VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

BLUE SCREEN ATHURX.SYS

https://forum.viry.cz:443/viewtopic.php?t=133596

Stránka 2 z 3

Re: BLUE SCREEN ATHURX.SYS

Napsal: 26 říj 2013 21:16
od vyosek
Poprosim o novy log z FRSTLauncheru...

Re: BLUE SCREEN ATHURX.SYS

Napsal: 29 říj 2013 14:46
od Boofy
Dobrý den,

tak mi to dneska poprvé od řešení spadlo, opět modrá obrazovka s chybovým hlášením. Myslíte, že bude problém jinde než v ovladačích ?

Re: BLUE SCREEN ATHURX.SYS

Napsal: 29 říj 2013 15:11
od Boofy
Omlouvám se, nevšiml jsem si pokračování debaty na druhé stránce, nicméně teď po scanu FRST logu mi to opět znovu spadlo.
Tady posílám nový log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-10-2013
Ran by Adam (administrator) on ADAM-PC on 29-10-2013 15:07:57
Running from C:\Users\Adam\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(CyberLink) D:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) D:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
() C:\Users\Adam\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(ZONER software) D:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
() C:\Users\Adam\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(arvato digital services llc) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) D:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
() C:\Windows\inf\msguoag\msguoag.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(CyberLink Corp.) D:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Google Inc.) C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [THXCfg64] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [658048 2012-05-15] (Atheros Commnucations)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [792704 2012-05-15] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKCU\...\Run: [Google Update] - C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-06-14] (Google Inc.)
HKCU\...\Run: [Nektra OEAPI] - [x]
HKCU\...\Run: [OEXPRESS] - [x]
HKCU\...\Run: [SmartRAM] - "C:\Program Files (x86)\IObit\Advanced SystemCare 6\Suo10_SmartRAM.exe" /m
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Adam\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Adam\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-05-23] (Samsung)
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Zoner Photo Studio Autoupdate] - D:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe [774680 2013-06-07] (ZONER software)
MountPoints2: {0de441b0-d4ff-11e2-b246-806e6f6e6963} - P:\autorun.exe
MountPoints2: {69309ed0-d520-11e2-9890-806e6f6e6963} - F:\Viewer\ppview32.exe agaxzs\auto.ppt
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [218880 2012-05-31] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe [884 2013-06-14] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] - "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKCU - {C5A782CD-5D09-44DF-9065-05EDA1150E29} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 10.10.10.1 10.10.10.2

FireFox:
========
FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ws7l1lno.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: www.seznam.cz
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Acrobat - D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Adam\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Adam\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ws7l1lno.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: DownloadHelper - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ws7l1lno.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Seznam lištička - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ws7l1lno.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: iobitapps - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ws7l1lno.default\Extensions\iobitapps@mybrowserbar.com
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Users\Adam\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Adam\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Adam\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Advanced SystemCare 6) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin/ASCPlugin_Protect.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - D:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - D:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - D:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - D:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - D:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - D:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - D:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (VLC Web Plugin) - D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Extension: (Google Docs) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Email) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Slovn\u00EDk) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0
CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.0.3370_0
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.0.379_0
CHR Extension: (AdBlock) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0
CHR Extension: (Safe Money) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.0.3370_0
CHR Extension: (Virtual Keyboard) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.0.3370_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_1
CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Anti-Banner) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.0.3370_0
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-06-16] (Adobe Systems)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [218880 2012-05-31] (Kaspersky Lab ZAO)
R2 CLHNServiceForPowerDVD12; D:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-10-05] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; D:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-10-05] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; D:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-10-05] (CyberLink)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1868432 2012-12-24] ()
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-29] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [254552 2012-10-22] ()
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-06] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-05-22] ()
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458544 2012-04-13] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [640344 2012-05-29] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30000 2012-03-27] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2012-05-25] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [27992 2012-05-25] (Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54064 2012-05-12] (Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [172888 2012-05-24] (Kaspersky Lab)
R2 ntk_PowerDVD12; D:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [101376 2011-11-21] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [217088 2011-11-21] (Renesas Electronics Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-06-14] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-10-29] ()
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-10-29] ()
U3 aqznh71j; C:\Windows\System32\Drivers\aqznh71j.sys [0 ] (Microsoft Corporation)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [85336 2012-05-29] (Kaspersky Lab)
S3 MSICDSetup; \??\P:\CDriver64.sys [x]
S3 NTIOLib_1_0_C; \??\P:\NTIOLib_X64.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-29 15:07 - 2013-10-29 15:07 - 01956538 _____ (Farbar) C:\Users\Adam\Desktop\FRST64.exe
2013-10-29 15:03 - 2013-10-29 15:04 - 00029696 _____ C:\Users\Adam\AppData\Local\MSGBOX.EXE
2013-10-29 15:01 - 2013-10-29 15:01 - 00003534 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0 Fallback-Adam-PC-Adam
2013-10-29 14:22 - 2013-10-29 14:22 - 00000000 ___RD C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-10-29 09:09 - 2013-10-18 02:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-29 09:09 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-29 09:09 - 2013-09-28 00:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-10-29 09:09 - 2013-09-28 00:01 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-10-29 09:09 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-10-26 15:32 - 2013-10-26 15:32 - 00000000 ____D C:\Users\Adam\Downloads\morden
2013-10-26 11:02 - 2013-10-26 11:05 - 00000000 ____D C:\AdwCleaner
2013-10-26 11:02 - 2013-10-26 11:02 - 00004168 _____ C:\Users\Adam\Desktop\JRT.txt
2013-10-26 10:56 - 2013-10-26 10:56 - 00000000 ____D C:\Windows\ERUNT
2013-10-26 10:53 - 2013-10-26 10:53 - 01060070 _____ C:\Users\Adam\Desktop\adwcleaner.exe
2013-10-26 10:53 - 2013-10-26 10:53 - 01033335 _____ (Thisisu) C:\Users\Adam\Downloads\JRT.exe
2013-10-24 16:28 - 2013-10-24 16:28 - 00000720 _____ C:\Users\Adam\Documents\7.txt
2013-10-24 14:59 - 2013-10-24 14:59 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-10-24 14:58 - 2000-01-01 01:00 - 04065296 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-10-24 14:58 - 2000-01-01 01:00 - 03615888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 02674320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 02605400 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 02533952 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 02131288 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 01560168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-10-24 14:58 - 2000-01-01 01:00 - 01262696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 01015640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00869520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00626304 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00561792 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00293889 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-10-24 14:58 - 2000-01-01 01:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00202336 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00105616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00083072 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-10-24 14:58 - 2000-01-01 01:00 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2013-10-24 14:58 - 2000-01-01 01:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-10-24 14:30 - 2011-05-03 21:13 - 00008820 _____ C:\Windows\system32\athurextx.cat
2013-10-24 14:30 - 2011-04-20 02:07 - 01930240 _____ (Atheros Communications, Inc.) C:\Windows\system32\athurx.sys
2013-10-24 14:29 - 2013-10-24 14:29 - 00000000 ____D C:\ProgramData\TP-LINK
2013-10-24 14:18 - 2013-10-29 14:22 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2013-10-24 14:18 - 2013-10-29 14:22 - 00002832 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2013-10-24 14:18 - 2013-10-29 14:22 - 00000408 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2013-10-24 14:18 - 2013-10-24 14:18 - 00002467 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2013-10-24 14:18 - 2013-10-24 14:18 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-10-24 14:18 - 2013-10-24 14:18 - 00000000 ____D C:\Users\Adam\AppData\Local\SlimWare Utilities Inc
2013-10-24 14:16 - 2013-10-24 14:16 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\Adam\Downloads\slimdrivers-setup.exe
2013-10-24 13:41 - 2013-10-29 14:22 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2013-10-24 12:48 - 2013-10-24 12:48 - 00000000 ____D C:\Users\Adam\Downloads\CrystalDiskInfo5_0_0
2013-10-24 12:41 - 2013-10-24 12:41 - 00000702 _____ C:\Users\Adam\Desktop\WhoCrashed.lnk
2013-10-24 12:36 - 2013-10-24 12:36 - 00000250 _____ C:\Users\Adam\Documents\5.txt
2013-10-24 12:36 - 2013-10-24 12:36 - 00000237 _____ C:\Users\Adam\Documents\4.txt
2013-10-24 12:36 - 2013-10-24 12:36 - 00000184 _____ C:\Users\Adam\Documents\6.txt
2013-10-24 12:06 - 2013-10-24 12:07 - 02085248 _____ (Resplendence Software Projects Sp. ) C:\Users\Adam\Downloads\whocrashedSetup.exe
2013-10-24 11:43 - 2013-10-24 11:43 - 00030136 _____ C:\Users\Adam\Desktop\102313-11154-01.rar
2013-10-24 11:43 - 2013-10-23 15:14 - 00319894 _____ C:\Users\Adam\Desktop\102313-11154-01.dmp
2013-10-24 08:52 - 2013-10-24 08:54 - 09587666 _____ C:\Users\Adam\Desktop\granát.rar
2013-10-24 08:26 - 2013-10-24 08:53 - 00000000 ____D C:\Users\Adam\Desktop\granát
2013-10-23 10:54 - 2013-10-23 10:54 - 21824552 _____ (IObit ) C:\Users\Adam\Downloads\imf-setup.exe
2013-10-23 10:52 - 2013-10-23 10:52 - 961987358 _____ C:\Windows\MEMORY.DMP
2013-10-23 07:52 - 2013-10-23 07:52 - 00007277 _____ C:\Users\Adam\Desktop\Addition.rar
2013-10-23 07:50 - 2013-10-23 07:50 - 00030166 _____ C:\Users\Adam\Desktop\Addition.txt
2013-10-23 07:49 - 2013-10-23 07:49 - 00000000 ____D C:\FRST
2013-10-23 07:42 - 2013-10-23 07:42 - 00001938 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-22 21:31 - 2013-10-23 12:43 - 00000301 _____ C:\Users\Adam\Documents\3.txt
2013-10-22 19:56 - 2013-10-23 06:43 - 00018944 _____ C:\Users\Adam\Downloads\ceny_21.10.2013.xls
2013-10-22 19:53 - 2013-10-22 19:53 - 00000000 ____D C:\Users\Adam\Downloads\22.10.2013_čina
2013-10-21 11:39 - 2013-10-21 11:39 - 00000000 ____D C:\Users\Adam\Downloads\Fotky_komody
2013-10-21 11:34 - 2013-10-21 11:39 - 00019456 _____ C:\Users\Adam\Downloads\ceny komody_18.10.2013.xls
2013-10-21 10:12 - 2013-10-21 10:12 - 00000136 _____ C:\Users\Adam\Downloads\stažený soubor.htm
2013-10-20 09:54 - 2013-10-23 07:42 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-19 13:07 - 2013-10-19 13:07 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Softland
2013-10-16 10:13 - 2013-10-16 10:13 - 00000000 ____D C:\Users\Adam\Downloads\loga
2013-10-16 06:49 - 2013-10-16 06:49 - 00018944 _____ C:\Users\Adam\Downloads\ceník cina_15.10.2013.xls
2013-10-16 06:47 - 2013-10-16 06:47 - 00000000 ____D C:\Users\Adam\Downloads\e_nabídka
2013-10-16 06:46 - 2013-10-15 15:57 - 00070144 ___SH C:\Users\Adam\Downloads\Thumbs.db
2013-10-16 06:45 - 2013-10-16 06:46 - 24853017 _____ C:\Users\Adam\Downloads\e_nabídka.zip
2013-10-15 12:50 - 2013-10-15 12:50 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-10-15 12:50 - 2013-10-15 12:50 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-10-14 12:46 - 2013-10-14 12:46 - 00001064 _____ C:\Users\Adam\Desktop\icon-fb-solid.svg
2013-10-14 10:01 - 2013-10-14 10:01 - 00000000 ____D C:\Users\Adam\Downloads\Rest & Dj Fatte - Střepy (2013)
2013-10-13 11:32 - 2013-10-13 11:36 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-10-11 18:16 - 2013-10-11 18:16 - 01640984 _____ C:\Users\Adam\Downloads\SetupVirtualCloneDrive5470.exe
2013-10-10 16:14 - 2013-10-23 07:30 - 00000000 ____D C:\Users\Adam\Downloads\kg_let_her_go
2013-10-10 16:12 - 2013-10-23 07:30 - 00000000 ____D C:\Users\Adam\Downloads\dollie_script
2013-10-10 12:23 - 2013-10-23 07:30 - 00000000 ____D C:\Users\Adam\Downloads\intrique_script
2013-10-10 02:05 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 02:05 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 02:05 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 02:05 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 02:05 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 02:05 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 02:05 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 02:05 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 02:05 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 02:05 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 02:05 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 02:05 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 02:05 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 02:05 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 02:05 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 02:05 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 02:05 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 02:05 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 02:05 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 02:05 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 02:05 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 02:05 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 02:05 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 02:05 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 02:05 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 02:05 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 02:05 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 02:05 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 02:05 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 02:05 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 02:05 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 23:51 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 23:51 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 23:51 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 23:51 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 23:51 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 23:51 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 23:51 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 23:51 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 23:51 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 23:51 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 23:51 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 23:51 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 23:51 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 23:51 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 23:51 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-09 23:51 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-09 23:51 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-09 23:51 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 23:51 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 23:51 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-08 11:22 - 2013-10-29 14:22 - 00014234 _____ C:\Windows\PFRO.log
2013-10-08 11:21 - 2013-10-08 11:21 - 00000000 _____ C:\asc_rdflag
2013-10-08 11:20 - 2013-10-08 11:20 - 00001453 _____ C:\Users\Adam\Documents\1.txt
2013-10-08 11:20 - 2013-10-08 11:20 - 00000350 _____ C:\Users\Adam\Documents\2.txt
2013-10-08 09:42 - 2013-10-08 09:42 - 00000000 ____D C:\Program Files (x86)\Corel
2013-10-08 09:41 - 2013-10-08 09:41 - 00000000 ____D C:\Program Files\Common Files\Corel
2013-10-08 09:40 - 2013-10-08 09:42 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X6.1
2013-10-08 09:36 - 2013-10-08 09:36 - 00002368 _____ C:\Users\Public\Desktop\Bitstream Font Navigator (64-Bit).lnk
2013-10-08 09:36 - 2013-10-08 09:35 - 00002833 _____ C:\Users\Public\Desktop\CorelDRAW X6 (64-Bit).lnk
2013-10-08 09:35 - 2013-10-08 09:35 - 00000000 ____D C:\Users\Public\Documents\Corel
2013-10-08 09:35 - 2013-10-08 09:35 - 00000000 ____D C:\Program Files\Corel
2013-10-08 09:35 - 2013-10-08 09:35 - 00000000 ____D C:\Program Files\Common Files\Protexis
2013-10-07 14:43 - 2013-10-07 14:43 - 00000421 _____ C:\Users\Adam\Downloads\priloha
2013-10-04 17:27 - 2013-10-04 17:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2013-10-04 17:27 - 2013-10-04 17:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2013-10-04 17:27 - 2013-10-04 17:27 - 00000000 ____D C:\Users\Adam\AppData\Roaming\WTablet
2013-10-04 17:27 - 2013-10-04 17:27 - 00000000 ____D C:\Program Files\TabletPlugins
2013-10-04 17:27 - 2013-10-04 17:27 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-10-04 17:27 - 2013-04-30 18:18 - 00085304 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2013-10-04 17:27 - 2013-04-30 18:18 - 00014136 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2013-10-04 17:27 - 2012-12-20 23:20 - 00015344 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2013-10-04 17:27 - 2012-12-11 23:12 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wdfcoinstaller01009.dll
2013-10-04 17:26 - 2013-10-04 17:27 - 00000000 ____D C:\Program Files\Tablet
2013-10-04 17:26 - 2013-06-06 18:31 - 01959192 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2013-10-04 17:26 - 2013-06-06 18:31 - 01952536 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2013-10-04 17:26 - 2013-06-06 18:31 - 01820952 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2013-10-04 17:26 - 2013-06-06 18:31 - 01817880 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2013-10-04 17:26 - 2013-06-06 18:31 - 01614104 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2013-10-04 17:26 - 2013-06-06 18:31 - 01606936 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2013-10-04 17:26 - 2013-06-06 18:31 - 01493272 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2013-10-04 17:26 - 2013-06-06 18:31 - 01489176 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2013-10-04 17:25 - 2013-10-04 17:26 - 36517224 _____ C:\Users\Adam\Downloads\WacomTablet_636w3.exe
2013-10-03 17:03 - 2013-10-03 17:03 - 00050952 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2013-10-03 17:03 - 2013-10-03 17:03 - 00042760 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2013-10-03 17:03 - 2013-10-03 17:03 - 00000000 ____D C:\Users\Adam\AppData\Local\Comodo
2013-10-03 17:02 - 2013-10-03 17:02 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2013-10-03 17:02 - 2013-10-03 17:02 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-10-03 16:48 - 2013-10-03 16:48 - 05770848 _____ (New IT Solutions) C:\Users\Adam\Downloads\Corel Keygen (By PetertHEBest99).exe
2013-10-03 16:04 - 2013-10-03 16:05 - 06077736 _____ (http://yourfiledownloader.com) C:\Users\Adam\Downloads\amtlib_dll_64_bit_corel_draw_x6_downloader_cz_99370.exe
2013-10-03 12:47 - 2013-10-03 12:51 - 71669036 _____ C:\Users\Adam\Desktop\RGA DESIGN ukázky.rar
2013-10-01 13:28 - 2013-10-01 13:32 - 114727586 _____ C:\Users\Adam\Downloads\Ladies_tee_basic1296.psd
2013-10-01 13:15 - 2013-10-01 13:18 - 81356801 _____ C:\Users\Adam\Downloads\Mens_tee_basic.psd
2013-10-01 09:24 - 2013-10-01 09:24 - 00211094 _____ C:\Users\Adam\Downloads\Corel Keygen.zip
2013-10-01 08:33 - 2013-10-29 14:22 - 00006865 _____ C:\Windows\setupact.log
2013-10-01 08:33 - 2013-10-01 08:33 - 00000000 _____ C:\Windows\setuperr.log
2013-09-30 08:04 - 2013-10-29 14:22 - 00000000 ____D C:\Windows\Minidump

==================== One Month Modified Files and Folders =======

2013-10-29 15:07 - 2013-10-29 15:07 - 01956538 _____ (Farbar) C:\Users\Adam\Desktop\FRST64.exe
2013-10-29 15:07 - 2013-06-14 18:34 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-10-29 15:04 - 2013-10-29 15:03 - 00029696 _____ C:\Users\Adam\AppData\Local\MSGBOX.EXE
2013-10-29 15:01 - 2013-10-29 15:01 - 00003534 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0 Fallback-Adam-PC-Adam
2013-10-29 14:52 - 2013-06-14 21:32 - 00000958 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1558326279-1015972353-3595458155-1000UA.job
2013-10-29 14:49 - 2013-06-14 17:41 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-29 14:29 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-29 14:29 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-29 14:28 - 2013-06-15 07:35 - 00374908 _____ C:\Windows\system32\prfh0804.dat
2013-10-29 14:28 - 2013-06-15 07:35 - 00118942 _____ C:\Windows\system32\prfc0804.dat
2013-10-29 14:28 - 2013-06-15 07:11 - 00735102 _____ C:\Windows\system32\perfh00A.dat
2013-10-29 14:28 - 2013-06-15 07:11 - 00732972 _____ C:\Windows\system32\perfh013.dat
2013-10-29 14:28 - 2013-06-15 07:11 - 00673280 _____ C:\Windows\system32\perfh00E.dat
2013-10-29 14:28 - 2013-06-15 07:11 - 00471240 _____ C:\Windows\system32\perfh00B.dat
2013-10-29 14:28 - 2013-06-15 07:11 - 00382586 _____ C:\Windows\system32\perfh00D.dat
2013-10-29 14:28 - 2013-06-15 07:11 - 00169872 _____ C:\Windows\system32\perfc00E.dat
2013-10-29 14:28 - 2013-06-15 07:11 - 00157212 _____ C:\Windows\system32\perfc00A.dat
2013-10-29 14:28 - 2013-06-15 07:11 - 00151804 _____ C:\Windows\system32\perfc013.dat
2013-10-29 14:28 - 2013-06-15 07:11 - 00100020 _____ C:\Windows\system32\perfc00B.dat
2013-10-29 14:28 - 2013-06-15 07:11 - 00083788 _____ C:\Windows\system32\perfc00D.dat
2013-10-29 14:28 - 2013-06-14 23:44 - 00729794 _____ C:\Windows\system32\perfh010.dat
2013-10-29 14:28 - 2013-06-14 23:44 - 00145676 _____ C:\Windows\system32\perfc010.dat
2013-10-29 14:28 - 2013-06-14 23:41 - 00680166 _____ C:\Windows\system32\perfh00C.dat
2013-10-29 14:28 - 2013-06-14 23:41 - 00469020 _____ C:\Windows\system32\perfh001.dat
2013-10-29 14:28 - 2013-06-14 23:41 - 00128832 _____ C:\Windows\system32\perfc00C.dat
2013-10-29 14:28 - 2013-06-14 23:41 - 00093678 _____ C:\Windows\system32\perfc001.dat
2013-10-29 14:28 - 2013-06-14 23:37 - 00686542 _____ C:\Windows\system32\perfh007.dat
2013-10-29 14:28 - 2013-06-14 23:37 - 00147670 _____ C:\Windows\system32\perfc007.dat
2013-10-29 14:28 - 2011-04-12 09:34 - 00666406 _____ C:\Windows\system32\perfh005.dat
2013-10-29 14:28 - 2011-04-12 09:34 - 00140102 _____ C:\Windows\system32\perfc005.dat
2013-10-29 14:28 - 2009-07-14 06:13 - 08801408 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-29 14:27 - 2013-06-25 19:30 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Seznam.cz
2013-10-29 14:25 - 2013-06-16 18:21 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-29 14:22 - 2013-10-29 14:22 - 00000000 ___RD C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-10-29 14:22 - 2013-10-24 14:18 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2013-10-29 14:22 - 2013-10-24 14:18 - 00002832 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2013-10-29 14:22 - 2013-10-24 14:18 - 00000408 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2013-10-29 14:22 - 2013-10-24 13:41 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2013-10-29 14:22 - 2013-10-08 11:22 - 00014234 _____ C:\Windows\PFRO.log
2013-10-29 14:22 - 2013-10-01 08:33 - 00006865 _____ C:\Windows\setupact.log
2013-10-29 14:22 - 2013-09-30 08:04 - 00000000 ____D C:\Windows\Minidump
2013-10-29 14:22 - 2013-06-15 10:58 - 00000000 ____D C:\Users\Adam\AppData\Local\Adobe
2013-10-29 14:22 - 2013-06-14 17:41 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-29 14:22 - 2013-06-14 16:44 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-29 14:22 - 2013-06-14 16:32 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2013-10-29 14:22 - 2013-06-14 15:31 - 00330382 ____N C:\Windows\Minidump\102913-12292-01.dmp
2013-10-29 14:22 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-29 14:22 - 2009-07-14 05:45 - 05127456 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-29 13:20 - 2013-06-14 15:37 - 01464520 _____ C:\Windows\WindowsUpdate.log
2013-10-29 09:09 - 2013-06-14 16:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-29 09:09 - 2013-06-14 16:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-29 09:09 - 2013-06-14 16:42 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-29 08:52 - 2013-06-14 21:32 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1558326279-1015972353-3595458155-1000Core.job
2013-10-29 08:47 - 2013-06-14 16:22 - 00000000 ____D C:\Users\Adam\Documents\Bluetooth Folder
2013-10-28 12:50 - 2013-06-14 16:42 - 00140608 _____ C:\Users\Adam\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-28 09:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-26 15:32 - 2013-10-26 15:32 - 00000000 ____D C:\Users\Adam\Downloads\morden
2013-10-26 11:05 - 2013-10-26 11:02 - 00000000 ____D C:\AdwCleaner
2013-10-26 11:05 - 2013-06-14 15:36 - 00000000 ___RD C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-26 11:02 - 2013-10-26 11:02 - 00004168 _____ C:\Users\Adam\Desktop\JRT.txt
2013-10-26 10:56 - 2013-10-26 10:56 - 00000000 ____D C:\Windows\ERUNT
2013-10-26 10:53 - 2013-10-26 10:53 - 01060070 _____ C:\Users\Adam\Desktop\adwcleaner.exe
2013-10-26 10:53 - 2013-10-26 10:53 - 01033335 _____ (Thisisu) C:\Users\Adam\Downloads\JRT.exe
2013-10-24 16:28 - 2013-10-24 16:28 - 00000720 _____ C:\Users\Adam\Documents\7.txt
2013-10-24 14:59 - 2013-10-24 14:59 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-10-24 14:58 - 2013-06-14 16:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-24 14:48 - 2013-06-14 16:18 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-10-24 14:29 - 2013-10-24 14:29 - 00000000 ____D C:\ProgramData\TP-LINK
2013-10-24 14:18 - 2013-10-24 14:18 - 00002467 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2013-10-24 14:18 - 2013-10-24 14:18 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-10-24 14:18 - 2013-10-24 14:18 - 00000000 ____D C:\Users\Adam\AppData\Local\SlimWare Utilities Inc
2013-10-24 14:16 - 2013-10-24 14:16 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\Adam\Downloads\slimdrivers-setup.exe
2013-10-24 13:51 - 2013-06-14 15:31 - 00324206 ____N C:\Windows\Minidump\102413-11497-01.dmp
2013-10-24 13:41 - 2013-06-14 15:31 - 00315950 ____N C:\Windows\Minidump\102413-12121-01.dmp
2013-10-24 13:40 - 2013-06-14 15:31 - 00324206 ____N C:\Windows\Minidump\102413-10982-01.dmp
2013-10-24 12:48 - 2013-10-24 12:48 - 00000000 ____D C:\Users\Adam\Downloads\CrystalDiskInfo5_0_0
2013-10-24 12:41 - 2013-10-24 12:41 - 00000702 _____ C:\Users\Adam\Desktop\WhoCrashed.lnk
2013-10-24 12:36 - 2013-10-24 12:36 - 00000250 _____ C:\Users\Adam\Documents\5.txt
2013-10-24 12:36 - 2013-10-24 12:36 - 00000237 _____ C:\Users\Adam\Documents\4.txt
2013-10-24 12:36 - 2013-10-24 12:36 - 00000184 _____ C:\Users\Adam\Documents\6.txt
2013-10-24 12:07 - 2013-10-24 12:06 - 02085248 _____ (Resplendence Software Projects Sp. ) C:\Users\Adam\Downloads\whocrashedSetup.exe
2013-10-24 11:43 - 2013-10-24 11:43 - 00030136 _____ C:\Users\Adam\Desktop\102313-11154-01.rar
2013-10-24 08:54 - 2013-10-24 08:52 - 09587666 _____ C:\Users\Adam\Desktop\granát.rar
2013-10-24 08:53 - 2013-10-24 08:26 - 00000000 ____D C:\Users\Adam\Desktop\granát
2013-10-24 08:51 - 2013-07-18 10:28 - 00000132 _____ C:\Users\Adam\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2013-10-23 15:14 - 2013-10-24 11:43 - 00319894 _____ C:\Users\Adam\Desktop\102313-11154-01.dmp
2013-10-23 15:14 - 2013-06-14 15:31 - 00319894 ____N C:\Windows\Minidump\102313-11154-01.dmp
2013-10-23 12:43 - 2013-10-22 21:31 - 00000301 _____ C:\Users\Adam\Documents\3.txt
2013-10-23 10:54 - 2013-10-23 10:54 - 21824552 _____ (IObit ) C:\Users\Adam\Downloads\imf-setup.exe
2013-10-23 10:52 - 2013-10-23 10:52 - 961987358 _____ C:\Windows\MEMORY.DMP
2013-10-23 09:23 - 2013-09-15 18:21 - 00000625 _____ C:\Users\Adam\Desktop\OBJEDNÁVKA.txt
2013-10-23 07:52 - 2013-10-23 07:52 - 00007277 _____ C:\Users\Adam\Desktop\Addition.rar
2013-10-23 07:50 - 2013-10-23 07:50 - 00030166 _____ C:\Users\Adam\Desktop\Addition.txt
2013-10-23 07:49 - 2013-10-23 07:49 - 00000000 ____D C:\FRST
2013-10-23 07:47 - 2013-06-14 21:32 - 00003930 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1558326279-1015972353-3595458155-1000UA
2013-10-23 07:47 - 2013-06-14 21:32 - 00003534 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1558326279-1015972353-3595458155-1000Core
2013-10-23 07:42 - 2013-10-23 07:42 - 00001938 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-23 07:42 - 2013-10-20 09:54 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-23 07:38 - 2013-06-16 17:56 - 00000000 ____D C:\Users\Adam\AppData\Roaming\uTorrent
2013-10-23 07:37 - 2013-06-14 15:36 - 00000000 ____D C:\Users\Adam
2013-10-23 07:30 - 2013-10-10 16:14 - 00000000 ____D C:\Users\Adam\Downloads\kg_let_her_go
2013-10-23 07:30 - 2013-10-10 16:12 - 00000000 ____D C:\Users\Adam\Downloads\dollie_script
2013-10-23 07:30 - 2013-10-10 12:23 - 00000000 ____D C:\Users\Adam\Downloads\intrique_script
2013-10-23 07:30 - 2013-09-15 09:15 - 00000000 ____D C:\Users\Adam\Downloads\basic_title_font
2013-10-23 07:30 - 2013-09-07 11:01 - 00000000 ____D C:\Users\Adam\Downloads\lighthouse2
2013-10-23 07:30 - 2013-08-29 20:01 - 00000000 ____D C:\Users\Adam\Downloads\capitalis_typoasis
2013-10-23 07:30 - 2013-08-29 13:14 - 00000000 ____D C:\Users\Adam\Downloads\invitation_script
2013-10-23 07:30 - 2013-08-19 11:18 - 00000000 ____D C:\Users\Adam\Downloads\BookletCreator
2013-10-23 07:30 - 2013-07-15 09:02 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-10-23 07:30 - 2013-06-17 18:36 - 00000000 ____D C:\ProgramData\Protexis64
2013-10-23 07:30 - 2013-06-16 21:03 - 00000000 ____D C:\Users\Adam\Documents\Assassin's Creed III
2013-10-23 07:30 - 2013-06-14 21:32 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-23 07:30 - 2013-06-14 21:25 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Adobe
2013-10-23 07:30 - 2013-06-14 19:49 - 00000000 ____D C:\ProgramData\IObit
2013-10-23 07:30 - 2013-06-14 16:51 - 00000000 ____D C:\ProgramData\Atheros
2013-10-23 07:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-10-23 06:43 - 2013-10-22 19:56 - 00018944 _____ C:\Users\Adam\Downloads\ceny_21.10.2013.xls
2013-10-22 19:53 - 2013-10-22 19:53 - 00000000 ____D C:\Users\Adam\Downloads\22.10.2013_čina
2013-10-22 10:44 - 2013-06-26 21:16 - 00001480 _____ C:\Users\Adam\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2013-10-21 18:26 - 2013-07-22 11:25 - 00000000 ____D C:\Users\Adam\Desktop\FOTKY
2013-10-21 11:39 - 2013-10-21 11:39 - 00000000 ____D C:\Users\Adam\Downloads\Fotky_komody
2013-10-21 11:39 - 2013-10-21 11:34 - 00019456 _____ C:\Users\Adam\Downloads\ceny komody_18.10.2013.xls
2013-10-21 10:12 - 2013-10-21 10:12 - 00000136 _____ C:\Users\Adam\Downloads\stažený soubor.htm
2013-10-19 13:07 - 2013-10-19 13:07 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Softland
