VIRY.CZ

Zdravím NTB sa výrazne spomalil, v priehladačoch otvára samovoľne vyskakovacie okná a mal problémy so zapínaním (pustil sa, ale explorer.exe mi nespustil musel som ho puštať manuálne) po prečistení Malwarebytes problém zo zapínaním zmizol ale spomalenie a otvaranie okien zostalo.

Log z RSITu sa mi nepodaril vytvoriť kvoli erroru pri vytvaráni, preto prikladám log z FRST


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-01-2014
Ran by Richard (administrator) on NAFAJCENYPC on 10-01-2014 15:31:02
Running from C:\Users\Richard\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Alcor Micro Corp.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ICQ) C:\Users\Richard\AppData\Roaming\ICQM\icq.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Program Files\Pirrit\AutoUpdater.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [258048 2011-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [3926128 2012-04-19] (VIA)
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM\...\Run: [HControlUser] - C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [NCUpdateHelper] - C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2013-09-05] (NCSOFT Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKCU\...\Run: [icq] - C:\Users\Richard\AppData\Roaming\ICQM\icq.exe [29919576 2013-12-18] (ICQ)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
MountPoints2: {2e8e1cf1-e48c-11e2-b871-806e6f6e6963} - D:\setup.exe
MountPoints2: {cc796842-e424-11e2-8833-50465d99a2c9} - E:\autoplay.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3AA2A4E65878CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC8} URL = http://search.icq.com/search/results.ph ... h_mode=web
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 91.121.69.54 l2authd.lineage2.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @t.garena.com/garenatalk - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Pirrit Suggestor - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\suggestor@suggestor.pirrit.com.xpi
FF Extension: Stylish - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF Extension: Adblock Plus - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome:
=======
CHR HomePage: hxxp://www.delta-homes.com/?utm_source=b&utm_m ... 1380216822
CHR RestoreOnStartup: "hxxp://www.delta-homes.com/?utm_source=b&utm_m ... 1380216822"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Garena Talk Plugin) - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (Pirrit Suggestor) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc
CHR Extension: (Google Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

========================== Services (Whitelisted) =================

R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512 2011-11-21] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462048 2012-04-20] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [4702568 2012-10-24] (INCA Internet Co., Ltd.)
R2 PirritUpdater; C:\Program Files\Pirrit\AutoUpdater.exe [55296 2013-12-02] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-23] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2013-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-12-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2013-12-29] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2013-12-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-29] ()
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [14464 2011-09-07] (ASUS)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-07-03] (Disc Soft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [91760 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-02] (Intel Corporation)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [113608 2013-04-15] (Power Software Ltd)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1830512 2012-03-23] (VIA Technologies, Inc.)
R2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 ASUSProcObsrv; \??\D:\I386\AsProcOb.sys [x]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [x]
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-10 15:31 - 2014-01-10 15:32 - 00015097 _____ C:\Users\Richard\Desktop\FRST.txt
2014-01-10 15:30 - 2014-01-10 15:30 - 00000000 ____D C:\FRST
2014-01-10 15:29 - 2014-01-10 15:29 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
2014-01-10 15:26 - 2014-01-10 15:26 - 01066141 _____ (Farbar) C:\Users\Richard\Desktop\FRST.exe
2014-01-10 15:16 - 2014-01-10 15:24 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 15:16 - 2014-01-10 15:16 - 00000000 ____D C:\rsit
2014-01-10 15:05 - 2014-01-10 15:15 - 00781909 _____ C:\Users\Richard\Desktop\RSIT.exe
2014-01-10 13:39 - 2014-01-10 14:18 - 675414016 _____ C:\Users\Richard\Downloads\Warcraft-3---Regin-on-Chaos-CZ.iso
2014-01-10 12:26 - 2014-01-10 15:17 - 00000000 ____D C:\Users\Richard\Downloads\Diablo II - Lord of Destruction (1.13d Direct Play)
2014-01-10 00:55 - 2014-01-10 00:55 - 01938314 _____ C:\Users\Richard\Downloads\Enfo .X3X..w3x
2014-01-10 00:55 - 2014-01-10 00:55 - 00343719 _____ C:\Users\Richard\Downloads\ETS_MT_Edition_V181.w3x
2014-01-09 23:21 - 2014-01-10 00:01 - 563946096 _____ C:\Users\Richard\Downloads\Warcraft_3_The_Frozen_Throne_ENG.iso
2014-01-09 22:06 - 2014-01-09 22:47 - 662368256 _____ C:\Users\Richard\Downloads\Warcraft-3-Reign-Of-Chaos.iso
2014-01-09 16:00 - 2014-01-09 16:00 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2014-01-09 15:45 - 2014-01-09 15:52 - 00000000 ____D C:\Users\Public\Palo tuto to JE
2014-01-09 14:39 - 2014-01-09 14:39 - 01360755 _____ C:\Users\Richard\Downloads\Jedi_Knight_Jedi_Academy_v1.01_Single_Player_Multiplayer__WWW.CRACK-LOCATOR.INFO_.zip
2014-01-09 14:27 - 2014-01-09 14:28 - 11624176 _____ (LucasArts) C:\Users\Richard\Downloads\jkacademy1_01.exe
2014-01-07 12:53 - 2014-01-07 12:54 - 00023552 ___SH C:\Users\Richard\Downloads\Thumbs.db
2014-01-07 12:40 - 2014-01-10 12:09 - 00000392 _____ C:\Windows\setupact.log
2014-01-07 12:40 - 2014-01-07 12:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-05 12:43 - 2014-01-05 12:43 - 00108680 _____ C:\Users\Richard\Downloads\1065371638.zip
2014-01-04 10:47 - 2014-01-04 10:56 - 3741745152 _____ C:\Users\Richard\Documents\CD_ROM.iso
2014-01-04 10:46 - 2014-01-04 11:16 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-31 00:41 - 2013-12-31 00:41 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 00:38 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-31 00:12 - 2013-12-31 00:12 - 00011776 ___SH C:\Users\Richard\Documents\Thumbs.db
2013-12-30 20:51 - 2013-12-30 20:51 - 00001643 _____ C:\Users\Richard\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Windows\system32\games
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Checker
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Program Files\Disk Checker
2013-12-29 14:38 - 2013-12-29 14:38 - 00000000 ____D C:\Users\Richard\AppData\Roaming\AVAST Software
2013-12-29 14:31 - 2013-12-29 14:32 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-12-29 14:31 - 2013-12-29 14:31 - 00000000 ____D C:\Program Files\Security Task Manager
2013-12-29 14:16 - 2013-12-29 14:16 - 00000673 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-12-29 14:16 - 2013-12-29 14:16 - 00000644 _____ C:\Users\Public\Desktop\Half-Life.lnk
2013-12-29 11:00 - 2013-12-30 18:06 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-25 21:20 - 2013-12-25 21:20 - 00002172 _____ C:\Users\Public\Desktop\Play The Sims™ 3.lnk
2013-12-25 19:14 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Richard\Documents\Electronic Arts
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Origin
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Local\Origin
2013-12-25 11:39 - 2013-12-25 11:40 - 00000000 ____D C:\ProgramData\Origin
2013-12-25 11:39 - 2013-12-25 11:39 - 00000937 _____ C:\Users\Public\Desktop\Origin.lnk
2013-12-25 11:38 - 2013-12-25 11:40 - 00000000 ____D C:\Program Files\Origin
2013-12-24 16:41 - 2013-12-25 11:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-24 16:38 - 2013-12-25 11:38 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-24 15:28 - 2013-12-24 15:28 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-12-24 09:45 - 2014-01-10 15:27 - 00183395 _____ C:\Windows\WindowsUpdate.log
2013-12-24 09:44 - 2013-12-24 09:44 - 00000809 _____ C:\Users\Richard\Desktop\UnrealTournament.lnk
2013-12-24 09:43 - 2013-12-24 09:43 - 00000738 _____ C:\Users\Richard\Desktop\Stronghold Crusader.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001811 _____ C:\Users\Richard\Desktop\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001669 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-18 01:01 - 2013-12-18 01:18 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ-Profile
2013-12-14 21:20 - 2013-12-14 21:20 - 00000000 ____D C:\Users\Richard\AppData\Local\Pirrit Suggestor
2013-12-14 21:19 - 2013-12-14 21:19 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Pirrit
2013-12-14 21:19 - 2013-12-14 21:19 - 00000000 ____D C:\Program Files\Pirrit
2013-12-14 21:14 - 2013-12-14 21:14 - 00000983 _____ C:\Users\Public\Desktop\Guitar and Bass.lnk
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Richard\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Public\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\ProgramData\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Program Files\Guitar and Bass
2013-12-14 19:53 - 2013-12-14 19:53 - 00001027 _____ C:\Users\Public\Desktop\Guitar FX BOX 3.LNK
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Steinberg
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Guitar FX BOX 3

==================== One Month Modified Files and Folders =======

2014-01-10 15:32 - 2014-01-10 15:31 - 00015097 _____ C:\Users\Richard\Desktop\FRST.txt
2014-01-10 15:30 - 2014-01-10 15:30 - 00000000 ____D C:\FRST
2014-01-10 15:29 - 2014-01-10 15:29 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
2014-01-10 15:27 - 2013-12-24 09:45 - 00183395 _____ C:\Windows\WindowsUpdate.log
2014-01-10 15:26 - 2014-01-10 15:26 - 01066141 _____ (Farbar) C:\Users\Richard\Desktop\FRST.exe
2014-01-10 15:24 - 2014-01-10 15:16 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 15:24 - 2013-10-17 00:08 - 00000000 ____D C:\Users\Richard\AppData\Roaming\uTorrent
2014-01-10 15:17 - 2014-01-10 12:26 - 00000000 ____D C:\Users\Richard\Downloads\Diablo II - Lord of Destruction (1.13d Direct Play)
2014-01-10 15:17 - 2013-08-05 08:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-10 15:16 - 2014-01-10 15:16 - 00000000 ____D C:\rsit
2014-01-10 15:15 - 2014-01-10 15:05 - 00781909 _____ C:\Users\Richard\Desktop\RSIT.exe
2014-01-10 14:34 - 2013-07-04 03:43 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 14:18 - 2014-01-10 13:39 - 675414016 _____ C:\Users\Richard\Downloads\Warcraft-3---Regin-on-Chaos-CZ.iso
2014-01-10 12:14 - 2009-07-14 05:34 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 12:14 - 2009-07-14 05:34 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 12:09 - 2014-01-07 12:40 - 00000392 _____ C:\Windows\setupact.log
2014-01-10 12:09 - 2013-07-04 03:43 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 12:09 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 00:55 - 2014-01-10 00:55 - 01938314 _____ C:\Users\Richard\Downloads\Enfo .X3X..w3x
2014-01-10 00:55 - 2014-01-10 00:55 - 00343719 _____ C:\Users\Richard\Downloads\ETS_MT_Edition_V181.w3x
2014-01-10 00:01 - 2014-01-09 23:21 - 563946096 _____ C:\Users\Richard\Downloads\Warcraft_3_The_Frozen_Throne_ENG.iso
2014-01-09 23:16 - 2013-11-22 22:16 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-09 22:48 - 2013-07-03 22:55 - 00000000 ____D C:\Users\Richard\AppData\Roaming\DAEMON Tools Lite
2014-01-09 22:47 - 2014-01-09 22:06 - 662368256 _____ C:\Users\Richard\Downloads\Warcraft-3-Reign-Of-Chaos.iso
2014-01-09 21:32 - 2013-07-20 16:43 - 00000000 ____D C:\Users\Public\zaloha
2014-01-09 16:00 - 2014-01-09 16:00 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2014-01-09 16:00 - 2013-11-09 09:54 - 00000000 ____D C:\ProgramData\AlawarWrapper
2014-01-09 15:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2014-01-09 15:52 - 2014-01-09 15:45 - 00000000 ____D C:\Users\Public\Palo tuto to JE
2014-01-09 15:52 - 2013-07-12 18:22 - 00000000 ____D C:\games
2014-01-09 15:46 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2014-01-09 14:39 - 2014-01-09 14:39 - 01360755 _____ C:\Users\Richard\Downloads\Jedi_Knight_Jedi_Academy_v1.01_Single_Player_Multiplayer__WWW.CRACK-LOCATOR.INFO_.zip
2014-01-09 14:28 - 2014-01-09 14:27 - 11624176 _____ (LucasArts) C:\Users\Richard\Downloads\jkacademy1_01.exe
2014-01-07 12:54 - 2014-01-07 12:53 - 00023552 ___SH C:\Users\Richard\Downloads\Thumbs.db
2014-01-07 12:40 - 2014-01-07 12:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-05 13:42 - 2013-11-10 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\vlc
2014-01-05 12:43 - 2014-01-05 12:43 - 00108680 _____ C:\Users\Richard\Downloads\1065371638.zip
2014-01-04 11:16 - 2014-01-04 10:46 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-04 10:56 - 2014-01-04 10:47 - 3741745152 _____ C:\Users\Richard\Documents\CD_ROM.iso
2014-01-04 10:47 - 2013-07-04 01:42 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-02 01:36 - 2013-07-06 18:43 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Skype
2013-12-31 19:43 - 2013-08-19 21:06 - 00000000 ____D C:\Users\Richard\Documents\WBFS Manager Covers
2013-12-31 01:08 - 2013-08-21 21:59 - 00000000 ____D C:\ProgramData\eSafe
2013-12-31 01:06 - 2013-08-21 21:59 - 00000000 ____D C:\Program Files\Common Files\337
2013-12-31 01:06 - 2013-08-21 21:55 - 00000000 ____D C:\Users\Richard\AppData\Local\SwvUpdater
2013-12-31 00:41 - 2013-12-31 00:41 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 00:12 - 2013-12-31 00:12 - 00011776 ___SH C:\Users\Richard\Documents\Thumbs.db
2013-12-30 20:51 - 2013-12-30 20:51 - 00001643 _____ C:\Users\Richard\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2013-12-30 20:51 - 2013-07-04 01:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Windows\system32\games
2013-12-30 20:50 - 2013-07-04 01:49 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-12-30 18:06 - 2013-12-29 11:00 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Checker
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Program Files\Disk Checker
2013-12-29 14:38 - 2013-12-29 14:38 - 00000000 ____D C:\Users\Richard\AppData\Roaming\AVAST Software
2013-12-29 14:32 - 2013-12-29 14:31 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-12-29 14:31 - 2013-12-29 14:31 - 00000000 ____D C:\Program Files\Security Task Manager
2013-12-29 14:16 - 2013-12-29 14:16 - 00000673 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-12-29 14:16 - 2013-12-29 14:16 - 00000644 _____ C:\Users\Public\Desktop\Half-Life.lnk
2013-12-29 11:00 - 2013-07-04 14:17 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 11:00 - 2013-07-04 14:17 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00002047 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-29 11:00 - 2013-07-04 14:15 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 10:57 - 2013-07-03 10:05 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-29 10:57 - 2009-07-14 03:04 - 00002577 _____ C:\Windows\system32\config.nt
2013-12-28 13:31 - 2013-11-10 14:48 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-25 21:20 - 2013-12-25 21:20 - 00002172 _____ C:\Users\Public\Desktop\Play The Sims™ 3.lnk
2013-12-25 19:14 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Richard\Documents\Electronic Arts
2013-12-25 16:38 - 2013-11-11 03:50 - 00000000 ____D C:\Users\Richard\AppData\Local\PMB Files
2013-12-25 16:38 - 2013-11-11 03:50 - 00000000 ____D C:\ProgramData\PMB Files
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Origin
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Local\Origin
2013-12-25 11:40 - 2013-12-25 11:39 - 00000000 ____D C:\ProgramData\Origin
2013-12-25 11:40 - 2013-12-25 11:38 - 00000000 ____D C:\Program Files\Origin
2013-12-25 11:39 - 2013-12-25 11:39 - 00000937 _____ C:\Users\Public\Desktop\Origin.lnk
2013-12-25 11:39 - 2013-12-24 16:41 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-25 11:38 - 2013-12-24 16:38 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-24 15:28 - 2013-12-24 15:28 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-12-24 09:44 - 2013-12-24 09:44 - 00000809 _____ C:\Users\Richard\Desktop\UnrealTournament.lnk
2013-12-24 09:43 - 2013-12-24 09:43 - 00000738 _____ C:\Users\Richard\Desktop\Stronghold Crusader.lnk
2013-12-20 21:50 - 2013-11-06 08:10 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-19 14:11 - 2013-07-04 14:17 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-12-18 01:18 - 2013-12-18 01:01 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ-Profile
2013-12-18 01:02 - 2013-12-18 01:02 - 00001811 _____ C:\Users\Richard\Desktop\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001669 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-18 01:02 - 2013-07-15 20:25 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQM
2013-12-18 00:57 - 2013-07-15 20:36 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ
2013-12-14 21:20 - 2013-12-14 21:20 - 00000000 ____D C:\Users\Richard\AppData\Local\Pirrit Suggestor
2013-12-14 21:19 - 2013-12-14 21:19 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Pirrit
2013-12-14 21:19 - 2013-12-14 21:19 - 00000000 ____D C:\Program Files\Pirrit
2013-12-14 21:14 - 2013-12-14 21:14 - 00000983 _____ C:\Users\Public\Desktop\Guitar and Bass.lnk
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Richard\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Public\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\ProgramData\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Program Files\Guitar and Bass
2013-12-14 19:53 - 2013-12-14 19:53 - 00001027 _____ C:\Users\Public\Desktop\Guitar FX BOX 3.LNK
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Steinberg
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Guitar FX BOX 3

Some content of TEMP:
====================
C:\Users\Richard\AppData\Local\Temp\war3_Install.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Richard\Desktop" je 2 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop
C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Richard\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray
C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Richard\AppData\Roaming\ICQM\icq.exe -CU [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper
C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files\Steam\Steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun
"C:\Program Files\WebcamMax\wcmmon.exe" -a [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\307523~1.318\SSSCHE~1.EXE [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

pridavam este zazipovany addition

Zdravim

Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Spustte tradicne dvouklikem
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Shortcut Cleaner 1.2.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Windows Version: Windows 7 Ultimate Service Pack 1
Program started at: 01/10/2014 04:13:34 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\

* Shortcut Cleaned: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729

* Shortcut Cleaned: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

* Shortcut Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => C:\Program Files\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729

Searching C:\Users\Richard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

* Shortcut Cleaned: C:\Users\Richard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => C:\Program Files\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729

* Shortcut Cleaned: C:\Users\Richard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729

Searching C:\Users\Public\Desktop\

* Shortcut Cleaned: C:\Users\Public\Desktop\Google Chrome.lnk => C:\Program Files\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377118729

Searching C:\Users\Richard\Desktop


6 bad shortcuts found.

Program finished at: 01/10/2014 04:13:45 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Ultimate x86
Ran by Richard on pi 10. 01. 2014 at 16:21:29,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\KMPAskPIPCount_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\KMPAskPIPCount_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC8}



~~~ Files

Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\esafe"
Successfully deleted: [Folder] "C:\Users\Richard\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Richard\AppData\Roaming\mozilla\firefox\profiles\u5v1u8qa.default\minidumps [36 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pi 10. 01. 2014 at 16:27:18,32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.016 - Report created 10/01/2014 at 16:31:14
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Richard - NAFAJCENYPC
# Running from : C:\Users\Richard\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : PirritUpdater

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\Program Files\Pirrit
Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Program Files\Common Files\337
Folder Deleted : C:\Users\Richard\AppData\Local\Pirrit Suggestor
Folder Deleted : C:\Users\Richard\AppData\Local\AlawarWrapper
Folder Deleted : C:\Users\Richard\AppData\Roaming\337
Folder Deleted : C:\Users\Richard\AppData\Roaming\eUpdate
Folder Deleted : C:\Users\Richard\AppData\Roaming\Pirrit
Folder Deleted : C:\Users\Richard\Documents\AlawarWrapper
File Deleted : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\suggestor@suggestor.pirrit.com.xpi
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\delta-homes.xml
File Deleted : C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Deleted : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser

***** [ Shortcuts ] *****


***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F33BA52-A684-47AC-AD99-A179E950C087}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F33BA52-A684-47AC-AD99-A179E950C087}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F5B3D73-2207-44DC-906F-1BAE62B83FD0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F5B3D73-2207-44DC-906F-1BAE62B83FD0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\PirritSuggestor_InstallMonetizer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\PirritSuggestor_InstallMonetizer_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\omigaplusSvc
Key Deleted : HKLM\Software\Pirrit
Key Deleted : HKLM\Software\winzipersvc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16502


-\\ Mozilla Firefox v26.0 (sk)

[ File : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [4052 octets] - [10/01/2014 16:28:41]
AdwCleaner[S0].txt - [3695 octets] - [10/01/2014 16:31:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3755 octets] ##########

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-01-2014
Ran by Richard (administrator) on NAFAJCENYPC on 10-01-2014 18:27:45
Running from C:\Users\Richard\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Alcor Micro Corp.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Blizzard Entertainment) C:\Users\Public\Palo tuto to JE\Warcraft III\war3.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [258048 2011-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [3926128 2012-04-19] (VIA)
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM\...\Run: [HControlUser] - C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [NCUpdateHelper] - C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2013-09-05] (NCSOFT Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKCU\...\Run: [icq] - C:\Users\Richard\AppData\Roaming\ICQM\icq.exe [29919576 2013-12-18] (ICQ)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
MountPoints2: {2e8e1cf1-e48c-11e2-b871-806e6f6e6963} - D:\setup.exe
MountPoints2: {cc796842-e424-11e2-8833-50465d99a2c9} - E:\autoplay.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3AA2A4E65878CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM - DefaultScope value is missing.
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 91.121.69.54 l2authd.lineage2.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @t.garena.com/garenatalk - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Stylish - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF Extension: Adblock Plus - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Garena Talk Plugin) - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (Pirrit Suggestor) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc
CHR Extension: (Google Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

========================== Services (Whitelisted) =================

R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512 2011-11-21] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462048 2012-04-20] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [4702568 2012-10-24] (INCA Internet Co., Ltd.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-23] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2013-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-12-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2013-12-29] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2013-12-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-29] ()
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [14464 2011-09-07] (ASUS)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-07-03] (Disc Soft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [91760 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-02] (Intel Corporation)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [113608 2013-04-15] (Power Software Ltd)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1830512 2012-03-23] (VIA Technologies, Inc.)
R2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 ASUSProcObsrv; \??\D:\I386\AsProcOb.sys [x]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [x]
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-10 18:27 - 2014-01-10 18:27 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
2014-01-10 18:25 - 2014-01-10 15:29 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\trzFF2A.tmp
2014-01-10 16:28 - 2014-01-10 16:31 - 00000000 ____D C:\AdwCleaner
2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt
2014-01-10 16:14 - 2014-01-10 16:14 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt
2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe
2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip
2014-01-10 15:31 - 2014-01-10 18:28 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt
2014-01-10 15:30 - 2014-01-10 15:30 - 00000000 ____D C:\FRST
2014-01-10 15:26 - 2014-01-10 15:26 - 01066141 _____ (Farbar) C:\Users\Richard\Desktop\FRST.exe
2014-01-10 15:16 - 2014-01-10 15:24 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 15:16 - 2014-01-10 15:16 - 00000000 ____D C:\rsit
2014-01-10 15:05 - 2014-01-10 15:15 - 00781909 _____ C:\Users\Richard\Desktop\RSIT.exe
2014-01-10 13:39 - 2014-01-10 14:18 - 675414016 _____ C:\Users\Richard\Downloads\Warcraft-3---Regin-on-Chaos-CZ.iso
2014-01-10 12:26 - 2014-01-10 15:17 - 00000000 ____D C:\Users\Richard\Downloads\Diablo II - Lord of Destruction (1.13d Direct Play)
2014-01-10 00:55 - 2014-01-10 00:55 - 01938314 _____ C:\Users\Richard\Downloads\Enfo .X3X..w3x
2014-01-10 00:55 - 2014-01-10 00:55 - 00343719 _____ C:\Users\Richard\Downloads\ETS_MT_Edition_V181.w3x
2014-01-09 23:21 - 2014-01-10 00:01 - 563946096 _____ C:\Users\Richard\Downloads\Warcraft_3_The_Frozen_Throne_ENG.iso
2014-01-09 22:06 - 2014-01-09 22:47 - 662368256 _____ C:\Users\Richard\Downloads\Warcraft-3-Reign-Of-Chaos.iso
2014-01-09 16:00 - 2014-01-09 16:00 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2014-01-09 15:45 - 2014-01-09 15:52 - 00000000 ____D C:\Users\Public\Palo tuto to JE
2014-01-09 14:39 - 2014-01-09 14:39 - 01360755 _____ C:\Users\Richard\Downloads\Jedi_Knight_Jedi_Academy_v1.01_Single_Player_Multiplayer__WWW.CRACK-LOCATOR.INFO_.zip
2014-01-09 14:27 - 2014-01-09 14:28 - 11624176 _____ (LucasArts) C:\Users\Richard\Downloads\jkacademy1_01.exe
2014-01-07 12:53 - 2014-01-07 12:54 - 00023552 ___SH C:\Users\Richard\Downloads\Thumbs.db
2014-01-07 12:40 - 2014-01-10 16:35 - 00000504 _____ C:\Windows\setupact.log
2014-01-07 12:40 - 2014-01-07 12:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-05 12:43 - 2014-01-05 12:43 - 00108680 _____ C:\Users\Richard\Downloads\1065371638.zip
2014-01-04 10:47 - 2014-01-04 10:56 - 3741745152 _____ C:\Users\Richard\Documents\CD_ROM.iso
2014-01-04 10:46 - 2014-01-04 11:16 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-31 00:41 - 2013-12-31 00:41 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 00:38 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-31 00:12 - 2013-12-31 00:12 - 00011776 ___SH C:\Users\Richard\Documents\Thumbs.db
2013-12-30 20:51 - 2013-12-30 20:51 - 00001643 _____ C:\Users\Richard\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Windows\system32\games
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Checker
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Program Files\Disk Checker
2013-12-29 14:38 - 2013-12-29 14:38 - 00000000 ____D C:\Users\Richard\AppData\Roaming\AVAST Software
2013-12-29 14:31 - 2013-12-29 14:32 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-12-29 14:31 - 2013-12-29 14:31 - 00000000 ____D C:\Program Files\Security Task Manager
2013-12-29 14:16 - 2013-12-29 14:16 - 00000673 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-12-29 14:16 - 2013-12-29 14:16 - 00000644 _____ C:\Users\Public\Desktop\Half-Life.lnk
2013-12-29 11:00 - 2013-12-30 18:06 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-25 21:20 - 2013-12-25 21:20 - 00002172 _____ C:\Users\Public\Desktop\Play The Sims™ 3.lnk
2013-12-25 19:14 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Richard\Documents\Electronic Arts
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Origin
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Local\Origin
2013-12-25 11:39 - 2013-12-25 11:40 - 00000000 ____D C:\ProgramData\Origin
2013-12-25 11:39 - 2013-12-25 11:39 - 00000937 _____ C:\Users\Public\Desktop\Origin.lnk
2013-12-25 11:38 - 2013-12-25 11:40 - 00000000 ____D C:\Program Files\Origin
2013-12-24 16:41 - 2013-12-25 11:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-24 16:38 - 2013-12-25 11:38 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-24 15:28 - 2013-12-24 15:28 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-12-24 09:45 - 2014-01-10 17:32 - 00191151 _____ C:\Windows\WindowsUpdate.log
2013-12-24 09:44 - 2013-12-24 09:44 - 00000809 _____ C:\Users\Richard\Desktop\UnrealTournament.lnk
2013-12-24 09:43 - 2013-12-24 09:43 - 00000738 _____ C:\Users\Richard\Desktop\Stronghold Crusader.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001811 _____ C:\Users\Richard\Desktop\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001669 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-18 01:01 - 2013-12-18 01:18 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ-Profile
2013-12-14 21:14 - 2013-12-14 21:14 - 00000983 _____ C:\Users\Public\Desktop\Guitar and Bass.lnk
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Richard\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Public\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\ProgramData\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Program Files\Guitar and Bass
2013-12-14 19:53 - 2013-12-14 19:53 - 00001027 _____ C:\Users\Public\Desktop\Guitar FX BOX 3.LNK
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Steinberg
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Guitar FX BOX 3

==================== One Month Modified Files and Folders =======

2014-01-10 18:28 - 2014-01-10 15:31 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt
2014-01-10 18:27 - 2014-01-10 18:27 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
2014-01-10 18:17 - 2013-08-05 08:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-10 17:34 - 2013-07-04 03:43 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 17:32 - 2013-12-24 09:45 - 00191151 _____ C:\Windows\WindowsUpdate.log
2014-01-10 16:41 - 2009-07-14 05:34 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 16:41 - 2009-07-14 05:34 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 16:36 - 2013-07-04 03:43 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 16:36 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 16:35 - 2014-01-07 12:40 - 00000504 _____ C:\Windows\setupact.log
2014-01-10 16:31 - 2014-01-10 16:28 - 00000000 ____D C:\AdwCleaner
2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt
2014-01-10 16:14 - 2014-01-10 16:14 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt
2014-01-10 16:13 - 2013-07-04 03:44 - 00002141 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-10 16:13 - 2013-07-04 01:38 - 00001413 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe
2014-01-10 15:43 - 2013-11-22 22:16 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip
2014-01-10 15:30 - 2014-01-10 15:30 - 00000000 ____D C:\FRST
2014-01-10 15:29 - 2014-01-10 18:25 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\trzFF2A.tmp
2014-01-10 15:26 - 2014-01-10 15:26 - 01066141 _____ (Farbar) C:\Users\Richard\Desktop\FRST.exe
2014-01-10 15:24 - 2014-01-10 15:16 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 15:24 - 2013-10-17 00:08 - 00000000 ____D C:\Users\Richard\AppData\Roaming\uTorrent
2014-01-10 15:17 - 2014-01-10 12:26 - 00000000 ____D C:\Users\Richard\Downloads\Diablo II - Lord of Destruction (1.13d Direct Play)
2014-01-10 15:16 - 2014-01-10 15:16 - 00000000 ____D C:\rsit
2014-01-10 15:15 - 2014-01-10 15:05 - 00781909 _____ C:\Users\Richard\Desktop\RSIT.exe
2014-01-10 14:18 - 2014-01-10 13:39 - 675414016 _____ C:\Users\Richard\Downloads\Warcraft-3---Regin-on-Chaos-CZ.iso
2014-01-10 00:55 - 2014-01-10 00:55 - 01938314 _____ C:\Users\Richard\Downloads\Enfo .X3X..w3x
2014-01-10 00:55 - 2014-01-10 00:55 - 00343719 _____ C:\Users\Richard\Downloads\ETS_MT_Edition_V181.w3x
2014-01-10 00:01 - 2014-01-09 23:21 - 563946096 _____ C:\Users\Richard\Downloads\Warcraft_3_The_Frozen_Throne_ENG.iso
2014-01-09 22:48 - 2013-07-03 22:55 - 00000000 ____D C:\Users\Richard\AppData\Roaming\DAEMON Tools Lite
2014-01-09 22:47 - 2014-01-09 22:06 - 662368256 _____ C:\Users\Richard\Downloads\Warcraft-3-Reign-Of-Chaos.iso
2014-01-09 21:32 - 2013-07-20 16:43 - 00000000 ____D C:\Users\Public\zaloha
2014-01-09 16:00 - 2014-01-09 16:00 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2014-01-09 15:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2014-01-09 15:52 - 2014-01-09 15:45 - 00000000 ____D C:\Users\Public\Palo tuto to JE
2014-01-09 15:52 - 2013-07-12 18:22 - 00000000 ____D C:\games
2014-01-09 15:46 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2014-01-09 14:39 - 2014-01-09 14:39 - 01360755 _____ C:\Users\Richard\Downloads\Jedi_Knight_Jedi_Academy_v1.01_Single_Player_Multiplayer__WWW.CRACK-LOCATOR.INFO_.zip
2014-01-09 14:28 - 2014-01-09 14:27 - 11624176 _____ (LucasArts) C:\Users\Richard\Downloads\jkacademy1_01.exe
2014-01-07 12:54 - 2014-01-07 12:53 - 00023552 ___SH C:\Users\Richard\Downloads\Thumbs.db
2014-01-07 12:40 - 2014-01-07 12:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-05 13:42 - 2013-11-10 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\vlc
2014-01-05 12:43 - 2014-01-05 12:43 - 00108680 _____ C:\Users\Richard\Downloads\1065371638.zip
2014-01-04 11:16 - 2014-01-04 10:46 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-04 10:56 - 2014-01-04 10:47 - 3741745152 _____ C:\Users\Richard\Documents\CD_ROM.iso
2014-01-04 10:47 - 2013-07-04 01:42 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-02 01:36 - 2013-07-06 18:43 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Skype
2013-12-31 19:43 - 2013-08-19 21:06 - 00000000 ____D C:\Users\Richard\Documents\WBFS Manager Covers
2013-12-31 00:41 - 2013-12-31 00:41 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 00:12 - 2013-12-31 00:12 - 00011776 ___SH C:\Users\Richard\Documents\Thumbs.db
2013-12-30 20:51 - 2013-12-30 20:51 - 00001643 _____ C:\Users\Richard\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2013-12-30 20:51 - 2013-07-04 01:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Windows\system32\games
2013-12-30 20:50 - 2013-07-04 01:49 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-12-30 18:06 - 2013-12-29 11:00 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Checker
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Program Files\Disk Checker
2013-12-29 14:38 - 2013-12-29 14:38 - 00000000 ____D C:\Users\Richard\AppData\Roaming\AVAST Software
2013-12-29 14:32 - 2013-12-29 14:31 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-12-29 14:31 - 2013-12-29 14:31 - 00000000 ____D C:\Program Files\Security Task Manager
2013-12-29 14:16 - 2013-12-29 14:16 - 00000673 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-12-29 14:16 - 2013-12-29 14:16 - 00000644 _____ C:\Users\Public\Desktop\Half-Life.lnk
2013-12-29 11:00 - 2013-07-04 14:17 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 11:00 - 2013-07-04 14:17 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00002047 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-29 11:00 - 2013-07-04 14:15 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 10:57 - 2013-07-03 10:05 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-29 10:57 - 2009-07-14 03:04 - 00002577 _____ C:\Windows\system32\config.nt
2013-12-28 13:31 - 2013-11-10 14:48 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-25 21:20 - 2013-12-25 21:20 - 00002172 _____ C:\Users\Public\Desktop\Play The Sims™ 3.lnk
2013-12-25 19:14 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Richard\Documents\Electronic Arts
2013-12-25 16:38 - 2013-11-11 03:50 - 00000000 ____D C:\Users\Richard\AppData\Local\PMB Files
2013-12-25 16:38 - 2013-11-11 03:50 - 00000000 ____D C:\ProgramData\PMB Files
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Origin
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Local\Origin
2013-12-25 11:40 - 2013-12-25 11:39 - 00000000 ____D C:\ProgramData\Origin
2013-12-25 11:40 - 2013-12-25 11:38 - 00000000 ____D C:\Program Files\Origin
2013-12-25 11:39 - 2013-12-25 11:39 - 00000937 _____ C:\Users\Public\Desktop\Origin.lnk
2013-12-25 11:39 - 2013-12-24 16:41 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-25 11:38 - 2013-12-24 16:38 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-24 15:28 - 2013-12-24 15:28 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-12-24 09:44 - 2013-12-24 09:44 - 00000809 _____ C:\Users\Richard\Desktop\UnrealTournament.lnk
2013-12-24 09:43 - 2013-12-24 09:43 - 00000738 _____ C:\Users\Richard\Desktop\Stronghold Crusader.lnk
2013-12-20 21:50 - 2013-11-06 08:10 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-19 14:11 - 2013-07-04 14:17 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-12-18 01:18 - 2013-12-18 01:01 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ-Profile
2013-12-18 01:02 - 2013-12-18 01:02 - 00001811 _____ C:\Users\Richard\Desktop\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001669 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-18 01:02 - 2013-07-15 20:25 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQM
2013-12-18 00:57 - 2013-07-15 20:36 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ
2013-12-14 21:14 - 2013-12-14 21:14 - 00000983 _____ C:\Users\Public\Desktop\Guitar and Bass.lnk
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Richard\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Public\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\ProgramData\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Program Files\Guitar and Bass
2013-12-14 19:53 - 2013-12-14 19:53 - 00001027 _____ C:\Users\Public\Desktop\Guitar FX BOX 3.LNK
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Steinberg
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Guitar FX BOX 3

Some content of TEMP:
====================
C:\Users\Richard\AppData\Local\Temp\Quarantine.exe
C:\Users\Richard\AppData\Local\Temp\war3_Install.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-09 00:54




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:204.78 GB) (Free:76.88 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (New Disc) (CDROM) (Total:0.63 GB) (Free:0 GB) CDFS

Available physical RAM: 1074.46 MB
Total physical RAM: 1929.67 MB
Percentage of memory in use: 44%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 298 GB) (Disk ID: B05CD80C)
Partition 1: (Active) - (Size=205 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=93 GB) - (Type=05)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Richard\Desktop" je 4 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop
C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Richard\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray
C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Richard\AppData\Roaming\ICQM\icq.exe -CU [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper
C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files\Steam\Steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun
"C:\Program Files\WebcamMax\wcmmon.exe" -a [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\307523~1.318\SSSCHE~1.EXE [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================




Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-01-2014
Ran by Richard (administrator) on NAFAJCENYPC on 10-01-2014 18:27:45
Running from C:\Users\Richard\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Alcor Micro Corp.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Blizzard Entertainment) C:\Users\Public\Palo tuto to JE\Warcraft III\war3.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [258048 2011-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [3926128 2012-04-19] (VIA)
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM\...\Run: [HControlUser] - C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [NCUpdateHelper] - C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2013-09-05] (NCSOFT Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKCU\...\Run: [icq] - C:\Users\Richard\AppData\Roaming\ICQM\icq.exe [29919576 2013-12-18] (ICQ)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
MountPoints2: {2e8e1cf1-e48c-11e2-b871-806e6f6e6963} - D:\setup.exe
MountPoints2: {cc796842-e424-11e2-8833-50465d99a2c9} - E:\autoplay.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3AA2A4E65878CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM - DefaultScope value is missing.
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 91.121.69.54 l2authd.lineage2.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @t.garena.com/garenatalk - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Stylish - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF Extension: Adblock Plus - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\u5v1u8qa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Garena Talk Plugin) - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (Pirrit Suggestor) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc
CHR Extension: (Google Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

========================== Services (Whitelisted) =================

R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512 2011-11-21] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462048 2012-04-20] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [4702568 2012-10-24] (INCA Internet Co., Ltd.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-23] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2013-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-12-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2013-12-29] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2013-12-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-29] ()
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [14464 2011-09-07] (ASUS)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-07-03] (Disc Soft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [91760 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-02] (Intel Corporation)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [113608 2013-04-15] (Power Software Ltd)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1830512 2012-03-23] (VIA Technologies, Inc.)
R2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 ASUSProcObsrv; \??\D:\I386\AsProcOb.sys [x]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [x]
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-10 18:27 - 2014-01-10 18:27 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
2014-01-10 18:25 - 2014-01-10 15:29 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\trzFF2A.tmp
2014-01-10 16:28 - 2014-01-10 16:31 - 00000000 ____D C:\AdwCleaner
2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt
2014-01-10 16:14 - 2014-01-10 16:14 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt
2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe
2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip
2014-01-10 15:31 - 2014-01-10 18:28 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt
2014-01-10 15:30 - 2014-01-10 15:30 - 00000000 ____D C:\FRST
2014-01-10 15:26 - 2014-01-10 15:26 - 01066141 _____ (Farbar) C:\Users\Richard\Desktop\FRST.exe
2014-01-10 15:16 - 2014-01-10 15:24 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 15:16 - 2014-01-10 15:16 - 00000000 ____D C:\rsit
2014-01-10 15:05 - 2014-01-10 15:15 - 00781909 _____ C:\Users\Richard\Desktop\RSIT.exe
2014-01-10 13:39 - 2014-01-10 14:18 - 675414016 _____ C:\Users\Richard\Downloads\Warcraft-3---Regin-on-Chaos-CZ.iso
2014-01-10 12:26 - 2014-01-10 15:17 - 00000000 ____D C:\Users\Richard\Downloads\Diablo II - Lord of Destruction (1.13d Direct Play)
2014-01-10 00:55 - 2014-01-10 00:55 - 01938314 _____ C:\Users\Richard\Downloads\Enfo .X3X..w3x
2014-01-10 00:55 - 2014-01-10 00:55 - 00343719 _____ C:\Users\Richard\Downloads\ETS_MT_Edition_V181.w3x
2014-01-09 23:21 - 2014-01-10 00:01 - 563946096 _____ C:\Users\Richard\Downloads\Warcraft_3_The_Frozen_Throne_ENG.iso
2014-01-09 22:06 - 2014-01-09 22:47 - 662368256 _____ C:\Users\Richard\Downloads\Warcraft-3-Reign-Of-Chaos.iso
2014-01-09 16:00 - 2014-01-09 16:00 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2014-01-09 15:45 - 2014-01-09 15:52 - 00000000 ____D C:\Users\Public\Palo tuto to JE
2014-01-09 14:39 - 2014-01-09 14:39 - 01360755 _____ C:\Users\Richard\Downloads\Jedi_Knight_Jedi_Academy_v1.01_Single_Player_Multiplayer__WWW.CRACK-LOCATOR.INFO_.zip
2014-01-09 14:27 - 2014-01-09 14:28 - 11624176 _____ (LucasArts) C:\Users\Richard\Downloads\jkacademy1_01.exe
2014-01-07 12:53 - 2014-01-07 12:54 - 00023552 ___SH C:\Users\Richard\Downloads\Thumbs.db
2014-01-07 12:40 - 2014-01-10 16:35 - 00000504 _____ C:\Windows\setupact.log
2014-01-07 12:40 - 2014-01-07 12:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-05 12:43 - 2014-01-05 12:43 - 00108680 _____ C:\Users\Richard\Downloads\1065371638.zip
2014-01-04 10:47 - 2014-01-04 10:56 - 3741745152 _____ C:\Users\Richard\Documents\CD_ROM.iso
2014-01-04 10:46 - 2014-01-04 11:16 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-31 00:41 - 2013-12-31 00:41 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 00:38 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-31 00:12 - 2013-12-31 00:12 - 00011776 ___SH C:\Users\Richard\Documents\Thumbs.db
2013-12-30 20:51 - 2013-12-30 20:51 - 00001643 _____ C:\Users\Richard\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Windows\system32\games
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Checker
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Program Files\Disk Checker
2013-12-29 14:38 - 2013-12-29 14:38 - 00000000 ____D C:\Users\Richard\AppData\Roaming\AVAST Software
2013-12-29 14:31 - 2013-12-29 14:32 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-12-29 14:31 - 2013-12-29 14:31 - 00000000 ____D C:\Program Files\Security Task Manager
2013-12-29 14:16 - 2013-12-29 14:16 - 00000673 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-12-29 14:16 - 2013-12-29 14:16 - 00000644 _____ C:\Users\Public\Desktop\Half-Life.lnk
2013-12-29 11:00 - 2013-12-30 18:06 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-25 21:20 - 2013-12-25 21:20 - 00002172 _____ C:\Users\Public\Desktop\Play The Sims™ 3.lnk
2013-12-25 19:14 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Richard\Documents\Electronic Arts
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Origin
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Local\Origin
2013-12-25 11:39 - 2013-12-25 11:40 - 00000000 ____D C:\ProgramData\Origin
2013-12-25 11:39 - 2013-12-25 11:39 - 00000937 _____ C:\Users\Public\Desktop\Origin.lnk
2013-12-25 11:38 - 2013-12-25 11:40 - 00000000 ____D C:\Program Files\Origin
2013-12-24 16:41 - 2013-12-25 11:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-24 16:38 - 2013-12-25 11:38 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-24 15:28 - 2013-12-24 15:28 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-12-24 09:45 - 2014-01-10 17:32 - 00191151 _____ C:\Windows\WindowsUpdate.log
2013-12-24 09:44 - 2013-12-24 09:44 - 00000809 _____ C:\Users\Richard\Desktop\UnrealTournament.lnk
2013-12-24 09:43 - 2013-12-24 09:43 - 00000738 _____ C:\Users\Richard\Desktop\Stronghold Crusader.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001811 _____ C:\Users\Richard\Desktop\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001669 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-18 01:01 - 2013-12-18 01:18 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ-Profile
2013-12-14 21:14 - 2013-12-14 21:14 - 00000983 _____ C:\Users\Public\Desktop\Guitar and Bass.lnk
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Richard\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Public\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\ProgramData\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Program Files\Guitar and Bass
2013-12-14 19:53 - 2013-12-14 19:53 - 00001027 _____ C:\Users\Public\Desktop\Guitar FX BOX 3.LNK
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Steinberg
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Guitar FX BOX 3

==================== One Month Modified Files and Folders =======

2014-01-10 18:28 - 2014-01-10 15:31 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt
2014-01-10 18:27 - 2014-01-10 18:27 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\FRSTLauncher.exe
2014-01-10 18:17 - 2013-08-05 08:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-10 17:34 - 2013-07-04 03:43 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 17:32 - 2013-12-24 09:45 - 00191151 _____ C:\Windows\WindowsUpdate.log
2014-01-10 16:41 - 2009-07-14 05:34 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 16:41 - 2009-07-14 05:34 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 16:36 - 2013-07-04 03:43 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 16:36 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 16:35 - 2014-01-07 12:40 - 00000504 _____ C:\Windows\setupact.log
2014-01-10 16:31 - 2014-01-10 16:28 - 00000000 ____D C:\AdwCleaner
2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt
2014-01-10 16:14 - 2014-01-10 16:14 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt
2014-01-10 16:13 - 2013-07-04 03:44 - 00002141 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-10 16:13 - 2013-07-04 01:38 - 00001413 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe
2014-01-10 15:43 - 2013-11-22 22:16 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip
2014-01-10 15:30 - 2014-01-10 15:30 - 00000000 ____D C:\FRST
2014-01-10 15:29 - 2014-01-10 18:25 - 00112640 _____ (forum.viry.cz) C:\Users\Richard\Desktop\trzFF2A.tmp
2014-01-10 15:26 - 2014-01-10 15:26 - 01066141 _____ (Farbar) C:\Users\Richard\Desktop\FRST.exe
2014-01-10 15:24 - 2014-01-10 15:16 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 15:24 - 2013-10-17 00:08 - 00000000 ____D C:\Users\Richard\AppData\Roaming\uTorrent
2014-01-10 15:17 - 2014-01-10 12:26 - 00000000 ____D C:\Users\Richard\Downloads\Diablo II - Lord of Destruction (1.13d Direct Play)
2014-01-10 15:16 - 2014-01-10 15:16 - 00000000 ____D C:\rsit
2014-01-10 15:15 - 2014-01-10 15:05 - 00781909 _____ C:\Users\Richard\Desktop\RSIT.exe
2014-01-10 14:18 - 2014-01-10 13:39 - 675414016 _____ C:\Users\Richard\Downloads\Warcraft-3---Regin-on-Chaos-CZ.iso
2014-01-10 00:55 - 2014-01-10 00:55 - 01938314 _____ C:\Users\Richard\Downloads\Enfo .X3X..w3x
2014-01-10 00:55 - 2014-01-10 00:55 - 00343719 _____ C:\Users\Richard\Downloads\ETS_MT_Edition_V181.w3x
2014-01-10 00:01 - 2014-01-09 23:21 - 563946096 _____ C:\Users\Richard\Downloads\Warcraft_3_The_Frozen_Throne_ENG.iso
2014-01-09 22:48 - 2013-07-03 22:55 - 00000000 ____D C:\Users\Richard\AppData\Roaming\DAEMON Tools Lite
2014-01-09 22:47 - 2014-01-09 22:06 - 662368256 _____ C:\Users\Richard\Downloads\Warcraft-3-Reign-Of-Chaos.iso
2014-01-09 21:32 - 2013-07-20 16:43 - 00000000 ____D C:\Users\Public\zaloha
2014-01-09 16:00 - 2014-01-09 16:00 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2014-01-09 15:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2014-01-09 15:52 - 2014-01-09 15:45 - 00000000 ____D C:\Users\Public\Palo tuto to JE
2014-01-09 15:52 - 2013-07-12 18:22 - 00000000 ____D C:\games
2014-01-09 15:46 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2014-01-09 14:39 - 2014-01-09 14:39 - 01360755 _____ C:\Users\Richard\Downloads\Jedi_Knight_Jedi_Academy_v1.01_Single_Player_Multiplayer__WWW.CRACK-LOCATOR.INFO_.zip
2014-01-09 14:28 - 2014-01-09 14:27 - 11624176 _____ (LucasArts) C:\Users\Richard\Downloads\jkacademy1_01.exe
2014-01-07 12:54 - 2014-01-07 12:53 - 00023552 ___SH C:\Users\Richard\Downloads\Thumbs.db
2014-01-07 12:40 - 2014-01-07 12:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-05 13:42 - 2013-11-10 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\vlc
2014-01-05 12:43 - 2014-01-05 12:43 - 00108680 _____ C:\Users\Richard\Downloads\1065371638.zip
2014-01-04 11:16 - 2014-01-04 10:46 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-04 10:56 - 2014-01-04 10:47 - 3741745152 _____ C:\Users\Richard\Documents\CD_ROM.iso
2014-01-04 10:47 - 2013-07-04 01:42 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-02 01:36 - 2013-07-06 18:43 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Skype
2013-12-31 19:43 - 2013-08-19 21:06 - 00000000 ____D C:\Users\Richard\Documents\WBFS Manager Covers
2013-12-31 00:41 - 2013-12-31 00:41 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 00:38 - 2013-12-31 00:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 00:12 - 2013-12-31 00:12 - 00011776 ___SH C:\Users\Richard\Documents\Thumbs.db
2013-12-30 20:51 - 2013-12-30 20:51 - 00001643 _____ C:\Users\Richard\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2013-12-30 20:51 - 2013-07-04 01:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Windows\system32\games
2013-12-30 20:50 - 2013-07-04 01:49 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-12-30 18:06 - 2013-12-29 11:00 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Checker
2013-12-29 14:49 - 2013-12-29 14:49 - 00000000 ____D C:\Program Files\Disk Checker
2013-12-29 14:38 - 2013-12-29 14:38 - 00000000 ____D C:\Users\Richard\AppData\Roaming\AVAST Software
2013-12-29 14:32 - 2013-12-29 14:31 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-12-29 14:31 - 2013-12-29 14:31 - 00000000 ____D C:\Program Files\Security Task Manager
2013-12-29 14:16 - 2013-12-29 14:16 - 00000673 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-12-29 14:16 - 2013-12-29 14:16 - 00000644 _____ C:\Users\Public\Desktop\Half-Life.lnk
2013-12-29 11:00 - 2013-07-04 14:17 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 11:00 - 2013-07-04 14:17 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-29 11:00 - 2013-07-04 14:17 - 00002047 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-29 11:00 - 2013-07-04 14:15 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 10:57 - 2013-07-03 10:05 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-29 10:57 - 2009-07-14 03:04 - 00002577 _____ C:\Windows\system32\config.nt
2013-12-28 13:31 - 2013-11-10 14:48 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-25 21:20 - 2013-12-25 21:20 - 00002172 _____ C:\Users\Public\Desktop\Play The Sims™ 3.lnk
2013-12-25 19:14 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Richard\Documents\Electronic Arts
2013-12-25 16:38 - 2013-11-11 03:50 - 00000000 ____D C:\Users\Richard\AppData\Local\PMB Files
2013-12-25 16:38 - 2013-11-11 03:50 - 00000000 ____D C:\ProgramData\PMB Files
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Origin
2013-12-25 11:40 - 2013-12-25 11:40 - 00000000 ____D C:\Users\Richard\AppData\Local\Origin
2013-12-25 11:40 - 2013-12-25 11:39 - 00000000 ____D C:\ProgramData\Origin
2013-12-25 11:40 - 2013-12-25 11:38 - 00000000 ____D C:\Program Files\Origin
2013-12-25 11:39 - 2013-12-25 11:39 - 00000937 _____ C:\Users\Public\Desktop\Origin.lnk
2013-12-25 11:39 - 2013-12-24 16:41 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-25 11:38 - 2013-12-24 16:38 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-24 15:28 - 2013-12-24 15:28 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-12-24 09:44 - 2013-12-24 09:44 - 00000809 _____ C:\Users\Richard\Desktop\UnrealTournament.lnk
2013-12-24 09:43 - 2013-12-24 09:43 - 00000738 _____ C:\Users\Richard\Desktop\Stronghold Crusader.lnk
2013-12-20 21:50 - 2013-11-06 08:10 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-19 14:11 - 2013-07-04 14:17 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-12-18 01:18 - 2013-12-18 01:01 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ-Profile
2013-12-18 01:02 - 2013-12-18 01:02 - 00001811 _____ C:\Users\Richard\Desktop\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00001669 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-18 01:02 - 2013-12-18 01:02 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-18 01:02 - 2013-07-15 20:25 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQM
2013-12-18 00:57 - 2013-07-15 20:36 - 00000000 ____D C:\Users\Richard\AppData\Roaming\ICQ
2013-12-14 21:14 - 2013-12-14 21:14 - 00000983 _____ C:\Users\Public\Desktop\Guitar and Bass.lnk
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Richard\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Users\Public\Documents\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\ProgramData\Guitar and Bass
2013-12-14 21:14 - 2013-12-14 21:14 - 00000000 ____D C:\Program Files\Guitar and Bass
2013-12-14 19:53 - 2013-12-14 19:53 - 00001027 _____ C:\Users\Public\Desktop\Guitar FX BOX 3.LNK
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Steinberg
2013-12-14 19:53 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files\Guitar FX BOX 3

Some content of TEMP:
====================
C:\Users\Richard\AppData\Local\Temp\Quarantine.exe
C:\Users\Richard\AppData\Local\Temp\war3_Install.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-09 00:54




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:204.78 GB) (Free:76.88 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (New Disc) (CDROM) (Total:0.63 GB) (Free:0 GB) CDFS

Available physical RAM: 1074.46 MB
Total physical RAM: 1929.67 MB
Percentage of memory in use: 44%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 298 GB) (Disk ID: B05CD80C)
Partition 1: (Active) - (Size=205 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=93 GB) - (Type=05)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Richard\Desktop" je 4 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop
C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Richard\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray
C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Richard\AppData\Roaming\ICQM\icq.exe -CU [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper
C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files\Steam\Steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun
"C:\Program Files\WebcamMax\wcmmon.exe" -a [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\307523~1.318\SSSCHE~1.EXE [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [NCUpdateHelper] - C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2013-09-05] (NCSOFT Corporation)
  HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
  HKCU\...\Run: [icq] - C:\Users\Richard\AppData\Roaming\ICQM\icq.exe [29919576 2013-12-18] (ICQ)
  HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
  MountPoints2: {2e8e1cf1-e48c-11e2-b871-806e6f6e6963} - D:\setup.exe
  MountPoints2: {cc796842-e424-11e2-8833-50465d99a2c9} - E:\autoplay.exe
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3AA2A4E65878CE01
  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
  SearchScopes: HKLM - DefaultScope value is missing.
  
  2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt
  2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt
  2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe
  2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe
  2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe
  2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip
  2014-01-10 15:31 - 2014-01-10 18:28 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  
  HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
  "C:\Users\Richard\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f
  
  
  Hosts:
  CMD: shutdown /r /f /t 2
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-01-2014
Ran by Richard at 2014-01-10 23:54:45 Run:1
Running from C:\Users\Richard\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [NCUpdateHelper] - C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2013-09-05] (NCSOFT Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [icq] - C:\Users\Richard\AppData\Roaming\ICQM\icq.exe [29919576 2013-12-18] (ICQ)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
MountPoints2: {2e8e1cf1-e48c-11e2-b871-806e6f6e6963} - D:\setup.exe
MountPoints2: {cc796842-e424-11e2-8833-50465d99a2c9} - E:\autoplay.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3AA2A4E65878CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM - DefaultScope value is missing.

2014-01-10 16:27 - 2014-01-10 16:27 - 00001853 _____ C:\Users\Richard\Desktop\JRT.txt
2014-01-10 16:13 - 2014-01-10 16:13 - 00005214 _____ C:\Users\Richard\Desktop\sc-cleaner.txt
2014-01-10 16:11 - 2014-01-10 16:11 - 01233962 _____ C:\Users\Richard\Desktop\adwcleaner.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 01037068 _____ (Thisisu) C:\Users\Richard\Desktop\JRT.exe
2014-01-10 16:11 - 2014-01-10 16:11 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Richard\Desktop\sc-cleaner.exe
2014-01-10 15:41 - 2014-01-10 15:41 - 00004982 _____ C:\Users\Richard\Desktop\Addition.zip
2014-01-10 15:31 - 2014-01-10 18:28 - 00013935 _____ C:\Users\Richard\Desktop\FRST.txt

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Richard\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f


Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NCUpdateHelper => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\icq => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2e8e1cf1-e48c-11e2-b871-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{2e8e1cf1-e48c-11e2-b871-806e6f6e6963} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc796842-e424-11e2-8833-50465d99a2c9} => Key deleted successfully.
HKCR\CLSID\{cc796842-e424-11e2-8833-50465d99a2c9} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Users\Richard\Desktop\JRT.txt => Moved successfully.
C:\Users\Richard\Desktop\sc-cleaner.txt => Moved successfully.
C:\Users\Richard\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Richard\Desktop\JRT.exe => Moved successfully.
C:\Users\Richard\Desktop\sc-cleaner.exe => Moved successfully.
C:\Users\Richard\Desktop\Addition.zip => Moved successfully.
C:\Users\Richard\Desktop\FRST.txt => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"C:\Users\Richard\AppData\Roaming\Seznam.cz\szninstall.exe -c [x]" => File/Directory not found.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========

Oper cia sa £spesne dokoncila.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray" /f =========

Oper cia sa £spesne dokoncila.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq" /f =========

Oper cia sa £spesne dokoncila.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper" /f =========

Oper cia sa £spesne dokoncila.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f =========

Oper cia sa £spesne dokoncila.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun" /f =========

Oper cia sa £spesne dokoncila.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f =========

Oper cia sa £spesne dokoncila.



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Napiste co PC

Vyzerá to tak ze PC ide v pohode zrychlil sa a nemam problem ani z vyskakovaním okien

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat