prosím o kontrolu logu thx

Zpráva

kowler · #1 Příspěvek od **kowler** » 24 bře 2013 20:47

Logfile of random's system information tool 1.09 (written by random/random)
Run by Kowler at 2013-03-24 20:45:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 62 GB (32%) free of 192 GB
Total RAM: 1790 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:45:49, on 24. 3. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Mobile Partner\Mobile Partner.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\COMODO\Dragon\dragon.exe
C:\Program Files\COMODO\Dragon\dragon.exe
C:\Program Files\COMODO\Dragon\dragon.exe
C:\Program Files\COMODO\Dragon\dragon.exe
C:\Program Files\COMODO\Dragon\dragon.exe
C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe
C:\Program Files\COMODO\Dragon\dragon.exe
C:\Users\Kowler\Downloads\RSIT.exe
C:\Program Files\trend micro\Kowler.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [UX Launcher] C:\windows\system32\uxlaunch.exe
O4 - HKLM\..\Run: [SaveMe] D:\SaveMe.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-824841891-1043371265-2957086674-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-824841891-1043371265-2957086674-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (file missing) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {9E2CD2C3-4DDA-4473-B904-B8E6D0DBAB86} (ElevatedCreater Class) - http://consumersupport.lenovo.com/us/en ... pdueng.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{58811905-1AA1-4432-97D6-83FE85FDA5D8}: NameServer = 160.218.161.60 194.228.211.33
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\windows\system32\guard32.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\QSTART.SYS\config\DVMExportService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\windows\system32\HPSIsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\windows\UnsignedThemesSvc.exe

--
End of file - 8895 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
QuickStores-Toolbar - C:\windows\system32\mscoree.dll [2010-11-05 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-02-13 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-13 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - QuickStores-Toolbar - C:\windows\system32\mscoree.dll [2010-11-05 297808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-07-15 4081480]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-06-25 5064520]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-08-28 1557800]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-03-07 4767304]
"UX Launcher"=C:\windows\system32\uxlaunch.exe [2011-07-03 196375]
"SaveMe"=D:\SaveMe.exe [2013-01-14 5708800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\windows\AutoKMS.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Internet Security]
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 6749512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1387288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_262_Plugin.exe -update plugin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Kowler\AppData\Local\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2011-02-08 840992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\windows\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-09-27 66328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-24 20:30:52 ----D---- C:\rsit
2013-03-17 09:47:59 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-03-17 09:47:59 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2013-03-17 09:47:59 ----A---- C:\windows\system32\elshyph.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\wininet.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\wextract.exe
2013-03-17 09:47:58 ----A---- C:\windows\system32\webcheck.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\vbscript.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\urlmon.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\url.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2013-03-17 09:47:58 ----A---- C:\windows\system32\pngfilt.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\occache.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\msrating.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\msls31.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\mshtmlmedia.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\mshtmler.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\mshtmled.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\mshtml.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\mshta.exe
2013-03-17 09:47:58 ----A---- C:\windows\system32\msfeedssync.exe
2013-03-17 09:47:58 ----A---- C:\windows\system32\msfeedsbs.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\msfeeds.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\licmgr10.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\jsproxy.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\jscript9.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\jscript.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\inseng.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\imgutil.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\iexpress.exe
2013-03-17 09:47:58 ----A---- C:\windows\system32\ieUnatt.exe
2013-03-17 09:47:58 ----A---- C:\windows\system32\ieui.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\iesysprep.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\iesetup.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\iertutil.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\iernonce.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\iepeers.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\ieframe.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\iedkcs32.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\ieapfltr.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\ieapfltr.dat
2013-03-17 09:47:58 ----A---- C:\windows\system32\IEAdvpack.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\ie4uinit.exe
2013-03-17 09:47:58 ----A---- C:\windows\system32\icardie.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\dxtrans.dll
2013-03-17 09:47:58 ----A---- C:\windows\system32\dxtmsft.dll
2013-03-17 09:43:56 ----AH---- C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-17 09:43:56 ----AH---- C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-17 09:43:56 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-17 09:43:56 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-17 09:43:56 ----AH---- C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-17 09:43:56 ----AH---- C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-17 09:43:56 ----AH---- C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-17 09:43:56 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-17 09:43:56 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\XpsPrint.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\XpsGdiConverter.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\WMPhoto.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\WindowsCodecsExt.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\WindowsCodecs.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\UIAnimation.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\msmpeg2vdec.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\FntCache.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\dxgi.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\DWrite.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\d3d11.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\d3d10warp.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\d3d10level9.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\d3d10core.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\d3d10_1core.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\d3d10_1.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\d3d10.dll
2013-03-17 09:43:56 ----A---- C:\windows\system32\d2d1.dll
2013-03-17 09:33:56 ----A---- C:\windows\system32\drivers\usb8023.sys
2013-03-12 22:40:28 ----A---- C:\windows\system32\certsentry.dll
2013-02-28 23:42:24 ----D---- C:\Users\Kowler\AppData\Roaming\spidla
2013-02-28 23:35:25 ----D---- C:\Users\Kowler\AppData\Roaming\Špidla Data Processing, s.r.o
2013-02-28 23:35:25 ----D---- C:\ProgramData\Špidla Data Processing, s.r.o
2013-02-28 23:31:57 ----D---- C:\Program Files\Vraždy v ulici Morgue
2013-02-28 22:58:13 ----A---- C:\windows\system32\drivers\aswVmm.sys
2013-02-28 22:58:12 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2013-02-26 00:22:36 ----A---- C:\windows\system32\nvcuvenc.dll
2013-02-26 00:22:34 ----A---- C:\windows\system32\nvopencl.dll
2013-02-26 00:22:26 ----A---- C:\windows\system32\nvcuda.dll
2013-02-26 00:22:22 ----A---- C:\windows\system32\nvcompiler.dll
2013-02-26 00:22:08 ----A---- C:\windows\system32\nvoglv32.dll
2013-02-26 00:22:06 ----A---- C:\windows\system32\nvcuvid.dll
2013-02-26 00:22:06 ----A---- C:\windows\system32\drivers\nvlddmkm.sys

======List of files/folders modified in the last 1 month======

2013-03-24 20:45:40 ----D---- C:\Program Files\trend micro
2013-03-24 20:45:34 ----D---- C:\windows\Temp
2013-03-24 20:31:11 ----D---- C:\windows\Prefetch
2013-03-24 20:28:14 ----D---- C:\windows\system32\config
2013-03-24 20:25:12 ----D---- C:\Windows
2013-03-24 20:23:11 ----D---- C:\ProgramData\NVIDIA
2013-03-24 20:22:01 ----D---- C:\windows\System32
2013-03-24 20:17:26 ----D---- C:\windows\inf
2013-03-24 20:17:26 ----D---- C:\Program Files\NVIDIA Corporation
2013-03-24 20:15:08 ----HD---- C:\temp
2013-03-24 20:04:45 ----D---- C:\windows\system32\drivers
2013-03-24 20:04:20 ----D---- C:\windows\system32\catroot
2013-03-24 20:04:13 ----D---- C:\windows\system32\DriverStore
2013-03-24 20:01:33 ----SHD---- C:\System Volume Information
2013-03-24 12:47:12 ----D---- C:\Users\Kowler\AppData\Roaming\Dropbox
2013-03-21 07:38:44 ----D---- C:\Users\Kowler\AppData\Roaming\Skype
2013-03-21 06:37:43 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-03-20 00:00:48 ----D---- C:\Program Files\Opera
2013-03-19 19:58:45 ----RSD---- C:\windows\Fonts
2013-03-19 16:13:43 ----D---- C:\windows\rescache
2013-03-17 18:11:00 ----D---- C:\windows\ModemLogs
2013-03-17 10:31:28 ----D---- C:\windows\winsxs
2013-03-17 10:30:16 ----D---- C:\windows\Panther
2013-03-17 10:26:06 ----D---- C:\windows\system32\cs-CZ
2013-03-17 10:26:06 ----D---- C:\Program Files\Internet Explorer
2013-03-17 10:26:04 ----D---- C:\windows\system32\migration
2013-03-17 10:26:04 ----D---- C:\windows\PolicyDefinitions
2013-03-17 10:26:03 ----D---- C:\windows\system32\en-US
2013-03-17 10:26:00 ----D---- C:\windows\system32\pt-PT
2013-03-17 10:26:00 ----D---- C:\windows\system32\pt-BR
2013-03-17 10:26:00 ----D---- C:\windows\system32\pl-PL
2013-03-17 10:26:00 ----D---- C:\windows\system32\ko-KR
2013-03-17 10:26:00 ----D---- C:\windows\system32\it-IT
2013-03-17 10:25:59 ----D---- C:\windows\system32\zh-HK
2013-03-17 10:25:59 ----D---- C:\windows\system32\tr-TR
2013-03-17 10:25:59 ----D---- C:\windows\system32\sv-SE
2013-03-17 10:25:59 ----D---- C:\windows\system32\nl-NL
2013-03-17 10:25:59 ----D---- C:\windows\system32\hu-HU
2013-03-17 10:25:59 ----D---- C:\windows\system32\fr-FR
2013-03-17 10:25:59 ----D---- C:\windows\system32\fi-FI
2013-03-17 10:25:59 ----D---- C:\windows\system32\es-ES
2013-03-17 10:25:59 ----D---- C:\windows\system32\el-GR
2013-03-17 10:25:58 ----D---- C:\windows\system32\zh-TW
2013-03-17 10:25:58 ----D---- C:\windows\system32\zh-CN
2013-03-17 10:25:58 ----D---- C:\windows\system32\ru-RU
2013-03-17 10:25:58 ----D---- C:\windows\system32\nb-NO
2013-03-17 10:25:58 ----D---- C:\windows\system32\ja-JP
2013-03-17 10:25:58 ----D---- C:\windows\system32\de-DE
2013-03-17 10:25:58 ----D---- C:\windows\system32\da-DK
2013-03-17 10:01:19 ----D---- C:\windows\Logs
2013-03-17 09:54:50 ----D---- C:\windows\system32\catroot2
2013-03-16 23:55:50 ----D---- C:\windows\system32\Tasks
2013-03-16 23:53:02 ----D---- C:\Program Files\CCleaner
2013-03-16 23:46:47 ----D---- C:\windows\Minidump
2013-03-16 23:46:47 ----D---- C:\windows\debug
2013-03-16 04:31:20 ----D---- C:\windows\AppPatch
2013-03-16 03:38:01 ----A---- C:\windows\system32\MRT.exe
2013-03-13 22:00:54 ----A---- C:\windows\system32\FlashPlayerApp.exe
2013-03-12 22:40:00 ----D---- C:\Program Files\COMODO
2013-03-11 20:59:34 ----D---- C:\JDownloader
2013-03-07 00:32:42 ----A---- C:\windows\system32\aswBoot.exe
2013-02-28 23:35:25 ----HD---- C:\ProgramData
2013-02-28 23:31:57 ----RD---- C:\Program Files
2013-02-26 00:22:36 ----A---- C:\windows\system32\nvdispco32.dll
2013-02-26 00:22:32 ----A---- C:\windows\system32\nvwgf2um.dll
2013-02-26 00:22:32 ----A---- C:\windows\system32\nvdispgenco32.dll
2013-02-26 00:22:32 ----A---- C:\windows\system32\nvapi.dll
2013-02-26 00:22:30 ----A---- C:\windows\system32\nvd3dum.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2013-03-07 49248]
R0 BtHidBus;Bluetooth HID Bus Service; C:\windows\System32\Drivers\BtHidBus.sys [2009-01-07 20744]
R0 nvstor32;nvstor32; C:\windows\system32\DRIVERS\nvstor32.sys [2000-01-01 213024]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2011-12-05 428088]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2013-03-07 60656]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2013-03-07 765736]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2013-03-07 368176]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2013-03-07 62376]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\windows\System32\DRIVERS\cmdguard.sys [2012-03-11 491816]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\windows\System32\DRIVERS\cmdhlp.sys [2012-03-11 39640]
R1 inspect;COMODO Internet Security Firewall Driver; C:\windows\system32\DRIVERS\inspect.sys [2011-12-19 82400]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2013-03-07 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2013-03-07 66336]
R2 uxpatch;uxpatch; \??\C:\windows\system32\drivers\uxpatch.sys [2009-07-13 25448]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-05-31 260648]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-06-30 2505720]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 102912]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 41240]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 39192]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda32v.sys [2013-02-18 149352]
R3 nvsmu;nvsmu; C:\windows\system32\DRIVERS\nvsmu.sys [2000-01-01 17920]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-08-28 228784]
R3 vm331avs;Lenovo EasyCamera; C:\windows\System32\Drivers\vm331avs.sys [2009-08-08 997120]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2013-03-07 164736]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\windows\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2011-03-18 302120]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2011-03-18 93224]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys [2011-03-18 114728]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2011-03-18 33832]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2011-03-18 18728]
S3 ggflt;SEMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2012-11-09 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsemc.sys [2012-11-09 25200]
S3 HTCAND32;HTC Device Driver; C:\windows\System32\Drivers\ANDROIDUSB.sys [2012-11-03 30248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys [2009-07-24 101248]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\windows\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\windows\system32\drivers\RTSTOR.SYS [2009-04-08 64000]
S3 s1029bus;Sony Ericsson Device 1029 driver (WDM); C:\windows\system32\DRIVERS\s1029bus.sys [2009-05-25 90280]
S3 s1029mdfl;Sony Ericsson Device 1029 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s1029mdfl.sys [2009-05-25 15016]
S3 s1029mdm;Sony Ericsson Device 1029 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s1029mdm.sys [2009-05-25 122280]
S3 s1029mgmt;Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s1029mgmt.sys [2009-05-25 115880]
S3 s1029nd5;Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS); C:\windows\system32\DRIVERS\s1029nd5.sys [2009-05-25 26024]
S3 s1029obex;Sony Ericsson Device 1029 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s1029obex.sys [2009-05-25 111912]
S3 s1029unic;Sony Ericsson Device 1029 USB Ethernet Emulation (WDM); C:\windows\system32\DRIVERS\s1029unic.sys [2009-05-25 116904]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\windows\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 100224]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]
S3 WinUsb;Sony Ericsson USB Device sa0101 Driver; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-03-07 45248]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-02-08 660768]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-11 1983232]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2013-03-12 2074768]
R2 DvmMDES;DeviceVM Meta Data Export Service; C:\QSTART.SYS\config\DVMExportService.exe [2009-07-08 323584]
R2 HPSIService;HP SI Service; C:\windows\system32\HPSIsvc.exe [2010-04-07 99896]
R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-01-18 639776]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 UnsignedThemes;Unsigned Themes; C:\windows\UnsignedThemesSvc.exe [2009-07-13 21096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-12 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-12 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 295192]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-05-17 1343400]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 24 bře 2013 21:51

Zdravim

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

Provedte aktualizaci
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

kowler · #3 Příspěvek od **kowler** » 24 bře 2013 22:45

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verzia databázy: v2013.03.24.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16521
Kowler :: KOWLER-PC [administrátor]

24. 3. 2013 22:29:18
MBAM-log-2013-03-24 (22-44-46).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 222225
Uplynutý čas: 14 min, 59 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 1
C:\Windows\AutoKMS.exe.mwt (Riskware.Keygen) -> Žiadna úloha nevykonaná.

(koniec)

#4 Příspěvek od **vyosek** » 24 bře 2013 22:58

Nalez MBAMu smazte, objevi se log, ten rad uvidim

kowler · #5 Příspěvek od **kowler** » 24 bře 2013 23:30

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verzia databázy: v2013.03.24.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16521
Kowler :: KOWLER-PC [administrátor]

24. 3. 2013 23:16:05
mbam-log-2013-03-24 (23-16-05).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 222233
Uplynutý čas: 13 min, 21 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 1
C:\Windows\AutoKMS.exe.mwt (Riskware.Keygen) -> Pridanie do karantény a zmazanie úspešné.

(koniec)

#6 Příspěvek od **vyosek** » 24 bře 2013 23:41

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

kowler · #7 Příspěvek od **kowler** » 25 bře 2013 02:31

OTL logfile created on: 24.3.2013 23:49:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kowler\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000405 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

1,75 Gb Total Physical Memory | 0,76 Gb Available Physical Memory | 43,50% Memory free
3,50 Gb Paging File | 1,75 Gb Available in Paging File | 49,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 187,67 Gb Total Space | 60,15 Gb Free Space | 32,05% Space Free | Partition Type: NTFS
Drive D: | 30,27 Gb Total Space | 14,13 Gb Free Space | 46,69% Space Free | Partition Type: NTFS

Computer Name: KOWLER-PC | User Name: Kowler | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.03.24 23:46:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kowler\Desktop\OTL.exe
PRC - [2013.03.12 12:08:06 | 002,074,768 | ---- | M] () -- C:\Program Files\COMODO\Dragon\dragon_updater.exe
PRC - [2013.03.12 12:08:06 | 001,788,048 | ---- | M] (Comodo) -- C:\Program Files\COMODO\Dragon\dragon.exe
PRC - [2013.03.07 00:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2013.02.26 00:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.01.18 15:21:02 | 000,873,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013.01.18 15:21:00 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.11.30 03:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.05.22 07:06:32 | 000,183,456 | ---- | M] () -- C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe
PRC - [2012.03.11 22:13:21 | 001,983,232 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.08 00:48:18 | 000,660,768 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2010.04.07 13:57:42 | 000,099,896 | ---- | M] (HP) -- C:\Windows\System32\HPSIsvc.exe
PRC - [2010.01.04 15:11:35 | 000,114,688 | ---- | M] () -- C:\Program Files\Mobile Partner\Mobile Partner.exe
PRC - [2009.07.15 15:29:54 | 004,081,480 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe
PRC - [2009.07.13 01:07:48 | 000,021,096 | ---- | M] (The Within Network, LLC) -- C:\Windows\UnsignedThemesSvc.exe
PRC - [2009.07.08 20:55:26 | 000,323,584 | -H-- | M] (DeviceVM, Inc.) -- C:\QSTART.SYS\config\DVMExportService.exe
PRC - [2009.06.25 10:46:08 | 005,064,520 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe
PRC - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe

========== Modules (No Company Name) ==========

MOD - [2013.03.13 22:00:51 | 014,717,144 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013.03.12 12:08:06 | 001,155,728 | ---- | M] () -- C:\Program Files\COMODO\Dragon\ffmpegsumo.dll
MOD - [2013.03.12 12:08:06 | 000,742,544 | ---- | M] () -- C:\Program Files\COMODO\Dragon\libGLESv2.dll
MOD - [2013.03.12 12:08:06 | 000,136,336 | ---- | M] () -- C:\Program Files\COMODO\Dragon\libEGL.dll
MOD - [2012.09.10 06:41:28 | 009,521,152 | ---- | M] () -- C:\Program Files\Daum\PotPlayer\ffcodec.dll
MOD - [2012.05.22 07:06:32 | 000,183,456 | ---- | M] () -- C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe
MOD - [2010.07.04 22:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2010.01.04 15:11:35 | 000,114,688 | ---- | M] () -- C:\Program Files\Mobile Partner\Mobile Partner.exe
MOD - [2009.09.23 15:51:50 | 000,159,744 | ---- | M] () -- C:\Program Files\Mobile Partner\SMSPlugin.dll
MOD - [2009.09.23 15:51:50 | 000,061,440 | ---- | M] () -- C:\Program Files\Mobile Partner\XCodec.dll
MOD - [2009.09.23 15:51:48 | 000,524,288 | ---- | M] () -- C:\Program Files\Mobile Partner\atcomm.dll
MOD - [2009.09.23 15:51:48 | 000,147,456 | ---- | M] () -- C:\Program Files\Mobile Partner\DetectDev.dll
MOD - [2009.09.23 15:51:48 | 000,139,264 | ---- | M] () -- C:\Program Files\Mobile Partner\LocaleMgrPlugin.dll
MOD - [2009.09.23 15:51:48 | 000,090,112 | ---- | M] () -- C:\Program Files\Mobile Partner\FileManager.dll
MOD - [2009.09.23 15:51:48 | 000,086,016 | ---- | M] () -- C:\Program Files\Mobile Partner\DialUpPlugin.dll
MOD - [2009.09.23 15:51:48 | 000,057,344 | ---- | M] () -- C:\Program Files\Mobile Partner\ConfigFilePlugin.dll
MOD - [2009.09.23 15:51:48 | 000,040,960 | ---- | M] () -- C:\Program Files\Mobile Partner\DeviceOperate.dll
MOD - [2009.09.23 15:51:48 | 000,032,768 | ---- | M] () -- C:\Program Files\Mobile Partner\NotifyServicePlugin.dll
MOD - [2009.09.23 15:51:48 | 000,014,848 | ---- | M] () -- C:\Program Files\Mobile Partner\isaputrace.dll
MOD - [2009.09.19 10:59:20 | 000,114,688 | ---- | M] () -- C:\Program Files\Mobile Partner\NetInfoPlugin.dll
MOD - [2009.08.29 16:18:34 | 000,888,832 | ---- | M] () -- C:\Program Files\Mobile Partner\NDISAPI.dll
MOD - [2009.08.16 17:06:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009.07.31 11:12:46 | 000,167,936 | ---- | M] () -- C:\Program Files\Mobile Partner\DeviceMgrUIPlugin.dll
MOD - [2009.07.30 22:01:08 | 000,110,592 | ---- | M] () -- C:\Program Files\Mobile Partner\DeviceMgrPlugin.dll
MOD - [2008.12.20 04:20:50 | 000,063,304 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\KbdHook.dll
MOD - [2008.12.20 04:20:08 | 000,051,016 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\HookLib.dll
MOD - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
MOD - [2007.09.02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll

========== Services (SafeList) ==========

SRV - [2013.03.13 22:00:55 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.12 12:08:06 | 002,074,768 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.02.26 00:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.11 22:13:21 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012.01.18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.09.27 20:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.02.08 00:48:18 | 000,660,768 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.05.17 23:11:58 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.04.07 13:57:42 | 000,099,896 | ---- | M] (HP) [Auto | Running] -- C:\Windows\System32\HPSIsvc.exe -- (HPSIService)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.13 01:07:48 | 000,021,096 | ---- | M] (The Within Network, LLC) [Auto | Running] -- C:\Windows\UnsignedThemesSvc.exe -- (UnsignedThemes)
SRV - [2009.07.08 20:55:26 | 000,323,584 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\QSTART.SYS\config\DVMExportService.exe -- (DvmMDES)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aa8ytzdo)
DRV - [2013.03.24 23:30:00 | 000,054,016 | ---- | M] () [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\xurcxs.sys -- (qqbvuk)
DRV - [2013.03.07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.03.07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.03.07 00:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.03.07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.03.07 00:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.03.07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.03.07 00:33:23 | 000,060,656 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013.03.07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013.02.26 00:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013.02.18 09:22:18 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012.11.09 20:50:40 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.11.09 20:50:40 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2012.11.03 18:52:16 | 000,030,248 | ---- | M] (HTC1124 Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2012.08.23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012.03.11 22:13:36 | 000,039,640 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012.03.11 22:13:35 | 000,491,816 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011.12.19 19:59:14 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011.12.05 21:26:32 | 000,428,088 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011.09.02 07:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 07:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.07.04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010.03.15 11:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2010.03.15 11:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic)
DRV - [2010.03.15 11:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV - [2010.03.15 11:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2010.03.15 11:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus)
DRV - [2010.03.15 11:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5)
DRV - [2010.03.15 11:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2010.01.20 05:14:42 | 000,023,136 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2009.09.19 04:30:10 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.09.19 04:30:10 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2009.09.19 04:30:10 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009.09.19 04:30:10 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2009.09.10 15:31:48 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.08.08 09:33:08 | 000,997,120 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vm331avs.sys -- (vm331avs)
DRV - [2009.07.24 15:51:38 | 000,101,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.07.21 22:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2009.07.13 01:07:46 | 000,025,448 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\uxpatch.sys -- (uxpatch)
DRV - [2009.05.25 13:35:00 | 000,116,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029unic.sys -- (s1029unic)
DRV - [2009.05.25 13:34:56 | 000,122,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029mdm.sys -- (s1029mdm)
DRV - [2009.05.25 13:34:56 | 000,090,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029bus.sys -- (s1029bus)
DRV - [2009.05.25 13:34:56 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029mdfl.sys -- (s1029mdfl)
DRV - [2009.05.25 13:34:54 | 000,115,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029mgmt.sys -- (s1029mgmt)
DRV - [2009.05.25 13:34:54 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029obex.sys -- (s1029obex)
DRV - [2009.05.25 13:34:54 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029nd5.sys -- (s1029nd5)
DRV - [2009.01.07 23:39:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2008.12.07 12:44:54 | 000,030,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2008.08.06 13:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008.07.02 14:58:48 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2000.01.01 01:00:00 | 000,213,024 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2000.01.01 01:00:00 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-824841891-1043371265-2957086674-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-824841891-1043371265-2957086674-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-824841891-1043371265-2957086674-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-824841891-1043371265-2957086674-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-824841891-1043371265-2957086674-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKU\S-1-5-21-824841891-1043371265-2957086674-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-824841891-1043371265-2957086674-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-824841891-1043371265-2957086674-1006\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-824841891-1043371265-2957086674-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@lenovo.com/dueng,version=2.0: C:\windows\system32\lenovo\update\npdueng.dll (Lenovo)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

O1 HOSTS File: ([2012.12.08 01:40:19 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [SaveMe] D:\SaveMe.exe ()
O4 - HKLM..\Run: [UX Launcher] C:\Windows\System32\uxlaunch.exe ()
O4 - HKU\S-1-5-21-824841891-1043371265-2957086674-1003..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-824841891-1043371265-2957086674-1006..\Run: [Google Update] "C:\Users\Kowler\AppData\Local\Google\Update\GoogleUpdate.exe" /c File not found
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-824841891-1043371265-2957086674-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-824841891-1043371265-2957086674-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {9E2CD2C3-4DDA-4473-B904-B8E6D0DBAB86} http://consumersupport.lenovo.com/us/en ... pdueng.cab (ElevatedCreater Class)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.13.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58811905-1AA1-4432-97D6-83FE85FDA5D8}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F3E207E-5809-4D3E-B9AA-183A4DE159D5}: DhcpNameServer = 77.48.221.10 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB186DDC-E674-4ADA-BCB9-5A2B581365F6}: DhcpNameServer = 217.27.32.196 217.27.50.125
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\windows\System32\ff_vfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.03.24 23:46:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kowler\Desktop\OTL.exe
[2013.03.24 22:27:26 | 000,000,000 | ---D | C] -- C:\Users\Kowler\AppData\Roaming\Malwarebytes
[2013.03.24 22:27:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.03.24 22:27:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.24 22:26:58 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2013.03.24 22:26:57 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.03.24 22:26:47 | 000,000,000 | ---D | C] -- C:\Users\Kowler\AppData\Local\Programs
[2013.03.24 20:30:52 | 000,000,000 | ---D | C] -- C:\rsit
[2013.03.24 19:04:47 | 000,000,000 | ---D | C] -- C:\Users\Kowler\Desktop\Nová složka
[2010.09.28 11:44:30 | 000,909,824 | ---- | C] (Share-rapid.com) -- C:\Program Files\SRDownloader.exe
[1 C:\Users\Kowler\Desktop\*.tmp files -> C:\Users\Kowler\Desktop\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.03.25 00:09:06 | 000,000,924 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.25 00:05:00 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2013.03.25 00:00:17 | 000,000,914 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.03.25 00:00:03 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.24 23:46:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kowler\Desktop\OTL.exe
[2013.03.24 23:30:00 | 000,054,016 | ---- | M] () -- C:\windows\System32\drivers\xurcxs.sys
[2013.03.24 22:27:12 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.03.24 20:31:02 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.24 20:31:02 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.24 20:23:55 | 000,000,920 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.24 20:23:44 | 000,528,216 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013.03.24 20:23:09 | 000,067,584 | ---- | M] () -- C:\windows\bootstat.dat
[2013.03.24 20:22:02 | 1407,995,904 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.24 19:22:23 | 000,117,755 | ---- | M] () -- C:\Users\Kowler\Desktop\599905_272912246144187_479039101_n.jpg
[2013.03.21 10:49:07 | 000,151,913 | ---- | M] () -- C:\Users\Kowler\Desktop\Letenka Larnaka.pdf
[2013.03.21 09:17:20 | 000,128,688 | ---- | M] () -- C:\Users\Kowler\Desktop\smokin_gun_by_markfellows.jpg
[2013.03.21 06:37:44 | 000,670,086 | ---- | M] () -- C:\windows\System32\perfh005.dat
[2013.03.21 06:37:44 | 000,662,950 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013.03.21 06:37:44 | 000,124,144 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013.03.21 06:37:43 | 000,139,544 | ---- | M] () -- C:\windows\System32\perfc005.dat
[1 C:\Users\Kowler\Desktop\*.tmp files -> C:\Users\Kowler\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.03.24 23:29:59 | 000,054,016 | ---- | C] () -- C:\windows\System32\drivers\xurcxs.sys
[2013.03.24 22:27:12 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.03.24 19:22:23 | 000,117,755 | ---- | C] () -- C:\Users\Kowler\Desktop\599905_272912246144187_479039101_n.jpg
[2013.03.21 10:49:07 | 000,151,913 | ---- | C] () -- C:\Users\Kowler\Desktop\Letenka Larnaka.pdf
[2013.03.21 09:17:20 | 000,128,688 | ---- | C] () -- C:\Users\Kowler\Desktop\smokin_gun_by_markfellows.jpg
[2013.03.20 00:00:34 | 000,001,787 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2013.02.28 22:58:13 | 000,164,736 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys
[2013.02.28 22:58:12 | 000,049,248 | ---- | C] () -- C:\windows\System32\drivers\aswRvrt.sys
[2013.01.06 15:02:55 | 000,196,375 | ---- | C] () -- C:\windows\System32\uxlaunch.exe
[2013.01.06 15:02:54 | 000,517,120 | ---- | C] () -- C:\windows\System32\CLWCP.exe
[2012.12.12 02:55:59 | 000,000,745 | ---- | C] () -- C:\windows\COD.INI
[2012.09.01 21:24:11 | 000,112,640 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2012.06.04 00:11:56 | 000,000,161 | ---- | C] () -- C:\windows\AutoKMS.ini
[2012.04.11 07:09:00 | 000,000,533 | ---- | C] () -- C:\windows\eReg.dat
[2011.06.03 08:16:38 | 000,008,192 | ---- | C] () -- C:\Users\Kowler\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.26 20:51:09 | 001,511,424 | ---- | C] () -- C:\windows\System32\HP1100SM.EXE
[2011.04.26 20:51:08 | 000,147,456 | ---- | C] () -- C:\windows\System32\HP1100LM.DLL
[2011.04.26 20:49:22 | 000,284,160 | ---- | C] () -- C:\windows\System32\mvhlewsi.DLL
[2011.04.26 20:49:13 | 000,048,128 | ---- | C] () -- C:\windows\System32\HP1100SMs.dll
[2011.03.07 00:34:11 | 000,000,017 | ---- | C] () -- C:\Users\Kowler\AppData\Local\resmon.resmoncfg
[2010.09.28 11:49:35 | 000,006,061 | ---- | C] () -- C:\Users\Kowler\AppData\Local\SRDownloader.err
[2010.09.28 11:42:13 | 000,002,496 | ---- | C] () -- C:\Users\Kowler\AppData\Local\SRDownloader.nast
[2010.07.04 23:11:12 | 000,000,890 | ---- | C] () -- C:\Users\Kowler\.recently-used.xbel
[2009.12.31 00:42:17 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.03.25 00:33:30 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\BatteryBar
[2010.12.25 13:45:02 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\COWON
[2012.12.13 06:56:26 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\DAEMON Tools Lite
[2013.03.24 12:47:12 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Dropbox
[2012.04.21 00:02:10 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Foxmail
[2012.04.01 12:19:54 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\GHISLER
[2010.07.04 23:11:12 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\gtk-2.0
[2011.01.04 20:55:04 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\IrfanView
[2011.12.08 13:40:42 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Leadertech
[2012.12.06 05:39:59 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\LibreOffice
[2012.11.23 00:48:51 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\mioObjects
[2009.12.30 19:54:06 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\OpenOffice.org
[2011.12.07 14:11:58 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Opera
[2012.09.20 22:46:45 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\PotPlayerMini
[2012.12.05 07:44:35 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Power Sound Editor Free
[2010.10.10 10:02:45 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Program Files
[2013.02.24 14:35:11 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\QuickStoresToolbar
[2012.01.11 23:51:52 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Settlement. Colossus
[2011.11.15 19:01:41 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Softland
[2010.08.22 20:54:07 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Sony
[2013.02.28 23:42:24 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\spidla
[2012.07.24 08:30:51 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Sylpheed
[2011.04.27 12:05:41 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\TeamViewer
[2011.01.04 09:11:22 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\TuneUp Software
[2013.02.28 23:35:25 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Špidla Data Processing, s.r.o

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,032,542 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2012.12.11 22:04:14 | 000,000,914 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013.02.15 03:04:50 | 000,000,920 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.02.15 03:04:56 | 000,000,924 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Kowler\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110318T005955444700\internal_ide_channel\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Kowler\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110318T005955444700\pci\cc_010601\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Users\Kowler\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110318T005955444700\gencdrom\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012.08.22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\System32\drivers\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2012.08.22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2013.01.04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.01.04 13:31:48 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Adobe
[2011.03.25 00:33:30 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\BatteryBar
[2010.12.25 13:45:02 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\COWON
[2012.12.13 06:56:26 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\DAEMON Tools Lite
[2010.03.17 21:33:20 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Digsby
[2013.03.24 12:47:12 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Dropbox
[2010.06.29 18:23:04 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\dvdcss
[2012.04.21 00:02:10 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Foxmail
[2012.04.01 12:19:54 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\GHISLER
[2010.07.04 23:11:12 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\gtk-2.0
[2009.12.30 15:38:27 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Identities
[2011.01.04 20:55:04 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\IrfanView
[2011.12.08 13:40:42 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Leadertech
[2012.12.06 05:39:59 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\LibreOffice
[2011.12.08 13:34:31 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Logishrd
[2011.12.08 13:44:10 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Logitech
[2009.12.30 18:23:07 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Macromedia
[2013.03.24 22:27:26 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Malwarebytes
[2009.07.29 11:50:54 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Media Center Programs
[2012.08.20 20:42:42 | 000,000,000 | --SD | M] -- C:\Users\Kowler\AppData\Roaming\Microsoft
[2012.11.23 00:48:51 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\mioObjects
[2012.12.12 03:00:22 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\NVIDIA
[2009.12.30 19:54:06 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\OpenOffice.org
[2011.12.07 14:11:58 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Opera
[2012.09.20 22:46:45 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\PotPlayerMini
[2012.12.05 07:44:35 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Power Sound Editor Free
[2010.10.10 10:02:45 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Program Files
[2013.02.24 14:35:11 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\QuickStoresToolbar
[2012.01.11 23:51:52 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Settlement. Colossus
[2013.03.21 07:38:44 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Skype
[2011.07.07 23:04:40 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\skypePM
[2011.11.15 19:01:41 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Softland
[2010.08.22 20:54:07 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Sony
[2013.02.28 23:42:24 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\spidla
[2012.07.24 08:30:51 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Sylpheed
[2011.04.27 12:05:41 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\TeamViewer
[2011.01.04 09:11:22 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\TuneUp Software
[2012.09.20 22:44:42 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\vlc
[2009.12.31 10:59:55 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\WinRAR
[2013.02.28 23:35:25 | 000,000,000 | ---D | M] -- C:\Users\Kowler\AppData\Roaming\Špidla Data Processing, s.r.o

< %APPDATA%\*.exe /s >
[2013.01.20 20:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\Kowler\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2013.01.20 20:29:54 | 000,203,264 | ---- | M] (Dropbox, Inc.) -- C:\Users\Kowler\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2012.04.12 07:46:46 | 000,872,040 | ---- | M] (Dropbox, Inc.) -- C:\Users\Kowler\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.05.24 19:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Kowler\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.09.09 22:10:09 | 000,017,014 | R--- | M] () -- C:\Users\Kowler\AppData\Roaming\Microsoft\Installer\{35A99221-DAF4-4769-880F-ECC57548FBCC}\_21F3885A18D238E15AAE81.exe
[2012.09.09 22:10:09 | 000,017,014 | R--- | M] () -- C:\Users\Kowler\AppData\Roaming\Microsoft\Installer\{35A99221-DAF4-4769-880F-ECC57548FBCC}\_5820AE36D624D2041047F0.exe
[2012.09.09 22:10:09 | 000,017,014 | R--- | M] () -- C:\Users\Kowler\AppData\Roaming\Microsoft\Installer\{35A99221-DAF4-4769-880F-ECC57548FBCC}\_6FEFF9B68218417F98F549.exe
[2012.09.09 22:10:09 | 000,017,014 | R--- | M] () -- C:\Users\Kowler\AppData\Roaming\Microsoft\Installer\{35A99221-DAF4-4769-880F-ECC57548FBCC}\_C31A92D1BB281EC8512D60.exe
[2011.12.08 13:40:39 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Kowler\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2013.02.24 14:35:03 | 000,704,248 | ---- | M] () -- C:\Users\Kowler\AppData\Roaming\QuickStoresToolbar\unins000.exe
[2010.03.31 12:17:06 | 000,045,304 | ---- | M] (Andreas Breitschopp - Softwareentwicklung und -vertrieb) -- C:\Users\Kowler\AppData\Roaming\QuickStoresToolbar\Update.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.03.25 01:00:16 | 000,000,914 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013.03.24 20:23:55 | 000,000,920 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.03.25 01:09:11 | 000,000,924 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.12.05 21:26:32 | 000,428,088 | ---- | M] () Unable to obtain MD5 -- C:\windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >
[2013.03.24 23:30:00 | 000,054,016 | ---- | M] () -- C:\windows\system32\drivers\xurcxs.sys

< %systemroot%\system32\*.* /3 >
[2013.03.24 20:31:02 | 000,009,920 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.24 20:31:02 | 000,009,920 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.24 20:23:44 | 000,528,216 | ---- | M] () -- C:\windows\system32\FNTCACHE.DAT

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RocketDock" = "C:\Program Files\RocketDock\RocketDock.exe" -- [2007.09.02 12:58:52 | 000,495,616 | ---- | M] ()

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.03.17 09:47:59 | 000,770,560 | ---- | M] (Microsoft Corporation) MD5=2859EBC065D2E1CCC94161CE28BAC085 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2013.03.20 00:00:23 | 000,879,456 | ---- | M] (Opera Software) MD5=2ABD166EC31BE154D8CBEEC5D7F5714C -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.03.25 00:00:03 | 000,000,512 | ---- | M] () MD5=14E72F3971FF987BD12045F6B762A62A -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.03.11 20:59:32 | 000,004,125 | ---- | M] () -- \JDownloader\jd\plugins\hoster\CrackedCom.class

< *keygen* /s >

< *loader* /s >
[2011.03.07 12:12:48 | 000,214,528 | ---- | M] () -- \JDownloader\JDownloader.exe
[2011.03.07 12:12:48 | 000,593,293 | ---- | M] () -- \JDownloader\JDownloader.jar
[2010.12.15 13:59:32 | 000,218,816 | ---- | M] () -- \JDownloader\JDownloaderBETA.exe
[2010.12.15 13:59:32 | 000,218,816 | ---- | M] () -- \JDownloader\JDownloaderD3D.exe
[2012.12.10 07:46:00 | 000,000,105 | ---- | M] () -- \JDownloader\jd\img\hosterlogos\uploader.pl.png
[2012.12.10 07:49:35 | 000,011,071 | ---- | M] () -- \JDownloader\jd\plugins\hoster\MyDownloaderNet.class
[2013.02.23 20:34:55 | 000,004,584 | ---- | M] () -- \JDownloader\jd\plugins\hoster\OmpLoaderOrg.class
[2012.12.10 07:48:45 | 000,007,073 | ---- | M] () -- \JDownloader\jd\plugins\hoster\UploaderPl.class
[2011.03.07 12:14:46 | 000,032,222 | ---- | M] () -- \JDownloader\licenses\jdownloader.license
[2010.09.28 11:44:30 | 000,909,824 | ---- | M] () -- \Program Files\SRDownloader.exe
[2012.11.28 21:32:28 | 000,007,024 | ---- | M] () -- \Program Files\LibreOffice 3.6\program\pythonloader.py
[2012.11.28 21:26:50 | 000,027,136 | ---- | M] () -- \Program Files\LibreOffice 3.6\program\pythonloader.uno.dll
[2012.11.28 21:36:06 | 000,000,171 | ---- | M] () -- \Program Files\LibreOffice 3.6\program\pythonloader.uno.ini
[2012.11.28 09:46:20 | 000,124,234 | ---- | M] () -- \Program Files\LibreOffice 3.6\share\extensions\report-builder\libloader-1.1.6.jar
[2012.11.28 21:27:12 | 000,059,392 | ---- | M] () -- \Program Files\LibreOffice 3.6\URE\bin\javaloader.uno.dll
[2012.11.28 03:49:02 | 000,004,488 | ---- | M] () -- \Program Files\LibreOffice 3.6\URE\java\unoloader.jar
[2006.10.24 11:05:10 | 000,014,184 | ---- | M] () -- \Program Files\Microsoft Small Business\Small Business Loader\ILoader.dll
[2006.10.24 11:06:52 | 000,047,976 | ---- | M] () -- \Program Files\Microsoft Small Business\Small Business Loader\Loader.dll
[2005.10.14 03:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\90\Tools\Binn\SqlResourceLoader.dll
[2005.10.14 03:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SqlResourceLoader.dll
[2009.05.31 02:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2010.09.16 22:42:44 | 000,148,804 | ---- | M] () -- \Program Files\RocketDock\Icons\JDownloader.png
[2012.12.06 12:32:14 | 000,001,702 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2009.06.02 01:16:57 | 000,114,688 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2011.12.31 13:36:39 | 000,006,061 | ---- | M] () -- \Users\Kowler\AppData\Local\SRDownloader.err
[2012.03.14 23:41:41 | 000,002,496 | ---- | M] () -- \Users\Kowler\AppData\Local\SRDownloader.nast
[2012.12.07 00:48:41 | 000,000,914 | ---- | M] () -- \Users\Kowler\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fjdownloader.org%2Flib%2Ftpl%2Farctic%2Fimages%2Ffavicon.png
[2012.12.07 00:48:41 | 000,000,110 | ---- | M] () -- \Users\Kowler\AppData\Local\Opera\Opera\icons\jdownloader.org.idx
[2012.12.25 09:33:23 | 000,011,558 | ---- | M] () -- \Users\Kowler\AppData\Local\Opera\Opera\widgets\youtube-downloader-2-1.7-1.oex
[2011.12.31 13:35:06 | 000,001,877 | ---- | M] () -- \Users\Kowler\Documents\programy\JDownloader.lnk
[2009.12.03 16:01:13 | 000,014,184 | ---- | M] () -- \Windows\assembly\GAC_32\ILoader\2.0.5201.0__31bf3856ad364e35\ILoader.dll
[2009.12.03 16:01:13 | 000,047,976 | ---- | M] () -- \Windows\assembly\GAC_32\Loader\2.0.5201.0__31bf3856ad364e35\Loader.dll
[2009.07.29 02:00:56 | 000,000,338 | ---- | M] () -- \Windows\Downloaded Program Files\PhotoUploader55.inf
[2009.07.29 20:21:24 | 003,540,488 | ---- | M] () -- \Windows\Downloaded Program Files\PhotoUploader55.ocx
[2013.03.23 21:34:30 | 000,016,770 | ---- | M] () -- \Windows\Prefetch\JDOWNLOADER.EXE-9B6DDC2D.pf
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2010.01.18 07:30:50 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.12.03 23:08:46 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.12.03 23:08:46 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.12.03 23:08:46 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2011.03.01 12:32:07 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.03.01 12:32:07 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.03.01 12:32:08 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.12.03 23:06:00 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

kowler · #8 Příspěvek od **kowler** » 25 bře 2013 02:34

OTL Extras logfile created on: 24.3.2013 23:49:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kowler\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000405 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

1,75 Gb Total Physical Memory | 0,76 Gb Available Physical Memory | 43,50% Memory free
3,50 Gb Paging File | 1,75 Gb Available in Paging File | 49,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 187,67 Gb Total Space | 60,15 Gb Free Space | 32,05% Space Free | Partition Type: NTFS
Drive D: | 30,27 Gb Total Space | 14,13 Gb Free Space | 46,69% Space Free | Partition Type: NTFS

Computer Name: KOWLER-PC | User Name: Kowler | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-824841891-1043371265-2957086674-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07F1F7FB-3604-4D10-BF33-BF684B6571EE}" = rport=138 | protocol=17 | dir=out | app=system |
"{0CA9D57A-D82F-4D1A-AE13-FD35A50CFB15}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0EFEA11A-CBE7-46B7-8118-3562D391D5D0}" = lport=427 | protocol=6 | dir=in | name=advanced tcp/ip slp port |
"{312354B7-4F59-4C81-88E7-8E5C76674BA6}" = rport=139 | protocol=6 | dir=out | app=system |
"{333E0EEB-9530-4866-8520-51F67B7B71CF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{34F39620-55CD-4437-9B2E-57BC8A62732D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3991E2BE-68ED-46F8-A61D-B4B3F53950CE}" = lport=138 | protocol=17 | dir=in | app=system |
"{3A7D0CB1-74DC-42A8-999F-72A05DA67CDC}" = lport=137 | protocol=17 | dir=in | app=system |
"{4356C0E3-7DD7-4F20-948D-EE01EE92DFBA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4629E41B-AEF6-48D1-9631-206338964850}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{46BA1A4D-3F36-499A-A142-FFD3B418A3DF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{56B91EE5-7106-4012-9609-73C68AB51131}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5BAF9236-0E57-47C8-B52B-09250888FF89}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5BD7CE31-C643-464C-9B91-3C2DABA360DE}" = lport=445 | protocol=6 | dir=in | app=system |
"{678D0E39-B04A-47A7-9322-1AD4FCE66B8B}" = rport=137 | protocol=17 | dir=out | app=system |
"{7F851FDA-E102-4365-898C-289E7C1D3EB7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8A96F90E-D016-4EAB-91CE-7E42D45B78B7}" = lport=139 | protocol=6 | dir=in | app=system |
"{8F9E2270-A9FF-4B34-9940-177D9AC376C5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A1B6C251-C163-4D0C-9F47-7351296E137D}" = rport=445 | protocol=6 | dir=out | app=system |
"{AA9DA121-5ED3-4A2C-A78B-0B2A08255F75}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AF1F3989-8375-40D1-9588-290666EC2511}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B4985C37-14DB-4A40-9482-2289607036CA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B71AD89B-A233-4BBF-845F-C395B884292D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BFB0CA1A-941D-4988-A6F1-14DAB83AB0C6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D26EC276-CB49-4B41-8025-700B84D85FD6}" = lport=161 | protocol=6 | dir=in | name=advanced tcp/ip snmp port |
"{DF3D376E-13A2-4839-8009-366EF3806056}" = lport=9100 | protocol=6 | dir=in | name=advanced tcp/ip printer port |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{27CA26C9-64AE-4D48-AF9A-852C4A3D4D8B}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{27F8A89D-7BEF-4385-9503-7E94BC9BD5E9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2FD393DE-D1F6-4CE0-B25B-435EFE5225BC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{401F7EA5-CECF-4399-85E7-7FDCAE2CDF80}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4049E0F3-3363-4B1D-BAE4-A5977671B1B8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F6A40DB-6990-458F-AD11-FC977296C8EC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5BDB5CFC-DC84-4461-81F6-E98D48199D6D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6A591952-DA36-410D-BAB8-CBC88F2267CA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{783ED264-F6D7-4F83-A371-9AD33157F7BD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8177B2AA-6E58-4E18-8535-4EB6BAD094C4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9BC5BD48-81E8-4517-9984-A956D2FC2EE5}" = protocol=17 | dir=in | app=c:\users\kowler\appdata\roaming\dropbox\bin\dropbox.exe |
"{A38736E9-DAF1-4298-8E14-5ED1AA5D438E}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{A6C51AA0-1D24-4FC6-AAFA-5B75E5B30E21}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AD549DBA-DFC9-4CC1-B284-4F0B1CDD1ED3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B26FA254-70EC-47AA-9405-F952162B587D}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{B56719AC-4D81-4773-9680-DC0DCFB25074}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B716C763-3513-4CF2-8858-481A95913F70}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BF338892-A0A3-4DC0-AF4A-C15404BFE465}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{C3145787-1EC4-451B-9B1D-40E077BA8C4A}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{C4954F4B-297E-45E1-9AEC-4DA85A6A5ACE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C743BE3C-A00B-4349-9DFB-2B261AC328FD}" = protocol=6 | dir=in | app=c:\users\kowler\appdata\roaming\dropbox\bin\dropbox.exe |
"{D0409742-928D-4B16-B54A-DB0689E66C9C}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{DC8CD4F3-ABDD-4C3D-AF7D-ADF92B0B639D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DE07979E-9AAB-4A30-A3B7-AB1DA433049D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F78614A1-DBC8-4FFF-B25D-B01EE7CA0D93}" = protocol=6 | dir=out | app=system |
"TCP Query User{1B5099F6-9805-4F28-B859-E2C071F748C0}C:\program files\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty\codmp.exe |
"TCP Query User{2740415B-0F51-4353-89BA-B25A49B28C4C}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{510C39F5-6E6C-4F56-BDBF-33DCD9A41E17}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{9C40501E-B3C6-4DF3-A658-828F5370037D}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{E235038C-7BCA-4E14-A91F-887FE984BF78}C:\users\kowler\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\kowler\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{35852095-8CBC-4542-822C-63CEAAC1FD3E}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{482ABA95-909E-4512-8C18-276978BC3A3A}C:\program files\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty\codmp.exe |
"UDP Query User{6CC10B5B-B7CB-4098-B235-B70ADEA1A599}C:\users\kowler\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\kowler\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{6CC4B440-A6BF-4FDE-ABFF-CE3A4A893D9E}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{E6E2B2CB-37A4-4A85-828B-A4B2F1DAC8A1}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 37
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{357B11ED-5417-4CF3-8EB2-386299BC30E0}" = Lenovo Quick Start
"{35A99221-DAF4-4769-880F-ECC57548FBCC}" = Video Edit Master
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{49F3D04B-B849-4C89-AB31-2366A004EA28}" = Broadcom Gigabit Integrated Controller
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{60B2F25C-22CB-4CD9-9168-8C63708DC1A1}" = LibreOffice 3.6
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom WLAN
"{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}" = UxStyle Core Beta
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Součásti připojení sady Microsoft Office Small Business
"{AC76BA86-7AD7-1029-7B44-A90100000001}" = Adobe Reader 9.0.1 - Czech
"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}" = Lenovo EasyCamera
"{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{D5B46D30-F054-4C64-9C0F-97C8451E7D04}" = BtwMfcMM
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.115
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast" = avast! Free Antivirus
"Call of Duty" = Call of Duty
"CCleaner" = CCleaner
"CommandosAmmo Pack_is1" = CommandosAmmo Pack
"Comodo Dragon" = Comodo Dragon
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"doPDF 7 printer_is1" = doPDF 7.2 printer
"ffdshow_is1" = ffdshow v1.2.4486 [2012-08-25]
"HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verzia 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mobile Partner" = Mobile Partner
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.14.1738" = Opera 12.14
"Picasa 3" = Picasa 3
"PotPlayer" = Daum PotPlayer 1.5.34115
"Power Sound Editor Free_is1" = Power Sound Editor Free v5.7
"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.1.0
"RocketDock_is1" = RocketDock 1.3.5
"sp6" = Logitech SetPoint 6.32
"STDU Viewer_is1" = STDU Viewer version 1.6.62.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"Unlocker" = Unlocker 1.9.1
"Update Engine" = Sony Ericsson Update Engine
"Windows Movie Maker" = Windows Movie Maker
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-824841891-1043371265-2957086674-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-824841891-1043371265-2957086674-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 19.9.2012 19:55:30 | Computer Name = Kowler-PC | Source = RasClient | ID = 20227
Description =

Error - 19.9.2012 19:56:42 | Computer Name = Kowler-PC | Source = RasClient | ID = 20227
Description =

Error - 19.9.2012 19:57:07 | Computer Name = Kowler-PC | Source = RasClient | ID = 20227
Description =

Error - 19.9.2012 19:58:09 | Computer Name = Kowler-PC | Source = RasClient | ID = 20227
Description =

Error - 19.9.2012 20:02:25 | Computer Name = Kowler-PC | Source = PandoraService.exe | ID = 0
Description =

Error - 20.9.2012 17:48:15 | Computer Name = Kowler-PC | Source = VSS | ID = 8194
Description =

Error - 21.9.2012 2:10:29 | Computer Name = Kowler-PC | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2. V manifestu
není povoleno více prvků requestedPrivileges.

Error - 23.9.2012 7:03:06 | Computer Name = Kowler-PC | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2. V manifestu
není povoleno více prvků requestedPrivileges.

Error - 23.9.2012 18:54:41 | Computer Name = Kowler-PC | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2. V manifestu
není povoleno více prvků requestedPrivileges.

Error - 30.9.2012 19:46:15 | Computer Name = Kowler-PC | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2. V manifestu
není povoleno více prvků requestedPrivileges.

[ System Events ]
Error - 23.3.2013 16:33:25 | Computer Name = Kowler-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo
časového limitu (30000 ms).

Error - 23.3.2013 16:33:37 | Computer Name = Kowler-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058

Error - 23.3.2013 16:33:59 | Computer Name = Kowler-PC | Source = Service Control Manager | ID = 7034
Description = Služba Služba Google Update (gupdate) byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 23.3.2013 16:34:28 | Computer Name = Kowler-PC | Source = DCOM | ID = 10010
Description =

Error - 24.3.2013 10:53:30 | Computer Name = Kowler-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058

Error - 24.3.2013 14:50:55 | Computer Name = Kowler-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 24.3.2013 14:50:55 | Computer Name = Kowler-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 24.3.2013 15:15:26 | Computer Name = Kowler-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 24.3.2013 15:15:26 | Computer Name = Kowler-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 24.3.2013 15:17:11 | Computer Name = Kowler-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x800705b4): nVidia - Graphics Adapter WDDM1.1, Graphics Adapter
WDDM1.2, Other hardware - NVIDIA ION.

< End of report >

#9 Příspěvek od **vyosek** » 25 bře 2013 22:39

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

Kliknete na volbu Change parametrs
V okne Additional Option zakliknete vsechny moznosti
Kliknete na OK
Utilite prikazte, at skenuje - klik na Start Scan
Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
Pokud mate vsude Skip, kliknete na Continue
Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

kowler · #10 Příspěvek od **kowler** » 26 bře 2013 09:20

09:16:56.0933 1072 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:16:57.0772 1072 ============================================================
09:16:57.0772 1072 Current date / time: 2013/03/26 09:16:57.0772
09:16:57.0772 1072 SystemInfo:
09:16:57.0772 1072
09:16:57.0773 1072 OS Version: 6.1.7601 ServicePack: 1.0
09:16:57.0773 1072 Product type: Workstation
09:16:57.0774 1072 ComputerName: KOWLER-PC
09:16:57.0775 1072 UserName: Kowler
09:16:57.0775 1072 Windows directory: C:\windows
09:16:57.0775 1072 System windows directory: C:\windows
09:16:57.0775 1072 Processor architecture: Intel x86
09:16:57.0775 1072 Number of processors: 2
09:16:57.0775 1072 Page size: 0x1000
09:16:57.0775 1072 Boot type: Normal boot
09:16:57.0775 1072 ============================================================
09:17:01.0088 1072 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:17:01.0243 1072 ============================================================
09:17:01.0243 1072 \Device\Harddisk0\DR0:
09:17:01.0277 1072 MBR partitions:
09:17:01.0277 1072 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
09:17:01.0277 1072 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x17755000
09:17:01.0315 1072 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x177BA000, BlocksNum 0x3C89000
09:17:01.0315 1072 ============================================================
09:17:01.0662 1072 C: <-> \Device\Harddisk0\DR0\Partition2
09:17:01.0713 1072 D: <-> \Device\Harddisk0\DR0\Partition3
09:17:01.0869 1072 ============================================================
09:17:01.0870 1072 Initialize success
09:17:01.0870 1072 ============================================================
09:17:40.0289 5596 ============================================================
09:17:40.0289 5596 Scan started
09:17:40.0289 5596 Mode: Manual; SigCheck; TDLFS;
09:17:40.0290 5596 ============================================================
09:17:40.0869 5596 ================ Scan system memory ========================
09:17:40.0869 5596 System memory - ok
09:17:40.0871 5596 ================ Scan services =============================
09:17:41.0268 5596 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
09:17:42.0084 5596 1394ohci - ok
09:17:42.0147 5596 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
09:17:42.0260 5596 ACPI - ok
09:17:42.0340 5596 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
09:17:42.0647 5596 AcpiPmi - ok
09:17:42.0701 5596 [ 0FF1F2F287E65A66A3B72484B9895785 ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys
09:17:42.0957 5596 ACPIVPC - ok
09:17:43.0105 5596 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:17:43.0187 5596 AdobeFlashPlayerUpdateSvc - ok
09:17:43.0242 5596 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
09:17:43.0386 5596 adp94xx - ok
09:17:43.0418 5596 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
09:17:43.0588 5596 adpahci - ok
09:17:43.0640 5596 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
09:17:43.0742 5596 adpu320 - ok
09:17:43.0772 5596 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
09:17:44.0032 5596 AeLookupSvc - ok
09:17:44.0104 5596 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
09:17:44.0319 5596 AFD - ok
09:17:44.0348 5596 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
09:17:44.0442 5596 agp440 - ok
09:17:44.0490 5596 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
09:17:44.0606 5596 aic78xx - ok
09:17:44.0661 5596 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
09:17:44.0879 5596 ALG - ok
09:17:44.0914 5596 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
09:17:44.0981 5596 aliide - ok
09:17:45.0014 5596 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
09:17:45.0110 5596 amdagp - ok
09:17:45.0129 5596 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
09:17:45.0217 5596 amdide - ok
09:17:45.0297 5596 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
09:17:45.0432 5596 AmdK8 - ok
09:17:45.0455 5596 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
09:17:45.0565 5596 AmdPPM - ok
09:17:45.0622 5596 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
09:17:45.0705 5596 amdsata - ok
09:17:45.0753 5596 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
09:17:45.0819 5596 amdsbs - ok
09:17:45.0846 5596 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
09:17:46.0025 5596 amdxata - ok
09:17:46.0121 5596 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
09:17:46.0450 5596 AppID - ok
09:17:46.0532 5596 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
09:17:46.0787 5596 AppIDSvc - ok
09:17:46.0832 5596 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
09:17:47.0266 5596 Appinfo - ok
09:17:47.0338 5596 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
09:17:47.0456 5596 arc - ok
09:17:47.0490 5596 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
09:17:47.0610 5596 arcsas - ok
09:17:47.0689 5596 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
09:17:47.0815 5596 aswFsBlk - ok
09:17:47.0883 5596 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
09:17:47.0974 5596 aswMonFlt - ok
09:17:48.0052 5596 [ 6844738D52970A0F482768EEA941C78E ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
09:17:48.0220 5596 aswRdr - ok
09:17:48.0372 5596 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
09:17:48.0427 5596 aswRvrt - ok
09:17:48.0505 5596 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\windows\system32\drivers\aswSnx.sys
09:17:48.0646 5596 aswSnx - ok
09:17:48.0713 5596 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\windows\system32\drivers\aswSP.sys
09:17:48.0807 5596 aswSP - ok
09:17:48.0844 5596 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
09:17:48.0918 5596 aswTdi - ok
09:17:48.0991 5596 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\windows\system32\drivers\aswVmm.sys
09:17:49.0068 5596 aswVmm - ok
09:17:49.0110 5596 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
09:17:49.0435 5596 AsyncMac - ok
09:17:49.0502 5596 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
09:17:49.0585 5596 atapi - ok
09:17:49.0676 5596 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
09:17:49.0917 5596 AudioEndpointBuilder - ok
09:17:49.0963 5596 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
09:17:50.0091 5596 Audiosrv - ok
09:17:50.0269 5596 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
09:17:50.0332 5596 avast! Antivirus - ok
09:17:50.0413 5596 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
09:17:50.0684 5596 AxInstSV - ok
09:17:50.0739 5596 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
09:17:50.0914 5596 b06bdrv - ok
09:17:51.0028 5596 [ 6F41A4C5745BB99F89406F57164F099E ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
09:17:51.0136 5596 b57nd60x - ok
09:17:51.0339 5596 [ AD068203F32FC25C3FE5830290E37B2F ] BCM43XX C:\windows\system32\DRIVERS\bcmwl6.sys
09:17:51.0555 5596 BCM43XX - ok
09:17:51.0637 5596 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
09:17:51.0874 5596 BDESVC - ok
09:17:51.0926 5596 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
09:17:52.0076 5596 Beep - ok
09:17:52.0143 5596 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
09:17:52.0353 5596 BFE - ok
09:17:52.0404 5596 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
09:17:52.0785 5596 BITS - ok
09:17:52.0820 5596 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
09:17:52.0966 5596 blbdrive - ok
09:17:53.0026 5596 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
09:17:53.0158 5596 bowser - ok
09:17:53.0197 5596 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
09:17:53.0337 5596 BrFiltLo - ok
09:17:53.0377 5596 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
09:17:53.0591 5596 BrFiltUp - ok
09:17:53.0658 5596 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
09:17:53.0816 5596 Browser - ok
09:17:53.0864 5596 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
09:17:54.0020 5596 Brserid - ok
09:17:54.0052 5596 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
09:17:54.0169 5596 BrSerWdm - ok
09:17:54.0210 5596 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
09:17:54.0306 5596 BrUsbMdm - ok
09:17:54.0345 5596 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
09:17:54.0467 5596 BrUsbSer - ok
09:17:54.0537 5596 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
09:17:54.0828 5596 BthEnum - ok
09:17:54.0879 5596 [ CE441CCD98C5ECB10CB12FCAF97322EC ] BtHidBus C:\windows\system32\Drivers\BtHidBus.sys
09:17:54.0944 5596 BtHidBus - ok
09:17:54.0979 5596 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
09:17:55.0082 5596 BTHMODEM - ok
09:17:55.0125 5596 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
09:17:55.0232 5596 BthPan - ok
09:17:55.0309 5596 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
09:17:55.0459 5596 BTHPORT - ok
09:17:55.0524 5596 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
09:17:55.0679 5596 bthserv - ok
09:17:55.0732 5596 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
09:17:55.0857 5596 BTHUSB - ok
09:17:55.0902 5596 [ D3C277A51EF9E2EC972D6221F99C0B6D ] btnetBUs C:\windows\system32\Drivers\btnetBus.sys
09:17:55.0957 5596 btnetBUs - ok
09:17:56.0044 5596 [ 2A0DE6423D6BE95C96124FC66046176E ] BTWAMPFL C:\windows\system32\DRIVERS\btwampfl.sys
09:17:56.0140 5596 BTWAMPFL - ok
09:17:56.0172 5596 [ CC0A5E69D19B5C1ECC6CF9BF3ACC3969 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
09:17:56.0239 5596 btwaudio - ok
09:17:56.0296 5596 [ 9ABEA4DC976E3F47DA2D4B169719CBAA ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
09:17:56.0386 5596 btwavdt - ok
09:17:56.0618 5596 [ 2A6008A9511330B7864B30A8B455AD0A ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:17:56.0784 5596 btwdins - ok
09:17:56.0837 5596 [ C2C9AEB3F9525CBA2670D1F2BEB32A0A ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
09:17:56.0906 5596 btwl2cap - ok
09:17:56.0948 5596 [ 1E5468447E4D18FBEA5F01267D6495A5 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
09:17:57.0005 5596 btwrchid - ok
09:17:57.0063 5596 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
09:17:57.0243 5596 cdfs - ok
09:17:57.0365 5596 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
09:17:57.0465 5596 cdrom - ok
09:17:57.0518 5596 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
09:17:57.0674 5596 CertPropSvc - ok
09:17:57.0715 5596 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
09:17:57.0835 5596 circlass - ok
09:17:57.0891 5596 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
09:17:58.0010 5596 CLFS - ok
09:17:58.0137 5596 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:17:58.0241 5596 clr_optimization_v2.0.50727_32 - ok
09:17:58.0360 5596 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:17:58.0480 5596 clr_optimization_v4.0.30319_32 - ok
09:17:58.0527 5596 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
09:17:58.0660 5596 CmBatt - ok
09:17:58.0837 5596 [ 907324001AE25AC5959C91EAA34CABAE ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
09:17:59.0039 5596 cmdAgent - ok
09:17:59.0102 5596 [ ED042DA80D9D6A087E83DF395CEEFD65 ] cmdGuard C:\windows\system32\DRIVERS\cmdguard.sys
09:17:59.0230 5596 cmdGuard - ok
09:17:59.0272 5596 [ ED6B6A222CB9ADF6751E02AD478A89FB ] cmdHlp C:\windows\system32\DRIVERS\cmdhlp.sys
09:17:59.0356 5596 cmdHlp - ok
09:17:59.0394 5596 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
09:17:59.0514 5596 cmdide - ok
09:17:59.0577 5596 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\windows\system32\Drivers\cng.sys
09:17:59.0744 5596 CNG - ok
09:17:59.0791 5596 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
09:17:59.0849 5596 Compbatt - ok
09:17:59.0884 5596 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
09:18:00.0142 5596 CompositeBus - ok
09:18:00.0173 5596 COMSysApp - ok
09:18:00.0228 5596 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
09:18:00.0389 5596 crcdisk - ok
09:18:00.0536 5596 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
09:18:00.0776 5596 CryptSvc - ok
09:18:00.0844 5596 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
09:18:01.0001 5596 DcomLaunch - ok
09:18:01.0054 5596 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
09:18:01.0190 5596 defragsvc - ok
09:18:01.0252 5596 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
09:18:01.0404 5596 DfsC - ok
09:18:01.0586 5596 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
09:18:01.0808 5596 Dhcp - ok
09:18:01.0834 5596 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
09:18:02.0014 5596 discache - ok
09:18:02.0064 5596 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
09:18:02.0171 5596 Disk - ok
09:18:02.0220 5596 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
09:18:02.0556 5596 Dnscache - ok
09:18:02.0654 5596 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
09:18:02.0903 5596 dot3svc - ok
09:18:02.0989 5596 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
09:18:03.0300 5596 DPS - ok
09:18:03.0485 5596 [ F8BCE77F950E5112D7087DCA2A2174D8 ] DragonUpdater C:\Program Files\Comodo\Dragon\dragon_updater.exe
09:18:03.0757 5596 DragonUpdater - ok
09:18:03.0847 5596 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
09:18:04.0046 5596 drmkaud - ok
09:18:04.0137 5596 [ 577582D57D90FB64276ACFEE958DBFD3 ] DvmMDES C:\QSTART.SYS\config\DVMExportService.exe
09:18:04.0263 5596 DvmMDES ( UnsignedFile.Multi.Generic ) - warning
09:18:04.0263 5596 DvmMDES - detected UnsignedFile.Multi.Generic (1)
09:18:04.0329 5596 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
09:18:04.0485 5596 DXGKrnl - ok
09:18:04.0530 5596 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
09:18:04.0680 5596 EapHost - ok
09:18:04.0836 5596 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
09:18:05.0048 5596 ebdrv - ok
09:18:05.0095 5596 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
09:18:05.0306 5596 EFS - ok
09:18:05.0384 5596 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
09:18:05.0532 5596 ehRecvr - ok
09:18:05.0557 5596 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
09:18:05.0687 5596 ehSched - ok
09:18:05.0748 5596 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
09:18:05.0841 5596 elxstor - ok
09:18:05.0875 5596 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
09:18:05.0988 5596 ErrDev - ok
09:18:06.0060 5596 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
09:18:06.0256 5596 EventSystem - ok
09:18:06.0306 5596 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
09:18:06.0463 5596 exfat - ok
09:18:06.0498 5596 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
09:18:06.0640 5596 fastfat - ok
09:18:06.0719 5596 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
09:18:06.0903 5596 Fax - ok
09:18:06.0942 5596 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
09:18:07.0038 5596 fdc - ok
09:18:07.0182 5596 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
09:18:07.0321 5596 fdPHost - ok
09:18:07.0347 5596 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
09:18:07.0517 5596 FDResPub - ok
09:18:07.0560 5596 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
09:18:07.0645 5596 FileInfo - ok
09:18:07.0675 5596 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
09:18:07.0824 5596 Filetrace - ok
09:18:07.0862 5596 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
09:18:07.0959 5596 flpydisk - ok
09:18:07.0992 5596 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
09:18:08.0061 5596 FltMgr - ok
09:18:08.0157 5596 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\windows\system32\FntCache.dll
09:18:08.0385 5596 FontCache - ok
09:18:08.0436 5596 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:18:08.0515 5596 FontCache3.0.0.0 - ok
09:18:08.0548 5596 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
09:18:08.0617 5596 FsDepends - ok
09:18:08.0649 5596 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
09:18:08.0712 5596 Fs_Rec - ok
09:18:08.0780 5596 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
09:18:08.0858 5596 fvevol - ok
09:18:08.0895 5596 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
09:18:08.0979 5596 gagp30kx - ok
09:18:09.0043 5596 [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C ] ggflt C:\windows\system32\DRIVERS\ggflt.sys
09:18:09.0133 5596 ggflt - ok
09:18:09.0234 5596 [ 17E678AAB82CCDFB80E7614504933895 ] ggsemc C:\windows\system32\DRIVERS\ggsemc.sys
09:18:09.0311 5596 ggsemc - ok
09:18:09.0376 5596 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
09:18:09.0565 5596 gpsvc - ok
09:18:09.0685 5596 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:18:09.0744 5596 gupdate - ok
09:18:09.0789 5596 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:18:09.0833 5596 gupdatem - ok
09:18:09.0909 5596 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:18:09.0994 5596 gusvc - ok
09:18:10.0027 5596 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
09:18:10.0163 5596 hcw85cir - ok
09:18:10.0213 5596 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
09:18:10.0333 5596 HdAudAddService - ok
09:18:10.0358 5596 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
09:18:10.0470 5596 HDAudBus - ok
09:18:10.0499 5596 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
09:18:10.0633 5596 HidBatt - ok
09:18:10.0683 5596 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
09:18:10.0791 5596 HidBth - ok
09:18:10.0833 5596 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
09:18:10.0935 5596 HidIr - ok
09:18:10.0977 5596 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
09:18:11.0110 5596 hidserv - ok
09:18:11.0168 5596 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
09:18:11.0288 5596 HidUsb - ok
09:18:11.0345 5596 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
09:18:11.0503 5596 hkmsvc - ok
09:18:11.0533 5596 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
09:18:11.0649 5596 HomeGroupListener - ok
09:18:11.0699 5596 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
09:18:11.0835 5596 HomeGroupProvider - ok
09:18:11.0889 5596 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
09:18:11.0947 5596 HpSAMD - ok
09:18:11.0991 5596 [ 94D23D4F096F12CA42C2FE4196631F46 ] HPSIService C:\windows\system32\HPSIsvc.exe
09:18:12.0061 5596 HPSIService - ok
09:18:12.0117 5596 [ 06C01427CEAD2C285BB47608BFB9BF88 ] HTCAND32 C:\windows\system32\Drivers\ANDROIDUSB.sys
09:18:12.0187 5596 HTCAND32 - ok
09:18:12.0274 5596 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
09:18:12.0505 5596 HTTP - ok
09:18:12.0659 5596 [ 988C0A49F09D75D3341CB419141793C1 ] hwdatacard C:\windows\system32\DRIVERS\ewusbmdm.sys
09:18:12.0822 5596 hwdatacard - ok
09:18:12.0863 5596 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
09:18:12.0966 5596 hwpolicy - ok
09:18:13.0044 5596 [ AC6B4AABF92867584445D0C435B9248F ] hwusbdev C:\windows\system32\DRIVERS\ewusbdev.sys
09:18:13.0204 5596 hwusbdev - ok
09:18:13.0272 5596 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
09:18:13.0387 5596 i8042prt - ok
09:18:13.0427 5596 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
09:18:13.0516 5596 iaStorV - ok
09:18:13.0658 5596 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:18:13.0721 5596 IDriverT ( UnsignedFile.Multi.Generic ) - warning
09:18:13.0721 5596 IDriverT - detected UnsignedFile.Multi.Generic (1)
09:18:13.0822 5596 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:18:13.0964 5596 idsvc - ok
09:18:14.0143 5596 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
09:18:14.0444 5596 igfx - ok
09:18:14.0490 5596 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
09:18:14.0544 5596 iirsp - ok
09:18:14.0626 5596 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
09:18:14.0807 5596 IKEEXT - ok
09:18:14.0858 5596 [ 2EE3DB2C1760171C6F72F2F1792A47B5 ] inspect C:\windows\system32\DRIVERS\inspect.sys
09:18:14.0941 5596 inspect - ok
09:18:14.0975 5596 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
09:18:15.0070 5596 intelide - ok
09:18:15.0112 5596 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
09:18:15.0203 5596 intelppm - ok
09:18:15.0249 5596 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
09:18:15.0412 5596 IPBusEnum - ok
09:18:15.0454 5596 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
09:18:15.0689 5596 IpFilterDriver - ok
09:18:15.0825 5596 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
09:18:16.0040 5596 iphlpsvc - ok
09:18:16.0080 5596 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
09:18:16.0184 5596 IPMIDRV - ok
09:18:16.0226 5596 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
09:18:16.0376 5596 IPNAT - ok
09:18:16.0410 5596 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
09:18:16.0582 5596 IRENUM - ok
09:18:16.0618 5596 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
09:18:16.0693 5596 isapnp - ok
09:18:16.0719 5596 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
09:18:16.0839 5596 iScsiPrt - ok
09:18:16.0899 5596 [ 71E1FC547CC488D5CD7BF0860C96F5AF ] IvtBtBUs C:\windows\system32\Drivers\IvtBtBus.sys
09:18:16.0995 5596 IvtBtBUs - ok
09:18:17.0084 5596 [ C4C95805B85BCE1EB9D20F4A02FC5F9B ] k57nd60x C:\windows\system32\DRIVERS\k57nd60x.sys
09:18:17.0415 5596 k57nd60x - ok
09:18:17.0538 5596 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
09:18:17.0771 5596 kbdclass - ok
09:18:17.0901 5596 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
09:18:18.0206 5596 kbdhid - ok
09:18:18.0466 5596 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
09:18:18.0761 5596 KeyIso - ok
09:18:18.0850 5596 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
09:18:18.0965 5596 KSecDD - ok
09:18:19.0045 5596 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
09:18:19.0157 5596 KSecPkg - ok
09:18:19.0292 5596 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
09:18:19.0787 5596 KtmRm - ok
09:18:19.0936 5596 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
09:18:20.0140 5596 LanmanServer - ok
09:18:20.0195 5596 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
09:18:20.0406 5596 LanmanWorkstation - ok
09:18:20.0515 5596 [ 910344E2A984010435AE84783B25E5EB ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
09:18:20.0668 5596 LBTServ - ok
09:18:20.0741 5596 [ 01CC7FB6E790EF044B411377F3A1FF41 ] LHidFilt C:\windows\system32\DRIVERS\LHidFilt.Sys
09:18:20.0874 5596 LHidFilt - ok
09:18:20.0993 5596 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
09:18:21.0398 5596 lltdio - ok
09:18:21.0539 5596 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
09:18:22.0041 5596 lltdsvc - ok
09:18:22.0069 5596 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
09:18:22.0336 5596 lmhosts - ok
09:18:22.0430 5596 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] LMouFilt C:\windows\system32\DRIVERS\LMouFilt.Sys
09:18:22.0702 5596 LMouFilt - ok
09:18:22.0806 5596 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
09:18:22.0925 5596 LSI_FC - ok
09:18:22.0992 5596 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
09:18:23.0220 5596 LSI_SAS - ok
09:18:23.0317 5596 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
09:18:23.0544 5596 LSI_SAS2 - ok
09:18:23.0595 5596 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
09:18:23.0759 5596 LSI_SCSI - ok
09:18:23.0812 5596 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
09:18:24.0206 5596 luafv - ok
09:18:24.0253 5596 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
09:18:24.0884 5596 Mcx2Svc - ok
09:18:24.0969 5596 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
09:18:25.0201 5596 megasas - ok
09:18:25.0288 5596 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
09:18:25.0397 5596 MegaSR - ok
09:18:25.0439 5596 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
09:18:25.0864 5596 MMCSS - ok
09:18:25.0916 5596 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
09:18:26.0148 5596 Modem - ok
09:18:26.0201 5596 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
09:18:26.0335 5596 monitor - ok
09:18:26.0372 5596 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
09:18:26.0459 5596 mouclass - ok
09:18:26.0497 5596 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
09:18:26.0681 5596 mouhid - ok
09:18:26.0720 5596 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
09:18:26.0821 5596 mountmgr - ok
09:18:26.0854 5596 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
09:18:26.0945 5596 mpio - ok
09:18:26.0982 5596 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
09:18:27.0289 5596 mpsdrv - ok
09:18:27.0420 5596 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
09:18:27.0873 5596 MpsSvc - ok
09:18:28.0020 5596 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
09:18:28.0154 5596 MRxDAV - ok
09:18:28.0223 5596 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
09:18:28.0480 5596 mrxsmb - ok
09:18:28.0546 5596 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
09:18:28.0668 5596 mrxsmb10 - ok
09:18:28.0729 5596 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
09:18:28.0902 5596 mrxsmb20 - ok
09:18:28.0950 5596 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
09:18:29.0110 5596 msahci - ok
09:18:29.0159 5596 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
09:18:29.0288 5596 msdsm - ok
09:18:29.0322 5596 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
09:18:29.0612 5596 MSDTC - ok
09:18:29.0679 5596 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
09:18:29.0934 5596 Msfs - ok
09:18:29.0971 5596 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
09:18:30.0175 5596 mshidkmdf - ok
09:18:30.0231 5596 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
09:18:30.0352 5596 msisadrv - ok
09:18:30.0458 5596 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
09:18:30.0866 5596 MSiSCSI - ok
09:18:30.0883 5596 msiserver - ok
09:18:30.0943 5596 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
09:18:31.0102 5596 MSKSSRV - ok
09:18:31.0154 5596 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
09:18:31.0337 5596 MSPCLOCK - ok
09:18:31.0360 5596 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
09:18:31.0575 5596 MSPQM - ok
09:18:31.0644 5596 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
09:18:31.0755 5596 MsRPC - ok
09:18:31.0801 5596 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
09:18:31.0889 5596 mssmbios - ok
09:18:31.0952 5596 MSSQL$MSSMLBIZ - ok
09:18:31.0983 5596 [ C06EA83F6FC2959E897C117255B6B1D5 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
09:18:32.0060 5596 MSSQLServerADHelper - ok
09:18:32.0124 5596 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
09:18:32.0338 5596 MSTEE - ok
09:18:32.0379 5596 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
09:18:32.0535 5596 MTConfig - ok
09:18:32.0570 5596 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
09:18:32.0691 5596 Mup - ok
09:18:32.0785 5596 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
09:18:33.0137 5596 napagent - ok
09:18:33.0204 5596 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
09:18:33.0434 5596 NativeWifiP - ok
09:18:33.0509 5596 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
09:18:33.0774 5596 NDIS - ok
09:18:33.0833 5596 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
09:18:34.0035 5596 NdisCap - ok
09:18:34.0095 5596 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
09:18:34.0342 5596 NdisTapi - ok
09:18:34.0415 5596 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
09:18:34.0581 5596 Ndisuio - ok
09:18:34.0644 5596 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
09:18:34.0826 5596 NdisWan - ok
09:18:34.0863 5596 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
09:18:34.0983 5596 NDProxy - ok
09:18:35.0042 5596 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
09:18:35.0206 5596 NetBIOS - ok
09:18:35.0258 5596 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
09:18:35.0378 5596 NetBT - ok
09:18:35.0399 5596 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
09:18:35.0476 5596 Netlogon - ok
09:18:35.0529 5596 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
09:18:35.0709 5596 Netman - ok
09:18:35.0736 5596 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
09:18:35.0936 5596 netprofm - ok
09:18:35.0981 5596 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:18:36.0070 5596 NetTcpPortSharing - ok
09:18:36.0247 5596 [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32 C:\windows\system32\DRIVERS\netw5v32.sys
09:18:36.0542 5596 netw5v32 - ok
09:18:36.0592 5596 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
09:18:36.0659 5596 nfrd960 - ok
09:18:36.0717 5596 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
09:18:36.0829 5596 NlaSvc - ok
09:18:36.0855 5596 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
09:18:36.0976 5596 Npfs - ok
09:18:37.0026 5596 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
09:18:37.0152 5596 nsi - ok
09:18:37.0200 5596 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
09:18:37.0345 5596 nsiproxy - ok
09:18:37.0422 5596 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
09:18:37.0558 5596 Ntfs - ok
09:18:37.0590 5596 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
09:18:37.0746 5596 Null - ok
09:18:37.0823 5596 [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA C:\windows\system32\drivers\nvhda32v.sys
09:18:37.0917 5596 NVHDA - ok
09:18:38.0233 5596 [ B69E6F70CE1151C8D62ABC9DEF64DFBE ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
09:18:39.0036 5596 nvlddmkm - ok
09:18:39.0111 5596 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
09:18:39.0198 5596 nvraid - ok
09:18:39.0242 5596 [ F13618F0CB1E95232F4C2401592A59E9 ] nvsmu C:\windows\system32\DRIVERS\nvsmu.sys
09:18:39.0390 5596 nvsmu - ok
09:18:39.0439 5596 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
09:18:39.0531 5596 nvstor - ok
09:18:39.0572 5596 [ 3FF57A9A657C9690ECBC8B1E3B6E3979 ] nvstor32 C:\windows\system32\DRIVERS\nvstor32.sys
09:18:39.0633 5596 nvstor32 - ok
09:18:39.0712 5596 [ E4284FCF99FEA13A7E1836F87AE356F6 ] nvsvc C:\windows\system32\nvvsvc.exe
09:18:39.0823 5596 nvsvc - ok
09:18:40.0002 5596 [ 03E60E0BFA53ED15DC984FA34B44BB0F ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:18:40.0153 5596 nvUpdatusService - ok
09:18:40.0193 5596 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
09:18:40.0257 5596 nv_agp - ok
09:18:40.0284 5596 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
09:18:40.0402 5596 ohci1394 - ok
09:18:40.0451 5596 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
09:18:40.0692 5596 p2pimsvc - ok
09:18:40.0743 5596 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
09:18:40.0858 5596 p2psvc - ok
09:18:40.0905 5596 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
09:18:40.0987 5596 Parport - ok
09:18:41.0026 5596 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
09:18:41.0087 5596 partmgr - ok
09:18:41.0123 5596 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
09:18:41.0199 5596 Parvdm - ok
09:18:41.0233 5596 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
09:18:41.0384 5596 PcaSvc - ok
09:18:41.0407 5596 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
09:18:41.0472 5596 pci - ok
09:18:41.0500 5596 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
09:18:41.0563 5596 pciide - ok
09:18:41.0596 5596 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
09:18:41.0720 5596 pcmcia - ok
09:18:41.0746 5596 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
09:18:41.0842 5596 pcw - ok
09:18:41.0918 5596 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
09:18:42.0094 5596 PEAUTH - ok
09:18:42.0203 5596 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
09:18:42.0408 5596 pla - ok
09:18:42.0486 5596 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
09:18:42.0661 5596 PlugPlay - ok
09:18:42.0708 5596 [ 379F7A0EC9FBE07629FD3F244D3E3E44 ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
09:18:42.0876 5596 Pml Driver HPZ12 - ok
09:18:42.0892 5596 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
09:18:42.0977 5596 PNRPAutoReg - ok
09:18:43.0007 5596 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
09:18:43.0087 5596 PNRPsvc - ok
09:18:43.0146 5596 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
09:18:43.0294 5596 PolicyAgent - ok
09:18:43.0346 5596 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
09:18:43.0497 5596 Power - ok
09:18:43.0550 5596 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
09:18:43.0692 5596 PptpMiniport - ok
09:18:43.0722 5596 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
09:18:43.0818 5596 Processor - ok
09:18:43.0858 5596 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
09:18:44.0048 5596 ProfSvc - ok
09:18:44.0067 5596 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
09:18:44.0137 5596 ProtectedStorage - ok
09:18:44.0156 5596 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
09:18:44.0267 5596 Psched - ok
09:18:44.0335 5596 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
09:18:44.0495 5596 ql2300 - ok
09:18:44.0538 5596 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
09:18:44.0616 5596 ql40xx - ok
09:18:44.0670 5596 [ E6D35F3AA51A65EB35C1F2340154A25E ] qqbvuk C:\windows\system32\drivers\xurcxs.sys
09:18:44.0719 5596 qqbvuk ( UnsignedFile.Multi.Generic ) - warning
09:18:44.0719 5596 qqbvuk - detected UnsignedFile.Multi.Generic (1)
09:18:44.0755 5596 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
09:18:44.0901 5596 QWAVE - ok
09:18:44.0931 5596 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
09:18:45.0094 5596 QWAVEdrv - ok
09:18:45.0147 5596 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
09:18:45.0309 5596 RasAcd - ok
09:18:45.0369 5596 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
09:18:45.0589 5596 RasAgileVpn - ok
09:18:45.0656 5596 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
09:18:45.0798 5596 RasAuto - ok
09:18:45.0844 5596 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
09:18:46.0113 5596 Rasl2tp - ok
09:18:46.0217 5596 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
09:18:46.0359 5596 RasMan - ok
09:18:46.0411 5596 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
09:18:46.0524 5596 RasPppoe - ok
09:18:46.0585 5596 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
09:18:46.0724 5596 RasSstp - ok
09:18:46.0774 5596 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
09:18:46.0918 5596 rdbss - ok
09:18:46.0960 5596 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
09:18:47.0041 5596 rdpbus - ok
09:18:47.0088 5596 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
09:18:47.0264 5596 RDPCDD - ok
09:18:47.0360 5596 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
09:18:47.0480 5596 RDPENCDD - ok
09:18:47.0547 5596 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
09:18:47.0685 5596 RDPREFMP - ok
09:18:47.0764 5596 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
09:18:47.0888 5596 RdpVideoMiniport - ok
09:18:47.0942 5596 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
09:18:48.0075 5596 RDPWD - ok
09:18:48.0128 5596 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
09:18:48.0229 5596 rdyboost - ok
09:18:48.0307 5596 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
09:18:48.0484 5596 RemoteAccess - ok
09:18:48.0530 5596 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
09:18:48.0686 5596 RemoteRegistry - ok
09:18:48.0740 5596 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
09:18:48.0880 5596 RFCOMM - ok
09:18:48.0934 5596 [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM C:\windows\system32\Drivers\RootMdm.sys
09:18:49.0105 5596 ROOTMODEM - ok
09:18:49.0138 5596 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
09:18:49.0291 5596 RpcEptMapper - ok
09:18:49.0325 5596 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
09:18:49.0427 5596 RpcLocator - ok
09:18:49.0461 5596 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
09:18:49.0633 5596 RpcSs - ok
09:18:49.0727 5596 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
09:18:49.0902 5596 rspndr - ok
09:18:50.0003 5596 [ 52532A4CA8B251775DECC87C4813ABFB ] RTSTOR C:\windows\system32\drivers\RTSTOR.SYS
09:18:50.0190 5596 RTSTOR - ok
09:18:50.0245 5596 [ 69013A123A00B3042C260B0056DF0152 ] s1029bus C:\windows\system32\DRIVERS\s1029bus.sys
09:18:50.0355 5596 s1029bus - ok
09:18:50.0401 5596 [ 1565FC31F872963FE8AF471123D8424C ] s1029mdfl C:\windows\system32\DRIVERS\s1029mdfl.sys
09:18:50.0456 5596 s1029mdfl - ok
09:18:50.0493 5596 [ D67A8042ECF6C983AC0E308B36603677 ] s1029mdm C:\windows\system32\DRIVERS\s1029mdm.sys
09:18:50.0553 5596 s1029mdm - ok
09:18:50.0582 5596 [ 9AC56F06C1E13A963C82EBD067FDF274 ] s1029mgmt C:\windows\system32\DRIVERS\s1029mgmt.sys
09:18:50.0644 5596 s1029mgmt - ok
09:18:50.0688 5596 [ 00C66C6BAAFB2747F15F94F15888C94A ] s1029nd5 C:\windows\system32\DRIVERS\s1029nd5.sys
09:18:50.0762 5596 s1029nd5 - ok
09:18:50.0796 5596 [ 6FC093ABA554E45755DC2F3896B6C8D7 ] s1029obex C:\windows\system32\DRIVERS\s1029obex.sys
09:18:50.0875 5596 s1029obex - ok
09:18:50.0934 5596 [ 9979B0E68815394665B2109B03D15FA1 ] s1029unic C:\windows\system32\DRIVERS\s1029unic.sys
09:18:51.0023 5596 s1029unic - ok
09:18:51.0068 5596 [ D0EEDC88876B20D42157CDCCA3E647F3 ] s1039bus C:\windows\system32\DRIVERS\s1039bus.sys
09:18:51.0164 5596 s1039bus - ok
09:18:51.0206 5596 [ 7B35091A7BB597C86262C589B0B57D06 ] s1039mdfl C:\windows\system32\DRIVERS\s1039mdfl.sys
09:18:51.0287 5596 s1039mdfl - ok
09:18:51.0331 5596 [ 4CB1AB13C9813CBF3E4C6406F8043EC2 ] s1039mdm C:\windows\system32\DRIVERS\s1039mdm.sys
09:18:51.0423 5596 s1039mdm - ok
09:18:51.0534 5596 [ 2649CA09585A7531126DCC116AD1F88C ] s1039mgmt C:\windows\system32\DRIVERS\s1039mgmt.sys
09:18:51.0631 5596 s1039mgmt - ok
09:18:51.0671 5596 [ 6D3F549EFD6DAEDD7D12F3DE2175053F ] s1039nd5 C:\windows\system32\DRIVERS\s1039nd5.sys
09:18:51.0756 5596 s1039nd5 - ok
09:18:51.0870 5596 [ 305E3E3ACA0037AF2E2C1B50A383C91B ] s1039obex C:\windows\system32\DRIVERS\s1039obex.sys
09:18:51.0964 5596 s1039obex - ok
09:18:52.0003 5596 [ 7DD02A58277C84C043442561589914F4 ] s1039unic C:\windows\system32\DRIVERS\s1039unic.sys
09:18:52.0083 5596 s1039unic - ok
09:18:52.0112 5596 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
09:18:52.0214 5596 SamSs - ok
09:18:52.0265 5596 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
09:18:52.0347 5596 sbp2port - ok
09:18:52.0391 5596 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
09:18:52.0645 5596 SCardSvr - ok
09:18:52.0699 5596 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
09:18:52.0879 5596 scfilter - ok
09:18:52.0973 5596 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
09:18:53.0227 5596 Schedule - ok
09:18:53.0281 5596 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
09:18:53.0429 5596 SCPolicySvc - ok
09:18:53.0506 5596 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
09:18:53.0677 5596 SDRSVC - ok
09:18:53.0726 5596 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
09:18:53.0867 5596 secdrv - ok
09:18:53.0907 5596 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
09:18:54.0059 5596 seclogon - ok
09:18:54.0106 5596 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
09:18:54.0256 5596 SENS - ok
09:18:54.0288 5596 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
09:18:54.0417 5596 SensrSvc - ok
09:18:54.0439 5596 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
09:18:54.0527 5596 Serenum - ok
09:18:54.0568 5596 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
09:18:54.0684 5596 Serial - ok
09:18:54.0748 5596 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
09:18:54.0859 5596 sermouse - ok
09:18:54.0927 5596 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
09:18:55.0064 5596 SessionEnv - ok
09:18:55.0102 5596 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
09:18:55.0227 5596 sffdisk - ok
09:18:55.0249 5596 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
09:18:55.0319 5596 sffp_mmc - ok
09:18:55.0341 5596 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
09:18:55.0446 5596 sffp_sd - ok
09:18:55.0481 5596 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
09:18:55.0575 5596 sfloppy - ok
09:18:55.0637 5596 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
09:18:55.0856 5596 SharedAccess - ok
09:18:55.0904 5596 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
09:18:56.0100 5596 ShellHWDetection - ok
09:18:56.0136 5596 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
09:18:56.0196 5596 sisagp - ok
09:18:56.0235 5596 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
09:18:56.0303 5596 SiSRaid2 - ok
09:18:56.0326 5596 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
09:18:56.0391 5596 SiSRaid4 - ok
09:18:56.0475 5596 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
09:18:56.0547 5596 SkypeUpdate - ok
09:18:56.0577 5596 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
09:18:56.0693 5596 Smb - ok
09:18:56.0746 5596 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
09:18:56.0860 5596 SNMPTRAP - ok
09:18:56.0981 5596 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
09:18:57.0092 5596 Sony PC Companion ( UnsignedFile.Multi.Generic ) - warning
09:18:57.0092 5596 Sony PC Companion - detected UnsignedFile.Multi.Generic (1)
09:18:57.0142 5596 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
09:18:57.0229 5596 spldr - ok
09:18:57.0288 5596 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
09:18:57.0433 5596 Spooler - ok
09:18:57.0552 5596 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
09:18:57.0902 5596 sppsvc - ok
09:18:57.0953 5596 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
09:18:58.0094 5596 sppuinotify - ok
09:18:58.0175 5596 [ F42EFEFB765235F24B24E1D2B6F99F46 ] sptd C:\windows\System32\Drivers\sptd.sys
09:18:58.0178 5596 Suspicious file (NoAccess): C:\windows\System32\Drivers\sptd.sys. md5: F42EFEFB765235F24B24E1D2B6F99F46
09:18:58.0181 5596 sptd ( LockedFile.Multi.Generic ) - warning
09:18:58.0182 5596 sptd - detected LockedFile.Multi.Generic (1)
09:18:58.0221 5596 [ B2EC3E1DEAC5F0A764BD3486D213A0AF ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
09:18:58.0339 5596 SQLBrowser - ok
09:18:58.0383 5596 [ D2F4F32B59440011174B4F8137AF4E0C ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
09:18:58.0430 5596 SQLWriter - ok
09:18:58.0480 5596 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
09:18:58.0608 5596 srv - ok
09:18:58.0642 5596 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
09:18:58.0746 5596 srv2 - ok
09:18:58.0789 5596 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
09:18:58.0864 5596 srvnet - ok
09:18:58.0903 5596 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
09:18:59.0059 5596 SSDPSRV - ok
09:18:59.0104 5596 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
09:18:59.0244 5596 SstpSvc - ok
09:18:59.0284 5596 [ 3F0164FBC0BD1ADBD02DF9759181451A ] ss_bbus C:\windows\system32\DRIVERS\ss_bbus.sys
09:18:59.0345 5596 ss_bbus - ok
09:18:59.0393 5596 [ B89D62206034E5FE573C80A24DD55675 ] ss_bmdfl C:\windows\system32\DRIVERS\ss_bmdfl.sys
09:18:59.0471 5596 ss_bmdfl - ok
09:18:59.0501 5596 [ 1ED0FCEA586FE2A416EE15196E5631DD ] ss_bmdm C:\windows\system32\DRIVERS\ss_bmdm.sys
09:18:59.0582 5596 ss_bmdm - ok
09:18:59.0611 5596 [ 994D2E5378CC337EC7DD73C1E04FCAA4 ] ss_bserd C:\windows\system32\DRIVERS\ss_bserd.sys
09:18:59.0674 5596 ss_bserd - ok
09:18:59.0770 5596 [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:18:59.0875 5596 Stereo Service - ok
09:18:59.0938 5596 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
09:19:00.0028 5596 stexstor - ok
09:19:00.0108 5596 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
09:19:00.0300 5596 StiSvc - ok
09:19:00.0352 5596 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
09:19:00.0444 5596 swenum - ok
09:19:00.0482 5596 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
09:19:00.0706 5596 swprv - ok
09:19:00.0777 5596 [ 6BEF3ACD6EE22EEC55B68699E8AACE09 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
09:19:00.0938 5596 SynTP - ok
09:19:01.0102 5596 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
09:19:01.0314 5596 SysMain - ok
09:19:01.0387 5596 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
09:19:01.0520 5596 TabletInputService - ok
09:19:01.0553 5596 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
09:19:01.0697 5596 TapiSrv - ok
09:19:01.0730 5596 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
09:19:01.0996 5596 TBS - ok
09:19:02.0092 5596 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\windows\system32\drivers\tcpip.sys
09:19:02.0265 5596 Tcpip - ok
09:19:02.0357 5596 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
09:19:02.0478 5596 TCPIP6 - ok
09:19:02.0557 5596 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
09:19:02.0691 5596 tcpipreg - ok
09:19:02.0743 5596 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
09:19:02.0897 5596 TDPIPE - ok
09:19:02.0961 5596 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
09:19:03.0153 5596 TDTCP - ok
09:19:03.0208 5596 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
09:19:03.0365 5596 tdx - ok
09:19:03.0399 5596 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
09:19:03.0459 5596 TermDD - ok
09:19:03.0519 5596 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
09:19:03.0676 5596 TermService - ok
09:19:03.0718 5596 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
09:19:03.0828 5596 Themes - ok
09:19:03.0856 5596 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
09:19:03.0972 5596 THREADORDER - ok
09:19:03.0991 5596 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
09:19:04.0198 5596 TrkWks - ok
09:19:04.0279 5596 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
09:19:04.0577 5596 TrustedInstaller - ok
09:19:04.0644 5596 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
09:19:04.0849 5596 tssecsrv - ok
09:19:04.0918 5596 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
09:19:05.0200 5596 TsUsbFlt - ok
09:19:05.0281 5596 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
09:19:05.0449 5596 tunnel - ok
09:19:05.0653 5596 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
09:19:05.0921 5596 uagp35 - ok
09:19:05.0976 5596 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
09:19:06.0171 5596 udfs - ok
09:19:06.0256 5596 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
09:19:06.0545 5596 UI0Detect - ok
09:19:06.0609 5596 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
09:19:06.0776 5596 uliagpkx - ok
09:19:06.0812 5596 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
09:19:06.0924 5596 umbus - ok
09:19:06.0965 5596 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
09:19:07.0078 5596 UmPass - ok
09:19:07.0162 5596 [ BB879DCFD22926EFBEB3298129898CBB ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
09:19:07.0229 5596 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
09:19:07.0229 5596 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
09:19:07.0301 5596 [ 3D571A3CBF127E9555EAD2F8598F425F ] UnsignedThemes C:\windows\UnsignedThemesSvc.exe
09:19:07.0431 5596 UnsignedThemes - ok
09:19:07.0507 5596 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
09:19:07.0723 5596 upnphost - ok
09:19:07.0855 5596 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
09:19:08.0019 5596 usbccgp - ok
09:19:08.0089 5596 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
09:19:08.0216 5596 usbcir - ok
09:19:08.0286 5596 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
09:19:08.0419 5596 usbehci - ok
09:19:08.0505 5596 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
09:19:08.0642 5596 usbhub - ok
09:19:08.0707 5596 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
09:19:08.0827 5596 usbohci - ok
09:19:08.0903 5596 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
09:19:09.0020 5596 usbprint - ok
09:19:09.0106 5596 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
09:19:09.0314 5596 USBSTOR - ok
09:19:09.0358 5596 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
09:19:09.0495 5596 usbuhci - ok
09:19:09.0563 5596 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
09:19:09.0707 5596 usbvideo - ok
09:19:09.0769 5596 [ 628C632710AB55747CB5BCC68716BE21 ] uxpatch C:\windows\system32\drivers\uxpatch.sys
09:19:09.0867 5596 uxpatch - ok
09:19:09.0959 5596 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
09:19:10.0149 5596 UxSms - ok
09:19:10.0204 5596 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
09:19:10.0319 5596 VaultSvc - ok
09:19:10.0388 5596 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
09:19:10.0478 5596 vdrvroot - ok
09:19:10.0547 5596 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
09:19:10.0817 5596 vds - ok
09:19:10.0879 5596 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
09:19:11.0029 5596 vga - ok
09:19:11.0065 5596 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
09:19:11.0179 5596 VgaSave - ok
09:19:11.0225 5596 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
09:19:11.0295 5596 vhdmp - ok
09:19:11.0331 5596 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
09:19:11.0408 5596 viaagp - ok
09:19:11.0454 5596 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
09:19:11.0585 5596 ViaC7 - ok
09:19:11.0647 5596 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
09:19:11.0747 5596 viaide - ok
09:19:11.0841 5596 [ 8BE00DA038A8A2501AA0A5AB07B37DC6 ] vm331avs C:\windows\system32\Drivers\vm331avs.sys
09:19:12.0165 5596 vm331avs - ok
09:19:12.0201 5596 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
09:19:12.0299 5596 volmgr - ok
09:19:12.0367 5596 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
09:19:12.0444 5596 volmgrx - ok
09:19:12.0476 5596 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
09:19:12.0632 5596 volsnap - ok
09:19:12.0788 5596 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
09:19:12.0967 5596 vsmraid - ok
09:19:13.0171 5596 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
09:19:13.0739 5596 VSS - ok
09:19:13.0785 5596 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
09:19:14.0408 5596 vwifibus - ok
09:19:14.0487 5596 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
09:19:14.0614 5596 vwififlt - ok
09:19:14.0681 5596 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
09:19:14.0895 5596 vwifimp - ok
09:19:14.0995 5596 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
09:19:15.0486 5596 W32Time - ok
09:19:15.0610 5596 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
09:19:15.0804 5596 WacomPen - ok
09:19:15.0879 5596 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
09:19:16.0128 5596 WANARP - ok
09:19:16.0150 5596 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
09:19:17.0041 5596 Wanarpv6 - ok
09:19:17.0190 5596 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
09:19:17.0710 5596 WatAdminSvc - ok
09:19:17.0839 5596 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
09:19:18.0259 5596 wbengine - ok
09:19:18.0320 5596 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
09:19:18.0541 5596 WbioSrvc - ok
09:19:18.0724 5596 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
09:19:18.0938 5596 wcncsvc - ok
09:19:18.0999 5596 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
09:19:19.0206 5596 WcsPlugInService - ok
09:19:19.0254 5596 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
09:19:19.0321 5596 Wd - ok
09:19:19.0380 5596 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
09:19:19.0738 5596 Wdf01000 - ok
09:19:19.0809 5596 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
09:19:20.0112 5596 WdiServiceHost - ok
09:19:20.0143 5596 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
09:19:20.0326 5596 WdiSystemHost - ok
09:19:20.0406 5596 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
09:19:20.0766 5596 WebClient - ok
09:19:20.0833 5596 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
09:19:21.0144 5596 Wecsvc - ok
09:19:21.0217 5596 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
09:19:21.0590 5596 wercplsupport - ok
09:19:21.0671 5596 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
09:19:22.0232 5596 WerSvc - ok
09:19:22.0318 5596 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
09:19:22.0577 5596 WfpLwf - ok
09:19:22.0635 5596 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
09:19:22.0788 5596 WimFltr - ok
09:19:22.0861 5596 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
09:19:23.0082 5596 WIMMount - ok
09:19:23.0205 5596 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:19:23.0438 5596 WinDefend - ok
09:19:23.0502 5596 WinHttpAutoProxySvc - ok
09:19:23.0640 5596 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
09:19:23.0901 5596 Winmgmt - ok
09:19:24.0008 5596 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
09:19:24.0332 5596 WinRM - ok
09:19:24.0443 5596 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
09:19:24.0646 5596 WinUsb - ok
09:19:24.0759 5596 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
09:19:25.0123 5596 Wlansvc - ok
09:19:25.0225 5596 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
09:19:25.0367 5596 WmiAcpi - ok
09:19:25.0487 5596 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
09:19:25.0650 5596 wmiApSrv - ok
09:19:25.0866 5596 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:19:26.0114 5596 WMPNetworkSvc - ok
09:19:26.0163 5596 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
09:19:26.0405 5596 WPCSvc - ok
09:19:26.0461 5596 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
09:19:26.0629 5596 WPDBusEnum - ok
09:19:26.0681 5596 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
09:19:26.0875 5596 ws2ifsl - ok
09:19:26.0927 5596 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
09:19:27.0131 5596 wscsvc - ok
09:19:27.0153 5596 WSearch - ok
09:19:27.0229 5596 [ BAEDC491374DEFD5E76336901D6D397D ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
09:19:27.0341 5596 wsvd - ok
09:19:27.0538 5596 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
09:19:27.0823 5596 wuauserv - ok
09:19:27.0895 5596 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
09:19:28.0068 5596 WudfPf - ok
09:19:28.0128 5596 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
09:19:28.0246 5596 WUDFRd - ok
09:19:28.0323 5596 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
09:19:28.0450 5596 wudfsvc - ok
09:19:28.0530 5596 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
09:19:28.0801 5596 WwanSvc - ok
09:19:28.0950 5596 ================ Scan global ===============================
09:19:28.0993 5596 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
09:19:29.0055 5596 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
09:19:29.0133 5596 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
09:19:29.0229 5596 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
09:19:29.0282 5596 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
09:19:29.0318 5596 [Global] - ok
09:19:29.0320 5596 ================ Scan MBR ==================================
09:19:29.0333 5596 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:19:30.0577 5596 \Device\Harddisk0\DR0 - ok
09:19:30.0582 5596 ================ Scan VBR ==================================
09:19:30.0620 5596 [ 51B47AD0145E4BE8662751A7896C9D87 ] \Device\Harddisk0\DR0\Partition1
09:19:30.0628 5596 \Device\Harddisk0\DR0\Partition1 - ok
09:19:30.0645 5596 [ 035DDD4C5DFC83998ABD37B477EC3ADE ] \Device\Harddisk0\DR0\Partition2
09:19:30.0652 5596 \Device\Harddisk0\DR0\Partition2 - ok
09:19:30.0699 5596 [ EDA259EEB3EED4A68365015625668FB8 ] \Device\Harddisk0\DR0\Partition3
09:19:30.0704 5596 \Device\Harddisk0\DR0\Partition3 - ok
09:19:30.0706 5596 ============================================================
09:19:30.0706 5596 Scan finished
09:19:30.0706 5596 ============================================================
09:19:30.0791 1420 Detected object count: 6
09:19:30.0791 1420 Actual detected object count: 6
09:19:56.0056 1420 DvmMDES ( UnsignedFile.Multi.Generic ) - skipped by user
09:19:56.0057 1420 DvmMDES ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:19:56.0059 1420 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
09:19:56.0062 1420 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:19:56.0072 1420 qqbvuk ( UnsignedFile.Multi.Generic ) - skipped by user
09:19:56.0073 1420 qqbvuk ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:19:56.0087 1420 Sony PC Companion ( UnsignedFile.Multi.Generic ) - skipped by user
09:19:56.0088 1420 Sony PC Companion ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:19:56.0090 1420 sptd ( LockedFile.Multi.Generic ) - skipped by user
09:19:56.0090 1420 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
09:19:56.0099 1420 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
09:19:56.0100 1420 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip

#11 Příspěvek od **vyosek** » 26 bře 2013 16:52

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aa8ytzdo)
DRV - [2013.03.24 23:30:00 | 000,054,016 | ---- | M] () [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\xurcxs.sys -- (qqbvuk)
IE - HKU\S-1-5-21-824841891-1043371265-2957086674-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
[2012.06.04 00:11:56 | 000,000,161 | ---- | C] () -- C:\windows\AutoKMS.ini
[3 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]
[2013.03.25 01:00:16 | 000,000,914 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013.03.24 20:23:55 | 000,000,920 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.03.25 01:09:11 | 000,000,924 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

kowler · #12 Příspěvek od **kowler** » 27 bře 2013 18:19

All processes killed
========== OTL ==========
Error: No service named aa8ytzdo was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aa8ytzdo deleted successfully.
Error: No service named qqbvuk was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\qqbvuk deleted successfully.
C:\Windows\System32\drivers\xurcxs.sys moved successfully.
HKEY_USERS\S-1-5-21-824841891-1043371265-2957086674-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-824841891-1043371265-2957086674-1006\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
C:\Windows\AutoKMS.ini moved successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP29F.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA5F1.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC6CA.tmp folder deleted successfully.
C:\windows\Temp\IEB4CB.tmp\Windows6.1-KB2533623-x86.cab deleted successfully.
C:\windows\Temp\IEB4CB.tmp folder deleted successfully.
C:\windows\Temp\TS_61DD.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Kowler
->Temp folder emptied: 475852 bytes
->Temporary Internet Files folder emptied: 328967107 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 53742584 bytes
->Flash cache emptied: 50375 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4364056 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 9021842 bytes

Total Files Cleaned = 378,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Kowler
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Kowler
->Java cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 03272013_181124

Files\Folders moved on Reboot...
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#13 Příspěvek od **vyosek** » 27 bře 2013 19:48

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

kowler · #14 Příspěvek od **kowler** » 27 bře 2013 20:06

dakujem

#15 Příspěvek od **vyosek** » 28 bře 2013 07:28

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

prosím o kontrolu logu thx

prosím o kontrolu logu thx

Re: prosím o kontrolu logu thx

Re: prosím o kontrolu logu thx

Re: prosím o kontrolu logu thx

Re: prosím o kontrolu logu thx

Re: prosím o kontrolu logu thx

Re: prosím o kontrolu logu thx

Re: prosím o kontrolu logu thx

Re: prosím o kontrolu logu thx

Re: prosím o kontrolu logu thx

Re: prosím o kontrolu logu thx

Re: prosím o kontrolu logu thx

Re: prosím o kontrolu logu thx

Re: prosím o kontrolu logu thx

Re: prosím o kontrolu logu thx