2013-10-18 02:36 - 2013-10-29 09:09 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-18 02:36 - 2013-10-29 09:09 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-16 10:13 - 2013-10-16 10:13 - 00000000 ____D C:\Users\Adam\Downloads\loga
2013-10-16 06:49 - 2013-10-16 06:49 - 00018944 _____ C:\Users\Adam\Downloads\ceník cina_15.10.2013.xls
2013-10-16 06:47 - 2013-10-16 06:47 - 00000000 ____D C:\Users\Adam\Downloads\e_nabídka
2013-10-16 06:46 - 2013-10-16 06:45 - 24853017 _____ C:\Users\Adam\Downloads\e_nabídka.zip
2013-10-15 15:57 - 2013-10-16 06:46 - 00070144 ___SH C:\Users\Adam\Downloads\Thumbs.db
2013-10-15 14:21 - 2013-06-16 16:07 - 00000000 ____D C:\Users\Adam\AppData\Local\CrashDumps
2013-10-15 12:50 - 2013-10-15 12:50 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-10-15 12:50 - 2013-10-15 12:50 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-10-14 12:46 - 2013-10-14 12:46 - 00001064 _____ C:\Users\Adam\Desktop\icon-fb-solid.svg
2013-10-14 10:01 - 2013-10-14 10:01 - 00000000 ____D C:\Users\Adam\Downloads\Rest & Dj Fatte - Střepy (2013)
2013-10-13 11:36 - 2013-10-13 11:32 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-10-12 14:12 - 2013-06-15 12:30 - 00000000 ____D C:\Users\Adam\Documents\Adobe
2013-10-11 18:16 - 2013-10-11 18:16 - 01640984 _____ C:\Users\Adam\Downloads\SetupVirtualCloneDrive5470.exe
2013-10-10 02:24 - 2013-06-14 23:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 02:24 - 2013-06-14 23:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 02:06 - 2013-06-14 20:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 02:04 - 2013-06-14 21:03 - 08619936 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-10 02:02 - 2013-08-16 02:01 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 02:01 - 2013-06-14 22:55 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 13:05 - 2013-06-17 18:36 - 00000000 ____D C:\Users\Adam\Documents\Moje palety
2013-10-09 10:25 - 2013-06-16 18:21 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 10:25 - 2013-06-14 21:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 10:25 - 2013-06-14 21:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-08 11:21 - 2013-10-08 11:21 - 00000000 _____ C:\asc_rdflag
2013-10-08 11:20 - 2013-10-08 11:20 - 00001453 _____ C:\Users\Adam\Documents\1.txt
2013-10-08 11:20 - 2013-10-08 11:20 - 00000350 _____ C:\Users\Adam\Documents\2.txt
2013-10-08 09:42 - 2013-10-08 09:42 - 00000000 ____D C:\Program Files (x86)\Corel
2013-10-08 09:42 - 2013-10-08 09:40 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X6.1
2013-10-08 09:42 - 2013-06-17 18:34 - 00000000 ____D C:\ProgramData\Corel
2013-10-08 09:41 - 2013-10-08 09:41 - 00000000 ____D C:\Program Files\Common Files\Corel
2013-10-08 09:36 - 2013-10-08 09:36 - 00002368 _____ C:\Users\Public\Desktop\Bitstream Font Navigator (64-Bit).lnk
2013-10-08 09:36 - 2013-06-17 18:31 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X6
2013-10-08 09:36 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-08 09:35 - 2013-10-08 09:36 - 00002833 _____ C:\Users\Public\Desktop\CorelDRAW X6 (64-Bit).lnk
2013-10-08 09:35 - 2013-10-08 09:35 - 00000000 ____D C:\Users\Public\Documents\Corel
2013-10-08 09:35 - 2013-10-08 09:35 - 00000000 ____D C:\Program Files\Corel
2013-10-08 09:35 - 2013-10-08 09:35 - 00000000 ____D C:\Program Files\Common Files\Protexis
2013-10-07 14:43 - 2013-10-07 14:43 - 00000421 _____ C:\Users\Adam\Downloads\priloha
2013-10-04 18:44 - 2013-06-14 17:41 - 00003944 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-04 18:44 - 2013-06-14 17:41 - 00003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-04 17:27 - 2013-10-04 17:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2013-10-04 17:27 - 2013-10-04 17:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2013-10-04 17:27 - 2013-10-04 17:27 - 00000000 ____D C:\Users\Adam\AppData\Roaming\WTablet
2013-10-04 17:27 - 2013-10-04 17:27 - 00000000 ____D C:\Program Files\TabletPlugins
2013-10-04 17:27 - 2013-10-04 17:27 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-10-04 17:27 - 2013-10-04 17:26 - 00000000 ____D C:\Program Files\Tablet
2013-10-04 17:26 - 2013-10-04 17:25 - 36517224 _____ C:\Users\Adam\Downloads\WacomTablet_636w3.exe
2013-10-03 17:03 - 2013-10-03 17:03 - 00050952 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2013-10-03 17:03 - 2013-10-03 17:03 - 00042760 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2013-10-03 17:03 - 2013-10-03 17:03 - 00000000 ____D C:\Users\Adam\AppData\Local\Comodo
2013-10-03 17:02 - 2013-10-03 17:02 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2013-10-03 17:02 - 2013-10-03 17:02 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-10-03 16:48 - 2013-10-03 16:48 - 05770848 _____ (New IT Solutions) C:\Users\Adam\Downloads\Corel Keygen (By PetertHEBest99).exe
2013-10-03 16:05 - 2013-10-03 16:04 - 06077736 _____ (http://yourfiledownloader.com) C:\Users\Adam\Downloads\amtlib_dll_64_bit_corel_draw_x6_downloader_cz_99370.exe
2013-10-03 12:51 - 2013-10-03 12:47 - 71669036 _____ C:\Users\Adam\Desktop\RGA DESIGN ukázky.rar
2013-10-03 12:50 - 2013-08-05 11:02 - 00000000 ____D C:\Users\Adam\Desktop\RGA DESIGN ukázky
2013-10-01 13:32 - 2013-10-01 13:28 - 114727586 _____ C:\Users\Adam\Downloads\Ladies_tee_basic1296.psd
2013-10-01 13:18 - 2013-10-01 13:15 - 81356801 _____ C:\Users\Adam\Downloads\Mens_tee_basic.psd
2013-10-01 09:24 - 2013-10-01 09:24 - 00211094 _____ C:\Users\Adam\Downloads\Corel Keygen.zip
2013-10-01 08:33 - 2013-10-01 08:33 - 00000000 _____ C:\Windows\setuperr.log

Some content of TEMP:
====================
C:\Users\Adam\AppData\Local\Temp\BackupSetup.exe
C:\Users\Adam\AppData\Local\Temp\bucMbqkbHRNwPvfwehMX.DLL
C:\Users\Adam\AppData\Local\Temp\htmlayout.dll
C:\Users\Adam\AppData\Local\Temp\ikricPyPfvvozsIdOJDG.DLL
C:\Users\Adam\AppData\Local\Temp\jUwsHvPHCsDgzGkiJSLG.DLL
C:\Users\Adam\AppData\Local\Temp\MHVnVLJaHvieJeUrWvQZ.DLL
C:\Users\Adam\AppData\Local\Temp\mpb1C09.tmp.exe
C:\Users\Adam\AppData\Local\Temp\Quarantine.exe
C:\Users\Adam\AppData\Local\Temp\TgIYXIOhikFeWxFTHxVL.DLL
C:\Users\Adam\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Adam\AppData\Local\Temp\yGlPffJzgFtzeDsxZKum.DLL


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-14 18:02

==================== End Of Log ============================

Re: BLUE SCREEN ATHURX.SYS

Napsal: 29 říj 2013 15:49
od vyosek
:arrow: Vidim tam jeste dosti problemu, PC procistime a uvidime

:arrow: Odinstalujte Advanced SystemCare 6 a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

:arrow: Odinstalujte McAfee Security Scan, muze kolidovat s Kasperskym

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKCU\...\Run: [Google Update] - C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-06-14] (Google Inc.)
HKCU\...\Run: [Nektra OEAPI] - [x]
HKCU\...\Run: [OEXPRESS] - [x]
HKCU\...\Run: [SmartRAM] - "C:\Program Files (x86)\IObit\Advanced SystemCare 6\Suo10_SmartRAM.exe" /m
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Adam\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Adam\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-05-23] (Samsung)
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Zoner Photo Studio Autoupdate] - D:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe [774680 2013-06-07] (ZONER software)
MountPoints2: {0de441b0-d4ff-11e2-b246-806e6f6e6963} - P:\autorun.exe
MountPoints2: {69309ed0-d520-11e2-9890-806e6f6e6963} - F:\Viewer\ppview32.exe agaxzs\auto.ppt
HKLM-x32\...\Run: [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe [884 2013-06-14] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] - "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)

SearchScopes: HKCU - {C5A782CD-5D09-44DF-9065-05EDA1150E29} URL = http://search.yahoo.com/search?fr=chr-g ... =800236&p={searchTerms}
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=green ... =800236&p=
FF SearchPlugin: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ws7l1lno.default\searchplugins\yahoo_ff.xml

CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

2013-10-29 15:03 - 2013-10-29 15:04 - 00029696 _____ C:\Users\Adam\AppData\Local\MSGBOX.EXE
C:\Users\Adam\AppData\Local\Temp\BackupSetup.exe
C:\Users\Adam\AppData\Local\Temp\bucMbqkbHRNwPvfwehMX.DLL
C:\Users\Adam\AppData\Local\Temp\htmlayout.dll
C:\Users\Adam\AppData\Local\Temp\ikricPyPfvvozsIdOJDG.DLL
C:\Users\Adam\AppData\Local\Temp\jUwsHvPHCsDgzGkiJSLG.DLL
C:\Users\Adam\AppData\Local\Temp\MHVnVLJaHvieJeUrWvQZ.DLL
C:\Users\Adam\AppData\Local\Temp\mpb1C09.tmp.exe
C:\Users\Adam\AppData\Local\Temp\Quarantine.exe
C:\Users\Adam\AppData\Local\Temp\TgIYXIOhikFeWxFTHxVL.DLL
C:\Users\Adam\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Adam\AppData\Local\Temp\yGlPffJzgFtzeDsxZKum.DLL
C:\Program Files (x86)\Common Files\Spigot
C:\Windows\inf\ntvdm.vbe
C:\Program Files (x86)\IObit
C:\Windows\inf\msguoag

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AshSnap" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BootStartBRC" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CorelDRAW Graphics Suite 11b" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelTBRunOnce" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12Agent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate" /f

Hosts:

End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: BLUE SCREEN ATHURX.SYS

Napsal: 29 říj 2013 16:15
od Boofy
Při fixu mi kaspersky začal hlásit detekci trojana v nějakém souboru FRST a pak se to restartovalo samo, po restartu to opět spadlo do BLUE SCREEN s hláškou.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-10-2013
Ran by Adam at 2013-10-29 16:08:24 Run:1
Running from C:\Users\Adam\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKCU\...\Run: [Google Update] - C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-06-14] (Google Inc.)
HKCU\...\Run: [Nektra OEAPI] - [x]
HKCU\...\Run: [OEXPRESS] - [x]
HKCU\...\Run: [SmartRAM] - "C:\Program Files (x86)\IObit\Advanced SystemCare 6\Suo10_SmartRAM.exe" /m
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Adam\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Adam\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-05-23] (Samsung)
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Zoner Photo Studio Autoupdate] - D:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe [774680 2013-06-07] (ZONER software)
MountPoints2: {0de441b0-d4ff-11e2-b246-806e6f6e6963} - P:\autorun.exe
MountPoints2: {69309ed0-d520-11e2-9890-806e6f6e6963} - F:\Viewer\ppview32.exe agaxzs\auto.ppt
HKLM-x32\...\Run: [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe [884 2013-06-14] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] - "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)

SearchScopes: HKCU - {C5A782CD-5D09-44DF-9065-05EDA1150E29} URL = http://search.yahoo.com/search?fr=chr-g ... =800236&p={searchTerms}
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=green ... =800236&p=
FF SearchPlugin: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ws7l1lno.default\searchplugins\yahoo_ff.xml

CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

2013-10-29 15:03 - 2013-10-29 15:04 - 00029696 _____ C:\Users\Adam\AppData\Local\MSGBOX.EXE
C:\Users\Adam\AppData\Local\Temp\BackupSetup.exe
C:\Users\Adam\AppData\Local\Temp\bucMbqkbHRNwPvfwehMX.DLL
C:\Users\Adam\AppData\Local\Temp\htmlayout.dll
C:\Users\Adam\AppData\Local\Temp\ikricPyPfvvozsIdOJDG.DLL
C:\Users\Adam\AppData\Local\Temp\jUwsHvPHCsDgzGkiJSLG.DLL
C:\Users\Adam\AppData\Local\Temp\MHVnVLJaHvieJeUrWvQZ.DLL
C:\Users\Adam\AppData\Local\Temp\mpb1C09.tmp.exe
C:\Users\Adam\AppData\Local\Temp\Quarantine.exe
C:\Users\Adam\AppData\Local\Temp\TgIYXIOhikFeWxFTHxVL.DLL
C:\Users\Adam\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Adam\AppData\Local\Temp\yGlPffJzgFtzeDsxZKum.DLL
C:\Program Files (x86)\Common Files\Spigot
C:\Windows\inf\ntvdm.vbe
C:\Program Files (x86)\IObit
C:\Windows\inf\msguoag

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AshSnap" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BootStartBRC" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CorelDRAW Graphics Suite 11b" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelTBRunOnce" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12Agent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate" /f

Hosts:

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Nvtmru => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ShadowPlay => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Nektra OEAPI => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\SmartRAM => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPreload => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPDLR => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0de441b0-d4ff-11e2-b246-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{0de441b0-d4ff-11e2-b246-806e6f6e6963} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69309ed0-d520-11e2-9890-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{69309ed0-d520-11e2-9890-806e6f6e6963} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NtVdmSrv => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\APSDaemon => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C5A782CD-5D09-44DF-9065-05EDA1150E29} => Key deleted successfully.
HKCR\CLSID\{C5A782CD-5D09-44DF-9065-05EDA1150E29} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Value deleted successfully.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox Keyword.URL deleted successfully.
C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ws7l1lno.default\searchplugins\yahoo_ff.xml => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj => Key deleted successfully.
"C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj => Key deleted successfully.
"C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh => Key deleted successfully.
Could not move "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx" => Scheduled to move on reboot.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk => Key deleted successfully.
"C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp => Key deleted successfully.
"C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx" => File/Directory not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
C:\Users\Adam\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\bucMbqkbHRNwPvfwehMX.DLL => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\htmlayout.dll => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\ikricPyPfvvozsIdOJDG.DLL => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\jUwsHvPHCsDgzGkiJSLG.DLL => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\MHVnVLJaHvieJeUrWvQZ.DLL => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\mpb1C09.tmp.exe => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\TgIYXIOhikFeWxFTHxVL.DLL => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\vcredist_x64.exe => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\yGlPffJzgFtzeDsxZKum.DLL => Moved successfully.
"C:\Program Files (x86)\Common Files\Spigot" => File/Directory not found.
C:\Windows\inf\ntvdm.vbe => Moved successfully.
C:\Program Files (x86)\IObit => Moved successfully.
C:\Windows\inf\msguoag => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AshSnap" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BootStartBRC" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CorelDRAW Graphics Suite 11b" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelTBRunOnce" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12Agent" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.

Re: BLUE SCREEN ATHURX.SYS

Napsal: 29 říj 2013 17:22
od vyosek
:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: Pouzijte WhoCrash dle kolegy
Roli píše:použij WhoCrashed

po spuštění klikni na Analyze,

aplikace po chvilce vytvoří zprávu o příčině pádu, kterou mi sem nakopíruj.

Re: BLUE SCREEN ATHURX.SYS

Napsal: 29 říj 2013 19:30
od Boofy
TFC zřejmě provedl co měl, ale nespustil automatický restart a WhoCrashed lze sice spustit ale vždy po zvolení volby analyze mi napíše informační hlášku abych scrolloval dolů pro přečtení informací, což jsem udělal ale vždy napíše to samé a nevyhodí LOG

Re: BLUE SCREEN ATHURX.SYS

Napsal: 30 říj 2013 06:49
od vyosek
OK, pockejte, az to opet spadne a pak mi zabalte obsah c:\windows\minidump a nekam uploadnete

Re: BLUE SCREEN ATHURX.SYS

Napsal: 30 říj 2013 09:13
od Boofy
Dobrý den,

Minidump obsah složky:

http://leteckaposta.cz/139493517

Re: BLUE SCREEN ATHURX.SYS

Napsal: 30 říj 2013 14:31
od vyosek
OK, poprosil jsem kolegu o soucinnost...

Re: BLUE SCREEN ATHURX.SYS

Napsal: 30 říj 2013 19:30
od MiliNess
Nainstaluj tento nový ovladač WiFi adaptéru. Ten je pravděpodobně původcem (pokud ti neodešel WiFi adaptér na desce)
Rovnou můžeš aktualizovat ovladače USB 3.0. Především tedy Renesas USB3.0 Driver, ten od Intelu je celkem čerstvý. Ten WiFi adaptér je totiž na USB sběrnici.
Dále nedoporučuji používat Smart Defrag od IObit. V několika verzích ovladače SmartDefragDriver.sys jsem našel chyby, které mohou způsobovat další problémy.
IObit má vůbec debilní produkty (říkám tomu IOblitky)

Re: BLUE SCREEN ATHURX.SYS

Napsal: 31 říj 2013 08:38
od Boofy
Dobrý den,

smart defrag jsem sice přes ccleaner nenašel, ale při hledání v pc mi ho našlo s tím, že originál byl buď přesunut nebo odstraněn a jestli chci zástupce odstranit, tak jsem to udělal. Další dvě aktualizace rovněž dokončeny. Dneska mi to bylo schopné z rána spadnout hned 3x po sobě. Jaké jsou následující kroky ? :) Moc děkuji za trpělivost

Re: BLUE SCREEN ATHURX.SYS

Napsal: 31 říj 2013 10:46
od MiliNess
Znovu upni nové soubory ze složky Windows\Minidump

Re: BLUE SCREEN ATHURX.SYS

Napsal: 31 říj 2013 11:23
od Boofy
obsah Minidump:

http://leteckaposta.cz/374294153

Re: BLUE SCREEN ATHURX.SYS

Napsal: 31 říj 2013 15:23
od MiliNess
Oba ovladače jsou ve stále stejné verzi. Zkus tento (USB3.0).
Dále stáhni tento archiv, rozbal ho, spusť Správce zařízení, rozbal uzel Síťové adaptéry, klikni pravým myšítkem na
WiFi adaptér Atheros, zvol Aktualizovat software ovladače a zkus ho aktualizovat ovladačem ze složky, kterou jsi vybalil z toho archivu výše.
Pak mi napiš, jak to dopadlo.
Všechny časy jsou v UTC+01:00
Stránka 2 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz