VIRY.CZ

Dobry vecer

mam v pc Malwarebytes Anti-Malware, ktery mi pred 10 min. nasel Trojan BitcoinMiner a jeste jeden vir s nazvem backdoor, tak jsem je dal smazat a jeste jednou jsem to s nim projel a uz nic nenasel. Jenom ze pc vykon je porad spatny a nevim co s tim... poradi nekdo jak to mam resit?


Logfile of random's system information tool 1.08 (written by random/random)
Run by Rudolf at 2014-05-28 23:15:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 731 GB (77%) free of 954 GB
Total RAM: 8173 MB (76% free)


======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe" silentrun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3f1d641d-daca-4102-8ce0-7a2ea7402607 -SystemEventPortName:HostProcess-e12c0b9a-c81e-4a32-b385-d6aff0d2dcd2 -IoCancelEventPortName:HostProcess-e79676eb-5926-4fd7-a556-fc250f6742bb -NonStateChangingEventPortName:HostProcess-1e2b9f8d-3323-410a-b638-0729ffef2024 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6e9caeb6-3b9f-4cc1-a946-842e074d4752 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1264.0.1368471783\1735827282" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15,39 --gpu-vendor-id=0x10de --gpu-device-id=0x1200 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3523 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/PrePeriod_Hivemind_A4_Stable_R5/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1264.2.455804154\53344743" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/PrePeriod_Hivemind_A4_Stable_R5/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1264.6.959476398\505146645" /prefetch:673131151
"C:\Users\Rudolf\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\trend micro\Rudolf.exe" /silentautolog
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Rudolf\Downloads\RSITx64 (2).exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-21 1797064]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2014-05-28 1775808]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe RGB Color"=C:\ProgramData\Adobe\color.vbs [2013-12-14 106]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-05-28 23:12:26 ----D---- C:\rsit
2014-05-28 23:12:26 ----D---- C:\Program Files\trend micro
2014-05-28 20:03:43 ----D---- C:\ProgramData\adobe
2014-05-25 23:52:36 ----D---- C:\Program Files (x86)\FinalWire
2014-05-14 17:36:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-14 17:36:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-14 17:36:23 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-14 17:36:23 ----A---- C:\Windows\system32\mshtml.dll
2014-05-14 11:13:22 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-14 11:13:22 ----A---- C:\Windows\system32\shell32.dll
2014-05-14 11:13:21 ----A---- C:\Windows\system32\aepdu.dll
2014-05-14 11:13:20 ----A---- C:\Windows\system32\aeinv.dll
2014-05-14 11:13:09 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-14 11:13:08 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\winlogon.exe
2014-05-14 11:13:08 ----A---- C:\Windows\system32\wdigest.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\schannel.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\objsel.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-14 11:13:08 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\kerberos.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-14 11:13:08 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-14 11:13:08 ----A---- C:\Windows\system32\adprovider.dll
2014-05-14 11:13:07 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-14 11:13:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-14 11:13:07 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-14 11:13:07 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-14 11:13:07 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-14 11:13:07 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-14 11:13:07 ----A---- C:\Windows\system32\sspicli.dll
2014-05-14 11:13:07 ----A---- C:\Windows\system32\secur32.dll
2014-05-14 11:13:07 ----A---- C:\Windows\system32\lsass.exe
2014-05-14 11:13:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-14 11:13:07 ----A---- C:\Windows\system32\credssp.dll
2014-05-12 22:52:47 ----D---- C:\Users\Rudolf\AppData\Roaming\DarkSoulsII
2014-05-12 22:52:47 ----D---- C:\ProgramData\Steam
2014-05-09 19:55:43 ----A---- C:\Windows\system32\drivers\48230029.sys

======List of files/folders modified in the last 1 months======

2014-05-28 23:15:13 ----D---- C:\Windows\Temp
2014-05-28 23:15:12 ----D---- C:\Windows\Prefetch
2014-05-28 23:12:26 ----RD---- C:\Program Files
2014-05-28 22:58:42 ----D---- C:\Windows\system32\config
2014-05-28 22:54:28 ----D---- C:\Windows\inf
2014-05-28 22:54:28 ----D---- C:\Windows
2014-05-28 22:50:39 ----D---- C:\Windows\System32
2014-05-28 22:50:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-28 22:44:55 ----D---- C:\Program Files (x86)\Steam
2014-05-28 22:44:40 ----D---- C:\ProgramData\NVIDIA
2014-05-28 22:44:37 ----D---- C:\Windows\system32\drivers
2014-05-28 22:43:28 ----D---- C:\Windows\Resources
2014-05-28 21:36:58 ----D---- C:\Users\Rudolf\AppData\Roaming\uTorrent
2014-05-28 20:03:43 ----HD---- C:\ProgramData
2014-05-27 18:49:21 ----SHD---- C:\System Volume Information
2014-05-27 09:28:27 ----D---- C:\Windows\system32\NDF
2014-05-25 23:52:36 ----RD---- C:\Program Files (x86)
2014-05-16 22:26:57 ----D---- C:\Windows\Logs
2014-05-16 16:36:51 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-05-16 16:04:11 ----RSD---- C:\Windows\assembly
2014-05-16 16:03:49 ----SHD---- C:\Windows\Installer
2014-05-15 16:14:11 ----D---- C:\Windows\debug
2014-05-14 21:50:37 ----D---- C:\Windows\rescache
2014-05-14 18:25:55 ----D---- C:\Windows\Microsoft.NET
2014-05-14 17:39:42 ----D---- C:\Windows\winsxs
2014-05-14 17:38:21 ----SD---- C:\Windows\system32\CompatTel
2014-05-14 17:38:21 ----D---- C:\Windows\SysWOW64
2014-05-14 17:38:20 ----D---- C:\Windows\system32\cs-CZ
2014-05-14 17:36:26 ----D---- C:\Windows\system32\catroot
2014-05-14 17:36:05 ----D---- C:\Windows\system32\MRT
2014-05-14 17:35:41 ----A---- C:\Windows\system32\MRT.exe
2014-05-14 11:13:03 ----D---- C:\Windows\system32\catroot2
2014-05-13 10:02:14 ----D---- C:\ProgramData\Origin
2014-05-12 09:19:06 ----D---- C:\Windows\ServiceProfiles
2014-05-05 12:29:09 ----D---- C:\Users\Rudolf\AppData\Roaming\Tera_Awesomium
2014-05-04 09:18:45 ----D---- C:\Users\Rudolf\AppData\Roaming\TS3Client
2014-04-30 18:14:31 ----D---- C:\Windows\SoftwareDistribution
2014-04-30 00:26:26 ----D---- C:\Windows\system32\LogFiles

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-01-27 385512]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-04-03 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-05-28 119512]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-04-03 63192]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-03-03 174184]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-21 79976]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-04-03 857912]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-04-03 1809720]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 922968]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-28 564928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-26 116648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-26 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-03-26 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim

Tema prebiram a uzivatele salicek zadam, aby se neangazoval v reseni problemu viroveho tematu, jelikoz neni clenem tymu a nemame overeny jeho schopnosti. A na nasem foru si hlidame kvalitu poskytovanych informaci i s ohledem na mezinarodni certifikaci, kterou jako jedine CZ\SK forum mame

Poprosim o log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by Rudolf at 2014-05-28 23:42:08
Running from C:\Users\Rudolf\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

AIDA64 Extreme Edition v2.80 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.80 - FinalWire Ltd.)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
ASUS nVidia Driver (x32 Version: 1.00.0000 - ASUSTek) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Malwarebytes Anti-Malware verze 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (CSY) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
MPC-HC 1.7.2 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.2 - MPC-HC Team)
NVIDIA Install Application (Version: 2.1002.145.1024 - NVIDIA Corporation) Hidden
NVIDIA Ovladač 3D Vision 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.4.0 - NVIDIA Corporation) Hidden
Ovládací panel NVIDIA 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points =========================

27-05-2014 16:49:12 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0DAFF770-158D-4C9B-BF9C-6BD28326BB35} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {98F05E92-5941-40D5-8A9B-D000A906F76B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-26] (Google Inc.)
Task: {B28E8F65-1794-4C0B-A53B-371659F58E6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-26] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-26 01:39 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-23 05:12 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-23 05:12 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-23 05:12 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-23 05:12 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-23 05:12 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/28/2014 11:17:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RSITx64.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: a88

Čas spuštění: 01cf7ab982abe549

Čas ukončení: 3

Cesta k aplikaci: C:\Users\Rudolf\Downloads\RSITx64.exe

ID hlášení:

Error: (05/28/2014 10:46:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/28/2014 09:41:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/28/2014 09:07:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/27/2014 09:31:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/27/2014 09:25:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/26/2014 00:16:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2014 09:57:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/23/2014 05:35:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/20/2014 01:16:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/28/2014 09:06:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (05/28/2014 09:06:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (05/27/2014 05:36:49 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (05/22/2014 08:12:42 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (05/21/2014 10:17:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (05/21/2014 10:17:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (05/21/2014 05:23:15 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (05/18/2014 09:23:59 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (05/16/2014 03:54:32 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (05/14/2014 02:41:00 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.


Microsoft Office Sessions:
=========================
Error: (05/28/2014 11:17:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: RSITx64.exe0.0.0.0a8801cf7ab982abe5493C:\Users\Rudolf\Downloads\RSITx64.exe

Error: (05/28/2014 10:46:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/28/2014 09:41:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/28/2014 09:07:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/27/2014 09:31:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/27/2014 09:25:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/26/2014 00:16:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2014 09:57:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/23/2014 05:35:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/20/2014 01:16:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 26%
Total physical RAM: 8173.26 MB
Available physical RAM: 5983.24 MB
Total Pagefile: 16344.7 MB
Available Pagefile: 13901.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:713.55 GB) NTFS
Drive f: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 5306B3E8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Rudolf (administrator) on RUDOLF-PC on 28-05-2014 23:41:59
Running from C:\Users\Rudolf\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Trend Micro Inc.) C:\Program Files\trend micro\Rudolf.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-21] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe RGB Color] => C:\ProgramData\Adobe\color.vbs [106 2013-12-14] ()
HKU\S-1-5-21-2205112338-2371396014-1969147254-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1775808 2014-05-28] (Valve Corporation)

==================== Internet (Whitelisted) ====================

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-26]
CHR Extension: (Disk Google) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-26]
CHR Extension: (YouTube) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-26]
CHR Extension: (AdBlock) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-16]
CHR Extension: (Peněženka Google) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-26]
CHR Extension: (Gmail) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-26]

==================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-28 23:41 - 2014-05-28 23:42 - 00005522 _____ () C:\Users\Rudolf\Downloads\FRST.txt
2014-05-28 23:41 - 2014-05-28 23:41 - 02066944 _____ (Farbar) C:\Users\Rudolf\Downloads\FRST64.exe
2014-05-28 23:41 - 2014-05-28 23:41 - 00000000 ____D () C:\FRST
2014-05-28 23:40 - 2014-05-28 23:40 - 00112640 _____ (forum.viry.cz) C:\Users\Rudolf\Downloads\Nepotvrzeno 645517.crdownload
2014-05-28 23:14 - 2014-05-28 23:14 - 00832273 _____ () C:\Users\Rudolf\Desktop\RSITx64 (2).exe
2014-05-28 23:12 - 2014-05-28 23:39 - 00000000 ____D () C:\Program Files\trend micro
2014-05-28 23:12 - 2014-05-28 23:15 - 00000000 ____D () C:\rsit
2014-05-28 22:54 - 2014-05-28 22:54 - 00009256 _____ () C:\Users\Rudolf\Documents\cc_20140528_225415.reg
2014-05-28 22:30 - 2014-05-28 22:30 - 01643096 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Rudolf\Desktop\GPU-Z.0.7.8.exe
2014-05-28 20:43 - 2014-05-28 20:43 - 00000000 __SHD () C:\Users\Rudolf\AppData\Local\EmieUserList
2014-05-28 20:43 - 2014-05-28 20:43 - 00000000 __SHD () C:\Users\Rudolf\AppData\Local\EmieSiteList
2014-05-28 20:03 - 2014-05-28 22:45 - 00000000 ____D () C:\ProgramData\adobe
2014-05-27 14:06 - 2014-05-27 14:06 - 00002574 _____ () C:\Users\Rudolf\Documents\cc_20140527_140612.reg
2014-05-27 09:48 - 2014-05-27 09:48 - 00019630 _____ () C:\Users\Rudolf\Documents\cc_20140527_094806.reg
2014-05-25 23:52 - 2014-05-25 23:52 - 00001235 _____ () C:\Users\Rudolf\Desktop\AIDA64 Extreme Edition.lnk
2014-05-25 23:52 - 2014-05-25 23:52 - 00000000 ____D () C:\Program Files (x86)\FinalWire
2014-05-25 15:54 - 2014-05-28 22:53 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\Ubisoft Game Launcher
2014-05-25 11:03 - 2014-05-25 11:03 - 00000000 ____D () C:\Users\Rudolf\Downloads\Driver Booster PRO 1.4.0.61 Multilingual + Key
2014-05-24 23:46 - 2014-05-24 23:46 - 00056558 _____ () C:\Users\Rudolf\Desktop\[CzT]Hunter_x_Hunter_E01_E64_2011_720p_.torrent
2014-05-23 22:26 - 2014-05-23 23:38 - 3336028033 _____ () C:\Users\Rudolf\Downloads\Železný obr (Iron Giant 1999 dvd).mkv
2014-05-23 22:25 - 2014-05-23 23:14 - 1898296379 _____ () C:\Users\Rudolf\Downloads\Fairy-Tail-movie---Kněžka-fénixe.mp4
2014-05-23 11:16 - 2014-05-23 11:16 - 00000000 ____D () C:\Users\Rudolf\Downloads\Game of thrones
2014-05-19 12:02 - 2014-05-20 00:34 - 1880889517 _____ () C:\Users\Rudolf\Downloads\Tajná minulost UFO.mkv
2014-05-19 11:05 - 2014-05-19 12:32 - 1972949065 _____ () C:\Users\Rudolf\Downloads\The.Secret.Life.of.Walter.Mitty.2013.720p.MY.mkv
2014-05-18 11:03 - 2014-05-18 13:57 - 1513326514 _____ () C:\Users\Rudolf\Downloads\Zelezni andele 1.avi
2014-05-18 09:34 - 2014-05-18 09:34 - 00019674 _____ () C:\Users\Rudolf\Desktop\[CzT]Hra_o_truny_Game_of_Thrones_3_serie_CZ_WebRip_720p_.torrent
2014-05-15 21:58 - 2014-05-15 22:16 - 880700474 _____ () C:\Users\Rudolf\Downloads\Hra o trůny Game of Thrones S04E01 Dva meče CZ.avi
2014-05-15 21:58 - 2014-05-15 22:09 - 419528704 _____ () C:\Users\Rudolf\Downloads\Hra o trůny - Game Of Thrones S04E02 Lev a růže.avi
2014-05-15 19:54 - 2014-05-15 20:14 - 00000116 _____ () C:\Users\Rudolf\Desktop\rovzrzeni jidla.txt
2014-05-14 17:36 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 17:36 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 17:36 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 17:36 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 17:36 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 17:36 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 11:13 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 11:13 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 11:13 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 11:13 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 11:13 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 11:13 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 11:13 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 11:13 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 11:13 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 11:13 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 11:13 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 11:13 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 11:13 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 11:13 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 11:13 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 11:13 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 11:13 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 11:13 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 11:13 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 11:13 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 10:26 - 2014-05-13 11:40 - 00000000 ____D () C:\Users\Rudolf\Downloads\Gingitsune
2014-05-13 10:24 - 2014-05-13 10:37 - 00000000 ____D () C:\Users\Rudolf\Downloads\Cyber City Oedo 808
2014-05-12 22:52 - 2014-05-23 07:43 - 00000000 ____D () C:\ProgramData\Steam
2014-05-12 22:52 - 2014-05-12 22:53 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\DarkSoulsII
2014-05-09 20:46 - 2014-05-09 21:22 - 1673287266 _____ () C:\Users\Rudolf\Downloads\Ja,me-druhe-ja-a-Irena-cz-Spunny.avi
2014-05-09 19:55 - 2014-05-26 12:15 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-08 09:22 - 2014-05-08 09:22 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\id Software
2014-05-07 19:45 - 2014-05-07 20:30 - 00000000 ____D () C:\Users\Rudolf\Downloads\Viy 3D
2014-05-07 17:42 - 2014-05-07 18:17 - 00000000 ____D () C:\Users\Rudolf\Desktop\Beaty hip hop rap
2014-05-06 13:25 - 2014-05-06 14:37 - 2708893692 _____ () C:\Users\Rudolf\Downloads\Blade-Runner-(1982)---The-Final-Cut.avi
2014-05-06 13:16 - 2014-05-06 20:22 - 2275939496 _____ () C:\Users\Rudolf\Downloads\Killing.Season.2013.Bluray.1080p (1).mkv
2014-05-01 18:17 - 2014-05-01 22:42 - 00000000 ____D () C:\Users\Rudolf\Downloads\The Purge (2013)
2014-05-01 02:51 - 2014-05-01 02:55 - 00000000 ____D () C:\Users\Rudolf\Downloads\Son.of.Batman.2014.BRRip.XviD.MP3-RARBG
2014-05-01 00:07 - 2014-05-19 19:15 - 00000000 ____D () C:\Users\Rudolf\Desktop\steam
2014-04-30 18:13 - 2014-05-28 22:48 - 00674471 ____N () C:\Windows\WindowsUpdate.log
2014-04-28 18:58 - 2014-04-28 18:58 - 00000000 ____D () C:\Users\Rudolf\Downloads\Vetřelec vs Predátor

==================== One Month Modified Files and Folders =======

2014-05-28 23:42 - 2014-05-28 23:41 - 00005522 _____ () C:\Users\Rudolf\Downloads\FRST.txt
2014-05-28 23:41 - 2014-05-28 23:41 - 02066944 _____ (Farbar) C:\Users\Rudolf\Downloads\FRST64.exe
2014-05-28 23:41 - 2014-05-28 23:41 - 00000000 ____D () C:\FRST
2014-05-28 23:41 - 2014-03-26 00:22 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-28 23:40 - 2014-05-28 23:40 - 00112640 _____ (forum.viry.cz) C:\Users\Rudolf\Downloads\Nepotvrzeno 645517.crdownload
2014-05-28 23:39 - 2014-05-28 23:12 - 00000000 ____D () C:\Program Files\trend micro
2014-05-28 23:21 - 2014-04-11 18:46 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-28 23:17 - 2014-03-26 01:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-28 23:15 - 2014-05-28 23:12 - 00000000 ____D () C:\rsit
2014-05-28 23:14 - 2014-05-28 23:14 - 00832273 _____ () C:\Users\Rudolf\Desktop\RSITx64 (2).exe
2014-05-28 22:55 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-28 22:54 - 2014-05-28 22:54 - 00009256 _____ () C:\Users\Rudolf\Documents\cc_20140528_225415.reg
2014-05-28 22:53 - 2014-05-25 15:54 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\Ubisoft Game Launcher
2014-05-28 22:52 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-28 22:52 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-28 22:50 - 2011-04-12 10:34 - 00668138 _____ () C:\Windows\system32\perfh005.dat
2014-05-28 22:50 - 2011-04-12 10:34 - 00140798 _____ () C:\Windows\system32\perfc005.dat
2014-05-28 22:50 - 2009-07-14 07:13 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-28 22:48 - 2014-04-30 18:13 - 00674471 ____N () C:\Windows\WindowsUpdate.log
2014-05-28 22:45 - 2014-05-28 20:03 - 00000000 ____D () C:\ProgramData\adobe
2014-05-28 22:44 - 2014-03-26 01:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-28 22:44 - 2014-03-26 00:22 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-28 22:44 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-28 22:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Resources
2014-05-28 22:30 - 2014-05-28 22:30 - 01643096 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Rudolf\Desktop\GPU-Z.0.7.8.exe
2014-05-28 21:36 - 2014-03-26 11:16 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\uTorrent
2014-05-28 20:43 - 2014-05-28 20:43 - 00000000 __SHD () C:\Users\Rudolf\AppData\Local\EmieUserList
2014-05-28 20:43 - 2014-05-28 20:43 - 00000000 __SHD () C:\Users\Rudolf\AppData\Local\EmieSiteList
2014-05-28 16:42 - 2014-04-01 12:37 - 00007606 _____ () C:\Users\Rudolf\AppData\Local\Resmon.ResmonCfg
2014-05-27 14:06 - 2014-05-27 14:06 - 00002574 _____ () C:\Users\Rudolf\Documents\cc_20140527_140612.reg
2014-05-27 14:06 - 2014-03-26 08:29 - 00000000 ____D () C:\Users\Rudolf\Desktop\Dokumenty
2014-05-27 09:48 - 2014-05-27 09:48 - 00019630 _____ () C:\Users\Rudolf\Documents\cc_20140527_094806.reg
2014-05-27 09:47 - 2014-04-26 00:58 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\Warframe
2014-05-27 09:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-27 00:01 - 2014-03-26 08:31 - 00000000 ____D () C:\Users\Rudolf\Desktop\tapety
2014-05-26 12:15 - 2014-05-09 19:55 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-25 23:52 - 2014-05-25 23:52 - 00001235 _____ () C:\Users\Rudolf\Desktop\AIDA64 Extreme Edition.lnk
2014-05-25 23:52 - 2014-05-25 23:52 - 00000000 ____D () C:\Program Files (x86)\FinalWire
2014-05-25 11:03 - 2014-05-25 11:03 - 00000000 ____D () C:\Users\Rudolf\Downloads\Driver Booster PRO 1.4.0.61 Multilingual + Key
2014-05-24 23:46 - 2014-05-24 23:46 - 00056558 _____ () C:\Users\Rudolf\Desktop\[CzT]Hunter_x_Hunter_E01_E64_2011_720p_.torrent
2014-05-23 23:38 - 2014-05-23 22:26 - 3336028033 _____ () C:\Users\Rudolf\Downloads\Železný obr (Iron Giant 1999 dvd).mkv
2014-05-23 23:14 - 2014-05-23 22:25 - 1898296379 _____ () C:\Users\Rudolf\Downloads\Fairy-Tail-movie---Kněžka-fénixe.mp4
2014-05-23 11:16 - 2014-05-23 11:16 - 00000000 ____D () C:\Users\Rudolf\Downloads\Game of thrones
2014-05-23 07:43 - 2014-05-12 22:52 - 00000000 ____D () C:\ProgramData\Steam
2014-05-20 00:34 - 2014-05-19 12:02 - 1880889517 _____ () C:\Users\Rudolf\Downloads\Tajná minulost UFO.mkv
2014-05-19 19:15 - 2014-05-01 00:07 - 00000000 ____D () C:\Users\Rudolf\Desktop\steam
2014-05-19 12:32 - 2014-05-19 11:05 - 1972949065 _____ () C:\Users\Rudolf\Downloads\The.Secret.Life.of.Walter.Mitty.2013.720p.MY.mkv
2014-05-18 13:57 - 2014-05-18 11:03 - 1513326514 _____ () C:\Users\Rudolf\Downloads\Zelezni andele 1.avi
2014-05-18 09:34 - 2014-05-18 09:34 - 00019674 _____ () C:\Users\Rudolf\Desktop\[CzT]Hra_o_truny_Game_of_Thrones_3_serie_CZ_WebRip_720p_.torrent
2014-05-16 16:36 - 2014-03-27 11:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-15 22:16 - 2014-05-15 21:58 - 880700474 _____ () C:\Users\Rudolf\Downloads\Hra o trůny Game of Thrones S04E01 Dva meče CZ.avi
2014-05-15 22:09 - 2014-05-15 21:58 - 419528704 _____ () C:\Users\Rudolf\Downloads\Hra o trůny - Game Of Thrones S04E02 Lev a růže.avi
2014-05-15 20:14 - 2014-05-15 19:54 - 00000116 _____ () C:\Users\Rudolf\Desktop\rovzrzeni jidla.txt
2014-05-14 21:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-14 17:39 - 2014-03-25 23:23 - 00000000 ___RD () C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 17:39 - 2014-03-25 23:23 - 00000000 ___RD () C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 17:38 - 2014-04-23 09:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 17:36 - 2014-03-26 01:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 17:35 - 2014-03-26 01:00 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 11:40 - 2014-05-13 10:26 - 00000000 ____D () C:\Users\Rudolf\Downloads\Gingitsune
2014-05-13 10:37 - 2014-05-13 10:24 - 00000000 ____D () C:\Users\Rudolf\Downloads\Cyber City Oedo 808
2014-05-13 10:02 - 2014-04-22 17:44 - 00000000 ____D () C:\ProgramData\Origin
2014-05-12 22:53 - 2014-05-12 22:52 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\DarkSoulsII
2014-05-09 21:22 - 2014-05-09 20:46 - 1673287266 _____ () C:\Users\Rudolf\Downloads\Ja,me-druhe-ja-a-Irena-cz-Spunny.avi
2014-05-09 08:14 - 2014-05-14 11:13 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 11:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 09:22 - 2014-05-08 09:22 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\id Software
2014-05-07 20:36 - 2014-03-26 00:22 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 20:36 - 2014-03-26 00:22 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 20:30 - 2014-05-07 19:45 - 00000000 ____D () C:\Users\Rudolf\Downloads\Viy 3D
2014-05-07 18:17 - 2014-05-07 17:42 - 00000000 ____D () C:\Users\Rudolf\Desktop\Beaty hip hop rap
2014-05-06 20:22 - 2014-05-06 13:16 - 2275939496 _____ () C:\Users\Rudolf\Downloads\Killing.Season.2013.Bluray.1080p (1).mkv
2014-05-06 14:37 - 2014-05-06 13:25 - 2708893692 _____ () C:\Users\Rudolf\Downloads\Blade-Runner-(1982)---The-Final-Cut.avi
2014-05-06 06:40 - 2014-05-14 17:36 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 17:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 17:36 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 17:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 17:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 17:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 12:29 - 2014-03-26 23:09 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\Tera_Awesomium
2014-05-04 09:18 - 2014-03-30 19:04 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\TS3Client
2014-05-03 00:15 - 2014-04-02 09:58 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-05-01 22:42 - 2014-05-01 18:17 - 00000000 ____D () C:\Users\Rudolf\Downloads\The Purge (2013)
2014-05-01 02:55 - 2014-05-01 02:51 - 00000000 ____D () C:\Users\Rudolf\Downloads\Son.of.Batman.2014.BRRip.XviD.MP3-RARBG
2014-04-30 13:41 - 2014-04-23 09:34 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-04-30 13:37 - 2014-04-01 09:03 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-29 02:28 - 2014-04-27 00:31 - 647606272 _____ () C:\Users\Rudolf\Downloads\Batman.vs.Red.Hood.2010.BRRip.XviD.AC3.CZ-queeN.up.by.MiPe.avi
2014-04-28 18:58 - 2014-04-28 18:58 - 00000000 ____D () C:\Users\Rudolf\Downloads\Vetřelec vs Predátor

Some content of TEMP:
====================
C:\Users\Rudolf\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-19 12:18

==================== End Of Log ============================

Nejaky antivir by nebyl?? Ono lecit nezabezpecene PC je docela zbytecne

Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe

• Ulozte nejlepe na plochu
• Pokud pouzivate Win Vista ci W7, kliknete na MBRScan pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Report
• Po chvilce se objevi log do souboru MBRScan.txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Rudolf on st 28.05.2014 at 23:53:17,41.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rudolf\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

28.5.2014 23:53:52 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted

==== Chrome Look ======================

AdBlock - Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Rudolf\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Rudolf\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=13 folders=15 14101159 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Rudolf\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Rudolf\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on st 28.05.2014 at 23:59:58,62 ======================

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Rudolf (administrator) on RUDOLF-PC on 29-05-2014 22:46:40
Running from C:\Users\Rudolf\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-21] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [Adobe RGB Color] => C:\ProgramData\Adobe\color.vbs [106 2013-12-14] ()
HKU\S-1-5-21-2205112338-2371396014-1969147254-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-05-29]

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-26]
CHR Extension: (Disk Google) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-26]
CHR Extension: (YouTube) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-26]
CHR Extension: (AdBlock Premium) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-05-29]
CHR Extension: (Peněženka Google) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-26]
CHR Extension: (Gmail) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-26]

==================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-29 22:46 - 2014-05-29 22:46 - 02066944 _____ (Farbar) C:\Users\Rudolf\Downloads\FRST64.exe
2014-05-29 22:46 - 2014-05-29 22:46 - 00006647 _____ () C:\Users\Rudolf\Downloads\FRST.txt
2014-05-29 22:45 - 2014-05-29 22:45 - 00112640 _____ (forum.viry.cz) C:\Users\Rudolf\Downloads\Nepotvrzeno 782696.crdownload
2014-05-29 22:45 - 2014-05-29 22:45 - 00112107 _____ (forum.viry.cz) C:\Users\Rudolf\Downloads\VerzeOS.exe
2014-05-29 17:49 - 2014-05-29 18:02 - 780775424 _____ () C:\Users\Rudolf\Downloads\Filth.2013.BRRip.XviD.CZ.MY.avi
2014-05-29 15:00 - 2014-05-29 22:00 - 00000292 _____ () C:\Users\Rudolf\Network_Meter_Data.js
2014-05-29 14:28 - 2014-05-29 14:28 - 00000284 _____ () C:\Users\Rudolf\AppData\Roaming\GPU MeterV2_Settings.ini
2014-05-29 14:26 - 2014-05-29 14:28 - 00000954 _____ () C:\Users\Rudolf\AppData\Roaming\Network Meter_Settings.ini
2014-05-29 14:23 - 2014-05-29 14:28 - 00000133 _____ () C:\Users\Rudolf\IP_Log_Data.js
2014-05-29 14:19 - 2014-05-29 14:19 - 00000062 _____ () C:\Windows\Wininit.ini
2014-05-29 14:16 - 2014-05-29 14:19 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\ConMet
2014-05-29 14:16 - 2014-05-29 14:19 - 00000000 ____D () C:\ProgramData\ConMet
2014-05-29 14:14 - 2014-05-29 14:16 - 02585600 _____ (Mgr. Tomas Papousek) C:\Users\Rudolf\Downloads\cm799f.exe
2014-05-29 10:20 - 2014-05-29 10:20 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\ESET
2014-05-29 10:20 - 2014-05-29 10:20 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\ESET
2014-05-29 10:16 - 2014-05-29 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-05-29 10:16 - 2014-05-29 10:16 - 00000000 ____D () C:\ProgramData\ESET
2014-05-29 10:16 - 2014-05-29 10:16 - 00000000 ____D () C:\Program Files\ESET
2014-05-28 23:58 - 2014-05-28 23:53 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-28 23:53 - 2014-05-28 23:59 - 00005146 _____ () C:\zoek-results.log
2014-05-28 23:53 - 2014-05-28 23:58 - 00000000 ____D () C:\zoek_backup
2014-05-28 23:41 - 2014-05-29 22:46 - 00000000 ____D () C:\FRST
2014-05-28 23:12 - 2014-05-28 23:52 - 00000000 ____D () C:\Program Files\trend micro
2014-05-28 23:12 - 2014-05-28 23:15 - 00000000 ____D () C:\rsit
2014-05-28 22:54 - 2014-05-28 22:54 - 00009256 _____ () C:\Users\Rudolf\Documents\cc_20140528_225415.reg
2014-05-28 22:30 - 2014-05-28 22:30 - 01643096 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Rudolf\Desktop\GPU-Z.0.7.8.exe
2014-05-28 20:43 - 2014-05-28 20:43 - 00000000 __SHD () C:\Users\Rudolf\AppData\Local\EmieUserList
2014-05-28 20:43 - 2014-05-28 20:43 - 00000000 __SHD () C:\Users\Rudolf\AppData\Local\EmieSiteList
2014-05-28 20:03 - 2014-05-29 10:28 - 00000000 ____D () C:\ProgramData\adobe
2014-05-27 14:06 - 2014-05-27 14:06 - 00002574 _____ () C:\Users\Rudolf\Documents\cc_20140527_140612.reg
2014-05-27 09:48 - 2014-05-27 09:48 - 00019630 _____ () C:\Users\Rudolf\Documents\cc_20140527_094806.reg
2014-05-25 23:52 - 2014-05-25 23:52 - 00001235 _____ () C:\Users\Rudolf\Desktop\AIDA64 Extreme Edition.lnk
2014-05-25 23:52 - 2014-05-25 23:52 - 00000000 ____D () C:\Program Files (x86)\FinalWire
2014-05-25 15:54 - 2014-05-28 22:53 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\Ubisoft Game Launcher
2014-05-25 11:03 - 2014-05-25 11:03 - 00000000 ____D () C:\Users\Rudolf\Downloads\Driver Booster PRO 1.4.0.61 Multilingual + Key
2014-05-24 23:46 - 2014-05-24 23:46 - 00056558 _____ () C:\Users\Rudolf\Desktop\[CzT]Hunter_x_Hunter_E01_E64_2011_720p_.torrent
2014-05-23 22:26 - 2014-05-23 23:38 - 3336028033 _____ () C:\Users\Rudolf\Downloads\Železný obr (Iron Giant 1999 dvd).mkv
2014-05-23 22:25 - 2014-05-23 23:14 - 1898296379 _____ () C:\Users\Rudolf\Downloads\Fairy-Tail-movie---Kněžka-fénixe.mp4
2014-05-23 11:16 - 2014-05-23 11:16 - 00000000 ____D () C:\Users\Rudolf\Downloads\Game of thrones
2014-05-19 12:02 - 2014-05-20 00:34 - 1880889517 _____ () C:\Users\Rudolf\Downloads\Tajná minulost UFO.mkv
2014-05-19 11:05 - 2014-05-19 12:32 - 1972949065 _____ () C:\Users\Rudolf\Downloads\The.Secret.Life.of.Walter.Mitty.2013.720p.MY.mkv
2014-05-18 11:03 - 2014-05-18 13:57 - 1513326514 _____ () C:\Users\Rudolf\Downloads\Zelezni andele 1.avi
2014-05-18 09:34 - 2014-05-18 09:34 - 00019674 _____ () C:\Users\Rudolf\Desktop\[CzT]Hra_o_truny_Game_of_Thrones_3_serie_CZ_WebRip_720p_.torrent
2014-05-15 21:58 - 2014-05-15 22:16 - 880700474 _____ () C:\Users\Rudolf\Downloads\Hra o trůny Game of Thrones S04E01 Dva meče CZ.avi
2014-05-15 21:58 - 2014-05-15 22:09 - 419528704 _____ () C:\Users\Rudolf\Downloads\Hra o trůny - Game Of Thrones S04E02 Lev a růže.avi
2014-05-15 19:54 - 2014-05-15 20:14 - 00000116 _____ () C:\Users\Rudolf\Desktop\rovzrzeni jidla.txt
2014-05-14 17:36 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 17:36 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 17:36 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 17:36 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 17:36 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 17:36 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 11:13 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 11:13 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 11:13 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 11:13 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 11:13 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 11:13 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 11:13 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 11:13 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 11:13 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 11:13 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 11:13 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 11:13 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 11:13 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 11:13 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 11:13 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 11:13 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 11:13 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 11:13 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 11:13 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 11:13 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 11:13 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 11:13 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 11:13 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 10:26 - 2014-05-13 11:40 - 00000000 ____D () C:\Users\Rudolf\Downloads\Gingitsune
2014-05-13 10:24 - 2014-05-13 10:37 - 00000000 ____D () C:\Users\Rudolf\Downloads\Cyber City Oedo 808
2014-05-12 22:52 - 2014-05-23 07:43 - 00000000 ____D () C:\ProgramData\Steam
2014-05-12 22:52 - 2014-05-12 22:53 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\DarkSoulsII
2014-05-09 20:46 - 2014-05-09 21:22 - 1673287266 _____ () C:\Users\Rudolf\Downloads\Ja,me-druhe-ja-a-Irena-cz-Spunny.avi
2014-05-09 19:55 - 2014-05-26 12:15 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-08 09:22 - 2014-05-08 09:22 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\id Software
2014-05-07 19:45 - 2014-05-07 20:30 - 00000000 ____D () C:\Users\Rudolf\Downloads\Viy 3D
2014-05-07 17:42 - 2014-05-07 18:17 - 00000000 ____D () C:\Users\Rudolf\Desktop\Beaty hip hop rap
2014-05-06 13:25 - 2014-05-06 14:37 - 2708893692 _____ () C:\Users\Rudolf\Downloads\Blade-Runner-(1982)---The-Final-Cut.avi
2014-05-06 13:16 - 2014-05-06 20:22 - 2275939496 _____ () C:\Users\Rudolf\Downloads\Killing.Season.2013.Bluray.1080p (1).mkv
2014-05-01 18:17 - 2014-05-01 22:42 - 00000000 ____D () C:\Users\Rudolf\Downloads\The Purge (2013)
2014-05-01 02:51 - 2014-05-01 02:55 - 00000000 ____D () C:\Users\Rudolf\Downloads\Son.of.Batman.2014.BRRip.XviD.MP3-RARBG
2014-05-01 00:07 - 2014-05-19 19:15 - 00000000 ____D () C:\Users\Rudolf\Desktop\steam
2014-04-30 18:13 - 2014-05-29 10:29 - 00716129 ____N () C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

2014-05-29 22:46 - 2014-05-29 22:46 - 02066944 _____ (Farbar) C:\Users\Rudolf\Downloads\FRST64.exe
2014-05-29 22:46 - 2014-05-29 22:46 - 00006647 _____ () C:\Users\Rudolf\Downloads\FRST.txt
2014-05-29 22:46 - 2014-05-28 23:41 - 00000000 ____D () C:\FRST
2014-05-29 22:45 - 2014-05-29 22:45 - 00112640 _____ (forum.viry.cz) C:\Users\Rudolf\Downloads\Nepotvrzeno 782696.crdownload
2014-05-29 22:45 - 2014-05-29 22:45 - 00112107 _____ (forum.viry.cz) C:\Users\Rudolf\Downloads\VerzeOS.exe
2014-05-29 22:41 - 2014-03-26 00:22 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-29 22:00 - 2014-05-29 15:00 - 00000292 _____ () C:\Users\Rudolf\Network_Meter_Data.js
2014-05-29 21:53 - 2014-03-26 11:16 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\uTorrent
2014-05-29 20:56 - 2014-03-26 01:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-29 20:54 - 2014-04-11 18:46 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-29 20:52 - 2014-03-26 00:22 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-29 18:02 - 2014-05-29 17:49 - 780775424 _____ () C:\Users\Rudolf\Downloads\Filth.2013.BRRip.XviD.CZ.MY.avi
2014-05-29 15:00 - 2014-03-25 23:23 - 00000000 ____D () C:\Users\Rudolf
2014-05-29 14:28 - 2014-05-29 14:28 - 00000284 _____ () C:\Users\Rudolf\AppData\Roaming\GPU MeterV2_Settings.ini
2014-05-29 14:28 - 2014-05-29 14:26 - 00000954 _____ () C:\Users\Rudolf\AppData\Roaming\Network Meter_Settings.ini
2014-05-29 14:28 - 2014-05-29 14:23 - 00000133 _____ () C:\Users\Rudolf\IP_Log_Data.js
2014-05-29 14:19 - 2014-05-29 14:19 - 00000062 _____ () C:\Windows\Wininit.ini
2014-05-29 14:19 - 2014-05-29 14:16 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\ConMet
2014-05-29 14:19 - 2014-05-29 14:16 - 00000000 ____D () C:\ProgramData\ConMet
2014-05-29 14:16 - 2014-05-29 14:14 - 02585600 _____ (Mgr. Tomas Papousek) C:\Users\Rudolf\Downloads\cm799f.exe
2014-05-29 10:34 - 2011-04-12 10:34 - 00668138 _____ () C:\Windows\system32\perfh005.dat
2014-05-29 10:34 - 2011-04-12 10:34 - 00140798 _____ () C:\Windows\system32\perfc005.dat
2014-05-29 10:34 - 2009-07-14 07:13 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-29 10:34 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-29 10:34 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-29 10:29 - 2014-04-30 18:13 - 00716129 ____N () C:\Windows\WindowsUpdate.log
2014-05-29 10:28 - 2014-05-28 20:03 - 00000000 ____D () C:\ProgramData\adobe
2014-05-29 10:27 - 2014-03-26 01:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-29 10:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-29 10:20 - 2014-05-29 10:20 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\ESET
2014-05-29 10:20 - 2014-05-29 10:20 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\ESET
2014-05-29 10:16 - 2014-05-29 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-05-29 10:16 - 2014-05-29 10:16 - 00000000 ____D () C:\ProgramData\ESET
2014-05-29 10:16 - 2014-05-29 10:16 - 00000000 ____D () C:\Program Files\ESET
2014-05-28 23:59 - 2014-05-28 23:53 - 00005146 _____ () C:\zoek-results.log
2014-05-28 23:58 - 2014-05-28 23:53 - 00000000 ____D () C:\zoek_backup
2014-05-28 23:53 - 2014-05-28 23:58 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-28 23:52 - 2014-05-28 23:12 - 00000000 ____D () C:\Program Files\trend micro
2014-05-28 23:15 - 2014-05-28 23:12 - 00000000 ____D () C:\rsit
2014-05-28 22:55 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-28 22:54 - 2014-05-28 22:54 - 00009256 _____ () C:\Users\Rudolf\Documents\cc_20140528_225415.reg
2014-05-28 22:53 - 2014-05-25 15:54 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\Ubisoft Game Launcher
2014-05-28 22:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Resources
2014-05-28 22:30 - 2014-05-28 22:30 - 01643096 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Rudolf\Desktop\GPU-Z.0.7.8.exe
2014-05-28 20:43 - 2014-05-28 20:43 - 00000000 __SHD () C:\Users\Rudolf\AppData\Local\EmieUserList
2014-05-28 20:43 - 2014-05-28 20:43 - 00000000 __SHD () C:\Users\Rudolf\AppData\Local\EmieSiteList
2014-05-28 16:42 - 2014-04-01 12:37 - 00007606 _____ () C:\Users\Rudolf\AppData\Local\Resmon.ResmonCfg
2014-05-27 14:06 - 2014-05-27 14:06 - 00002574 _____ () C:\Users\Rudolf\Documents\cc_20140527_140612.reg
2014-05-27 14:06 - 2014-03-26 08:29 - 00000000 ____D () C:\Users\Rudolf\Desktop\Dokumenty
2014-05-27 09:48 - 2014-05-27 09:48 - 00019630 _____ () C:\Users\Rudolf\Documents\cc_20140527_094806.reg
2014-05-27 09:47 - 2014-04-26 00:58 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\Warframe
2014-05-27 09:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-27 00:01 - 2014-03-26 08:31 - 00000000 ____D () C:\Users\Rudolf\Desktop\tapety
2014-05-26 12:15 - 2014-05-09 19:55 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-25 23:52 - 2014-05-25 23:52 - 00001235 _____ () C:\Users\Rudolf\Desktop\AIDA64 Extreme Edition.lnk
2014-05-25 23:52 - 2014-05-25 23:52 - 00000000 ____D () C:\Program Files (x86)\FinalWire
2014-05-25 11:03 - 2014-05-25 11:03 - 00000000 ____D () C:\Users\Rudolf\Downloads\Driver Booster PRO 1.4.0.61 Multilingual + Key
2014-05-24 23:46 - 2014-05-24 23:46 - 00056558 _____ () C:\Users\Rudolf\Desktop\[CzT]Hunter_x_Hunter_E01_E64_2011_720p_.torrent
2014-05-23 23:38 - 2014-05-23 22:26 - 3336028033 _____ () C:\Users\Rudolf\Downloads\Železný obr (Iron Giant 1999 dvd).mkv
2014-05-23 23:14 - 2014-05-23 22:25 - 1898296379 _____ () C:\Users\Rudolf\Downloads\Fairy-Tail-movie---Kněžka-fénixe.mp4
2014-05-23 11:16 - 2014-05-23 11:16 - 00000000 ____D () C:\Users\Rudolf\Downloads\Game of thrones
2014-05-23 07:43 - 2014-05-12 22:52 - 00000000 ____D () C:\ProgramData\Steam
2014-05-20 00:34 - 2014-05-19 12:02 - 1880889517 _____ () C:\Users\Rudolf\Downloads\Tajná minulost UFO.mkv
2014-05-19 19:15 - 2014-05-01 00:07 - 00000000 ____D () C:\Users\Rudolf\Desktop\steam
2014-05-19 12:32 - 2014-05-19 11:05 - 1972949065 _____ () C:\Users\Rudolf\Downloads\The.Secret.Life.of.Walter.Mitty.2013.720p.MY.mkv
2014-05-18 13:57 - 2014-05-18 11:03 - 1513326514 _____ () C:\Users\Rudolf\Downloads\Zelezni andele 1.avi
2014-05-18 09:34 - 2014-05-18 09:34 - 00019674 _____ () C:\Users\Rudolf\Desktop\[CzT]Hra_o_truny_Game_of_Thrones_3_serie_CZ_WebRip_720p_.torrent
2014-05-16 16:36 - 2014-03-27 11:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-15 22:16 - 2014-05-15 21:58 - 880700474 _____ () C:\Users\Rudolf\Downloads\Hra o trůny Game of Thrones S04E01 Dva meče CZ.avi
2014-05-15 22:09 - 2014-05-15 21:58 - 419528704 _____ () C:\Users\Rudolf\Downloads\Hra o trůny - Game Of Thrones S04E02 Lev a růže.avi
2014-05-15 20:14 - 2014-05-15 19:54 - 00000116 _____ () C:\Users\Rudolf\Desktop\rovzrzeni jidla.txt
2014-05-14 21:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-14 17:39 - 2014-03-25 23:23 - 00000000 ___RD () C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 17:39 - 2014-03-25 23:23 - 00000000 ___RD () C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 17:38 - 2014-04-23 09:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 17:36 - 2014-03-26 01:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 17:35 - 2014-03-26 01:00 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 11:40 - 2014-05-13 10:26 - 00000000 ____D () C:\Users\Rudolf\Downloads\Gingitsune
2014-05-13 10:37 - 2014-05-13 10:24 - 00000000 ____D () C:\Users\Rudolf\Downloads\Cyber City Oedo 808
2014-05-13 10:02 - 2014-04-22 17:44 - 00000000 ____D () C:\ProgramData\Origin
2014-05-12 22:53 - 2014-05-12 22:52 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\DarkSoulsII
2014-05-09 21:22 - 2014-05-09 20:46 - 1673287266 _____ () C:\Users\Rudolf\Downloads\Ja,me-druhe-ja-a-Irena-cz-Spunny.avi
2014-05-09 08:14 - 2014-05-14 11:13 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 11:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 09:22 - 2014-05-08 09:22 - 00000000 ____D () C:\Users\Rudolf\AppData\Local\id Software
2014-05-07 20:36 - 2014-03-26 00:22 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 20:36 - 2014-03-26 00:22 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 20:30 - 2014-05-07 19:45 - 00000000 ____D () C:\Users\Rudolf\Downloads\Viy 3D
2014-05-07 18:17 - 2014-05-07 17:42 - 00000000 ____D () C:\Users\Rudolf\Desktop\Beaty hip hop rap
2014-05-06 20:22 - 2014-05-06 13:16 - 2275939496 _____ () C:\Users\Rudolf\Downloads\Killing.Season.2013.Bluray.1080p (1).mkv
2014-05-06 14:37 - 2014-05-06 13:25 - 2708893692 _____ () C:\Users\Rudolf\Downloads\Blade-Runner-(1982)---The-Final-Cut.avi
2014-05-06 06:40 - 2014-05-14 17:36 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 17:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 17:36 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 17:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 17:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 17:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 12:29 - 2014-03-26 23:09 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\Tera_Awesomium
2014-05-04 09:18 - 2014-03-30 19:04 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\TS3Client
2014-05-03 00:15 - 2014-04-02 09:58 - 00000000 ____D () C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-05-01 22:42 - 2014-05-01 18:17 - 00000000 ____D () C:\Users\Rudolf\Downloads\The Purge (2013)
2014-05-01 02:55 - 2014-05-01 02:51 - 00000000 ____D () C:\Users\Rudolf\Downloads\Son.of.Batman.2014.BRRip.XviD.MP3-RARBG
2014-04-30 13:41 - 2014-04-23 09:34 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-04-30 13:37 - 2014-04-01 09:03 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-29 02:28 - 2014-04-27 00:31 - 647606272 _____ () C:\Users\Rudolf\Downloads\Batman.vs.Red.Hood.2010.BRRip.XviD.AC3.CZ-queeN.up.by.MiPe.avi

Files to move or delete:
====================
C:\Users\Rudolf\IP_Log_Data.js
C:\Users\Rudolf\Network_Meter_Data.js


Some content of TEMP:
====================
C:\Users\Rudolf\AppData\Local\Temp\cmunst_.exe
C:\Users\Rudolf\AppData\Local\Temp\InstHelper.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 12:05

==================== End Of Log ============================

Dobry vecer
tak eset mi nasel BAT/CoinMiner.GH trojsky kun a presunul ho do karanteny... mam ho nechat odstranit?

Kde jej prosim nasel??