2014 18:33

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-04-2014
Ran by Kuba at 2014-04-23 19:33:01 Run:1
Running from C:\Users\Kuba\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\S-1-5-21-1993827299-2147907179-2969249044-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)

R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
S2 WinRST; C:\Program Files (x86)\WinRST\WinRST.exe [X]
C:\Program Files (x86)\PANDORA.TV
C:\Program Files (x86)\WinRST

2014-04-22 15:23 - 2014-04-22 16:20 - 00007253 _____ () C:\Users\Kuba\Downloads\FRST.txt
2014-04-22 15:23 - 2014-04-22 15:24 - 00026325 _____ () C:\Users\Kuba\Downloads\Addition.txt
2014-04-22 15:13 - 2014-04-22 15:13 - 01335637 _____ () C:\Users\Kuba\Downloads\adwcleaner.exe
2014-04-22 14:50 - 2014-04-22 14:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-22 14:45 - 2014-04-22 14:53 - 00010039 _____ () C:\zoek-results.log
2014-04-22 14:44 - 2014-04-22 14:49 - 00000000 ____D () C:\zoek_backup
2014-04-22 14:44 - 2014-04-22 14:44 - 01285120 _____ () C:\Users\Kuba\Downloads\zoek.exe
2014-04-22 11:50 - 2014-04-22 11:51 - 00000000 ____D () C:\rsit
2014-04-22 11:47 - 2014-04-22 11:47 - 02228224 _____ (Malwarebytes Corporation ) C:\Users\Kuba\Downloads\mbam-setup-2.0.1.1004.exe

C:\Windows\tasks\Adobe Flash Player Updater.job

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKU\S-1-5-21-1993827299-2147907179-2969249044-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
PanService => Service stopped successfully.
PanService => Service deleted successfully.
WinRST => Service deleted successfully.
C:\Program Files (x86)\PANDORA.TV => Moved successfully.
"C:\Program Files (x86)\WinRST" => File/Directory not found.
C:\Users\Kuba\Downloads\FRST.txt => Moved successfully.
C:\Users\Kuba\Downloads\Addition.txt => Moved successfully.
C:\Users\Kuba\Downloads\adwcleaner.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Kuba\Downloads\zoek.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Kuba\Downloads\mbam-setup-2.0.1.1004.exe => Moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

==== End of Fixlog ====

#13 Příspěvek od **vyosek** » 23 dub 2014 20:05

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Jameson_cz · #14 Příspěvek od **Jameson_cz** » 23 dub 2014 20:18

Tak moc dekuju. Stavim se do Sazky nebo jak ze se da prispivat

Nechapu jak je mozny, ze se mi pc takhle rychle dostane do problemu. Nechodim na zavadny stranky a nic moc novyho neinstaluju. Mam ho od prosince a porad resim tyhle problemy.

#15 Příspěvek od **vyosek** » 24 dub 2014 09:09

Ono obcas staci jeden nechteny klik ci skryte tlacitko pod tim spravnym a problem je na svete

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

Za podporu fora jmenem celeho tymu deukji

A na zaklade Pravidla o zamykani temat

VIRY.CZ

prosim o kontrolu

prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu