VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zasekávání počítače.... kontrola logu Donate SMS jistá!

https://forum.viry.cz:443/viewtopic.php?t=132653

Stránka 1 z 1

Zasekávání počítače.... kontrola logu Donate SMS jistá!

Napsal: 09 zář 2013 14:41
od Sedivec
Zdravím

Mám problémy s tím, že se zasekává myška a občas to jde do takových extrémů jako je blue screen. Počítač sem nedávno reinstaloval, takže bych se chtěl ujistit, jestli to není virem. Bitdefender našel jeden vir, který není schopný vymazat. Prosím tedy o kontrolu logu a pomoc.

Sms na podporu fora je jistá.

S přáním hezkého dne

Jan Šedý

ogfile of random's system information tool 1.09 (written by random/random)
Run by sedivec at 2013-09-09 15:34:24
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 61 GB (61%) free of 100 GB
Total RAM: 8190 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:35:28, on 9.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Users\sedivec\AppData\Roaming\Search Protection\SearchProtection.exe
C:\Genius\ioCentre\gTaskBar.exe
D:\Program Files (x86)\NetSoftware\NetSoftware.exe
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\trend micro\sedivec.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: InternetPanelBHO - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - D:\Program Files (x86)\NetSoftware\IEHelper.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [NetSoftware] "D:\Program Files (x86)\NetSoftware\Starter.exe" /path="D:\Program Files (x86)\NetSoftware"
O4 - HKCU\..\Run: [Steam] "D:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [SearchProtection] "C:\Users\sedivec\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-216152066-3477692980-1996625501-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-216152066-3477692980-1996625501-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://D:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: DokanMounter - Unknown owner - C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Bitdefender Antivirus Free Edition (gzserv) - Bitdefender - C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - D:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9832 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe" /service
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
taskeng.exe {592F4780-0A3B-40A3-B712-EA3ABBB58E66}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\AutoKMS.exe
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe" -noshow
"taskhost.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
C:\Windows\Explorer.EXE
cmd /c ""C:\ProgramData\AutoKMS\AutoKMS.cmd" "
\??\C:\Windows\system32\conhost.exe "-16811362928399655551913416023715740118-1605405530-1324917508-2038627795-709519659
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\ProgramData\AutoKMS\Resources\StartX\StartX.exe" /b "Resources\KMSKG\Keygen.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Users\sedivec\AppData\Roaming\Search Protection\SearchProtection.exe" /autostart
"C:\Genius\ioCentre\gTaskBar.exe"
"D:\Program Files (x86)\NetSoftware\NetSoftware.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1071641841893618473151471849499166808-1632813038107878511212722944181845019932
C:\Genius\ioCentre\gMouseTask
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Genius\ioCentre\gKbdTask
C:\Genius\ioCentre\gAutoPan
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Genius\ioCentre\gAutoScroll
C:\Genius\ioCentre\gZoom
C:\Genius\ioCentre\gMGlass
C:\Genius\ioCentre\gIMMgm
C:\Genius\ioCentre\gDeskMgm
C:\Genius\ioCentre\gTaskSwitch
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe" -Embedding
"C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=8936.10cc7e00.1007845180 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 8936 "\\.\pipe\gecko-crash-server-pipe.8936" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --proxy-stub-channel=Flash9120.6704A550.27901 --host-broker-channel=Flash9120.6704A550.4532 --host-pid=9120 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --channel=6428.0017F364.800811006 --proxy-stub-channel=Flash9120.6704A550.27901 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" --host-npapi-version=27 --type=renderer
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
C:\Windows\system32\wbem\wmiprvse.exe
"D:\Sažené soubory\RSITx64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\sedivec\AppData\Roaming\Mozilla\Firefox\Profiles\msfhpkh3.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/|about:home"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =443898&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL


C:\Users\sedivec\AppData\Roaming\Mozilla\Firefox\Profiles\msfhpkh3.default\searchplugins\
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE7C3CF0-4B15-11D1-ABED-709549C10000}]
Internet Panel - D:\Program Files (x86)\NetSoftware\IEHelper.dll [2013-04-18 440816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-08-27 1028896]
"BCSSync"=D:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\Program Files (x86)\Steam\Steam.exe [2013-08-28 1811880]
"SearchProtection"=C:\Users\sedivec\AppData\Roaming\Search Protection\SearchProtection.EXE [2013-05-22 740712]
"DAEMON Tools Lite"=D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2006-12-08 241664]
"NetSoftware"=D:\Program Files (x86)\NetSoftware\Starter.exe [2013-09-04 189952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-09-09 15:34:24 ----D---- C:\rsit
2013-09-09 15:34:24 ----D---- C:\Program Files\trend micro
2013-09-09 15:29:53 ----D---- C:\Program Files\CCleaner
2013-09-09 14:52:29 ----D---- C:\Program Files (x86)\Dokan
2013-09-02 19:45:40 ----D---- C:\Users\sedivec\AppData\Roaming\NVIDIA
2013-09-01 14:11:57 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-09-01 14:08:41 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-09-01 14:08:41 ----A---- C:\Windows\system32\nvopencl.dll
2013-09-01 14:08:41 ----A---- C:\Windows\system32\nvhdap64.dll
2013-09-01 14:08:41 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2013-09-01 14:08:40 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-09-01 14:08:40 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-09-01 14:08:40 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-09-01 14:08:40 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2013-09-01 14:08:40 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-09-01 14:08:40 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-09-01 14:08:40 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-09-01 14:08:40 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-09-01 14:08:40 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-09-01 14:08:40 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-09-01 14:08:40 ----A---- C:\Windows\system32\nvoglv64.dll
2013-09-01 14:08:40 ----A---- C:\Windows\system32\nvoglshim64.dll
2013-09-01 14:08:40 ----A---- C:\Windows\system32\nvinitx.dll
2013-09-01 14:08:40 ----A---- C:\Windows\system32\NvIFR64.dll
2013-09-01 14:08:40 ----A---- C:\Windows\system32\NvFBC64.dll
2013-09-01 14:08:40 ----A---- C:\Windows\system32\nvdispgenco6432680.dll
2013-09-01 14:08:40 ----A---- C:\Windows\system32\nvdispco6432680.dll
2013-09-01 14:08:40 ----A---- C:\Windows\system32\nvcuvid.dll
2013-09-01 14:08:40 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-09-01 14:08:40 ----A---- C:\Windows\system32\nvcuda.dll
2013-09-01 14:08:40 ----A---- C:\Windows\system32\nvcompiler.dll
2013-09-01 14:08:40 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-09-01 14:06:52 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2013-09-01 14:06:52 ----A---- C:\Windows\system32\nvaudcap64v.dll
2013-09-01 14:06:52 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2013-08-25 03:00:41 ----D---- C:\Program Files (x86)\MSXML 4.0
2013-08-24 10:08:24 ----D---- C:\Users\sedivec\AppData\Roaming\Nero
2013-08-24 10:06:42 ----D---- C:\ProgramData\Nero
2013-08-19 20:29:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-19 05:09:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-08-19 05:09:15 ----A---- C:\Windows\system32\ieui.dll
2013-08-19 05:09:14 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-08-19 05:09:14 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-08-19 05:09:14 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-08-19 05:09:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-08-19 05:09:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-08-19 05:09:14 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-19 05:09:14 ----A---- C:\Windows\system32\iesysprep.dll
2013-08-19 05:09:14 ----A---- C:\Windows\system32\iesetup.dll
2013-08-19 05:09:14 ----A---- C:\Windows\system32\iernonce.dll
2013-08-19 05:09:14 ----A---- C:\Windows\system32\ie4uinit.exe
2013-08-19 05:09:13 ----A---- C:\Windows\system32\iertutil.dll
2013-08-19 05:09:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-08-19 05:09:12 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-08-19 05:09:12 ----A---- C:\Windows\system32\msfeeds.dll
2013-08-19 05:09:12 ----A---- C:\Windows\system32\jscript9.dll
2013-08-19 05:09:12 ----A---- C:\Windows\system32\jscript.dll
2013-08-19 05:09:11 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-08-19 05:09:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-08-19 05:09:11 ----A---- C:\Windows\system32\urlmon.dll
2013-08-19 05:09:10 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-08-19 05:09:10 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-08-19 05:09:10 ----A---- C:\Windows\system32\jsproxy.dll
2013-08-19 05:09:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-08-19 05:09:09 ----A---- C:\Windows\system32\wininet.dll
2013-08-19 05:09:08 ----A---- C:\Windows\system32\ieframe.dll
2013-08-19 05:09:07 ----A---- C:\Windows\system32\mshtml.dll
2013-08-19 05:09:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-08-18 20:55:06 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-08-18 20:55:06 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-08-18 20:55:06 ----A---- C:\Windows\system32\wintrust.dll
2013-08-18 20:55:06 ----A---- C:\Windows\system32\crypt32.dll
2013-08-18 20:55:05 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-08-18 20:55:05 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-08-18 20:55:05 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-18 20:55:05 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-18 20:54:58 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-08-18 20:54:58 ----A---- C:\Windows\system32\tzres.dll
2013-08-18 20:54:55 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-08-18 20:54:55 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-18 20:54:54 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-08-18 20:54:54 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-18 20:54:54 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-18 20:54:53 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-08-18 14:58:20 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe

======List of files/folders modified in the last 1 month======

2013-09-09 15:34:24 ----RD---- C:\Program Files
2013-09-09 15:31:29 ----D---- C:\Users\sedivec\AppData\Roaming\DAEMON Tools Lite
2013-09-09 15:31:28 ----D---- C:\Users\sedivec\AppData\Roaming\uTorrent
2013-09-09 15:31:25 ----D---- C:\Windows\Panther
2013-09-09 15:31:25 ----D---- C:\Windows\inf
2013-09-09 15:31:23 ----D---- C:\Windows\Minidump
2013-09-09 15:31:23 ----D---- C:\Windows\Logs
2013-09-09 15:31:23 ----D---- C:\Windows\debug
2013-09-09 15:31:23 ----D---- C:\Windows
2013-09-09 15:31:15 ----D---- C:\Windows\Temp
2013-09-09 15:29:54 ----D---- C:\Windows\system32\Tasks
2013-09-09 15:29:43 ----D---- C:\Windows\System32
2013-09-09 14:55:42 ----D---- C:\ProgramData\NetSoftware
2013-09-09 14:52:29 ----RD---- C:\Program Files (x86)
2013-09-09 14:52:29 ----D---- C:\Windows\SysWOW64
2013-09-09 14:52:29 ----D---- C:\Windows\system32\drivers
2013-09-09 09:38:39 ----D---- C:\Windows\system32\config
2013-09-09 09:31:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-09 09:25:08 ----D---- C:\ProgramData\AutoKMS
2013-09-09 09:24:51 ----D---- C:\ProgramData\NVIDIA
2013-09-09 00:07:43 ----SHD---- C:\System Volume Information
2013-09-08 18:56:20 ----D---- C:\Windows\Prefetch
2013-09-06 04:49:18 ----D---- C:\Windows\system32\catroot2
2013-09-01 17:52:57 ----D---- C:\ProgramData\CanonIJPLM
2013-09-01 14:11:58 ----SHD---- C:\Windows\Installer
2013-09-01 14:11:57 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-09-01 14:11:18 ----D---- C:\Windows\system32\DriverStore
2013-09-01 14:11:18 ----D---- C:\Windows\system32\catroot
2013-09-01 14:07:23 ----RSD---- C:\Windows\assembly
2013-09-01 14:07:09 ----D---- C:\Program Files\NVIDIA Corporation
2013-08-29 19:33:30 ----SD---- C:\Users\sedivec\AppData\Roaming\Microsoft
2013-08-25 03:00:54 ----D---- C:\Windows\winsxs
2013-08-24 10:06:42 ----HD---- C:\ProgramData
2013-08-24 10:06:42 ----D---- C:\Program Files (x86)\Common Files
2013-08-20 20:43:21 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-20 05:03:31 ----D---- C:\Windows\system32\wdi
2013-08-20 04:46:13 ----D---- C:\Windows\rescache
2013-08-20 00:03:23 ----D---- C:\Windows\Microsoft.NET
2013-08-19 19:42:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-08-19 19:42:30 ----D---- C:\Windows\system32\cs-CZ
2013-08-19 19:42:30 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-19 19:42:29 ----D---- C:\Program Files\Internet Explorer
2013-08-19 05:05:28 ----D---- C:\Windows\system32\MRT
2013-08-19 05:05:24 ----A---- C:\Windows\system32\MRT.exe
2013-08-18 23:02:58 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2013-08-18 23:02:58 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-08-18 23:02:58 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-08-18 23:02:58 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-08-18 23:02:58 ----A---- C:\Windows\system32\OpenCL.dll
2013-08-18 23:02:58 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-08-18 23:02:58 ----A---- C:\Windows\system32\nvumdshimx.dll
2013-08-18 23:02:58 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-08-18 23:02:58 ----A---- C:\Windows\system32\nvapi64.dll
2013-08-18 21:34:11 ----A---- C:\Windows\system32\nvcpl.dll
2013-08-18 21:34:10 ----A---- C:\Windows\system32\nvsvc64.dll
2013-08-18 21:34:08 ----A---- C:\Windows\system32\nvvsvc.exe
2013-08-18 21:34:08 ----A---- C:\Windows\system32\nvsvcr.dll
2013-08-18 21:34:08 ----A---- C:\Windows\system32\nvshext.dll
2013-08-18 21:34:07 ----A---- C:\Windows\system32\nvmctray.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-24 16440]
R0 avc3;avc3; C:\Windows\system32\DRIVERS\avc3.sys [2013-04-17 718840]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 trufos;trufos; C:\Windows\system32\DRIVERS\trufos.sys [2013-05-28 382536]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [2013-08-29 121928]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-30 283064]
R1 gzflt;gzflt; C:\Windows\system32\DRIVERS\gzflt.sys [2013-04-22 148696]
R2 Dokan;Dokan; \??\C:\Windows\system32\drivers\dokan.sys [2011-01-10 120408]
R3 avckf;avckf; C:\Windows\system32\DRIVERS\avckf.sys [2013-04-17 593144]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-06-16 196384]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-08-20 39200]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DokanMounter;DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
R2 gzserv;Bitdefender Antivirus Free Edition; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2013-08-29 64224]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-08-27 14997280]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-18 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-08-27 2155296]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-25 75136]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2013-07-25 189248]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-08-18 414496]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; D:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-25 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; D:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-19 117656]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-08-28 563624]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-25 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Re: Zasekávání počítače.... kontrola logu Donate SMS jistá!

Napsal: 09 zář 2013 15:06
od vyosek
Zdravim :)

:arrow: Vsak uz tam mate zas nejaky bordel :arcisit:

:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
:arrow: Poprosim o FRSTL http://forum.viry.cz/viewtopic.php?f=24&t=132509

Re: Zasekávání počítače.... kontrola logu Donate SMS jistá!

Napsal: 09 zář 2013 15:28
od Sedivec
Vkládám dva logy. Ten poslední FRDT launcher hazí chybu:Systém nemůže najít soubor FRST64.exe.

Zatím děkuji a těším se na odpověď.

# AdwCleaner v3.003 - Report created 09/09/2013 at 16:21:15
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : sedivec - SEDIVEC-PC
# Running from : D:\Sažené soubory\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660


-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\sedivec\AppData\Roaming\Mozilla\Firefox\Profiles\msfhpkh3.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [771 octets] - [09/09/2013 16:20:17]
AdwCleaner[S0].txt - [695 octets] - [09/09/2013 16:21:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [754 octets] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.9 (09.07.2013:1)
OS: Windows 7 Professional x64
Ran by sedivec on po 09.09.2013 at 16:12:25,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotection



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\sedivec\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\sedivec\AppData\Roaming\search protection"



~~~ FireFox

Emptied folder: C:\Users\sedivec\AppData\Roaming\mozilla\firefox\profiles\msfhpkh3.default\minidumps [73 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 09.09.2013 at 16:18:52,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: Zasekávání počítače.... kontrola logu Donate SMS jistá!

Napsal: 09 zář 2013 15:31
od vyosek
Mate FRSTL ulozeny na Plose :???:

Re: Zasekávání počítače.... kontrola logu Donate SMS jistá!

Napsal: 09 zář 2013 16:18
od Sedivec
Oki... moje chyba :turned:

Zde jest :-)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-09-2013
Ran by sedivec (administrator) on SEDIVEC-PC on 09-09-2013 17:16:27
Running from C:\Users\sedivec\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Windows\AutoKMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(PJ Naughter) C:\ProgramData\AutoKMS\Resources\StartX\StartX.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(TODO: <Company name>) C:\Genius\ioCentre\gTaskBar.exe
(Gemius) D:\Program Files (x86)\NetSoftware\NetSoftware.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(TODO: <Company name>) C:\Genius\ioCentre\gMouseTask.exe
(TODO: <Company name>) C:\Genius\ioCentre\gKbdTask.exe
(TODO: <Company name>) C:\Genius\ioCentre\gAutoPan.exe
() C:\Genius\ioCentre\gAutoScroll.exe
(TODO: <Company name>) C:\Genius\ioCentre\gZoom.exe
(TODO: <Company name>) C:\Genius\ioCentre\gMGlass.exe
(TODO: <Company name>) C:\Genius\ioCentre\gIMMgm.exe
(TODO: <Company name>) C:\Genius\ioCentre\gDeskMgm.exe
(TODO: <Company name>) C:\Genius\ioCentre\gTaskSwitch.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [BCSSync] - D:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [Steam] - D:\Program Files (x86)\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
MountPoints2: {18f4bc49-f91d-11e2-9736-14dae93782b5} - G:\Machinarium_Setup_EN.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [ioCentre] - C:\Genius\ioCentre\gTaskBar.exe [241664 2006-12-08] (TODO: <Company name>)
HKLM-x32\...\Run: [NetSoftware] - D:\Program Files (x86)\NetSoftware\Starter.exe [189952 2013-09-04] (Gemius)

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - {679F5A8F-7DA4-40A5-BD36-C673A3C17B44} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Internet Panel - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - D:\Program Files (x86)\NetSoftware\IEHelper.dll (Gemius)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\sedivec\AppData\Roaming\Mozilla\Firefox\Profiles\msfhpkh3.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/|about&#058;home
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=443898&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - D:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKCU\...\Firefox\Extensions: [gemgecko@gemius.com] D:\Program Files (x86)\NetSoftware\gemgecko_ext\
FF Extension: Výzkum NetMonitor - D:\Program Files (x86)\NetSoftware\gemgecko_ext\

==================== Services (Whitelisted) =================

R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [64224 2013-08-29] (Bitdefender)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S3 Microsoft SharePoint Workspace Audit Service; D:\Program Files\Microsoft Office\Office14\GROOVE.EXE [51456888 2010-03-25] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-07-25] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [189248 2013-07-25] ()
S2 SkypeUpdate; D:\Program Files (x86)\Skype\Updater\Updater.exe [162408 2013-06-21] (Skype Technologies)

==================== Drivers (Whitelisted) ====================

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-08-29] (Bitdefender SRL)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-07-30] (Disc Soft Ltd)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2013-08-05] (BitDefender)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-09 17:15 - 2013-09-09 17:15 - 00000000 ____D C:\FRST
2013-09-09 17:15 - 2013-09-08 23:29 - 01948948 _____ (Farbar) C:\Users\sedivec\Desktop\FRST64.exe
2013-09-09 16:25 - 2013-09-09 16:25 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb03699B.CA
2013-09-09 16:25 - 2013-09-09 16:25 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb032DC3.9C
2013-09-09 16:24 - 2013-09-09 16:24 - 00000831 _____ C:\Users\sedivec\Desktop\AdwCleaner[S0].txt
2013-09-09 16:24 - 2013-09-09 16:24 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb029913.BA
2013-09-09 16:19 - 2013-09-09 16:21 - 00000000 ____D C:\AdwCleaner
2013-09-09 16:18 - 2013-09-09 16:19 - 00001055 _____ C:\Users\sedivec\Desktop\JRT.txt
2013-09-09 16:12 - 2013-09-09 16:12 - 00000000 ____D C:\Windows\ERUNT
2013-09-09 16:12 - 2013-09-09 16:11 - 01029490 _____ (Thisisu) C:\Users\sedivec\Desktop\JRT.exe
2013-09-09 16:08 - 2013-09-09 16:22 - 00000336 _____ C:\Windows\setupact.log
2013-09-09 16:08 - 2013-09-09 16:08 - 00000000 _____ C:\Windows\setuperr.log
2013-09-09 15:34 - 2013-09-09 15:35 - 00000000 ____D C:\rsit
2013-09-09 15:34 - 2013-09-09 15:35 - 00000000 ____D C:\Program Files\trend micro
2013-09-09 15:29 - 2013-09-09 15:29 - 00002776 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-09 15:29 - 2013-09-09 15:29 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-09 15:29 - 2013-09-09 15:29 - 00000000 ____D C:\Program Files\CCleaner
2013-09-09 14:53 - 2013-09-09 14:53 - 00001061 _____ C:\Users\sedivec\Desktop\xvm-stat – zástupce.lnk
2013-09-09 14:52 - 2013-09-09 14:52 - 00000000 ____D C:\Program Files (x86)\Dokan
2013-09-02 19:45 - 2013-09-02 19:45 - 00000000 ____D C:\Users\sedivec\AppData\Roaming\NVIDIA
2013-09-01 14:11 - 2013-09-01 14:11 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-01 14:08 - 2013-08-18 23:02 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 22101792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 11271968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-01 14:08 - 2013-08-18 23:02 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432680.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432680.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-01 14:08 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-09-01 14:08 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-09-01 14:06 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-09-01 14:06 - 2013-08-20 15:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-09-01 14:06 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-08-30 13:31 - 2013-08-30 13:31 - 00000000 ____D C:\Users\Public\Documents\Polda III
2013-08-30 12:40 - 2013-08-30 13:27 - 00000000 ____D C:\Users\sedivec\Documents\Polda III
2013-08-29 19:40 - 2013-08-29 19:40 - 138529749 _____ C:\Users\sedivec\Desktop\Krkonoše Žancek.zip
2013-08-25 03:00 - 2013-08-25 03:00 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-08-24 10:08 - 2013-08-24 10:11 - 00000000 ____D C:\Users\sedivec\AppData\Roaming\Nero
2013-08-24 10:06 - 2013-08-24 10:06 - 00001442 _____ C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
2013-08-24 10:06 - 2013-08-24 10:06 - 00000000 ____D C:\ProgramData\Nero
2013-08-23 16:57 - 2013-08-23 16:57 - 00000736 _____ C:\Users\UpdatusUser\Desktop\Machinarium.lnk
2013-08-23 16:57 - 2013-08-23 16:57 - 00000736 _____ C:\Users\sedivec\Desktop\Machinarium.lnk
2013-08-23 16:57 - 2013-08-23 16:57 - 00000000 ____D C:\Users\sedivec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Machinarium
2013-08-19 20:32 - 2013-08-29 19:39 - 00000000 ____D C:\Users\sedivec\Desktop\krk
2013-08-19 20:29 - 2013-08-19 20:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-19 05:09 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-19 05:09 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-19 05:09 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-19 05:09 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-19 05:09 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-19 05:09 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-19 05:09 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-19 05:09 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-19 05:09 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-19 05:09 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-19 05:09 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-19 05:09 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-18 20:55 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-18 20:55 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-18 20:55 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-18 20:55 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-18 20:55 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-18 20:55 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-18 20:55 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-18 20:55 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-18 20:54 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-18 20:54 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-18 20:54 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-18 20:54 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-18 20:54 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-18 20:54 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-18 20:54 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-18 20:54 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-18 14:58 - 2013-08-18 14:58 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

==================== One Month Modified Files and Folders =======

2013-09-09 17:15 - 2013-09-09 17:15 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb3138EB.7A
2013-09-09 17:15 - 2013-09-09 17:15 - 00000000 ____D C:\FRST
2013-09-09 17:05 - 2013-08-07 22:27 - 00000000 ____D C:\ProgramData\NetSoftware
2013-09-09 16:29 - 2011-04-12 10:34 - 00666194 _____ C:\Windows\system32\perfh005.dat
2013-09-09 16:29 - 2011-04-12 10:34 - 00139890 _____ C:\Windows\system32\perfc005.dat
2013-09-09 16:29 - 2009-07-14 07:13 - 01576554 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-09 16:29 - 2009-07-14 06:45 - 00022032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-09 16:29 - 2009-07-14 06:45 - 00022032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-09 16:25 - 2013-09-09 16:25 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb03699B.CA
2013-09-09 16:25 - 2013-09-09 16:25 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb032DC3.9C
2013-09-09 16:25 - 2013-07-24 14:40 - 01755374 _____ C:\Windows\WindowsUpdate.log
2013-09-09 16:24 - 2013-09-09 16:24 - 00000831 _____ C:\Users\sedivec\Desktop\AdwCleaner[S0].txt
2013-09-09 16:24 - 2013-09-09 16:24 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb029913.BA
2013-09-09 16:22 - 2013-09-09 16:08 - 00000336 _____ C:\Windows\setupact.log
2013-09-09 16:22 - 2013-07-30 20:39 - 00000000 ____D C:\ProgramData\AutoKMS
2013-09-09 16:22 - 2013-07-24 14:57 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-09 16:22 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-09 16:21 - 2013-09-09 16:19 - 00000000 ____D C:\AdwCleaner
2013-09-09 16:19 - 2013-09-09 16:18 - 00001055 _____ C:\Users\sedivec\Desktop\JRT.txt
2013-09-09 16:12 - 2013-09-09 16:12 - 00000000 ____D C:\Windows\ERUNT
2013-09-09 16:11 - 2013-09-09 16:12 - 01029490 _____ (Thisisu) C:\Users\sedivec\Desktop\JRT.exe
2013-09-09 16:08 - 2013-09-09 16:08 - 00000000 _____ C:\Windows\setuperr.log
2013-09-09 15:35 - 2013-09-09 15:34 - 00000000 ____D C:\rsit
2013-09-09 15:35 - 2013-09-09 15:34 - 00000000 ____D C:\Program Files\trend micro
2013-09-09 15:31 - 2013-07-30 20:47 - 00000000 ____D C:\Windows\Minidump
2013-09-09 15:31 - 2013-07-30 20:23 - 00000000 ____D C:\Users\sedivec\AppData\Roaming\DAEMON Tools Lite
2013-09-09 15:31 - 2013-07-29 10:52 - 00000000 ____D C:\Users\sedivec\AppData\Roaming\uTorrent
2013-09-09 15:31 - 2013-07-24 15:32 - 00000000 ____D C:\Windows\Panther
2013-09-09 15:29 - 2013-09-09 15:29 - 00002776 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-09 15:29 - 2013-09-09 15:29 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-09 15:29 - 2013-09-09 15:29 - 00000000 ____D C:\Program Files\CCleaner
2013-09-09 14:53 - 2013-09-09 14:53 - 00001061 _____ C:\Users\sedivec\Desktop\xvm-stat – zástupce.lnk
2013-09-09 14:52 - 2013-09-09 14:52 - 00000000 ____D C:\Program Files (x86)\Dokan
2013-09-08 23:29 - 2013-09-09 17:15 - 01948948 _____ (Farbar) C:\Users\sedivec\Desktop\FRST64.exe
2013-09-02 19:45 - 2013-09-02 19:45 - 00000000 ____D C:\Users\sedivec\AppData\Roaming\NVIDIA
2013-09-01 17:52 - 2013-07-24 21:59 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-09-01 14:11 - 2013-09-01 14:11 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-01 14:11 - 2013-07-24 14:56 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-01 14:07 - 2013-07-24 14:56 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-08-30 13:31 - 2013-08-30 13:31 - 00000000 ____D C:\Users\Public\Documents\Polda III
2013-08-30 13:27 - 2013-08-30 12:40 - 00000000 ____D C:\Users\sedivec\Documents\Polda III
2013-08-29 23:37 - 2013-07-24 20:35 - 00000882 _____ C:\Users\sedivec\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2013-08-29 23:37 - 2013-07-24 20:35 - 00000882 _____ C:\Users\Public\Desktop\GOM Player.lnk
2013-08-29 19:40 - 2013-08-29 19:40 - 138529749 _____ C:\Users\sedivec\Desktop\Krkonoše Žancek.zip
2013-08-29 19:39 - 2013-08-19 20:32 - 00000000 ____D C:\Users\sedivec\Desktop\krk
2013-08-25 03:00 - 2013-08-25 03:00 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-08-24 10:11 - 2013-08-24 10:08 - 00000000 ____D C:\Users\sedivec\AppData\Roaming\Nero
2013-08-24 10:06 - 2013-08-24 10:06 - 00001442 _____ C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
2013-08-24 10:06 - 2013-08-24 10:06 - 00000000 ____D C:\ProgramData\Nero
2013-08-23 16:57 - 2013-08-23 16:57 - 00000736 _____ C:\Users\UpdatusUser\Desktop\Machinarium.lnk
2013-08-23 16:57 - 2013-08-23 16:57 - 00000736 _____ C:\Users\sedivec\Desktop\Machinarium.lnk
2013-08-23 16:57 - 2013-08-23 16:57 - 00000000 ____D C:\Users\sedivec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Machinarium
2013-08-23 09:13 - 2013-07-25 04:33 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-20 20:43 - 2013-07-24 15:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-20 15:33 - 2013-09-01 14:06 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-08-20 15:32 - 2013-09-01 14:06 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-08-20 15:32 - 2013-09-01 14:06 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-08-20 04:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-19 20:29 - 2013-08-19 20:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-19 05:06 - 2013-07-30 15:30 - 00000000 ____D C:\Windows\system32\MRT
2013-08-19 05:05 - 2013-07-30 15:22 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-18 23:02 - 2013-09-01 14:08 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 22101792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 11271968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-08-18 23:02 - 2013-09-01 14:08 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432680.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432680.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-08-18 23:02 - 2013-07-24 14:56 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-08-18 23:02 - 2013-07-24 14:56 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-08-18 23:02 - 2013-02-26 00:32 - 15900936 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-08-18 23:02 - 2013-02-26 00:32 - 15703176 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-08-18 23:02 - 2013-02-26 00:32 - 13627696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-08-18 23:02 - 2013-02-26 00:32 - 12946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-08-18 23:02 - 2013-02-26 00:32 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-08-18 23:02 - 2013-02-26 00:32 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-08-18 23:02 - 2013-02-26 00:32 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-08-18 23:02 - 2013-02-26 00:32 - 00022581 _____ C:\Windows\system32\nvinfo.pb
2013-08-18 21:34 - 2013-07-24 14:57 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-08-18 21:34 - 2013-07-24 14:57 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-08-18 21:34 - 2013-07-24 14:57 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-08-18 21:34 - 2013-07-24 14:57 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-08-18 21:34 - 2013-07-24 14:57 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-08-18 21:34 - 2013-07-24 14:57 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-08-18 14:58 - 2013-08-18 14:58 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-08-17 07:30 - 2013-07-24 14:57 - 03319709 _____ C:\Windows\system32\nvcoproc.bin

Files to move or delete:
====================
C:\Users\sedivec\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



==================== Alternate Data Streams (whitelisted) ====

AlternateDataStreams: C:\Users\sedivec\Desktop\JRT.exe:BDU

==================== Loaded Modules (whitelisted) ============

Task: {F6DA96C8-AD2A-40CE-8FA1-D121BCB54685} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-21] (Microsoft Corporation)
2013-09-04 21:00 - 2013-09-04 21:00 - 00547776 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_204\avcuf64.dll
2013-08-29 17:01 - 2013-08-29 17:01 - 00126560 _____ (BitDefender LLC) C:\Program Files\Bitdefender\Antivirus Free Edition\npcomm.dll
2013-08-29 17:00 - 2013-08-29 17:00 - 00039992 _____ (Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\Common4.dll
2013-08-29 17:00 - 2013-08-29 17:00 - 00238848 _____ (Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\sqlitewrapper4.dll
2013-08-29 17:00 - 2013-08-29 17:00 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2013-08-29 17:01 - 2013-08-29 17:01 - 00135824 _____ (Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\npcommwrapper4.dll
2013-08-29 17:00 - 2013-08-29 17:00 - 00049768 _____ (Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\FullIface4.dll
2013-02-26 00:32 - 2013-08-18 23:02 - 15703176 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-02-26 00:32 - 2013-08-18 23:02 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-02-26 00:32 - 2013-08-18 23:02 - 15900936 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-07-30 20:22 - 2012-06-09 19:20 - 00196096 _____ (Alexander Roshal) D:\Program Files (x86)\WinRAR\rarext64.dll
2013-07-24 21:56 - 2010-03-25 03:50 - 00113152 _____ (CANON INC.) C:\Program Files\Canon\MyPrinter\cnmpu.dll
2013-07-24 21:55 - 2010-03-29 04:50 - 00066048 _____ (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMyRes.dll
2013-09-04 21:00 - 2013-09-04 21:00 - 00497848 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_204\avcuf32.dll
2013-07-24 20:40 - 2013-08-28 23:47 - 00288680 _____ (Valve Corporation) D:\Program Files (x86)\Steam\crashhandler.dll
2013-07-03 15:23 - 2013-07-16 00:32 - 02895272 _____ (Valve Corporation) D:\Program Files (x86)\Steam\steam.dll
2013-07-09 17:56 - 2013-08-28 23:47 - 10654632 _____ (Valve Corporation) D:\Program Files (x86)\Steam\steamui.dll
2013-07-01 08:20 - 2013-08-22 00:18 - 00687104 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2013-07-09 17:56 - 2013-08-28 23:47 - 00263080 _____ (Valve Corporation) D:\Program Files (x86)\Steam\tier0_s.dll
2013-07-09 17:56 - 2013-08-28 23:47 - 00236456 _____ (Valve Corporation) D:\Program Files (x86)\Steam\vstdlib_s.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 00122864 _____ (Valve) D:\Program Files (x86)\Steam\CSERHelper.dll
2013-07-09 17:56 - 2013-08-28 23:47 - 00169384 _____ (Valve Corporation) D:\Program Files (x86)\Steam\bin\filesystem_stdio.DLL
2013-07-09 17:56 - 2013-08-28 23:47 - 00694696 _____ (Valve Corporation) D:\Program Files (x86)\Steam\bin\vgui2_s.DLL
2013-07-09 17:56 - 2013-08-28 23:47 - 01120680 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-07-09 13:45 - 2013-08-07 21:31 - 20625832 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 09955112 _____ (The ICU Project) D:\Program Files (x86)\Steam\bin\icudt.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 01100800 _____ () D:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 00124416 _____ () D:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 00192000 _____ () D:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-07-09 17:56 - 2013-08-28 23:47 - 07745960 _____ (Valve Corporation) D:\Program Files (x86)\Steam\steamclient.dll
2013-07-09 17:56 - 2013-08-28 23:47 - 02449832 _____ (Valve Corporation) d:\program files (x86)\steam\bin\friendsui.DLL
2013-07-09 17:56 - 2013-08-28 23:47 - 01804712 _____ (Valve Corporation) d:\program files (x86)\steam\bin\serverbrowser.DLL
2013-07-28 11:23 - 2006-12-18 14:43 - 00294912 _____ (TODO: <Company name>) C:\Genius\ioCentre\GenXML.dll
2013-07-28 11:23 - 2006-12-04 19:28 - 00229376 _____ (TODO: <Company name>) C:\Genius\ioCentre\gfMedia.dll
2013-07-28 11:23 - 2006-12-04 18:26 - 00212992 _____ (TODO: <Company name>) C:\Genius\ioCentre\gfBrowser.dll
2013-07-28 11:23 - 2006-12-04 19:28 - 00204800 _____ (TODO: <Company name>) C:\Genius\ioCentre\gfOffice.dll
2013-07-28 11:23 - 2006-12-12 15:06 - 00208896 _____ (TODO: <Company name>) C:\Genius\ioCentre\gfSystem.dll
2013-07-28 11:23 - 2006-12-04 19:26 - 00217088 _____ (TODO: <Company name>) C:\Genius\ioCentre\gfEmail.dll
2013-07-28 11:23 - 2006-11-09 15:43 - 00208896 _____ (TODO: <Company name>) C:\Genius\ioCentre\gDevMgm.dll
2013-07-28 11:23 - 2006-12-08 21:12 - 00221184 _____ (TODO: <Company name>) C:\Genius\ioCentre\gIoCentreHook.dll

==================== Scheduled Tasks (whitelisted) ===========

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?

==================== Supplementary Scan (All) ================


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000005
"ConsentPromptBehaviorUser"=dword:00000003
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000001
"EnableSecureUIAPaths"=dword:00000001
"EnableUIADesktopToggle"=dword:00000000
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=dword:00000001
"NoActiveDesktopChanges"=dword:00000001
"ForceActiveDesktopOn"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=dword:00000001
"AntiVirusOverride"=dword:00000000
"AntiSpywareOverride"=dword:00000000
"FirewallOverride"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.msadpcm"="msadp32.acm"
"midimapper"="midimap.dll"
"wavemapper"="msacm32.drv"
"VIDC.UYVY"="msyuv.dll"
"VIDC.YUY2"="msyuv.dll"
"VIDC.YVYU"="msyuv.dll"
"VIDC.IYUV"="iyuv_32.dll"
"vidc.i420"="iyuv_32.dll"
"VIDC.YVU9"="tsbyuv.dll"
"msacm.l3acm"="C:\\Windows\\System32\\l3codeca.acm"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"
"MSVideo8"="VfWWDM32.dll"
"wave5"="wdmaud.drv"
"midi5"="wdmaud.drv"
"mixer5"="wdmaud.drv"
"aux1"="wdmaud.drv"
"msacm.ac3filter"="ac3filter64.acm"
"wave6"="wdmaud.drv"
"midi6"="wdmaud.drv"
"mixer6"="wdmaud.drv"
"wave4"="wdmaud.drv"
"midi4"="wdmaud.drv"
"mixer4"="wdmaud.drv"
"wave1"="wdmaud.drv"
"midi1"="wdmaud.drv"
"mixer1"="wdmaud.drv"
"wave2"="wdmaud.drv"
"midi2"="wdmaud.drv"
"mixer2"="wdmaud.drv"
"wave3"="wdmaud.drv"
"midi3"="wdmaud.drv"
"mixer3"="wdmaud.drv"


==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:97.56 GB) (Free:59.18 GB) NTFS
Drive d: () (Fixed) (Total:439.45 GB) (Free:369.12 GB) NTFS
Drive e: () (Fixed) (Total:394.4 GB) (Free:20.04 GB) NTFS
Drive f: (Disk) (CDROM) (Total:4.1 GB) (Free:0 GB) CDFS
Drive g: (Machinarium) (CDROM) (Total:0.43 GB) (Free:0 GB) CDFS

Available physical RAM: 6550.39 MB
Total physical RAM: 8190.12 MB
Percentage of memory in use: 20%

LastRegBack: 2013-08-22 04:53

==================== End Of Log ==============================

Re: Zasekávání počítače.... kontrola logu Donate SMS jistá!

Napsal: 09 zář 2013 17:06
od vyosek
:arrow: Co udelame s temi nelegalnimi Office?? Nase forum nepodporuje piratsky SW a tim pachani trestneho cinu :???: :?:

Re: Zasekávání počítače.... kontrola logu Donate SMS jistá!

Napsal: 09 zář 2013 17:50
od Sedivec
Nelegální to určitě nebyl. Byla to trial verze, u které sem jen neměl aktivován klíč. :idea:

Tak i tak sem je pro jistotu odinsaloval :-)

Žádnej jinej nelegální SW bych mít v počítači neměl mít.

Jako důkaz posílám novej log:

Btw: Kam se na vás hrabe FBI :97:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-09-2013
Ran by sedivec (administrator) on SEDIVEC-PC on 09-09-2013 18:46:40
Running from C:\Users\sedivec\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Windows\AutoKMS.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TODO: <Company name>) C:\Genius\ioCentre\gTaskBar.exe
(Gemius) D:\Program Files (x86)\NetSoftware\NetSoftware.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TODO: <Company name>) C:\Genius\ioCentre\gMouseTask.exe
(TODO: <Company name>) C:\Genius\ioCentre\gKbdTask.exe
(TODO: <Company name>) C:\Genius\ioCentre\gAutoPan.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
() C:\Genius\ioCentre\gAutoScroll.exe
(TODO: <Company name>) C:\Genius\ioCentre\gZoom.exe
(TODO: <Company name>) C:\Genius\ioCentre\gMGlass.exe
(TODO: <Company name>) C:\Genius\ioCentre\gIMMgm.exe
(TODO: <Company name>) C:\Genius\ioCentre\gDeskMgm.exe
(TODO: <Company name>) C:\Genius\ioCentre\gTaskSwitch.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [Steam] - D:\Program Files (x86)\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [ioCentre] - C:\Genius\ioCentre\gTaskBar.exe [241664 2006-12-08] (TODO: <Company name>)
HKLM-x32\...\Run: [NetSoftware] - D:\Program Files (x86)\NetSoftware\Starter.exe [189952 2013-09-04] (Gemius)

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - {679F5A8F-7DA4-40A5-BD36-C673A3C17B44} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Internet Panel - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - D:\Program Files (x86)\NetSoftware\IEHelper.dll (Gemius)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\sedivec\AppData\Roaming\Mozilla\Firefox\Profiles\msfhpkh3.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/|about&#058;home
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=443898&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKCU\...\Firefox\Extensions: [gemgecko@gemius.com] D:\Program Files (x86)\NetSoftware\gemgecko_ext\
FF Extension: Výzkum NetMonitor - D:\Program Files (x86)\NetSoftware\gemgecko_ext\

==================== Services (Whitelisted) =================

R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [64224 2013-08-29] (Bitdefender)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-07-25] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [189248 2013-07-25] ()
S2 SkypeUpdate; D:\Program Files (x86)\Skype\Updater\Updater.exe [162408 2013-06-21] (Skype Technologies)

==================== Drivers (Whitelisted) ====================

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-08-29] (Bitdefender SRL)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-07-30] (Disc Soft Ltd)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2013-08-05] (BitDefender)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-09 18:41 - 2013-09-09 18:41 - 00000358 _____ C:\Windows\PFRO.log
2013-09-09 17:17 - 2013-09-09 17:17 - 00014993 _____ C:\Users\sedivec\Desktop\Addition.txt
2013-09-09 17:15 - 2013-09-09 17:15 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb3138EB.7A
2013-09-09 17:15 - 2013-09-09 17:15 - 00000000 ____D C:\FRST
2013-09-09 17:15 - 2013-09-09 16:24 - 00364544 _____ (forum.viry.cz) C:\Users\sedivec\Desktop\FRSTLauncher.exe
2013-09-09 17:15 - 2013-09-08 23:29 - 01948948 _____ (Farbar) C:\Users\sedivec\Desktop\FRST64.exe
2013-09-09 17:15 - 2013-09-08 15:43 - 00045266 _____ C:\Users\sedivec\Desktop\logmodification.bat
2013-09-09 16:25 - 2013-09-09 16:25 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb03699B.CA
2013-09-09 16:25 - 2013-09-09 16:25 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb032DC3.9C
2013-09-09 16:24 - 2013-09-09 16:24 - 00000831 _____ C:\Users\sedivec\Desktop\AdwCleaner[S0].txt
2013-09-09 16:24 - 2013-09-09 16:24 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb029913.BA
2013-09-09 16:19 - 2013-09-09 16:21 - 00000000 ____D C:\AdwCleaner
2013-09-09 16:18 - 2013-09-09 16:19 - 00001055 _____ C:\Users\sedivec\Desktop\JRT.txt
2013-09-09 16:12 - 2013-09-09 16:12 - 00000000 ____D C:\Windows\ERUNT
2013-09-09 16:08 - 2013-09-09 18:42 - 00000504 _____ C:\Windows\setupact.log
2013-09-09 16:08 - 2013-09-09 16:08 - 00000000 _____ C:\Windows\setuperr.log
2013-09-09 15:34 - 2013-09-09 15:35 - 00000000 ____D C:\rsit
2013-09-09 15:34 - 2013-09-09 15:35 - 00000000 ____D C:\Program Files\trend micro
2013-09-09 15:29 - 2013-09-09 15:29 - 00002776 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-09 15:29 - 2013-09-09 15:29 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-09 15:29 - 2013-09-09 15:29 - 00000000 ____D C:\Program Files\CCleaner
2013-09-09 14:53 - 2013-09-09 14:53 - 00001061 _____ C:\Users\sedivec\Desktop\xvm-stat – zástupce.lnk
2013-09-09 14:52 - 2013-09-09 14:52 - 00000000 ____D C:\Program Files (x86)\Dokan
2013-09-02 19:45 - 2013-09-02 19:45 - 00000000 ____D C:\Users\sedivec\AppData\Roaming\NVIDIA
2013-09-01 14:11 - 2013-09-01 14:11 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-01 14:08 - 2013-08-18 23:02 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 22101792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 11271968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-01 14:08 - 2013-08-18 23:02 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432680.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432680.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-09-01 14:08 - 2013-08-18 23:02 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-01 14:08 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-09-01 14:08 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-09-01 14:06 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-09-01 14:06 - 2013-08-20 15:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-09-01 14:06 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-08-30 13:31 - 2013-08-30 13:31 - 00000000 ____D C:\Users\Public\Documents\Polda III
2013-08-30 12:40 - 2013-08-30 13:27 - 00000000 ____D C:\Users\sedivec\Documents\Polda III
2013-08-29 19:40 - 2013-08-29 19:40 - 138529749 _____ C:\Users\sedivec\Desktop\Krkonoše Žancek.zip
2013-08-25 03:00 - 2013-08-25 03:00 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-08-24 10:08 - 2013-08-24 10:11 - 00000000 ____D C:\Users\sedivec\AppData\Roaming\Nero
2013-08-24 10:06 - 2013-08-24 10:06 - 00001442 _____ C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
2013-08-24 10:06 - 2013-08-24 10:06 - 00000000 ____D C:\ProgramData\Nero
2013-08-23 16:57 - 2013-08-23 16:57 - 00000736 _____ C:\Users\UpdatusUser\Desktop\Machinarium.lnk
2013-08-23 16:57 - 2013-08-23 16:57 - 00000736 _____ C:\Users\sedivec\Desktop\Machinarium.lnk
2013-08-23 16:57 - 2013-08-23 16:57 - 00000000 ____D C:\Users\sedivec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Machinarium
2013-08-19 20:32 - 2013-08-29 19:39 - 00000000 ____D C:\Users\sedivec\Desktop\krk
2013-08-19 20:29 - 2013-08-19 20:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-19 05:09 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-19 05:09 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-19 05:09 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-19 05:09 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-19 05:09 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-19 05:09 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-19 05:09 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-19 05:09 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-19 05:09 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-19 05:09 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-19 05:09 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-19 05:09 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-19 05:09 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-19 05:09 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-18 20:55 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-18 20:55 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-18 20:55 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-18 20:55 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-18 20:55 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-18 20:55 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-18 20:55 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-18 20:55 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-18 20:54 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-18 20:54 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-18 20:54 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-18 20:54 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-18 20:54 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-18 20:54 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-18 20:54 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-18 20:54 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-18 14:58 - 2013-08-18 14:58 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

==================== One Month Modified Files and Folders =======

2013-09-09 18:44 - 2009-07-14 06:45 - 00022032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-09 18:44 - 2009-07-14 06:45 - 00022032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-09 18:42 - 2013-09-09 16:08 - 00000504 _____ C:\Windows\setupact.log
2013-09-09 18:42 - 2013-08-07 22:27 - 00000000 ____D C:\ProgramData\NetSoftware
2013-09-09 18:42 - 2013-07-30 20:39 - 00000000 ____D C:\ProgramData\AutoKMS
2013-09-09 18:42 - 2013-07-24 14:57 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-09 18:42 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-09 18:42 - 2009-07-14 06:45 - 00412504 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-09 18:41 - 2013-09-09 18:41 - 00000358 _____ C:\Windows\PFRO.log
2013-09-09 18:40 - 2013-07-24 14:40 - 01767834 _____ C:\Windows\WindowsUpdate.log
2013-09-09 18:33 - 2013-07-30 20:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-09 18:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-09-09 18:33 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-09-09 18:32 - 2011-04-12 10:45 - 00000000 ____D C:\Windows\ShellNew
2013-09-09 18:32 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-09-09 18:32 - 2009-07-14 04:34 - 00000387 _____ C:\Windows\win.ini
2013-09-09 17:17 - 2013-09-09 17:17 - 00014993 _____ C:\Users\sedivec\Desktop\Addition.txt
2013-09-09 17:15 - 2013-09-09 17:15 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb3138EB.7A
2013-09-09 17:15 - 2013-09-09 17:15 - 00000000 ____D C:\FRST
2013-09-09 16:29 - 2011-04-12 10:34 - 00666194 _____ C:\Windows\system32\perfh005.dat
2013-09-09 16:29 - 2011-04-12 10:34 - 00139890 _____ C:\Windows\system32\perfc005.dat
2013-09-09 16:29 - 2009-07-14 07:13 - 01576554 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-09 16:25 - 2013-09-09 16:25 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb03699B.CA
2013-09-09 16:25 - 2013-09-09 16:25 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb032DC3.9C
2013-09-09 16:24 - 2013-09-09 17:15 - 00364544 _____ (forum.viry.cz) C:\Users\sedivec\Desktop\FRSTLauncher.exe
2013-09-09 16:24 - 2013-09-09 16:24 - 00000831 _____ C:\Users\sedivec\Desktop\AdwCleaner[S0].txt
2013-09-09 16:24 - 2013-09-09 16:24 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb029913.BA
2013-09-09 16:21 - 2013-09-09 16:19 - 00000000 ____D C:\AdwCleaner
2013-09-09 16:19 - 2013-09-09 16:18 - 00001055 _____ C:\Users\sedivec\Desktop\JRT.txt
2013-09-09 16:12 - 2013-09-09 16:12 - 00000000 ____D C:\Windows\ERUNT
2013-09-09 16:08 - 2013-09-09 16:08 - 00000000 _____ C:\Windows\setuperr.log
2013-09-09 15:35 - 2013-09-09 15:34 - 00000000 ____D C:\rsit
2013-09-09 15:35 - 2013-09-09 15:34 - 00000000 ____D C:\Program Files\trend micro
2013-09-09 15:31 - 2013-07-30 20:47 - 00000000 ____D C:\Windows\Minidump
2013-09-09 15:31 - 2013-07-30 20:23 - 00000000 ____D C:\Users\sedivec\AppData\Roaming\DAEMON Tools Lite
2013-09-09 15:31 - 2013-07-29 10:52 - 00000000 ____D C:\Users\sedivec\AppData\Roaming\uTorrent
2013-09-09 15:31 - 2013-07-24 15:32 - 00000000 ____D C:\Windows\Panther
2013-09-09 15:29 - 2013-09-09 15:29 - 00002776 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-09 15:29 - 2013-09-09 15:29 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-09 15:29 - 2013-09-09 15:29 - 00000000 ____D C:\Program Files\CCleaner
2013-09-09 14:53 - 2013-09-09 14:53 - 00001061 _____ C:\Users\sedivec\Desktop\xvm-stat – zástupce.lnk
2013-09-09 14:52 - 2013-09-09 14:52 - 00000000 ____D C:\Program Files (x86)\Dokan
2013-09-08 23:29 - 2013-09-09 17:15 - 01948948 _____ (Farbar) C:\Users\sedivec\Desktop\FRST64.exe
2013-09-08 15:43 - 2013-09-09 17:15 - 00045266 _____ C:\Users\sedivec\Desktop\logmodification.bat
2013-09-02 19:45 - 2013-09-02 19:45 - 00000000 ____D C:\Users\sedivec\AppData\Roaming\NVIDIA
2013-09-01 17:52 - 2013-07-24 21:59 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-09-01 14:11 - 2013-09-01 14:11 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-01 14:11 - 2013-07-24 14:56 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-01 14:07 - 2013-07-24 14:56 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-08-30 13:31 - 2013-08-30 13:31 - 00000000 ____D C:\Users\Public\Documents\Polda III
2013-08-30 13:27 - 2013-08-30 12:40 - 00000000 ____D C:\Users\sedivec\Documents\Polda III
2013-08-29 23:37 - 2013-07-24 20:35 - 00000882 _____ C:\Users\sedivec\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2013-08-29 23:37 - 2013-07-24 20:35 - 00000882 _____ C:\Users\Public\Desktop\GOM Player.lnk
2013-08-29 19:40 - 2013-08-29 19:40 - 138529749 _____ C:\Users\sedivec\Desktop\Krkonoše Žancek.zip
2013-08-29 19:39 - 2013-08-19 20:32 - 00000000 ____D C:\Users\sedivec\Desktop\krk
2013-08-25 03:00 - 2013-08-25 03:00 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-08-24 10:11 - 2013-08-24 10:08 - 00000000 ____D C:\Users\sedivec\AppData\Roaming\Nero
2013-08-24 10:06 - 2013-08-24 10:06 - 00001442 _____ C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
2013-08-24 10:06 - 2013-08-24 10:06 - 00000000 ____D C:\ProgramData\Nero
2013-08-23 16:57 - 2013-08-23 16:57 - 00000736 _____ C:\Users\UpdatusUser\Desktop\Machinarium.lnk
2013-08-23 16:57 - 2013-08-23 16:57 - 00000736 _____ C:\Users\sedivec\Desktop\Machinarium.lnk
2013-08-23 16:57 - 2013-08-23 16:57 - 00000000 ____D C:\Users\sedivec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Machinarium
2013-08-23 09:13 - 2013-07-25 04:33 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-20 20:43 - 2013-07-24 15:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-20 15:33 - 2013-09-01 14:06 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-08-20 15:32 - 2013-09-01 14:06 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-08-20 15:32 - 2013-09-01 14:06 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-08-20 04:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-19 20:29 - 2013-08-19 20:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-19 05:06 - 2013-07-30 15:30 - 00000000 ____D C:\Windows\system32\MRT
2013-08-19 05:05 - 2013-07-30 15:22 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-18 23:02 - 2013-09-01 14:08 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 22101792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 11271968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-08-18 23:02 - 2013-09-01 14:08 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432680.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432680.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-08-18 23:02 - 2013-09-01 14:08 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-08-18 23:02 - 2013-07-24 14:56 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-08-18 23:02 - 2013-07-24 14:56 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-08-18 23:02 - 2013-02-26 00:32 - 15900936 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-08-18 23:02 - 2013-02-26 00:32 - 15703176 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-08-18 23:02 - 2013-02-26 00:32 - 13627696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-08-18 23:02 - 2013-02-26 00:32 - 12946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-08-18 23:02 - 2013-02-26 00:32 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-08-18 23:02 - 2013-02-26 00:32 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-08-18 23:02 - 2013-02-26 00:32 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-08-18 23:02 - 2013-02-26 00:32 - 00022581 _____ C:\Windows\system32\nvinfo.pb
2013-08-18 21:34 - 2013-07-24 14:57 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-08-18 21:34 - 2013-07-24 14:57 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-08-18 21:34 - 2013-07-24 14:57 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-08-18 21:34 - 2013-07-24 14:57 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-08-18 21:34 - 2013-07-24 14:57 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-08-18 21:34 - 2013-07-24 14:57 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-08-18 14:58 - 2013-08-18 14:58 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-08-17 07:30 - 2013-07-24 14:57 - 03319709 _____ C:\Windows\system32\nvcoproc.bin

Files to move or delete:
====================
C:\Users\sedivec\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-22 04:53

==================== End Of Log ============================

Re: Zasekávání počítače.... kontrola logu Donate SMS jistá!

Napsal: 09 zář 2013 18:30
od vyosek
:arrow: A proc je tedy v PC jasne viditelny crack\keygen, ktery generuje klice ci slouzi k aktivaci Office bez radneho zakoupeni :???: :?:

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
HKLM\...\Run: [BCSSync] - D:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [Steam] - D:\Program Files (x86)\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
MountPoints2: {18f4bc49-f91d-11e2-9736-14dae93782b5} - G:\Machinarium_Setup_EN.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

SearchScopes: HKCU - {679F5A8F-7DA4-40A5-BD36-C673A3C17B44} URL = http://search.yahoo.com/search?fr=chr-g ... =443898&p={searchTerms}

FF Homepage: hxxp://www.seznam.cz/|about&#058;home
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=green ... =443898&p=

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?

C:\Windows\AutoKMS.exe
2013-09-09 17:15 - 2013-09-08 15:43 - 00045266 _____ C:\Users\sedivec\Desktop\logmodification.bat
2013-09-09 16:25 - 2013-09-09 16:25 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb03699B.CA
2013-09-09 16:25 - 2013-09-09 16:25 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb032DC3.9C
2013-09-09 16:24 - 2013-09-09 16:24 - 00000831 _____ C:\Users\sedivec\Desktop\AdwCleaner[S0].txt
2013-09-09 16:24 - 2013-09-09 16:24 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb029913.BA
2013-09-09 17:15 - 2013-09-09 17:15 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb3138EB.7A
2013-09-09 18:42 - 2013-07-30 20:39 - 00000000 ____D C:\ProgramData\AutoKMS
D:\Program Files\Microsoft Office

Hosts:
CMD: shutdown /r /f /t 2
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: Zasekávání počítače.... kontrola logu Donate SMS jistá!

Napsal: 09 zář 2013 19:02
od Sedivec
:frusty: Přiznávám se!! Sem vinnen. :frusty:

původně sem to chtěl cracknout, ale tak i tak se mi to nepovedlo a Offisy sem měl jen jako trial verzy. Štve mě, že moje legální 98 32-bit se mi nerozjedou na mým novým pc, kde mám 7 a 64-bit. A když už sem jednou vyplázl 2000,- tak se mi po tak krátké době nechtělo platit znovu.

Jetšě jednou se omlouvám, ale tak i tak ty Officy byli trial a keygen mě tam jenom zůstal.

:87: FORGIVE ME PLEASE!! YOU ARE MY ONLY HOPE!! :87:

P.S. Vaši schovívavost promítnu do donate sms :-)

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-09-2013 01
Ran by sedivec at 2013-09-09 19:51:24 Run:1
Running from C:\Users\sedivec\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [BCSSync] - D:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [Steam] - D:\Program Files (x86)\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
MountPoints2: {18f4bc49-f91d-11e2-9736-14dae93782b5} - G:\Machinarium_Setup_EN.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

SearchScopes: HKCU - {679F5A8F-7DA4-40A5-BD36-C673A3C17B44} URL = http://search.yahoo.com/search?fr=chr-g ... =443898&p={searchTerms}

FF Homepage: hxxp://www.seznam.cz/|about&#058;home
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=green ... =443898&p=

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?

C:\Windows\AutoKMS.exe
2013-09-09 17:15 - 2013-09-08 15:43 - 00045266 _____ C:\Users\sedivec\Desktop\logmodification.bat
2013-09-09 16:25 - 2013-09-09 16:25 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb03699B.CA
2013-09-09 16:25 - 2013-09-09 16:25 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb032DC3.9C
2013-09-09 16:24 - 2013-09-09 16:24 - 00000831 _____ C:\Users\sedivec\Desktop\AdwCleaner[S0].txt
2013-09-09 16:24 - 2013-09-09 16:24 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb029913.BA
2013-09-09 17:15 - 2013-09-09 17:15 - 00000000 ____D C:\Users\sedivec\AppData\Local\qb3138EB.7A
2013-09-09 18:42 - 2013-07-30 20:39 - 00000000 ____D C:\ProgramData\AutoKMS
D:\Program Files\Microsoft Office

Hosts:
CMD: shutdown /r /f /t 2
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoActiveDesktop => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoActiveDesktopChanges => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18f4bc49-f91d-11e2-9736-14dae93782b5} => Key deleted successfully.
HKCR\CLSID\{18f4bc49-f91d-11e2-9736-14dae93782b5} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{679F5A8F-7DA4-40A5-BD36-C673A3C17B44} => Key deleted successfully.
HKCR\CLSID\{679F5A8F-7DA4-40A5-BD36-C673A3C17B44} => Key not found.
Firefox homepage deleted successfully.
Firefox Keyword.URL deleted successfully.
Could not move "C:\Windows\Tasks\Adobe Flash Player Updater.job" => Scheduled to move on reboot.
Could not move "C:\Windows\AutoKMS.exe" => Scheduled to move on reboot.
C:\Users\sedivec\Desktop\logmodification.bat => Moved successfully.
C:\Users\sedivec\AppData\Local\qb03699B.CA => Moved successfully.
C:\Users\sedivec\AppData\Local\qb032DC3.9C => Moved successfully.
C:\Users\sedivec\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\Users\sedivec\AppData\Local\qb029913.BA => Moved successfully.
C:\Users\sedivec\AppData\Local\qb3138EB.7A => Moved successfully.

"C:\ProgramData\AutoKMS" directory move:

C:\ProgramData\AutoKMS\AutoKMS.cmd => Moved successfully.
C:\ProgramData\AutoKMS\Resources\StartX\StartX.exe => Moved successfully.
C:\ProgramData\AutoKMS\Resources\MSGBox\Messagebox.exe => Moved successfully.
C:\ProgramData\AutoKMS\Resources\LicenseManagement\ospp.vbs => Moved successfully.
C:\ProgramData\AutoKMS\Resources\LicenseManagement\osppc.dll => Moved successfully.
C:\ProgramData\AutoKMS\Resources\LicenseManagement\slerror.xml => Moved successfully.
Could not move "C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.1482.gzquar" => Scheduled to move on reboot.
Could not move "C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.16977.gzquar" => Scheduled to move on reboot.
Could not move "C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.1923.gzquar" => Scheduled to move on reboot.
Could not move "C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.23573.gzquar" => Scheduled to move on reboot.
Could not move "C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.23793.gzquar" => Scheduled to move on reboot.
Could not move "C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.61591.gzquar" => Scheduled to move on reboot.
Could not move "C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.69428.gzquar" => Scheduled to move on reboot.
Could not move "C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.73577.gzquar" => Scheduled to move on reboot.
Could not move "C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.74849.gzquar" => Scheduled to move on reboot.
Could not move "C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.76213.gzquar" => Scheduled to move on reboot.
Could not move "C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.76772.gzquar" => Scheduled to move on reboot.
Could not move "C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.77057.gzquar" => Scheduled to move on reboot.
Could not move "C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.77236.gzquar" => Scheduled to move on reboot.
Could not move "C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.78065.gzquar" => Scheduled to move on reboot.
Could not move "C:\ProgramData\AutoKMS" directory. => Scheduled to move on reboot.

"D:\Program Files\Microsoft Office" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


=========== Result of Scheduled Files to move ===========

C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
"C:\Windows\AutoKMS.exe" => File could not move.
"C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.1482.gzquar" => File could not move.
"C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.16977.gzquar" => File could not move.
"C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.1923.gzquar" => File could not move.
"C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.23573.gzquar" => File could not move.
"C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.23793.gzquar" => File could not move.
"C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.61591.gzquar" => File could not move.
"C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.69428.gzquar" => File could not move.
"C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.73577.gzquar" => File could not move.
"C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.74849.gzquar" => File could not move.
"C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.76213.gzquar" => File could not move.
"C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.76772.gzquar" => File could not move.
"C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.77057.gzquar" => File could not move.
"C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.77236.gzquar" => File could not move.
"C:\ProgramData\AutoKMS\Resources\KMSKG\keygen.exe.78065.gzquar" => File could not move.
"C:\ProgramData\AutoKMS" => Directory could not move.

==== End of Fixlog ====

Re: Zasekávání počítače.... kontrola logu Donate SMS jistá!

Napsal: 09 zář 2013 19:25
od vyosek
:arrow: Doonate sms si klidne nechte...My se tu "nenechame koupit", neboli i kdyby nam nekdo poslal 5000 a mel nelegalni windows, tak mu nepomuzu. Pravidla jsou jasne dana.

:arrow: Takze tu ze me nezkousejte delat medvidky, logy lustim jiz dost dlouho a kdyz reknu, ze Office jsou cinknute, tak to mam podlozene (crack tam je jak jste nyni sam priznal). Jeste se pobavim s kolegou o pripadnem postihu...

:arrow: Pouzijte WhoCrash dle kolegy
Roli píše:použij WhoCrashed

po spuštění klikni na Analyze,

aplikace po chvilce vytvoří zprávu o příčině pádu, kterou mi sem nakopíruj.
:arrow: Udelejte CDI dle kolegy
MiliNess píše:Stáhni CrystalDiskInfo, v nabídce Úpravy zvol Kopírovat a obsah schránky sem vlož pomocí Ctrl+V.

Re: Zasekávání počítače.... kontrola logu Donate SMS jistá!

Napsal: 09 zář 2013 20:22
od Sedivec
oki.

Zasloužím si to. :cry:




System Information (local)
--------------------------------------------------------------------------------

computer name: SEDIVEC-PC
windows version: Windows 7 Service Pack 1, 6.1, build: 7601
windows dir: C:\Windows
CPU: AuthenticAMD AMD Phenom(tm) II X6 1075T Processor AMD586, level: 16
6 logical processors, active mask: 63
RAM: 8587960320 total
VM: 2147352576, free: 1900838912




--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.

No valid crash dumps have been found on your computer

--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

Crash dumps are enabled but no valid crash dumps have been found. It may be that there are problems which prevent crash dumps from being written out. Check out the following article for possible causes: If crash dumps are not written out.

In case your computer does experience sudden reboots it is likely these are caused by malfunctioning hardware, power failure or a thermal issue. To troubleshoot a thermal issue, check the temperature using your BIOS setup program, check for dust in CPU and motherboard fans and if your computer is portable make sure it's located on a hard surface. Otherwise it's suggested you contact the support department of the manufacturer of your system or test your system with a memory test utility for further investigation.

Check out the following articles for more information: Troubleshooting sudden resets and shut downs.

Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.



----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2013/09/09 21:20:09

-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ ATA Channel 0 (0) [ATA]
- ST1000DL002-9TT153 ATA Device
+ ATA Channel 1 (1) [ATA]
- ATAPI iHAS122 ATA Device
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
(1) ST1000DL002-9TT153 : 1000,2 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST1000DL002-9TT153
----------------------------------------------------------------------------
Model : ST1000DL002-9TT153
Firmware : CC3C
Serial Number : W1V0TXW0
Disk Size : 1000,2 GB (8,4/137,4/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5900 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/600
Power On Hours : 7458 hod.
Power On Count : 1504 krát
Host Reads : 1717 GB
Host Writes : 216 GB
Temparature : 33 C (91 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : FE00h [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 110 _99 __6 000001BD89B0 Počet chyb čtení
03 _93 _92 __0 000000000000 Čas na roztočení ploten
04 _99 _99 _20 0000000005E3 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _78 _60 _30 00020977BFC0 Počet chybných hledání
09 _92 _92 __0 000000001D22 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 _20 0000000005E0 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _97 __0 000000000168 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _67 _59 _45 000022180021 Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000005B Počet vypnutí disku
C1 100 100 __0 0000000005E3 Počet cyklů načítání/vymazání
C2 _33 _41 __0 001200000021 Teplota
C3 _35 _12 __0 000001BD89B0 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 5E2A00001D8B Čas nastavování hlaviček - v hodinách
F1 100 253 __0 00001B0D65CD Total LBAs Written
F2 100 253 __0 0000D6B662C5 Total LBAs Read

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 5731 5731 5630 5458 5730
020: 0000 0000 0004 4343 3343 2020 2020 5354 3130 3030
030: 444C 3030 322D 3954 5431 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 850E 850E 0004 0048 0040
080: 01F0 0029 346B 7F01 4163 BE01 BE01 4163 407F 0052
090: 0052 0000 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 6003 6003 0000 5000 C500
110: 4425 ABBC 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 007F 007F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 4F00 89E0
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 30B7 30B7 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 170C 0000 0000
220: 0000 0000 1020 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D0A5

Re: Zasekávání počítače.... kontrola logu Donate SMS jistá!

Napsal: 09 zář 2013 20:34
od vyosek
Zabalte mi obsah slozky c:\windows\minidump a nekam uploadnete

Re: Zasekávání počítače.... kontrola logu Donate SMS jistá!

Napsal: 09 zář 2013 21:23
od Sedivec
složka je prázdná.... I po zobrazení skrytých souborů. přesvědčil sem se, že Crash dumps mám povolený a provedl sem analýzu znovu. Stejný výsledek.

co s tím?

Re: Zasekávání počítače.... kontrola logu Donate SMS jistá!

Napsal: 10 zář 2013 05:17
od vyosek
Zkuste jeste dle kolegy
Millines píše:Nastavte v Tento počítač->Vlastnosti->Upřesnit->Spuštění a zotavení systému->Nastavení->Zapsat ladící informace->nastavte na "Omezený výpis stavu paměti"
Nepouzivejte docasne CCleaner a podobne cistice, mazou dmp soubory...

Pak pockejte na pad do BSOD a dejte obsah slozky minidump
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz