prosím o pomoc

Zpráva

pasik68 · #1 Příspěvek od **pasik68** » 17 pro 2013 15:37

1. Po zapnutí PC a nečinnosti pořád běží procesor na 25%. Podle zobrazení Správe úloh systému to dělá "Windows Media Center Diagnostic Application". Po ukončení tohoto procesu už procesor 0%. Windows 7 Home. Přikládám náhled.

2. Přestal fungovat bod obnovení - nejde vytvořit.

Děkuji za pomoc.

#2 Příspěvek od **Rudy** » 17 pro 2013 19:11

Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

pasik68 · #3 Příspěvek od **pasik68** » 18 pro 2013 19:18

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-12-2013 03
Ran by Slosiar (administrator) on SLOSIAR-PC on 18-12-2013 19:12:10
Running from C:\Users\Slosiar\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Safer-Networking Ltd.) D:\Programs\Spybot - Search & Destroy\TeaTimer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Advanced Wheel Mouse\wh_exec.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(STORMWARE s.r.o.) D:\Programs\STORMWARE\POHODA\Pohoda.exe
(STORMWARE s.r.o.) D:\Programs\STORMWARE\POHODA\StwPh.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9996320 2010-01-19] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKCU\...\Run: [SpybotSD TeaTimer] - D:\Programs\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-08-31] ()
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-08-31] ()
MountPoints2: {3710cca9-bd19-11df-af2f-6cf049b997b1} - K:\Setup.exe
MountPoints2: {385c9a37-bab5-11df-a4a6-806e6f6e6963} - F:\Run.exe
MountPoints2: {b8c1a79c-bd23-11df-9d72-6cf049b997b1} - K:\autorun.exe
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [NPSStartup] - [x]
HKLM-x32\...\Run: [WheelMouse] - C:\Advanced Wheel Mouse\wh_exec.exe [147456 2010-05-26] ()
HKLM-x32\...\Run: [BCU] - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [346320 2009-08-04] (DeviceVM, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
SearchScopes: HKCU - DefaultScope {1DFCB599-37C5-435c-A677-ECA07C0B3EF0} URL = http://uk.search.yahoo.com/search?p={se ... &type=IEBD
SearchScopes: HKCU - {1DFCB599-37C5-435c-A677-ECA07C0B3EF0} URL = http://uk.search.yahoo.com/search?p={se ... &type=IEBD
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programs\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
BHO-x32: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} http://www.myheritage.cz/Genoogle/Compo ... eQuery.dll
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} http://195.28.70.134/kapor2/lib/mgaxctrl.cab
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 95.143.128.24 95.143.128.42

FireFox:
========
FF ProfilePath: C:\Users\Slosiar\AppData\Roaming\Mozilla\Firefox\Profiles\ve862ki4.default
FF user.js: detected! => C:\Users\Slosiar\AppData\Roaming\Mozilla\Firefox\Profiles\ve862ki4.default\user.js
FF SearchEngineOrder.1: Delta Search
FF Homepage: http://www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @software602.cz/602XML Filler - D:\Programs\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Users\Slosiar\AppData\Roaming\Mozilla\Firefox\Profiles\ve862ki4.default\searchplugins\firmycz.xml
FF SearchPlugin: C:\Users\Slosiar\AppData\Roaming\Mozilla\Firefox\Profiles\ve862ki4.default\searchplugins\mapycz.xml
FF SearchPlugin: C:\Users\Slosiar\AppData\Roaming\Mozilla\Firefox\Profiles\ve862ki4.default\searchplugins\zbocz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Виявлення пристроїв Logitech - C:\Users\Slosiar\AppData\Roaming\Mozilla\Firefox\Profiles\ve862ki4.default\Extensions\DeviceDetection@logitech.com
FF Extension: Garmin Communicator - C:\Users\Slosiar\AppData\Roaming\Mozilla\Firefox\Profiles\ve862ki4.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: DownloadHelper - C:\Users\Slosiar\AppData\Roaming\Mozilla\Firefox\Profiles\ve862ki4.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Seznam lištička - C:\Users\Slosiar\AppData\Roaming\Mozilla\Firefox\Profiles\ve862ki4.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: ftd - C:\Users\Slosiar\AppData\Roaming\Mozilla\Firefox\Profiles\ve862ki4.default\Extensions\ftd@ftd.com.xpi
FF Extension: requestpolicy - C:\Users\Slosiar\AppData\Roaming\Mozilla\Firefox\Profiles\ve862ki4.default\Extensions\requestpolicy@requestpolicy.com.xpi
FF Extension: Adblock Plus - C:\Users\Slosiar\AppData\Roaming\Mozilla\Firefox\Profiles\ve862ki4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: SMART Notebook Extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{D6D05E6F-D5C1-4e03-8E33-73F92B05E262}
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Program Files (x86)\Mozilla Firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Harmony Firefox Plugin) - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Software602 Form Filler) - D:\Programs\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
CHR Extension: (YouTube) - C:\Users\Slosiar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Slosiar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: () - C:\Users\Slosiar\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj\1.9_0
CHR Extension: (Gmail) - C:\Users\Slosiar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.crx
CHR HKLM-x32\...\Chrome\Extension: [lgnbhdnimikkoodkogjlcllngimhlapp] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx

==================== Services (Whitelisted) =================

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 Adobe Licensing Console; C:\Windows\SysWOW64\adbcnsl.exe [689492 2013-04-24] ( )
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [65536 2009-08-06] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-14] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-11-24] ()

==================== Drivers (Whitelisted) ====================

R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [20520 2010-03-01] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-09] (SafeNet Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [67584 2013-09-08] (Chingachguk & Denger2k (Elite & SP edition))
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S2 NSHE; C:\Windows\SysWow64\Drivers\NSHE.SYS [98816 2013-05-22] (T0r0 2008)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-11-14] (NVIDIA Corporation)
R3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [686592 2008-02-13] (PixArt Imaging Inc.)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2010-09-12] (Sony Ericsson Mobile Communications)
S3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [13168 2011-01-25] (SMART Technologies ULC)
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [16368 2011-01-25] (SMART Technologies ULC)
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [24944 2011-01-25] (SMART Technologies ULC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2012-12-16] (Duplex Secure Ltd.)
R3 whfltr2k; C:\Windows\System32\DRIVERS\whfltr2k.sys [10368 2009-09-16] ()
S3 CrystalSysInfo; \??\D:\MP3\MediaCoder\SysInfoX64.sys [x]
S3 esihdrv; \??\C:\Users\Slosiar\AppData\Local\Temp\esihdrv.sys [x]
S3 gdrv; \??\C:\Windows\gdrv.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-18 19:12 - 2013-12-18 19:12 - 00019614 _____ C:\Users\Slosiar\Desktop\FRST.txt
2013-12-18 19:11 - 2013-12-18 19:11 - 00000000 ____D C:\FRST
2013-12-18 19:10 - 2013-12-18 19:10 - 01929306 _____ (Farbar) C:\Users\Slosiar\Desktop\FRST64.exe
2013-12-18 08:24 - 2013-12-18 18:02 - 00000336 _____ C:\Windows\setupact.log
2013-12-18 08:24 - 2013-12-18 08:24 - 00000000 _____ C:\Windows\setuperr.log
2013-12-12 08:53 - 2013-12-13 19:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-11 17:39 - 2013-12-18 18:33 - 00478073 _____ C:\Windows\WindowsUpdate.log
2013-12-11 06:15 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 06:15 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 06:15 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 06:15 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 06:14 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 06:14 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 06:14 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 06:14 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 06:14 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 06:14 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 06:14 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 06:14 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 06:14 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 06:14 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 06:14 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 06:14 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 06:14 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 06:14 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 06:14 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 06:14 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 06:14 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 06:14 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 06:14 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 06:14 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-11 06:14 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 06:14 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 06:14 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 06:14 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-11 06:14 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 06:14 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 06:14 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 06:14 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 06:14 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-11 06:14 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 06:14 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 05:54 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 05:54 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 05:54 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 05:54 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 05:54 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 05:54 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 05:54 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 05:54 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 05:54 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 05:54 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 05:54 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 05:54 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 05:54 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 05:54 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 05:54 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 05:54 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 05:54 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 05:54 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 05:54 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 15:20 - 2013-12-10 15:20 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-10 15:20 - 2013-12-10 15:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-10 15:20 - 2013-12-10 15:20 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-10 15:20 - 2013-12-10 15:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-10 15:20 - 2013-12-10 15:20 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-10 15:20 - 2013-12-10 15:20 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-10 15:20 - 2013-12-10 15:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-24 10:52 - 2013-11-14 12:57 - 01064224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-11-24 10:52 - 2013-11-14 12:57 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-11-24 10:49 - 2013-11-24 10:49 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Šablony
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Soubory cookie
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Poslední
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Okolní tiskárny
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Okolní síť
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Nabídka Start
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Dokumenty
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Obrázky
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Hudba
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Filmy
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Data aplikací
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Data aplikací
2013-11-24 10:49 - 2010-12-13 15:23 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2013-11-24 10:49 - 2010-09-10 21:16 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Microsoft Help
2013-11-24 10:49 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-24 10:49 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-24 10:44 - 2013-11-14 12:57 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2013-11-24 10:44 - 2013-11-14 12:57 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-11-24 10:44 - 2013-11-14 12:57 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-11-24 10:44 - 2013-11-14 12:57 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-11-24 10:44 - 2013-11-14 12:56 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-11-24 10:44 - 2013-11-14 12:56 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

==================== One Month Modified Files and Folders =======

2013-12-18 19:12 - 2013-12-18 19:12 - 00019614 _____ C:\Users\Slosiar\Desktop\FRST.txt
2013-12-18 19:11 - 2013-12-18 19:11 - 00000000 ____D C:\FRST
2013-12-18 19:10 - 2013-12-18 19:10 - 01929306 _____ (Farbar) C:\Users\Slosiar\Desktop\FRST64.exe
2013-12-18 18:33 - 2013-12-11 17:39 - 00478073 _____ C:\Windows\WindowsUpdate.log
2013-12-18 18:09 - 2009-07-14 05:45 - 00015152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-18 18:09 - 2009-07-14 05:45 - 00015152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-18 18:06 - 2009-07-14 16:18 - 06213138 _____ C:\Windows\system32\perfh005.dat
2013-12-18 18:06 - 2009-07-14 16:18 - 02021114 _____ C:\Windows\system32\perfc005.dat
2013-12-18 18:06 - 2009-07-14 06:13 - 00006512 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-18 18:05 - 2013-04-25 04:39 - 00000032 _____ C:\Windows\SysWOW64\deck.ini
2013-12-18 18:02 - 2013-12-18 08:24 - 00000336 _____ C:\Windows\setupact.log
2013-12-18 18:01 - 2011-12-20 15:56 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-18 18:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-18 08:24 - 2013-12-18 08:24 - 00000000 _____ C:\Windows\setuperr.log
2013-12-17 20:01 - 2012-02-19 08:55 - 00000000 ____D C:\Users\Slosiar\AppData\Local\CrashDumps
2013-12-15 19:26 - 2012-04-17 18:56 - 00000000 ____D C:\Users\Slosiar\AppData\Roaming\Media Player Classic
2013-12-15 12:31 - 2013-08-14 11:08 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 12:30 - 2010-09-09 19:16 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-15 09:56 - 2013-05-07 18:06 - 00000000 ____D C:\Users\Slosiar\Documents\NHL09
2013-12-14 14:15 - 2012-06-19 20:24 - 00000000 ____D C:\Users\Slosiar\Documents\FIFA 12
2013-12-14 10:10 - 2011-10-04 15:11 - 00000000 ____D C:\Users\Slosiar\AppData\Local\Deployment
2013-12-13 19:20 - 2013-12-12 08:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-12 20:21 - 2010-09-25 11:51 - 00001176 _____ C:\Users\Slosiar\AppData\Local\SRDownloader.nast
2013-12-11 17:36 - 2009-07-14 05:45 - 04957576 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 06:15 - 2010-09-09 18:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 05:57 - 2010-09-07 21:21 - 00000000 ____D C:\Windows\Panther
2013-12-11 05:46 - 2012-12-24 15:37 - 00001399 _____ C:\Users\Slosiar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-11 05:46 - 2010-09-07 20:36 - 00000000 ____D C:\Users\Slosiar
2013-12-11 05:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-10 15:20 - 2013-12-10 15:20 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-10 15:20 - 2013-12-10 15:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-10 15:20 - 2013-12-10 15:20 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-10 15:20 - 2013-12-10 15:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-10 15:20 - 2013-12-10 15:20 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-10 15:20 - 2013-12-10 15:20 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-10 15:20 - 2013-12-10 15:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-10 15:20 - 2013-12-10 15:20 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-10 15:20 - 2013-12-10 15:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-08 12:27 - 2010-09-10 17:29 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-08 08:18 - 2013-03-22 18:36 - 00000000 ____D C:\Users\Slosiar\AppData\Roaming\Wise Disk Cleaner
2013-11-26 12:54 - 2013-12-11 06:14 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 11:19 - 2013-12-11 06:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 11:18 - 2013-12-11 06:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 11:11 - 2013-12-11 06:14 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 10:48 - 2013-12-11 06:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 10:46 - 2013-12-11 06:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 10:41 - 2013-12-11 06:14 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 10:29 - 2013-12-11 06:14 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 10:27 - 2013-12-11 06:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 10:23 - 2013-12-11 06:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 10:21 - 2013-12-11 06:14 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 10:18 - 2013-12-11 06:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 10:18 - 2013-12-11 06:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 10:16 - 2013-12-11 06:14 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:57 - 2013-12-11 06:14 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-11 06:14 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 09:38 - 2013-12-11 06:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 09:35 - 2013-12-11 06:14 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:32 - 2013-12-11 06:14 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 09:28 - 2013-12-11 06:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 09:16 - 2013-12-11 06:14 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-11 06:14 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-11 06:14 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-11 06:14 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-11 06:14 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-11 06:14 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:40 - 2013-12-11 06:14 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-11 06:14 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-11 06:14 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-11 06:14 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-11 06:14 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-24 13:20 - 2013-11-16 15:17 - 00000000 ____D C:\Users\Slosiar\AppData\Local\Game Updater
2013-11-24 12:53 - 2013-07-03 15:30 - 00000000 ____D C:\Users\Slosiar\AppData\Local\NVIDIA
2013-11-24 12:52 - 2011-12-20 15:52 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-11-24 10:52 - 2010-09-10 22:10 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-24 10:52 - 2010-09-09 20:26 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-24 10:49 - 2013-11-24 10:49 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Šablony
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Soubory cookie
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Poslední
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Okolní tiskárny
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Okolní síť
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Nabídka Start
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Dokumenty
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Obrázky
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Hudba
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Filmy
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\Data aplikací
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2013-11-24 10:49 - 2013-11-24 10:49 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Data aplikací
2013-11-23 19:26 - 2013-12-11 05:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-23 18:47 - 2013-12-11 05:54 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-21 16:56 - 2010-11-24 19:42 - 00000000 ____D C:\Users\Slosiar\AppData\Roaming\Skype
2013-11-19 11:21 - 2010-09-09 18:29 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-19 05:50 - 2011-01-26 18:23 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-19 05:50 - 2011-01-26 18:22 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-19 05:50 - 2011-01-26 18:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!

LastRegBack: 2013-12-10 09:44

==================== End Of Log ============================

#4 Příspěvek od **Rudy** » 18 pro 2013 19:44

Otevřte poznámkový blok a zkopírujte do něj:

Start
MountPoints2: {3710cca9-bd19-11df-af2f-6cf049b997b1} - K:\Setup.exe
MountPoints2: {385c9a37-bab5-11df-a4a6-806e6f6e6963} - F:\Run.exe
MountPoints2: {b8c1a79c-bd23-11df-9d72-6cf049b997b1} - K:\autorun.exe
HKLM-x32\...\Run: [NPSStartup] - [x]
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
BHO-x32: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
FF ProfilePath: C:\Users\Slosiar\AppData\Roaming\Mozilla\Firefox\Profiles\ve862ki4.default
FF SearchEngineOrder.1: Delta Search
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
CHR Extension: () - C:\Users\Slosiar\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj\1.9_0
C:\Users\Slosiar\AppData\Local\Temp\esihdrv.sys
C:\Windows\gdrv.sys
S3 esihdrv; \??\C:\Users\Slosiar\AppData\Local\Temp\esihdrv.sys [x]
S3 gdrv; \??\C:\Windows\gdrv.sys [x]
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

pasik68 · #5 Příspěvek od **pasik68** » 20 pro 2013 17:43

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-12-2013 02
Ran by Slosiar at 2013-12-20 17:41:53 Run:1
Running from C:\Users\Slosiar\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
MountPoints2: {3710cca9-bd19-11df-af2f-6cf049b997b1} - K:\Setup.exe
MountPoints2: {385c9a37-bab5-11df-a4a6-806e6f6e6963} - F:\Run.exe
MountPoints2: {b8c1a79c-bd23-11df-9d72-6cf049b997b1} - K:\autorun.exe
HKLM-x32\...\Run: [NPSStartup] - [x]
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
BHO-x32: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
FF ProfilePath: C:\Users\Slosiar\AppData\Roaming\Mozilla\Firefox\Profiles\ve862ki4.default
FF SearchEngineOrder.1: Delta Search
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
CHR Extension: () - C:\Users\Slosiar\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj\1.9_0
C:\Users\Slosiar\AppData\Local\Temp\esihdrv.sys
C:\Windows\gdrv.sys
S3 esihdrv; \??\C:\Users\Slosiar\AppData\Local\Temp\esihdrv.sys [x]
S3 gdrv; \??\C:\Windows\gdrv.sys [x]
End
*****************

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3710cca9-bd19-11df-af2f-6cf049b997b1} => Key deleted successfully.
HKCR\CLSID\{3710cca9-bd19-11df-af2f-6cf049b997b1} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{385c9a37-bab5-11df-a4a6-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{385c9a37-bab5-11df-a4a6-806e6f6e6963} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b8c1a79c-bd23-11df-9d72-6cf049b997b1} => Key deleted successfully.
HKCR\CLSID\{b8c1a79c-bd23-11df-9d72-6cf049b997b1} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NPSStartup => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} => Key deleted successfully.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skype-ie-addon-data => Key not found.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
C:\Program Files (x86)\Skype\Toolbars => Should not be moved.
Firefox SearchEngineOrder.1 deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
C:\Users\Slosiar\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj => Moved successfully.
"C:\Users\Slosiar\AppData\Local\Temp\esihdrv.sys" => File/Directory not found.
"C:\Windows\gdrv.sys" => File/Directory not found.
esihdrv => Service deleted successfully.
gdrv => Service deleted successfully.

==== End of Fixlog ====

#6 Příspěvek od **Rudy** » 20 pro 2013 17:46

Smazáno. Nastala nějaká změna?

pasik68 · #7 Příspěvek od **pasik68** » 20 pro 2013 20:09

Díky. Změna částečně, ještě pořád Windows Media Center Diagnostic Application užírá okolo 10% - 20% výkonu procesoru.

A co ten bod obnovení systému? Při pokusu o vtvoření vypíše chybu - viz obrázek

#8 Příspěvek od **Rudy** » 20 pro 2013 21:07

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

pasik68 · #9 Příspěvek od **pasik68** » 21 pro 2013 18:28

3x jsem spustil a pokaždé se takto zasekl.

#10 Příspěvek od **Rudy** » 21 pro 2013 20:00

Zkuste spustit v nouz. režimu.

pasik68 · #11 Příspěvek od **pasik68** » 22 pro 2013 09:31

V nouzovém režimu to samé.

#12 Příspěvek od **Rudy** » 22 pro 2013 11:13

OK. Zkuste kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

pasik68 · #13 Příspěvek od **pasik68** » 23 pro 2013 13:15

Jen rychlá kontrola, při kompletní se to zamrzne:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.12.23.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Slosiar :: SLOSIAR-PC [administrátor]

Ochrana: Povolena

23.12.2013 11:59:56
MBAM-log-2013-12-23 (12-09-11).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 245675
Uplynulý čas: 4 minut, 37 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 2
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\ProgramData\DSearchLink\DSearchLink.exe (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\adbcnsl.exe (Trojan.Clicker.CT) -> Nebyla provedena žádná instrukce.

(konec)

#14 Příspěvek od **Rudy** » 23 pro 2013 14:24

Nalezené položky smažte. Kompletní kontrola zamrzne i v nouz. režimu?

pasik68 · #15 Příspěvek od **pasik68** » 23 pro 2013 18:16

I v nouzovém režimu:

VIRY.CZ

prosím o pomoc

prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc