Virus

[pantuzektomas]

Dobry vecer

mam v pc Malwarebytes Anti-Malware, ktery mi pred 10 min. nasel Trojan BitcoinMiner a jeste jeden vir s nazvem backdoor, tak jsem je dal smazat a jeste jednou jsem to s nim projel a uz nic nenasel. Jenom ze pc vykon je porad spatny a nevim co s tim... poradi nekdo jak to mam resit?


Logfile of random's system information tool 1.08 (written by random/random)
Run by Rudolf at 2014-05-28 23:15:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 731 GB (77%) free of 954 GB
Total RAM: 8173 MB (76% free)


======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe" silentrun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3f1d641d-daca-4102-8ce0-7a2ea7402607 -SystemEventPortName:HostProcess-e12c0b9a-c81e-4a32-b385-d6aff0d2dcd2 -IoCancelEventPortName:HostProcess-e79676eb-5926-4fd7-a556-fc250f6742bb -NonStateChangingEventPortName:HostProcess-1e2b9f8d-3323-410a-b638-0729ffef2024 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6e9caeb6-3b9f-4cc1-a946-842e074d4752 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1264.0.1368471783\1735827282" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15,39 --gpu-vendor-id=0x10de --gpu-device-id=0x1200 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3523 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/PrePeriod_Hivemind_A4_Stable_R5/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1264.2.455804154\53344743" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/PrePeriod_Hivemind_A4_Stable_R5/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1264.6.959476398\505146645" /prefetch:673131151
"C:\Users\Rudolf\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\trend micro\Rudolf.exe" /silentautolog
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Rudolf\Downloads\RSITx64 (2).exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-21 1797064]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2014-05-28 1775808]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe RGB Color"=C:\ProgramData\Adobe\color.vbs [2013-12-14 106]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-05-28 23:12:26 ----D---- C:\rsit
2014-05-28 23:12:26 ----D---- C:\Program Files\trend micro
2014-05-28 20:03:43 ----D---- C:\ProgramData\adobe
2014-05-25 23:52:36 ----D---- C:\Program Files (x86)\FinalWire
2014-05-14 17:36:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-14 17:36:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-14 17:36:23 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-14 17:36:23 ----A---- C:\Windows\system32\mshtml.dll
2014-05-14 11:13:22 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-14 11:13:22 ----A---- C:\Windows\system32\shell32.dll
2014-05-14 11:13:21 ----A---- C:\Windows\system32\aepdu.dll
2014-05-14 11:13:20 ----A---- C:\Windows\system32\aeinv.dll
2014-05-14 11:13:09 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\winlogon.exe
2014-05-14 11:13:08 ----A---- C:\Windows\system32\wdigest.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\schannel.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\objsel.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-14 11:13:08 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\kerberos.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-14 11:13:08 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\adprovider.dll
2014-05-14 11:13:07 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-14 11:13:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-14 11:13:07 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-14 11:13:07 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-14 11:13:07 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-14 11:13:07 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-14 11:13:07 ----A---- C:\Windows\system32\sspicli.dll
2014-05-14 11:13:07 ----A---- C:\Windows\system32\secur32.dll
2014-05-14 11:13:07 ----A---- C:\Windows\system32\lsass.exe
2014-05-14 11:13:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-14 11:13:07 ----A---- C:\Windows\system32\credssp.dll
2014-05-12 22:52:47 ----D---- C:\Users\Rudolf\AppData\Roaming\DarkSoulsII
2014-05-12 22:52:47 ----D---- C:\ProgramData\Steam
2014-05-09 19:55:43 ----A---- C:\Windows\system32\drivers\48230029.sys

======List of files/folders modified in the last 1 months======

2014-05-28 23:15:13 ----D---- C:\Windows\Temp
2014-05-28 23:15:12 ----D---- C:\Windows\Prefetch
2014-05-28 23:12:26 ----RD---- C:\Program Files
2014-05-28 22:58:42 ----D---- C:\Windows\system32\config
2014-05-28 22:54:28 ----D---- C:\Windows\inf
2014-05-28 22:54:28 ----D---- C:\Windows
2014-05-28 22:50:39 ----D---- C:\Windows\System32
2014-05-28 22:50:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-28 22:44:55 ----D---- C:\Program Files (x86)\Steam
2014-05-28 22:44:40 ----D---- C:\ProgramData\NVIDIA
2014-05-28 22:44:37 ----D---- C:\Windows\system32\drivers
2014-05-28 22:43:28 ----D---- C:\Windows\Resources
2014-05-28 21:36:58 ----D---- C:\Users\Rudolf\AppData\Roaming\uTorrent
2014-05-28 20:03:43 ----HD---- C:\ProgramData
2014-05-27 18:49:21 ----SHD---- C:\System Volume Information
2014-05-27 09:28:27 ----D---- C:\Windows\system32\NDF
2014-05-25 23:52:36 ----RD---- C:\Program Files (x86)
2014-05-16 22:26:57 ----D---- C:\Windows\Logs
2014-05-16 16:36:51 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-05-16 16:04:11 ----RSD---- C:\Windows\assembly
2014-05-16 16:03:49 ----SHD---- C:\Windows\Installer
2014-05-15 16:14:11 ----D---- C:\Windows\debug
2014-05-14 21:50:37 ----D---- C:\Windows\rescache
2014-05-14 18:25:55 ----D---- C:\Windows\Microsoft.NET
2014-05-14 17:39:42 ----D---- C:\Windows\winsxs
2014-05-14 17:38:21 ----SD---- C:\Windows\system32\CompatTel
2014-05-14 17:38:21 ----D---- C:\Windows\SysWOW64
2014-05-14 17:38:20 ----D---- C:\Windows\system32\cs-CZ
2014-05-14 17:36:26 ----D---- C:\Windows\system32\catroot
2014-05-14 17:36:05 ----D---- C:\Windows\system32\MRT
2014-05-14 17:35:41 ----A---- C:\Windows\system32\MRT.exe
2014-05-14 11:13:03 ----D---- C:\Windows\system32\catroot2
2014-05-13 10:02:14 ----D---- C:\ProgramData\Origin
2014-05-12 09:19:06 ----D---- C:\Windows\ServiceProfiles
2014-05-05 12:29:09 ----D---- C:\Users\Rudolf\AppData\Roaming\Tera_Awesomium
2014-05-04 09:18:45 ----D---- C:\Users\Rudolf\AppData\Roaming\TS3Client
2014-04-30 18:14:31 ----D---- C:\Windows\SoftwareDistribution
2014-04-30 00:26:26 ----D---- C:\Windows\system32\LogFiles

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-01-27 385512]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-04-03 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-05-28 119512]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-04-03 63192]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-03-03 174184]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-21 79976]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-04-03 857912]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-04-03 1809720]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 922968]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-28 564928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-26 116648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-26 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-03-26 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[vyosek]

Zdravim

Tema prebiram a uzivatele salicek zadam, aby se neangazoval v reseni problemu viroveho tematu, jelikoz neni clenem tymu a nemame overeny jeho schopnosti. A na nasem foru si hlidame kvalitu poskytovanych informaci i s ohledem na mezinarodni certifikaci, kterou jako jedine CZ\SK forum mame

Poprosim o log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[pantuzektomas]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by Rudolf at 2014-05-28 23:42:08
Running from C:\Users\Rudolf\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

AIDA64 Extreme Edition v2.80 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.80 - FinalWire Ltd.)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
ASUS nVidia Driver (x32 Version: 1.00.0000 - ASUSTek) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Malwarebytes Anti-Malware verze 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (CSY) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
MPC-HC 1.7.2 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.2 - MPC-HC Team)
NVIDIA Install Application (Version: 2.1002.145.1024 - NVIDIA Corporation) Hidden
NVIDIA Ovladač 3D Vision 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.4.0 - NVIDIA Corporation) Hidden
Ovládací panel NVIDIA 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points =========================

27-05-2014 16:49:12 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0DAFF770-158D-4C9B-BF9C-6BD28326BB35} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {98F05E92-5941-40D5-8A9B-D000A906F76B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-26] (Google Inc.)
Task: {B28E8F65-1794-4C0B-A53B-371659F58E6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-26] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-26 01:39 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-23 05:12 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-23 05:12 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-23 05:12 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-23 05:12 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-23 05:12 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/28/2014 11:17:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RSITx64.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: a88

Čas spuštění: 01cf7ab982abe549

Čas ukončení: 3

Cesta k aplikaci: C:\Users\Rudolf\Downloads\RSITx64.exe

ID hlášení:

Error: (05/28/2014 10:46:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/28/2014 09:41:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/28/2014 09:07:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/27/2014 09:31:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/27/2014 09:25:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/26/2014 00:16:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2014 09:57:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/23/2014 05:35:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/20/2014 01:16:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/28/2014 09:06:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (05/28/2014 09:06:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (05/27/2014 05:36:49 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (05/22/2014 08:12:42 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (05/21/2014 10:17:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (05/21/2014 10:17:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (05/21/2014 05:23:15 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (05/18/2014 09:23:59 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (05/16/2014 03:54:32 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (05/14/2014 02:41:00 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.


Microsoft Office Sessions:
=========================
Error: (05/28/2014 11:17:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: RSITx64.exe0.0.0.0a8801cf7ab982abe5493C:\Users\Rudolf\Downloads\RSITx64.exe

Error: (05/28/2014 10:46:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/28/2014 09:41:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/28/2014 09:07:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/27/2014 09:31:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/27/2014 09:25:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/26/2014 00:16:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2014 09:57:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/23/2014 05:35:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/20/2014 01:16:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 26%
Total physical RAM: 8173.26 MB
Available physical RAM: 5983.24 MB
Total Pagefile: 16344.7 MB
Available Pagefile: 13901.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:713.55 GB) NTFS
Drive f: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 5306B3E8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[pantuzektomas]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Rudolf (administrator) on RUDOLF-PC on 28-05-2014 23:41:59
Running from C:\Users\Rudolf\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Trend Micro Inc.) C:\Program Files\trend micro\Rudolf.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-21] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe RGB Color] => C:\ProgramData\Adobe\color.vbs [106 2013-12-14] ()
HKU\S-1-5-21-2205112338-2371396014-1969147254-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1775808 2014-05-28] (Valve Corporation)

==================== Internet (Whitelisted) ====================

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-26]
CHR Extension: (Disk Google) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-26]
CHR Extension: (YouTube) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-26]
CHR Extension: (AdBlock) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-16]
CHR Extension: (Peněženka Google) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-26]
CHR Extension: (Gmail) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-26]

==================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-28 23:41 - 2014-05-28 23:42 - 00005522 _____ () C:\Users\Rudolf\Downloads\FRST.txt
2014-05-28 23:41 - 2014-05-28 23:41 - 02066944 _____ (Farbar) C:\Users\Rudolf\Downloads\FRST64.exe
2014-05-28 23:41 - 2014-05-28 23:41 - 00000000 ____D () C:\FRST
2014-05-28 23:40 - 2014-05-28 23:40 - 00112640 _____ (forum.viry.cz) C:\Users\Rudolf\Downloads\Nepotvrzeno 645517.crdownload
2014-05-28 23:14 - 2014-05-28 23:14 - 00832273 _____ () C:\Users\Rudolf\Desktop\RSITx64 (2).exe
2014-05-28 23:12 - 2014-05-28 23:39 - 00000000 ____D () C:\Program Files\trend micro
2014-05-28 23:12 - 2014-05-28 23:15 - 00000000 ____D () C:\rsit
2014-05-28 22:54 - 2014-05-28 22:54 - 00009256 _____ () C:\Users\Rudolf\Documents\cc_20140528_225415.reg
2014-05-28 22:30 - 2014-05-28 22:30 - 01643096 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Rudolf\Desktop\GPU-Z.0.7.8.exe
2014-05-28 20:43 - 2014-05-28 20:43 - 00000000 __SHD () C:\Users\Rudolf\AppData\Local\EmieUserList
2014-05-28 20:43 - 2014-05-28 20:43 - 00000000 __SHD () C:\Users\Rudolf\AppData\Local\EmieSiteList
2014-05-28 20:03 - 2014-05-28 22:45 - 00000000 ____D () C:\ProgramData\adobe
2014-05-27 14:06 - 2014-05-27 14:06 - 00002574 _____ () C:\Users\Rudolf\Documents\cc_20140527_140612.reg
2014-05-27 09:48 - 2014-05-27 09:48 - 00019630 _____ () C:\Users\Rudolf\Documents\cc_20140527_094806.reg
2014-05-25 23:52 - 2014-05-25 23:52 - 00001235 _____ () C:\Users\Rudolf\Desktop\AIDA64 Extreme Edition.lnk
2014-05-25 23:52 - 2014-05-25 23:52 - 00000000 ____D () C:\Program Files (x86)\FinalWire
2014-05-25 15:54 - 2014-05-28 22:53 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\Ubisoft Game Launcher
2014-05-25 11:03 - 2014-05-25 11:03 - 00000000 ____D () C:\Users\Rudolf\Downloads\Driver Booster PRO 1.4.0.61 Multilingual + Key
2014-05-24 23:46 - 2014-05-24 23:46 - 00056558 _____ () C:\Users\Rudolf\Desktop\[CzT]Hunter_x_Hunter_E01_E64_2011_720p_.torrent
2014-05-23 22:26 - 2014-05-23 23:38 - 3336028033 _____ () C:\Users\Rudolf\Downloads\Železný obr (Iron Giant 1999 dvd).mkv
2014-05-23 22:25 - 2014-05-23 23:14 - 1898296379 _____ () C:\Users\Rudolf\Downloads\Fairy-Tail-movie---Kněžka-fénixe.mp4
2014-05-23 11:16 - 2014-05-23 11:16 - 00000000 ____D () C:\Users\Rudolf\Downloads\Game of thrones
2014-05-19 12:02 - 2014-05-20 00:34 - 1880889517 _____ () C:\Users\Rudolf\Downloads\Tajná minulost UFO.mkv
2014-05-19 11:05 - 2014-05-19 12:32 - 1972949065 _____ () C:\Users\Rudolf\Downloads\The.Secret.Life.of.Walter.Mitty.2013.720p.MY.mkv
2014-05-18 11:03 - 2014-05-18 13:57 - 1513326514 _____ () C:\Users\Rudolf\Downloads\Zelezni andele 1.avi
2014-05-18 09:34 - 2014-05-18 09:34 - 00019674 _____ () C:\Users\Rudolf\Desktop\[CzT]Hra_o_truny_Game_of_Thrones_3_serie_CZ_WebRip_720p_.torrent
2014-05-15 21:58 - 2014-05-15 22:16 - 880700474 _____ () C:\Users\Rudolf\Downloads\Hra o trůny Game of Thrones S04E01 Dva meče CZ.avi
2014-05-15 21:58 - 2014-05-15 22:09 - 419528704 _____ () C:\Users\Rudolf\Downloads\Hra o trůny - Game Of Thrones S04E02 Lev a růže.avi
2014-05-15 19:54 - 2014-05-15 20:14 - 00000116 _____ () C:\Users\Rudolf\Desktop\rovzrzeni jidla.txt
2014-05-14 17:36 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 17:36 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 17:36 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 17:36 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 17:36 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 17:36 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 11:13 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 11:13 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 11:13 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 11:13 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 11:13 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 11:13 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 11:13 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 11:13 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 11:13 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 11:13 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 11:13 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 11:13 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 11:13 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 11:13 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 11:13 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 11:13 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 11:13 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 11:13 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 11:13 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 11:13 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 10:26 - 2014-05-13 11:40 - 00000000 ____D () C:\Users\Rudolf\Downloads\Gingitsune
2014-05-13 10:24 - 2014-05-13 10:37 - 00000000 ____D () C:\Users\Rudolf\Downloads\Cyber City Oedo 808
2014-05-12 22:52 - 2014-05-23 07:43 - 00000000 ____D () C:\ProgramData\Steam
2014-05-12 22:52 - 2014-05-12 22:53 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\DarkSoulsII
2014-05-09 20:46 - 2014-05-09 21:22 - 1673287266 _____ () C:\Users\Rudolf\Downloads\Ja,me-druhe-ja-a-Irena-cz-Spunny.avi
2014-05-09 19:55 - 2014-05-26 12:15 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-08 09:22 - 2014-05-08 09:22 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\id Software
2014-05-07 19:45 - 2014-05-07 20:30 - 00000000 ____D () C:\Users\Rudolf\Downloads\Viy 3D
2014-05-07 17:42 - 2014-05-07 18:17 - 00000000 ____D () C:\Users\Rudolf\Desktop\Beaty hip hop rap
2014-05-06 13:25 - 2014-05-06 14:37 - 2708893692 _____ () C:\Users\Rudolf\Downloads\Blade-Runner-(1982)---The-Final-Cut.avi
2014-05-06 13:16 - 2014-05-06 20:22 - 2275939496 _____ () C:\Users\Rudolf\Downloads\Killing.Season.2013.Bluray.1080p (1).mkv
2014-05-01 18:17 - 2014-05-01 22:42 - 00000000 ____D () C:\Users\Rudolf\Downloads\The Purge (2013)
2014-05-01 02:51 - 2014-05-01 02:55 - 00000000 ____D () C:\Users\Rudolf\Downloads\Son.of.Batman.2014.BRRip.XviD.MP3-RARBG
2014-05-01 00:07 - 2014-05-19 19:15 - 00000000 ____D () C:\Users\Rudolf\Desktop\steam
2014-04-30 18:13 - 2014-05-28 22:48 - 00674471 ____N () C:\Windows\WindowsUpdate.log
2014-04-28 18:58 - 2014-04-28 18:58 - 00000000 ____D () C:\Users\Rudolf\Downloads\Vetřelec vs Predátor

==================== One Month Modified Files and Folders =======

2014-05-28 23:42 - 2014-05-28 23:41 - 00005522 _____ () C:\Users\Rudolf\Downloads\FRST.txt
2014-05-28 23:41 - 2014-05-28 23:41 - 02066944 _____ (Farbar) C:\Users\Rudolf\Downloads\FRST64.exe
2014-05-28 23:41 - 2014-05-28 23:41 - 00000000 ____D () C:\FRST
2014-05-28 23:41 - 2014-03-26 00:22 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-28 23:40 - 2014-05-28 23:40 - 00112640 _____ (forum.viry.cz) C:\Users\Rudolf\Downloads\Nepotvrzeno 645517.crdownload
2014-05-28 23:39 - 2014-05-28 23:12 - 00000000 ____D () C:\Program Files\trend micro
2014-05-28 23:21 - 2014-04-11 18:46 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-28 23:17 - 2014-03-26 01:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-28 23:15 - 2014-05-28 23:12 - 00000000 ____D () C:\rsit
2014-05-28 23:14 - 2014-05-28 23:14 - 00832273 _____ () C:\Users\Rudolf\Desktop\RSITx64 (2).exe
2014-05-28 22:55 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-28 22:54 - 2014-05-28 22:54 - 00009256 _____ () C:\Users\Rudolf\Documents\cc_20140528_225415.reg
2014-05-28 22:53 - 2014-05-25 15:54 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\Ubisoft Game Launcher
2014-05-28 22:52 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-28 22:52 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-28 22:50 - 2011-04-12 10:34 - 00668138 _____ () C:\Windows\system32\perfh005.dat
2014-05-28 22:50 - 2011-04-12 10:34 - 00140798 _____ () C:\Windows\system32\perfc005.dat
2014-05-28 22:50 - 2009-07-14 07:13 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-28 22:48 - 2014-04-30 18:13 - 00674471 ____N () C:\Windows\WindowsUpdate.log
2014-05-28 22:45 - 2014-05-28 20:03 - 00000000 ____D () C:\ProgramData\adobe
2014-05-28 22:44 - 2014-03-26 01:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-28 22:44 - 2014-03-26 00:22 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-28 22:44 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-28 22:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Resources
2014-05-28 22:30 - 2014-05-28 22:30 - 01643096 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Rudolf\Desktop\GPU-Z.0.7.8.exe
2014-05-28 21:36 - 2014-03-26 11:16 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\uTorrent
2014-05-28 20:43 - 2014-05-28 20:43 - 00000000 __SHD () C:\Users\Rudolf\AppData\Local\EmieUserList
2014-05-28 20:43 - 2014-05-28 20:43 - 00000000 __SHD () C:\Users\Rudolf\AppData\Local\EmieSiteList
2014-05-28 16:42 - 2014-04-01 12:37 - 00007606 _____ () C:\Users\Rudolf\AppData\Local\Resmon.ResmonCfg
2014-05-27 14:06 - 2014-05-27 14:06 - 00002574 _____ () C:\Users\Rudolf\Documents\cc_20140527_140612.reg
2014-05-27 14:06 - 2014-03-26 08:29 - 00000000 ____D () C:\Users\Rudolf\Desktop\Dokumenty
2014-05-27 09:48 - 2014-05-27 09:48 - 00019630 _____ () C:\Users\Rudolf\Documents\cc_20140527_094806.reg
2014-05-27 09:47 - 2014-04-26 00:58 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\Warframe
2014-05-27 09:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-27 00:01 - 2014-03-26 08:31 - 00000000 ____D () C:\Users\Rudolf\Desktop\tapety
2014-05-26 12:15 - 2014-05-09 19:55 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-25 23:52 - 2014-05-25 23:52 - 00001235 _____ () C:\Users\Rudolf\Desktop\AIDA64 Extreme Edition.lnk
2014-05-25 23:52 - 2014-05-25 23:52 - 00000000 ____D () C:\Program Files (x86)\FinalWire
2014-05-25 11:03 - 2014-05-25 11:03 - 00000000 ____D () C:\Users\Rudolf\Downloads\Driver Booster PRO 1.4.0.61 Multilingual + Key
2014-05-24 23:46 - 2014-05-24 23:46 - 00056558 _____ () C:\Users\Rudolf\Desktop\[CzT]Hunter_x_Hunter_E01_E64_2011_720p_.torrent
2014-05-23 23:38 - 2014-05-23 22:26 - 3336028033 _____ () C:\Users\Rudolf\Downloads\Železný obr (Iron Giant 1999 dvd).mkv
2014-05-23 23:14 - 2014-05-23 22:25 - 1898296379 _____ () C:\Users\Rudolf\Downloads\Fairy-Tail-movie---Kněžka-fénixe.mp4
2014-05-23 11:16 - 2014-05-23 11:16 - 00000000 ____D () C:\Users\Rudolf\Downloads\Game of thrones
2014-05-23 07:43 - 2014-05-12 22:52 - 00000000 ____D () C:\ProgramData\Steam
2014-05-20 00:34 - 2014-05-19 12:02 - 1880889517 _____ () C:\Users\Rudolf\Downloads\Tajná minulost UFO.mkv
2014-05-19 19:15 - 2014-05-01 00:07 - 00000000 ____D () C:\Users\Rudolf\Desktop\steam
2014-05-19 12:32 - 2014-05-19 11:05 - 1972949065 _____ () C:\Users\Rudolf\Downloads\The.Secret.Life.of.Walter.Mitty.2013.720p.MY.mkv
2014-05-18 13:57 - 2014-05-18 11:03 - 1513326514 _____ () C:\Users\Rudolf\Downloads\Zelezni andele 1.avi
2014-05-18 09:34 - 2014-05-18 09:34 - 00019674 _____ () C:\Users\Rudolf\Desktop\[CzT]Hra_o_truny_Game_of_Thrones_3_serie_CZ_WebRip_720p_.torrent
2014-05-16 16:36 - 2014-03-27 11:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-15 22:16 - 2014-05-15 21:58 - 880700474 _____ () C:\Users\Rudolf\Downloads\Hra o trůny Game of Thrones S04E01 Dva meče CZ.avi
2014-05-15 22:09 - 2014-05-15 21:58 - 419528704 _____ () C:\Users\Rudolf\Downloads\Hra o trůny - Game Of Thrones S04E02 Lev a růže.avi
2014-05-15 20:14 - 2014-05-15 19:54 - 00000116 _____ () C:\Users\Rudolf\Desktop\rovzrzeni jidla.txt
2014-05-14 21:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-14 17:39 - 2014-03-25 23:23 - 00000000 ___RD () C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 17:39 - 2014-03-25 23:23 - 00000000 ___RD () C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 17:38 - 2014-04-23 09:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 17:36 - 2014-03-26 01:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 17:35 - 2014-03-26 01:00 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 11:40 - 2014-05-13 10:26 - 00000000 ____D () C:\Users\Rudolf\Downloads\Gingitsune
2014-05-13 10:37 - 2014-05-13 10:24 - 00000000 ____D () C:\Users\Rudolf\Downloads\Cyber City Oedo 808
2014-05-13 10:02 - 2014-04-22 17:44 - 00000000 ____D () C:\ProgramData\Origin
2014-05-12 22:53 - 2014-05-12 22:52 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\DarkSoulsII
2014-05-09 21:22 - 2014-05-09 20:46 - 1673287266 _____ () C:\Users\Rudolf\Downloads\Ja,me-druhe-ja-a-Irena-cz-Spunny.avi
2014-05-09 08:14 - 2014-05-14 11:13 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 11:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 09:22 - 2014-05-08 09:22 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\id Software
2014-05-07 20:36 - 2014-03-26 00:22 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 20:36 - 2014-03-26 00:22 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 20:30 - 2014-05-07 19:45 - 00000000 ____D () C:\Users\Rudolf\Downloads\Viy 3D
2014-05-07 18:17 - 2014-05-07 17:42 - 00000000 ____D () C:\Users\Rudolf\Desktop\Beaty hip hop rap
2014-05-06 20:22 - 2014-05-06 13:16 - 2275939496 _____ () C:\Users\Rudolf\Downloads\Killing.Season.2013.Bluray.1080p (1).mkv
2014-05-06 14:37 - 2014-05-06 13:25 - 2708893692 _____ () C:\Users\Rudolf\Downloads\Blade-Runner-(1982)---The-Final-Cut.avi
2014-05-06 06:40 - 2014-05-14 17:36 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 17:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 17:36 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 17:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 17:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 17:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 12:29 - 2014-03-26 23:09 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\Tera_Awesomium
2014-05-04 09:18 - 2014-03-30 19:04 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\TS3Client
2014-05-03 00:15 - 2014-04-02 09:58 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-05-01 22:42 - 2014-05-01 18:17 - 00000000 ____D () C:\Users\Rudolf\Downloads\The Purge (2013)
2014-05-01 02:55 - 2014-05-01 02:51 - 00000000 ____D () C:\Users\Rudolf\Downloads\Son.of.Batman.2014.BRRip.XviD.MP3-RARBG
2014-04-30 13:41 - 2014-04-23 09:34 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-04-30 13:37 - 2014-04-01 09:03 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-29 02:28 - 2014-04-27 00:31 - 647606272 _____ () C:\Users\Rudolf\Downloads\Batman.vs.Red.Hood.2010.BRRip.XviD.AC3.CZ-queeN.up.by.MiPe.avi
2014-04-28 18:58 - 2014-04-28 18:58 - 00000000 ____D () C:\Users\Rudolf\Downloads\Vetřelec vs Predátor

Some content of TEMP:
====================
C:\Users\Rudolf\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-19 12:18

==================== End Of Log ============================

[vyosek]

Nejaky antivir by nebyl?? Ono lecit nezabezpecene PC je docela zbytecne

Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe

• Ulozte nejlepe na plochu
• Pokud pouzivate Win Vista ci W7, kliknete na MBRScan pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Report
• Po chvilce se objevi log do souboru MBRScan.txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[pantuzektomas]

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows 7 Service Pack 1 (64 bit)
PROCESSOR      : Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
BOOT           : Normal Boot
DATE           : 2014/05/28 (ISO 8601) at 23:51:10
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __ST1000DM003-1CH162 (CC49)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : NO
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0	931.5 Go  [Fixed] ==> 7 MBR Code

MBR_MD5   : 5851209B61BD74FED6929E604A83352D
MBR_SHA1  : E7765DBCFFF937949ABCD725156DF8A4BDA445E7

Device\Harddisk0\Partition1	100.0 Mo  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2	931.4 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x02C05000
SIZE    : 292.0 Ko

DRIVER  : C:\Windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x00BB6000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00CB3000
SIZE    : 316.0 Ko

DRIVER  : C:\Windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00D16000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00E36000
SIZE    : 768.0 Ko

DRIVER  : C:\Windows\System32\drivers\ugwi.sys => Invisible on the disk
ADDRESS : 0x00EF6000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00F0C000
SIZE    : 776.0 Ko

DRIVER  : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00FCE000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x00D74000
SIZE    : 348.0 Ko

DRIVER  : C:\Windows\system32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00FDE000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00FE7000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x00E00000
SIZE    : 204.0 Ko

DRIVER  : C:\Windows\system32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00FF1000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00DCB000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x00DE0000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x00C00000
SIZE    : 368.0 Ko

DRIVER  : C:\Windows\system32\drivers\pciide.sys => Invisible on the disk
ADDRESS : 0x00C5C000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\system32\drivers\PCIIDEX.SYS => Invisible on the disk
ADDRESS : 0x00C63000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x00C73000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\drivers\atapi.sys => Invisible on the disk
ADDRESS : 0x00C8D000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\ataport.SYS => Invisible on the disk
ADDRESS : 0x0101A000
SIZE    : 168.0 Ko

DRIVER  : C:\Windows\system32\drivers\amdxata.sys => Invisible on the disk
ADDRESS : 0x01044000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x0104F000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x0109B000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x01238000
SIZE    : 1.66 Mo

DRIVER  : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x010AF000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x013E1000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x0110D000
SIZE    : 456.0 Ko

DRIVER  : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x01200000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x01211000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x0146C000
SIZE    : 968.0 Ko

DRIVER  : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x0155E000
SIZE    : 384.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x015BE000
SIZE    : 176.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01600000
SIZE    : 2.00 Mo

DRIVER  : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x01400000
SIZE    : 292.0 Ko

DRIVER  : C:\Windows\system32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x0117F000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x01449000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x01869000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x018A3000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x018B5000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x018BE000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\system32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0x018F8000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x0190E000
SIZE    : 192.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk
ADDRESS : 0x01974000
SIZE    : 168.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x0199E000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x019A7000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x019AE000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x019BC000
SIZE    : 148.0 Ko

DRIVER  : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x019E1000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x019F1000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x01800000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x01809000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x01812000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x0181D000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x0182E000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x01850000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x03E77000
SIZE    : 548.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x03F00000
SIZE    : 276.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x03F45000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x03F4E000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x03F74000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\serial.sys => Invisible on the disk
ADDRESS : 0x03F83000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x03FA0000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\termdd.sys => Invisible on the disk
ADDRESS : 0x03FBB000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x03E00000
SIZE    : 324.0 Ko

DRIVER  : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x03E51000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mssmbios.sys => Invisible on the disk
ADDRESS : 0x03E5D000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x03E68000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x03FCF000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the disk
ADDRESS : 0x03FED000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x011CB000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\nvlddmkm.sys => Invisible on the disk
ADDRESS : 0x0F0AC000
SIZE    : 12.34 Mo

DRIVER  : C:\Windows\System32\Drivers\nvBridge.kmd => Invisible on the disk
ADDRESS : 0x0FD04000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x0FD06000
SIZE    : 976.0 Ko

DRIVER  : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x0F000000
SIZE    : 280.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x0F046000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HECIx64.sys => Invisible on the disk
ADDRESS : 0x0F06A000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbehci.sys => Invisible on the disk
ADDRESS : 0x0F07B000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x0409C000
SIZE    : 344.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\Rt64win7.sys => Invisible on the disk
ADDRESS : 0x040F2000
SIZE    : 532.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\asmtxhci.sys => Invisible on the disk
ADDRESS : 0x04177000
SIZE    : 388.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\serenum.sys => Invisible on the disk
ADDRESS : 0x041D8000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x041E4000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\intelppm.sys => Invisible on the disk
ADDRESS : 0x04000000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x04016000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x04026000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x0403C000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x04060000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x0406C000
SIZE    : 188.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x0F08D000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x0422C000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x0424D000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\kbdclass.sys => Invisible on the disk
ADDRESS : 0x04267000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mouclass.sys => Invisible on the disk
ADDRESS : 0x04276000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\swenum.sys => Invisible on the disk
ADDRESS : 0x04285000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ks.sys => Invisible on the disk
ADDRESS : 0x04287000
SIZE    : 268.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\umbus.sys => Invisible on the disk
ADDRESS : 0x042CA000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbhub.sys => Invisible on the disk
ADDRESS : 0x042DC000
SIZE    : 360.0 Ko

DRIVER  : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x04336000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\nvhda64v.sys => Invisible on the disk
ADDRESS : 0x0434B000
SIZE    : 180.0 Ko

DRIVER  : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x04378000
SIZE    : 244.0 Ko

DRIVER  : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x043B5000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x043D7000
SIZE    : 24.0 Ko

DRIVER  : C:\Windows\system32\drivers\HdAudio.sys => Invisible on the disk
ADDRESS : 0x0569A000
SIZE    : 368.0 Ko

DRIVER  : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x056F6000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_dumpata.sys => Invisible on the disk
ADDRESS : 0x05704000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0x05710000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x05719000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x000B0000
SIZE    : 3.09 Mo

DRIVER  : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk
ADDRESS : 0x0572C000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x05738000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\USBSTOR.SYS => Invisible on the disk
ADDRESS : 0x05746000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0x05761000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x004C0000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x006B0000
SIZE    : 156.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\xusb21.sys => Invisible on the disk
ADDRESS : 0x05763000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x05776000
SIZE    : 140.0 Ko

DRIVER  : C:\Windows\system32\drivers\mbam.sys => Invisible on the disk
ADDRESS : 0x05799000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk
ADDRESS : 0x057A3000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\hidusb.sys => Invisible on the disk
ADDRESS : 0x057C0000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x057CE000
SIZE    : 100.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x057E7000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the disk
ADDRESS : 0x057F0000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\kbdhid.sys => Invisible on the disk
ADDRESS : 0x05600000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x0560E000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x05623000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x02618000
SIZE    : 804.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x026E1000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x026FF000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x02717000
SIZE    : 180.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x02744000
SIZE    : 312.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x02792000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x054EE000
SIZE    : 664.0 Ko

DRIVER  : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x05594000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x0559F000
SIZE    : 196.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x055D0000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x05400000
SIZE    : 420.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x074AF000
SIZE    : 608.0 Ko

DRIVER  : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x0758F000
SIZE    : 100.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\WUDFRd.sys => Invisible on the disk
ADDRESS : 0x075A8000
SIZE    : 216.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\asyncmac.sys => Invisible on the disk
ADDRESS : 0x07471000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\drivers\MBAMSwissArmy.sys => Invisible on the disk
ADDRESS : 0x07488000
SIZE    : 128.0 Ko

DRIVER  : C:\Windows\system32\drivers\mwac.sys => Invisible on the disk
ADDRESS : 0x07547000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\smss.exe => Invisible on the disk
ADDRESS : 0x47980000
SIZE    : 128.0 Ko

SystemStartOptions :  NOEXECUTE=OPTIN

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.м.|.À.ؾ.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A E8 B3 06 53 00 00 80 20   em...c{.è³.S... 
0x000001C0   21 00 07 DF 13 0C 00 08 00 00 00 20 03 00 00 DF   !..ß....... ...ß
0x000001D0   14 0C 07 FE FF FF 00 28 03 00 00 30 6D 74 00 00   ...þ...(...0mt..
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

[pantuzektomas]

Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Rudolf on st 28.05.2014 at 23:53:17,41.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rudolf\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

28.5.2014 23:53:52 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted

==== Chrome Look ======================

AdBlock - Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Rudolf\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Rudolf\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=13 folders=15 14101159 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Rudolf\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Rudolf\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on st 28.05.2014 at 23:59:58,62 ======================

[vyosek]

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[pantuzektomas]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Rudolf (administrator) on RUDOLF-PC on 29-05-2014 22:46:40
Running from C:\Users\Rudolf\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-21] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [Adobe RGB Color] => C:\ProgramData\Adobe\color.vbs [106 2013-12-14] ()
HKU\S-1-5-21-2205112338-2371396014-1969147254-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-05-29]

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-26]
CHR Extension: (Disk Google) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-26]
CHR Extension: (YouTube) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-26]
CHR Extension: (AdBlock Premium) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-05-29]
CHR Extension: (Peněženka Google) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-26]
CHR Extension: (Gmail) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-26]

==================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-29 22:46 - 2014-05-29 22:46 - 02066944 _____ (Farbar) C:\Users\Rudolf\Downloads\FRST64.exe
2014-05-29 22:46 - 2014-05-29 22:46 - 00006647 _____ () C:\Users\Rudolf\Downloads\FRST.txt
2014-05-29 22:45 - 2014-05-29 22:45 - 00112640 _____ (forum.viry.cz) C:\Users\Rudolf\Downloads\Nepotvrzeno 782696.crdownload
2014-05-29 22:45 - 2014-05-29 22:45 - 00112107 _____ (forum.viry.cz) C:\Users\Rudolf\Downloads\VerzeOS.exe
2014-05-29 17:49 - 2014-05-29 18:02 - 780775424 _____ () C:\Users\Rudolf\Downloads\Filth.2013.BRRip.XviD.CZ.MY.avi
2014-05-29 15:00 - 2014-05-29 22:00 - 00000292 _____ () C:\Users\Rudolf\Network_Meter_Data.js
2014-05-29 14:28 - 2014-05-29 14:28 - 00000284 _____ () C:\Users\Rudolf\AppData\Roaming\GPU MeterV2_Settings.ini
2014-05-29 14:26 - 2014-05-29 14:28 - 00000954 _____ () C:\Users\Rudolf\AppData\Roaming\Network Meter_Settings.ini
2014-05-29 14:23 - 2014-05-29 14:28 - 00000133 _____ () C:\Users\Rudolf\IP_Log_Data.js
2014-05-29 14:19 - 2014-05-29 14:19 - 00000062 _____ () C:\Windows\Wininit.ini
2014-05-29 14:16 - 2014-05-29 14:19 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\ConMet
2014-05-29 14:16 - 2014-05-29 14:19 - 00000000 ____D () C:\ProgramData\ConMet
2014-05-29 14:14 - 2014-05-29 14:16 - 02585600 _____ (Mgr. Tomas Papousek) C:\Users\Rudolf\Downloads\cm799f.exe
2014-05-29 10:20 - 2014-05-29 10:20 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\ESET
2014-05-29 10:20 - 2014-05-29 10:20 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\ESET
2014-05-29 10:16 - 2014-05-29 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-05-29 10:16 - 2014-05-29 10:16 - 00000000 ____D () C:\ProgramData\ESET
2014-05-29 10:16 - 2014-05-29 10:16 - 00000000 ____D () C:\Program Files\ESET
2014-05-28 23:58 - 2014-05-28 23:53 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-28 23:53 - 2014-05-28 23:59 - 00005146 _____ () C:\zoek-results.log
2014-05-28 23:53 - 2014-05-28 23:58 - 00000000 ____D () C:\zoek_backup
2014-05-28 23:41 - 2014-05-29 22:46 - 00000000 ____D () C:\FRST
2014-05-28 23:12 - 2014-05-28 23:52 - 00000000 ____D () C:\Program Files\trend micro
2014-05-28 23:12 - 2014-05-28 23:15 - 00000000 ____D () C:\rsit
2014-05-28 22:54 - 2014-05-28 22:54 - 00009256 _____ () C:\Users\Rudolf\Documents\cc_20140528_225415.reg
2014-05-28 22:30 - 2014-05-28 22:30 - 01643096 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Rudolf\Desktop\GPU-Z.0.7.8.exe
2014-05-28 20:43 - 2014-05-28 20:43 - 00000000 __SHD () C:\Users\Rudolf\AppData\Local\EmieUserList
2014-05-28 20:43 - 2014-05-28 20:43 - 00000000 __SHD () C:\Users\Rudolf\AppData\Local\EmieSiteList
2014-05-28 20:03 - 2014-05-29 10:28 - 00000000 ____D () C:\ProgramData\adobe
2014-05-27 14:06 - 2014-05-27 14:06 - 00002574 _____ () C:\Users\Rudolf\Documents\cc_20140527_140612.reg
2014-05-27 09:48 - 2014-05-27 09:48 - 00019630 _____ () C:\Users\Rudolf\Documents\cc_20140527_094806.reg
2014-05-25 23:52 - 2014-05-25 23:52 - 00001235 _____ () C:\Users\Rudolf\Desktop\AIDA64 Extreme Edition.lnk
2014-05-25 23:52 - 2014-05-25 23:52 - 00000000 ____D () C:\Program Files (x86)\FinalWire
2014-05-25 15:54 - 2014-05-28 22:53 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\Ubisoft Game Launcher
2014-05-25 11:03 - 2014-05-25 11:03 - 00000000 ____D () C:\Users\Rudolf\Downloads\Driver Booster PRO 1.4.0.61 Multilingual + Key
2014-05-24 23:46 - 2014-05-24 23:46 - 00056558 _____ () C:\Users\Rudolf\Desktop\[CzT]Hunter_x_Hunter_E01_E64_2011_720p_.torrent
2014-05-23 22:26 - 2014-05-23 23:38 - 3336028033 _____ () C:\Users\Rudolf\Downloads\Železný obr (Iron Giant 1999 dvd).mkv
2014-05-23 22:25 - 2014-05-23 23:14 - 1898296379 _____ () C:\Users\Rudolf\Downloads\Fairy-Tail-movie---Kněžka-fénixe.mp4
2014-05-23 11:16 - 2014-05-23 11:16 - 00000000 ____D () C:\Users\Rudolf\Downloads\Game of thrones
2014-05-19 12:02 - 2014-05-20 00:34 - 1880889517 _____ () C:\Users\Rudolf\Downloads\Tajná minulost UFO.mkv
2014-05-19 11:05 - 2014-05-19 12:32 - 1972949065 _____ () C:\Users\Rudolf\Downloads\The.Secret.Life.of.Walter.Mitty.2013.720p.MY.mkv
2014-05-18 11:03 - 2014-05-18 13:57 - 1513326514 _____ () C:\Users\Rudolf\Downloads\Zelezni andele 1.avi
2014-05-18 09:34 - 2014-05-18 09:34 - 00019674 _____ () C:\Users\Rudolf\Desktop\[CzT]Hra_o_truny_Game_of_Thrones_3_serie_CZ_WebRip_720p_.torrent
2014-05-15 21:58 - 2014-05-15 22:16 - 880700474 _____ () C:\Users\Rudolf\Downloads\Hra o trůny Game of Thrones S04E01 Dva meče CZ.avi
2014-05-15 21:58 - 2014-05-15 22:09 - 419528704 _____ () C:\Users\Rudolf\Downloads\Hra o trůny - Game Of Thrones S04E02 Lev a růže.avi
2014-05-15 19:54 - 2014-05-15 20:14 - 00000116 _____ () C:\Users\Rudolf\Desktop\rovzrzeni jidla.txt
2014-05-14 17:36 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 17:36 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 17:36 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 17:36 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 17:36 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 17:36 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 11:13 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 11:13 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 11:13 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 11:13 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 11:13 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 11:13 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 11:13 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 11:13 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 11:13 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 11:13 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 11:13 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 11:13 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 11:13 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 11:13 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 11:13 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 11:13 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 11:13 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 11:13 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 11:13 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 11:13 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 10:26 - 2014-05-13 11:40 - 00000000 ____D () C:\Users\Rudolf\Downloads\Gingitsune
2014-05-13 10:24 - 2014-05-13 10:37 - 00000000 ____D () C:\Users\Rudolf\Downloads\Cyber City Oedo 808
2014-05-12 22:52 - 2014-05-23 07:43 - 00000000 ____D () C:\ProgramData\Steam
2014-05-12 22:52 - 2014-05-12 22:53 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\DarkSoulsII
2014-05-09 20:46 - 2014-05-09 21:22 - 1673287266 _____ () C:\Users\Rudolf\Downloads\Ja,me-druhe-ja-a-Irena-cz-Spunny.avi
2014-05-09 19:55 - 2014-05-26 12:15 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-08 09:22 - 2014-05-08 09:22 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\id Software
2014-05-07 19:45 - 2014-05-07 20:30 - 00000000 ____D () C:\Users\Rudolf\Downloads\Viy 3D
2014-05-07 17:42 - 2014-05-07 18:17 - 00000000 ____D () C:\Users\Rudolf\Desktop\Beaty hip hop rap
2014-05-06 13:25 - 2014-05-06 14:37 - 2708893692 _____ () C:\Users\Rudolf\Downloads\Blade-Runner-(1982)---The-Final-Cut.avi
2014-05-06 13:16 - 2014-05-06 20:22 - 2275939496 _____ () C:\Users\Rudolf\Downloads\Killing.Season.2013.Bluray.1080p (1).mkv
2014-05-01 18:17 - 2014-05-01 22:42 - 00000000 ____D () C:\Users\Rudolf\Downloads\The Purge (2013)
2014-05-01 02:51 - 2014-05-01 02:55 - 00000000 ____D () C:\Users\Rudolf\Downloads\Son.of.Batman.2014.BRRip.XviD.MP3-RARBG
2014-05-01 00:07 - 2014-05-19 19:15 - 00000000 ____D () C:\Users\Rudolf\Desktop\steam
2014-04-30 18:13 - 2014-05-29 10:29 - 00716129 ____N () C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

2014-05-29 22:46 - 2014-05-29 22:46 - 02066944 _____ (Farbar) C:\Users\Rudolf\Downloads\FRST64.exe
2014-05-29 22:46 - 2014-05-29 22:46 - 00006647 _____ () C:\Users\Rudolf\Downloads\FRST.txt
2014-05-29 22:46 - 2014-05-28 23:41 - 00000000 ____D () C:\FRST
2014-05-29 22:45 - 2014-05-29 22:45 - 00112640 _____ (forum.viry.cz) C:\Users\Rudolf\Downloads\Nepotvrzeno 782696.crdownload
2014-05-29 22:45 - 2014-05-29 22:45 - 00112107 _____ (forum.viry.cz) C:\Users\Rudolf\Downloads\VerzeOS.exe
2014-05-29 22:41 - 2014-03-26 00:22 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-29 22:00 - 2014-05-29 15:00 - 00000292 _____ () C:\Users\Rudolf\Network_Meter_Data.js
2014-05-29 21:53 - 2014-03-26 11:16 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\uTorrent
2014-05-29 20:56 - 2014-03-26 01:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-29 20:54 - 2014-04-11 18:46 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-29 20:52 - 2014-03-26 00:22 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-29 18:02 - 2014-05-29 17:49 - 780775424 _____ () C:\Users\Rudolf\Downloads\Filth.2013.BRRip.XviD.CZ.MY.avi
2014-05-29 15:00 - 2014-03-25 23:23 - 00000000 ____D () C:\Users\Rudolf
2014-05-29 14:28 - 2014-05-29 14:28 - 00000284 _____ () C:\Users\Rudolf\AppData\Roaming\GPU MeterV2_Settings.ini
2014-05-29 14:28 - 2014-05-29 14:26 - 00000954 _____ () C:\Users\Rudolf\AppData\Roaming\Network Meter_Settings.ini
2014-05-29 14:28 - 2014-05-29 14:23 - 00000133 _____ () C:\Users\Rudolf\IP_Log_Data.js
2014-05-29 14:19 - 2014-05-29 14:19 - 00000062 _____ () C:\Windows\Wininit.ini
2014-05-29 14:19 - 2014-05-29 14:16 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\ConMet
2014-05-29 14:19 - 2014-05-29 14:16 - 00000000 ____D () C:\ProgramData\ConMet
2014-05-29 14:16 - 2014-05-29 14:14 - 02585600 _____ (Mgr. Tomas Papousek) C:\Users\Rudolf\Downloads\cm799f.exe
2014-05-29 10:34 - 2011-04-12 10:34 - 00668138 _____ () C:\Windows\system32\perfh005.dat
2014-05-29 10:34 - 2011-04-12 10:34 - 00140798 _____ () C:\Windows\system32\perfc005.dat
2014-05-29 10:34 - 2009-07-14 07:13 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-29 10:34 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-29 10:34 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-29 10:29 - 2014-04-30 18:13 - 00716129 ____N () C:\Windows\WindowsUpdate.log
2014-05-29 10:28 - 2014-05-28 20:03 - 00000000 ____D () C:\ProgramData\adobe
2014-05-29 10:27 - 2014-03-26 01:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-29 10:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-29 10:20 - 2014-05-29 10:20 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\ESET
2014-05-29 10:20 - 2014-05-29 10:20 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\ESET
2014-05-29 10:16 - 2014-05-29 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-05-29 10:16 - 2014-05-29 10:16 - 00000000 ____D () C:\ProgramData\ESET
2014-05-29 10:16 - 2014-05-29 10:16 - 00000000 ____D () C:\Program Files\ESET
2014-05-28 23:59 - 2014-05-28 23:53 - 00005146 _____ () C:\zoek-results.log
2014-05-28 23:58 - 2014-05-28 23:53 - 00000000 ____D () C:\zoek_backup
2014-05-28 23:53 - 2014-05-28 23:58 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-28 23:52 - 2014-05-28 23:12 - 00000000 ____D () C:\Program Files\trend micro
2014-05-28 23:15 - 2014-05-28 23:12 - 00000000 ____D () C:\rsit
2014-05-28 22:55 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-28 22:54 - 2014-05-28 22:54 - 00009256 _____ () C:\Users\Rudolf\Documents\cc_20140528_225415.reg
2014-05-28 22:53 - 2014-05-25 15:54 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\Ubisoft Game Launcher
2014-05-28 22:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Resources
2014-05-28 22:30 - 2014-05-28 22:30 - 01643096 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Rudolf\Desktop\GPU-Z.0.7.8.exe
2014-05-28 20:43 - 2014-05-28 20:43 - 00000000 __SHD () C:\Users\Rudolf\AppData\Local\EmieUserList
2014-05-28 20:43 - 2014-05-28 20:43 - 00000000 __SHD () C:\Users\Rudolf\AppData\Local\EmieSiteList
2014-05-28 16:42 - 2014-04-01 12:37 - 00007606 _____ () C:\Users\Rudolf\AppData\Local\Resmon.ResmonCfg
2014-05-27 14:06 - 2014-05-27 14:06 - 00002574 _____ () C:\Users\Rudolf\Documents\cc_20140527_140612.reg
2014-05-27 14:06 - 2014-03-26 08:29 - 00000000 ____D () C:\Users\Rudolf\Desktop\Dokumenty
2014-05-27 09:48 - 2014-05-27 09:48 - 00019630 _____ () C:\Users\Rudolf\Documents\cc_20140527_094806.reg
2014-05-27 09:47 - 2014-04-26 00:58 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\Warframe
2014-05-27 09:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-27 00:01 - 2014-03-26 08:31 - 00000000 ____D () C:\Users\Rudolf\Desktop\tapety
2014-05-26 12:15 - 2014-05-09 19:55 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-25 23:52 - 2014-05-25 23:52 - 00001235 _____ () C:\Users\Rudolf\Desktop\AIDA64 Extreme Edition.lnk
2014-05-25 23:52 - 2014-05-25 23:52 - 00000000 ____D () C:\Program Files (x86)\FinalWire
2014-05-25 11:03 - 2014-05-25 11:03 - 00000000 ____D () C:\Users\Rudolf\Downloads\Driver Booster PRO 1.4.0.61 Multilingual + Key
2014-05-24 23:46 - 2014-05-24 23:46 - 00056558 _____ () C:\Users\Rudolf\Desktop\[CzT]Hunter_x_Hunter_E01_E64_2011_720p_.torrent
2014-05-23 23:38 - 2014-05-23 22:26 - 3336028033 _____ () C:\Users\Rudolf\Downloads\Železný obr (Iron Giant 1999 dvd).mkv
2014-05-23 23:14 - 2014-05-23 22:25 - 1898296379 _____ () C:\Users\Rudolf\Downloads\Fairy-Tail-movie---Kněžka-fénixe.mp4
2014-05-23 11:16 - 2014-05-23 11:16 - 00000000 ____D () C:\Users\Rudolf\Downloads\Game of thrones
2014-05-23 07:43 - 2014-05-12 22:52 - 00000000 ____D () C:\ProgramData\Steam
2014-05-20 00:34 - 2014-05-19 12:02 - 1880889517 _____ () C:\Users\Rudolf\Downloads\Tajná minulost UFO.mkv
2014-05-19 19:15 - 2014-05-01 00:07 - 00000000 ____D () C:\Users\Rudolf\Desktop\steam
2014-05-19 12:32 - 2014-05-19 11:05 - 1972949065 _____ () C:\Users\Rudolf\Downloads\The.Secret.Life.of.Walter.Mitty.2013.720p.MY.mkv
2014-05-18 13:57 - 2014-05-18 11:03 - 1513326514 _____ () C:\Users\Rudolf\Downloads\Zelezni andele 1.avi
2014-05-18 09:34 - 2014-05-18 09:34 - 00019674 _____ () C:\Users\Rudolf\Desktop\[CzT]Hra_o_truny_Game_of_Thrones_3_serie_CZ_WebRip_720p_.torrent
2014-05-16 16:36 - 2014-03-27 11:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-15 22:16 - 2014-05-15 21:58 - 880700474 _____ () C:\Users\Rudolf\Downloads\Hra o trůny Game of Thrones S04E01 Dva meče CZ.avi
2014-05-15 22:09 - 2014-05-15 21:58 - 419528704 _____ () C:\Users\Rudolf\Downloads\Hra o trůny - Game Of Thrones S04E02 Lev a růže.avi
2014-05-15 20:14 - 2014-05-15 19:54 - 00000116 _____ () C:\Users\Rudolf\Desktop\rovzrzeni jidla.txt
2014-05-14 21:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-14 17:39 - 2014-03-25 23:23 - 00000000 ___RD () C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 17:39 - 2014-03-25 23:23 - 00000000 ___RD () C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 17:38 - 2014-04-23 09:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 17:36 - 2014-03-26 01:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 17:35 - 2014-03-26 01:00 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 11:40 - 2014-05-13 10:26 - 00000000 ____D () C:\Users\Rudolf\Downloads\Gingitsune
2014-05-13 10:37 - 2014-05-13 10:24 - 00000000 ____D () C:\Users\Rudolf\Downloads\Cyber City Oedo 808
2014-05-13 10:02 - 2014-04-22 17:44 - 00000000 ____D () C:\ProgramData\Origin
2014-05-12 22:53 - 2014-05-12 22:52 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\DarkSoulsII
2014-05-09 21:22 - 2014-05-09 20:46 - 1673287266 _____ () C:\Users\Rudolf\Downloads\Ja,me-druhe-ja-a-Irena-cz-Spunny.avi
2014-05-09 08:14 - 2014-05-14 11:13 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 11:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 09:22 - 2014-05-08 09:22 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\id Software
2014-05-07 20:36 - 2014-03-26 00:22 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 20:36 - 2014-03-26 00:22 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 20:30 - 2014-05-07 19:45 - 00000000 ____D () C:\Users\Rudolf\Downloads\Viy 3D
2014-05-07 18:17 - 2014-05-07 17:42 - 00000000 ____D () C:\Users\Rudolf\Desktop\Beaty hip hop rap
2014-05-06 20:22 - 2014-05-06 13:16 - 2275939496 _____ () C:\Users\Rudolf\Downloads\Killing.Season.2013.Bluray.1080p (1).mkv
2014-05-06 14:37 - 2014-05-06 13:25 - 2708893692 _____ () C:\Users\Rudolf\Downloads\Blade-Runner-(1982)---The-Final-Cut.avi
2014-05-06 06:40 - 2014-05-14 17:36 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 17:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 17:36 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 17:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 17:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 17:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 12:29 - 2014-03-26 23:09 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\Tera_Awesomium
2014-05-04 09:18 - 2014-03-30 19:04 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\TS3Client
2014-05-03 00:15 - 2014-04-02 09:58 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-05-01 22:42 - 2014-05-01 18:17 - 00000000 ____D () C:\Users\Rudolf\Downloads\The Purge (2013)
2014-05-01 02:55 - 2014-05-01 02:51 - 00000000 ____D () C:\Users\Rudolf\Downloads\Son.of.Batman.2014.BRRip.XviD.MP3-RARBG
2014-04-30 13:41 - 2014-04-23 09:34 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-04-30 13:37 - 2014-04-01 09:03 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-29 02:28 - 2014-04-27 00:31 - 647606272 _____ () C:\Users\Rudolf\Downloads\Batman.vs.Red.Hood.2010.BRRip.XviD.AC3.CZ-queeN.up.by.MiPe.avi

Files to move or delete:
====================
C:\Users\Rudolf\IP_Log_Data.js
C:\Users\Rudolf\Network_Meter_Data.js


Some content of TEMP:
====================
C:\Users\Rudolf\AppData\Local\Temp\cmunst_.exe
C:\Users\Rudolf\AppData\Local\Temp\InstHelper.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 12:05

==================== End Of Log ============================

[pantuzektomas]

Dobry vecer
tak eset mi nasel BAT/CoinMiner.GH trojsky kun a presunul ho do karanteny... mam ho nechat odstranit?

[vyosek]

Kde jej prosim nasel??