Prosím o prev.kontrolu DDS log
Napsal: 19 led 2013 09:07
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2
Run by Vladimir at 8:59:04 on 2013-01-19
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2047.1400 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Antivirus *Disabled/Outdated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Comodo\Dragon\dragon_updater.exe
C:\Windows\system32\FsUsbExService.Exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Comodo\IceDragon\icedragon_updater.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\FinalWire\AIDA64 Extreme Edition\aida64.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdupd.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [COMODO Internet Security] c:\program files\comodo\comodo internet security\cistray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:153
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:153
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{91C89D88-4FB5-48CA-9AA5-7840DB89F067} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{91C89D88-4FB5-48CA-9AA5-7840DB89F067} : DHCPNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 127.0.0.1 wdcs.trendmicro.com
Hosts: 127.0.0.1 ads.bleepingcomputer.com
Hosts: 127.0.0.1 om.symantec.com
Hosts: 127.0.0.1 metrics.mcafee.com
Hosts: 127.0.0.1 metrics.bitdefender.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\vladimir\appdata\roaming\mozilla\firefox\profiles\ofescmbg.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\ubisoft\ubisoft game launcher\npuplaypc.dll
FF - plugin: c:\program files\ubisoft\ubisoft game launcher\npuplaypchub.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\vladimir\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\users\vladimir\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1166636.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1167637.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2011-7-27 20872]
R0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\drivers\fltsrv.sys [2012-9-11 76768]
R0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\drivers\nvamacpi.sys [2011-10-28 24680]
R1 appdrv01;Application Driver (01);c:\windows\system32\drivers\appdrv01.sys [2012-7-29 2911848]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-10-28 361032]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [2012-12-14 20224]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2012-12-14 574848]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-12-14 43880]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2013-1-11 242240]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-10-28 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-10-28 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-11-2 44808]
R2 DragonUpdater;COMODO Dragon Update Service;c:\program files\comodo\dragon\dragon_updater.exe [2013-1-16 1868432]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2011-12-25 238952]
R2 IceDragonUpdater;COMODO IceDragon Update Service;c:\program files\comodo\icedragon\icedragon_updater.exe [2013-1-10 446664]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-11 398184]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-12-29 383416]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2013\TuneUpUtilitiesService32.exe [2012-11-29 1723744]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files\finalwire\aida64 extreme edition\kerneld.x32 [2012-2-29 31128]
R3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys [2012-1-18 32896]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-12-25 36608]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-12 21104]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2013\TuneUpUtilitiesDriver32.sys [2012-11-16 10088]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-10-28 738504]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\system32\appdrvrem01.exe svc --> c:\windows\system32\appdrvrem01.exe svc [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-9-11 682344]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2010-4-6 25864]
S3 cmdvirth;COMODO Virtual Service Manager;c:\program files\comodo\comodo internet security\cmdvirth.exe [2012-12-14 127184]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2010-4-6 23048]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-16 14848]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-1-20 27192]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2012-8-5 27632]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2009-9-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2009-9-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2009-9-19 123648]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-16 49664]
S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2011-10-29 1343400]
S4 CLPSLauncher;COMODO LPS Launcher;c:\program files\common files\comodo\launcher_service.exe [2012-11-1 70352]
S4 GeekBuddyRSP;GeekBuddy Remote Screen Protocol;c:\program files\common files\comodo\GeekBuddyRSP.exe [2012-10-31 1467088]
S4 IObitUnlocker;IObitUnlocker;c:\program files\iobit\iobit unlocker\IObitUnlocker.sys [2011-10-29 28016]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
.
=============== Created Last 30 ================
.
2013-01-17 18:04:30 512 ----a-w- C:\PhysicalMBR.bin
2013-01-16 15:44:36 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-16 09:53:05 -------- d-----w- c:\program files\mbar
2013-01-15 20:54:08 47368 ----a-w- c:\windows\system32\certsentry.dll
2013-01-13 15:01:39 0 ----a-w- c:\users\vladimir\appdata\local\jv16PT_temp.tmp
2013-01-13 14:39:18 -------- d-----w- c:\users\vladimir\appdata\roaming\ExpressFiles
2013-01-13 13:19:27 -------- d-----w- c:\windows\CleanMem
2013-01-13 13:19:27 -------- d-----w- c:\program files\CleanMem
2013-01-13 11:26:10 -------- d-sh--w- C:\$RECYCLE.BIN
2013-01-12 20:58:24 -------- d-----w- c:\users\vladimir\appdata\roaming\Comodo
2013-01-12 16:05:13 -------- d-s---w- c:\programdata\Shared Space
2013-01-12 16:03:47 -------- d-----w- c:\program files\common files\Comodo
2013-01-12 16:03:35 -------- d-----w- c:\users\vladimir\appdata\local\Comodo
2013-01-12 16:03:12 -------- d-----w- c:\programdata\Comodo Downloader
2013-01-12 15:42:00 31584 ----a-w- c:\windows\system32\TURegOpt.exe
2013-01-12 15:42:00 21344 ----a-w- c:\windows\system32\authuitu.dll
2013-01-12 15:41:42 -------- d-----w- c:\users\vladimir\appdata\roaming\TuneUp Software
2013-01-12 15:41:25 -------- d-----w- c:\program files\TuneUp Utilities 2013
2013-01-12 15:40:41 -------- d-----w- c:\programdata\TuneUp Software
2013-01-11 19:17:11 -------- d-----w- C:\VTRoot
2013-01-11 18:43:35 -------- d-----r- c:\program files\Skype
2013-01-11 18:15:31 -------- d-----w- c:\users\vladimir\appdata\roaming\VS Revo Group
2013-01-11 16:57:01 -------- d-----w- c:\users\vladimir\appdata\roaming\IsolatedStorage
2013-01-11 16:57:01 -------- d-----w- c:\programdata\IsolatedStorage
2013-01-11 06:49:46 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-01-11 06:49:35 -------- d-----w- c:\program files\DAEMON Tools Lite
2013-01-09 06:11:42 46592 ----a-w- c:\windows\system32\fpb.rs
2013-01-09 06:09:29 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 06:09:11 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-01-07 09:30:31 -------- d-----w- c:\program files\FreeRapid-0.9u1
2013-01-07 08:01:09 -------- d-----w- c:\windows\system32\RTCOM
2013-01-07 07:59:58 1836376 ----a-w- c:\windows\system32\MaxxAudioEQ.dll
2013-01-07 07:58:02 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2013-01-07 07:44:19 -------- d-----w- c:\program files\SlimDrivers
2013-01-06 13:40:12 8904632 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-01-06 13:40:12 6263784 ----a-w- c:\windows\system32\nvopencl.dll
2013-01-06 13:40:12 20450232 ----a-w- c:\windows\system32\nvoglv32.dll
2013-01-06 13:40:11 7931896 ----a-w- c:\windows\system32\nvcuda.dll
2013-01-06 13:40:11 2720696 ----a-w- c:\windows\system32\nvcuvid.dll
2013-01-06 13:40:11 1985976 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-01-06 13:40:11 17560504 ----a-w- c:\windows\system32\nvcompiler.dll
2013-01-06 13:40:11 15129064 ----a-w- c:\windows\system32\nvd3dum.dll
2013-01-01 16:30:38 -------- d-----w- c:\program files\Origin Games
2013-01-01 16:30:29 -------- d-----w- c:\users\vladimir\appdata\local\Origin
2013-01-01 16:26:23 -------- d-----w- c:\program files\Origin
2012-12-29 01:54:24 550328 ----a-w- c:\windows\system32\nvStreaming.exe
2012-12-22 23:11:37 -------- d-----w- C:\CCE_Quarantine
2012-12-22 19:04:59 -------- d-----w- c:\program files\LibreOffice 3.6
2012-12-22 07:58:13 -------- d-----w- c:\programdata\Comodo
2012-12-21 16:22:11 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 16:22:07 34304 ----a-w- c:\windows\system32\atmlib.dll
.
==================== Find3M ====================
.
2013-01-16 15:44:26 859552 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-01-16 15:44:26 780192 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-09 09:51:52 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-09 09:51:52 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-29 10:26:54 889784 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-12-29 10:26:54 2504248 ----a-w- c:\windows\system32\nvapi.dll
2012-12-29 10:26:54 12641120 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-12-29 10:26:54 1017272 ----a-w- c:\windows\system32\nvdispco32.dll
2012-12-29 08:26:22 4129720 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-29 08:26:22 3001272 ----a-w- c:\windows\system32\nvsvc.dll
2012-12-29 08:25:57 639928 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-29 08:25:57 62904 ----a-w- c:\windows\system32\nvshext.dll
2012-12-29 08:25:57 108984 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-23 11:38:36 281688 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-12-14 19:45:42 43880 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-12-14 19:45:40 574848 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2012-12-14 19:45:40 20224 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-12-14 19:45:32 35640 ----a-w- c:\windows\system32\cmdcsr.dll
2012-12-14 19:45:30 350272 ----a-w- c:\windows\system32\guard32.dll
2012-12-14 19:45:14 260304 ----a-w- c:\windows\system32\cmdvrt32.dll
2012-12-14 15:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-12 21:37:56 4472832 ----a-w- c:\windows\system32\GPhotos.scr
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 06:57:45 281688 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-12-01 11:18:09 87608 ----a-w- c:\users\vladimir\appdata\roaming\inst.exe
2012-12-01 11:18:09 47360 ----a-w- c:\users\vladimir\appdata\roaming\pcouffin.sys
2012-12-01 04:37:55 2557288 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-23 02:56:23 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-22 04:45:03 626688 ----a-w- c:\windows\system32\usp10.dll
2012-11-21 19:16:30 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2012-11-21 19:16:30 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-10 14:47:17 466008 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-11-09 04:43:04 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-08 10:29:12 1402312 ----a-w- c:\windows\system32\msxml4.dll
2012-11-03 16:31:04 138904 ----a-w- c:\users\vladimir\appdata\roaming\PnkBstrK.sys
2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 04:47:54 1389568 ----a-w- c:\windows\system32\msxml6.dll
2012-10-30 22:51:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51:57 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51:07 41224 ----a-w- c:\windows\avastSS.scr
2012-10-29 11:10:02 4659712 ----a-w- c:\windows\system32\Redemption.dll
2012-10-25 02:12:26 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 02:12:26 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
============= FINISH: 9:00:17,87 ===============
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2
Run by Vladimir at 8:59:04 on 2013-01-19
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2047.1400 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Antivirus *Disabled/Outdated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Comodo\Dragon\dragon_updater.exe
C:\Windows\system32\FsUsbExService.Exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Comodo\IceDragon\icedragon_updater.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\FinalWire\AIDA64 Extreme Edition\aida64.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdupd.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [COMODO Internet Security] c:\program files\comodo\comodo internet security\cistray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:153
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:153
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{91C89D88-4FB5-48CA-9AA5-7840DB89F067} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{91C89D88-4FB5-48CA-9AA5-7840DB89F067} : DHCPNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 127.0.0.1 wdcs.trendmicro.com
Hosts: 127.0.0.1 ads.bleepingcomputer.com
Hosts: 127.0.0.1 om.symantec.com
Hosts: 127.0.0.1 metrics.mcafee.com
Hosts: 127.0.0.1 metrics.bitdefender.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\vladimir\appdata\roaming\mozilla\firefox\profiles\ofescmbg.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\ubisoft\ubisoft game launcher\npuplaypc.dll
FF - plugin: c:\program files\ubisoft\ubisoft game launcher\npuplaypchub.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\vladimir\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\users\vladimir\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1166636.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1167637.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2011-7-27 20872]
R0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\drivers\fltsrv.sys [2012-9-11 76768]
R0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\drivers\nvamacpi.sys [2011-10-28 24680]
R1 appdrv01;Application Driver (01);c:\windows\system32\drivers\appdrv01.sys [2012-7-29 2911848]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-10-28 361032]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [2012-12-14 20224]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2012-12-14 574848]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-12-14 43880]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2013-1-11 242240]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-10-28 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-10-28 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-11-2 44808]
R2 DragonUpdater;COMODO Dragon Update Service;c:\program files\comodo\dragon\dragon_updater.exe [2013-1-16 1868432]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2011-12-25 238952]
R2 IceDragonUpdater;COMODO IceDragon Update Service;c:\program files\comodo\icedragon\icedragon_updater.exe [2013-1-10 446664]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-11 398184]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-12-29 383416]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2013\TuneUpUtilitiesService32.exe [2012-11-29 1723744]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files\finalwire\aida64 extreme edition\kerneld.x32 [2012-2-29 31128]
R3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys [2012-1-18 32896]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-12-25 36608]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-12 21104]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2013\TuneUpUtilitiesDriver32.sys [2012-11-16 10088]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-10-28 738504]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\system32\appdrvrem01.exe svc --> c:\windows\system32\appdrvrem01.exe svc [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-9-11 682344]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2010-4-6 25864]
S3 cmdvirth;COMODO Virtual Service Manager;c:\program files\comodo\comodo internet security\cmdvirth.exe [2012-12-14 127184]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2010-4-6 23048]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-16 14848]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-1-20 27192]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2012-8-5 27632]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2009-9-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2009-9-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2009-9-19 123648]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-16 49664]
S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2011-10-29 1343400]
S4 CLPSLauncher;COMODO LPS Launcher;c:\program files\common files\comodo\launcher_service.exe [2012-11-1 70352]
S4 GeekBuddyRSP;GeekBuddy Remote Screen Protocol;c:\program files\common files\comodo\GeekBuddyRSP.exe [2012-10-31 1467088]
S4 IObitUnlocker;IObitUnlocker;c:\program files\iobit\iobit unlocker\IObitUnlocker.sys [2011-10-29 28016]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
.
=============== Created Last 30 ================
.
2013-01-17 18:04:30 512 ----a-w- C:\PhysicalMBR.bin
2013-01-16 15:44:36 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-16 09:53:05 -------- d-----w- c:\program files\mbar
2013-01-15 20:54:08 47368 ----a-w- c:\windows\system32\certsentry.dll
2013-01-13 15:01:39 0 ----a-w- c:\users\vladimir\appdata\local\jv16PT_temp.tmp
2013-01-13 14:39:18 -------- d-----w- c:\users\vladimir\appdata\roaming\ExpressFiles
2013-01-13 13:19:27 -------- d-----w- c:\windows\CleanMem
2013-01-13 13:19:27 -------- d-----w- c:\program files\CleanMem
2013-01-13 11:26:10 -------- d-sh--w- C:\$RECYCLE.BIN
2013-01-12 20:58:24 -------- d-----w- c:\users\vladimir\appdata\roaming\Comodo
2013-01-12 16:05:13 -------- d-s---w- c:\programdata\Shared Space
2013-01-12 16:03:47 -------- d-----w- c:\program files\common files\Comodo
2013-01-12 16:03:35 -------- d-----w- c:\users\vladimir\appdata\local\Comodo
2013-01-12 16:03:12 -------- d-----w- c:\programdata\Comodo Downloader
2013-01-12 15:42:00 31584 ----a-w- c:\windows\system32\TURegOpt.exe
2013-01-12 15:42:00 21344 ----a-w- c:\windows\system32\authuitu.dll
2013-01-12 15:41:42 -------- d-----w- c:\users\vladimir\appdata\roaming\TuneUp Software
2013-01-12 15:41:25 -------- d-----w- c:\program files\TuneUp Utilities 2013
2013-01-12 15:40:41 -------- d-----w- c:\programdata\TuneUp Software
2013-01-11 19:17:11 -------- d-----w- C:\VTRoot
2013-01-11 18:43:35 -------- d-----r- c:\program files\Skype
2013-01-11 18:15:31 -------- d-----w- c:\users\vladimir\appdata\roaming\VS Revo Group
2013-01-11 16:57:01 -------- d-----w- c:\users\vladimir\appdata\roaming\IsolatedStorage
2013-01-11 16:57:01 -------- d-----w- c:\programdata\IsolatedStorage
2013-01-11 06:49:46 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-01-11 06:49:35 -------- d-----w- c:\program files\DAEMON Tools Lite
2013-01-09 06:11:42 46592 ----a-w- c:\windows\system32\fpb.rs
2013-01-09 06:09:29 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 06:09:11 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-01-07 09:30:31 -------- d-----w- c:\program files\FreeRapid-0.9u1
2013-01-07 08:01:09 -------- d-----w- c:\windows\system32\RTCOM
2013-01-07 07:59:58 1836376 ----a-w- c:\windows\system32\MaxxAudioEQ.dll
2013-01-07 07:58:02 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2013-01-07 07:44:19 -------- d-----w- c:\program files\SlimDrivers
2013-01-06 13:40:12 8904632 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-01-06 13:40:12 6263784 ----a-w- c:\windows\system32\nvopencl.dll
2013-01-06 13:40:12 20450232 ----a-w- c:\windows\system32\nvoglv32.dll
2013-01-06 13:40:11 7931896 ----a-w- c:\windows\system32\nvcuda.dll
2013-01-06 13:40:11 2720696 ----a-w- c:\windows\system32\nvcuvid.dll
2013-01-06 13:40:11 1985976 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-01-06 13:40:11 17560504 ----a-w- c:\windows\system32\nvcompiler.dll
2013-01-06 13:40:11 15129064 ----a-w- c:\windows\system32\nvd3dum.dll
2013-01-01 16:30:38 -------- d-----w- c:\program files\Origin Games
2013-01-01 16:30:29 -------- d-----w- c:\users\vladimir\appdata\local\Origin
2013-01-01 16:26:23 -------- d-----w- c:\program files\Origin
2012-12-29 01:54:24 550328 ----a-w- c:\windows\system32\nvStreaming.exe
2012-12-22 23:11:37 -------- d-----w- C:\CCE_Quarantine
2012-12-22 19:04:59 -------- d-----w- c:\program files\LibreOffice 3.6
2012-12-22 07:58:13 -------- d-----w- c:\programdata\Comodo
2012-12-21 16:22:11 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 16:22:07 34304 ----a-w- c:\windows\system32\atmlib.dll
.
==================== Find3M ====================
.
2013-01-16 15:44:26 859552 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-01-16 15:44:26 780192 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-09 09:51:52 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-09 09:51:52 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-29 10:26:54 889784 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-12-29 10:26:54 2504248 ----a-w- c:\windows\system32\nvapi.dll
2012-12-29 10:26:54 12641120 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-12-29 10:26:54 1017272 ----a-w- c:\windows\system32\nvdispco32.dll
2012-12-29 08:26:22 4129720 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-29 08:26:22 3001272 ----a-w- c:\windows\system32\nvsvc.dll
2012-12-29 08:25:57 639928 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-29 08:25:57 62904 ----a-w- c:\windows\system32\nvshext.dll
2012-12-29 08:25:57 108984 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-23 11:38:36 281688 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-12-14 19:45:42 43880 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-12-14 19:45:40 574848 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2012-12-14 19:45:40 20224 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-12-14 19:45:32 35640 ----a-w- c:\windows\system32\cmdcsr.dll
2012-12-14 19:45:30 350272 ----a-w- c:\windows\system32\guard32.dll
2012-12-14 19:45:14 260304 ----a-w- c:\windows\system32\cmdvrt32.dll
2012-12-14 15:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-12 21:37:56 4472832 ----a-w- c:\windows\system32\GPhotos.scr
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 06:57:45 281688 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-12-01 11:18:09 87608 ----a-w- c:\users\vladimir\appdata\roaming\inst.exe
2012-12-01 11:18:09 47360 ----a-w- c:\users\vladimir\appdata\roaming\pcouffin.sys
2012-12-01 04:37:55 2557288 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-23 02:56:23 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-22 04:45:03 626688 ----a-w- c:\windows\system32\usp10.dll
2012-11-21 19:16:30 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2012-11-21 19:16:30 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-10 14:47:17 466008 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-11-09 04:43:04 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-08 10:29:12 1402312 ----a-w- c:\windows\system32\msxml4.dll
2012-11-03 16:31:04 138904 ----a-w- c:\users\vladimir\appdata\roaming\PnkBstrK.sys
2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 04:47:54 1389568 ----a-w- c:\windows\system32\msxml6.dll
2012-10-30 22:51:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51:57 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51:07 41224 ----a-w- c:\windows\avastSS.scr
2012-10-29 11:10:02 4659712 ----a-w- c:\windows\system32\Redemption.dll
2012-10-25 02:12:26 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 02:12:26 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
============= FINISH: 9:00:17,87 ===============
