VIRY.CZ

Dobrý den,

(čtenář jistě brzy pochopí, že jsem přes počítače laik a podobné problémy většinou neřeším, jestli píšu nějaké nesmysly, které uráží srdce ajťáka, tak se omlouvám)

dnes se mi extrémně zpomalil počítač (do včerejšího dne běhal krásně), v běžném režimu si maximálně prohlédnu složky či otevřu poznámkový blok, právě teď pracuji v nouzovém režimu, což není moc pohodlné. Řekl bych, že by to mohlo mít souvislost s tím, že mě počínaje včerejškem otravuje jakýsi Delta Search v prohlížeči. Toho už jsem se nějak zbavil, použil jsem asi deset různých programů (Malwarebytes Anti-Malware, Spyware Terminator, HitmanPro...) ve snaze vyřešit svůj problém, nicméně PC je stále nepoužitelné.
Pochopil jsem, že je zde počátečním bodem při řešení problémů dodání nějakého výpisu, ten snad přikládám ve správné podobě.

Děkuji za pomoc a ochotu, Michal

---

Logfile of random's system information tool 1.09 (written by random/random)
Run by Michal at 2013-03-18 16:01:54
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 262 GB (58%) free of 454 GB
Total RAM: 3978 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:01:54, on 18.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Users\Michal\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [OTM] "C:\Users\Michal\Desktop\OTM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\RunOnce: [Report] C:\AdwCleaner[S1].txt
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Roxio Burn Launcher (RoxioBurnLauncher) - Unknown owner - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 14721 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000UA.job
C:\Windows\tasks\HPCeeScheduleForMichal.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default

prefs.js - "browser.startup.homepage" - "http://www.google.cz/"

"otis@digitalpersona.com"=C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2609412\npmathplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
npwachk.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\extensions\
{ada4b710-8346-4b82-8199-5de2b400a6ae}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-11-22 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}]
QUICKfind BHO Object - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll [2003-06-30 337920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-11-22 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-06-12 184736]
""= []
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-03-01 56088]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2012-03-06 684024]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2011-12-09 74752]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-10-19 1564368]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2012-12-14 512360]
"OTM"=C:\Users\Michal\Desktop\OTM.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-29 116648]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=C:\AdwCleaner[S1].txt [2013-03-18 5304]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-18 15:53:01 ----D---- C:\rsit
2013-03-18 15:53:01 ----D---- C:\Program Files (x86)\trend micro
2013-03-18 15:18:34 ----A---- C:\TDSSKiller.2.8.16.0_18.03.2013_15.18.34_log.txt
2013-03-18 14:55:16 ----D---- C:\_OTM
2013-03-18 14:37:13 ----A---- C:\AdwCleaner[S1].txt
2013-03-18 14:36:33 ----A---- C:\AdwCleaner[R2].txt
2013-03-18 14:35:40 ----A---- C:\AdwCleaner[R1].txt
2013-03-18 14:25:32 ----D---- C:\ProgramData\HitmanPro
2013-03-18 14:08:59 ----D---- C:\Users\Michal\AppData\Roaming\Malwarebytes
2013-03-18 14:08:47 ----D---- C:\ProgramData\Malwarebytes
2013-03-18 14:08:46 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-18 12:04:56 ----D---- C:\Users\Michal\AppData\Roaming\Spyware Terminator
2013-03-18 12:04:56 ----D---- C:\ProgramData\Spyware Terminator
2013-03-18 12:04:26 ----D---- C:\Program Files (x86)\Spyware Terminator
2013-03-18 11:56:17 ----A---- C:\Windows\ntbtlog.txt
2013-03-18 11:12:41 ----D---- C:\sh4ldr
2013-03-18 11:12:41 ----D---- C:\Program Files (x86)\Enigma Software Group
2013-03-18 11:11:47 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-03-17 17:34:34 ----A---- C:\Windows\unvise32qt.exe
2013-03-17 17:33:18 ----D---- C:\ProgramData\QuickTime
2013-03-17 17:33:15 ----A---- C:\Windows\SysWOW64\qttask.exe
2013-03-17 17:32:38 ----D---- C:\Windows\SysWOW64\QuickTime
2013-03-17 17:32:37 ----D---- C:\Program Files (x86)\QuickTime
2013-03-17 17:32:04 ----A---- C:\Windows\SysWOW64\MSREPL35.DLL
2013-03-17 17:32:04 ----A---- C:\Windows\SysWOW64\msrd2x35.dll
2013-03-17 17:32:04 ----A---- C:\Windows\SysWOW64\msjter35.dll
2013-03-17 17:32:04 ----A---- C:\Windows\SysWOW64\msjint35.dll
2013-03-17 17:32:04 ----A---- C:\Windows\SysWOW64\MSJET35.DLL
2013-03-17 15:33:14 ----D---- C:\Program Files (x86)\ETS
2013-03-17 14:34:55 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-03-14 03:01:08 ----A---- C:\Windows\SysWOW64\vbscript.dll
2013-03-14 03:01:08 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2013-03-14 03:01:07 ----A---- C:\Windows\SysWOW64\ieui.dll
2013-03-14 03:01:06 ----A---- C:\Windows\SysWOW64\urlmon.dll
2013-03-14 03:01:06 ----A---- C:\Windows\SysWOW64\url.dll
2013-03-14 03:01:06 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2013-03-14 03:01:04 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2013-03-14 03:01:03 ----A---- C:\Windows\SysWOW64\wininet.dll
2013-03-14 03:01:02 ----A---- C:\Windows\SysWOW64\jscript9.dll
2013-03-14 03:01:02 ----A---- C:\Windows\SysWOW64\jscript.dll
2013-03-14 03:01:01 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2013-03-14 03:01:01 ----A---- C:\Windows\SysWOW64\iertutil.dll
2013-03-14 03:01:00 ----A---- C:\Windows\SysWOW64\mshtml.dll
2013-03-14 03:00:56 ----A---- C:\Windows\SysWOW64\ieframe.dll
2013-03-08 12:05:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-28 13:03:22 ----D---- C:\Program Files (x86)\Common Files\Skype
2013-02-28 13:03:19 ----RD---- C:\Program Files (x86)\Skype
2013-02-28 10:17:29 ----A---- C:\Windows\SysWOW64\UIAnimation.dll
2013-02-28 10:17:29 ----A---- C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-02-28 10:17:21 ----A---- C:\Windows\SysWOW64\WMPhoto.dll
2013-02-28 10:17:15 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 10:17:13 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 10:17:13 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 10:17:13 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 10:17:13 ----A---- C:\Windows\SysWOW64\d3d10_1.dll
2013-02-28 10:17:12 ----A---- C:\Windows\SysWOW64\d3d10warp.dll
2013-02-28 10:17:11 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 10:17:11 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 10:17:11 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 10:17:11 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 10:17:11 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 10:17:11 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-02-28 10:17:06 ----A---- C:\Windows\SysWOW64\dxgi.dll
2013-02-28 10:17:06 ----A---- C:\Windows\SysWOW64\d3d10level9.dll
2013-02-28 10:17:05 ----A---- C:\Windows\SysWOW64\d3d11.dll
2013-02-28 10:17:05 ----A---- C:\Windows\SysWOW64\d3d10core.dll
2013-02-28 10:17:05 ----A---- C:\Windows\SysWOW64\d3d10_1core.dll
2013-02-28 10:17:04 ----A---- C:\Windows\SysWOW64\d3d10.dll
2013-02-28 10:17:03 ----A---- C:\Windows\SysWOW64\XpsPrint.dll
2013-02-28 10:17:01 ----A---- C:\Windows\SysWOW64\DWrite.dll
2013-02-28 10:17:00 ----A---- C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-02-28 10:17:00 ----A---- C:\Windows\SysWOW64\WindowsCodecs.dll
2013-02-28 10:16:57 ----A---- C:\Windows\SysWOW64\d2d1.dll

======List of files/folders modified in the last 1 month======

2013-03-18 15:53:01 ----RD---- C:\Program Files (x86)
2013-03-18 15:52:38 ----D---- C:\Windows\Temp
2013-03-18 15:26:47 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2013-03-18 15:26:47 ----D---- C:\Users\Michal\AppData\Roaming\Dropbox
2013-03-18 15:25:32 ----D---- C:\ProgramData\PDFC
2013-03-18 14:56:47 ----D---- C:\Windows
2013-03-18 14:37:22 ----HD---- C:\ProgramData
2013-03-18 14:09:38 ----D---- C:\Windows\System32
2013-03-18 14:09:38 ----D---- C:\Windows\inf
2013-03-18 11:50:29 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2013-03-18 11:12:49 ----SHD---- C:\Windows\Installer
2013-03-18 11:12:48 ----D---- C:\Windows\SysWOW64\drivers
2013-03-18 11:12:44 ----SHD---- C:\Config.Msi
2013-03-18 11:12:43 ----D---- C:\Windows\SysWOW64
2013-03-18 11:12:23 ----SHD---- C:\System Volume Information
2013-03-18 11:11:47 ----D---- C:\Program Files (x86)\Common Files
2013-03-18 09:13:02 ----A---- C:\Windows\SysWOW64\log.txt
2013-03-17 17:34:28 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-17 15:33:13 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-16 13:16:43 ----D---- C:\Windows\Prefetch
2013-03-15 22:56:02 ----D---- C:\Windows\winsxs
2013-03-15 19:25:34 ----D---- C:\Windows\AppPatch
2013-03-15 19:25:33 ----D---- C:\Windows\SysWOW64\migration
2013-03-14 03:02:18 ----D---- C:\ProgramData\Microsoft Help
2013-03-13 20:32:48 ----D---- C:\Users\Michal\AppData\Roaming\vlc
2013-03-13 14:47:23 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-03-11 12:09:54 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-03 21:52:35 ----D---- C:\Windows\rescache
2013-03-01 14:40:42 ----D---- C:\Windows\SysWOW64\pt-BR
2013-03-01 14:40:42 ----D---- C:\Windows\SysWOW64\it-IT
2013-03-01 14:40:41 ----D---- C:\Windows\SysWOW64\pt-PT
2013-03-01 14:40:41 ----D---- C:\Windows\SysWOW64\pl-PL
2013-03-01 14:40:41 ----D---- C:\Windows\SysWOW64\ko-KR
2013-03-01 14:40:40 ----D---- C:\Windows\SysWOW64\zh-HK
2013-03-01 14:40:40 ----D---- C:\Windows\SysWOW64\nl-NL
2013-03-01 14:40:40 ----D---- C:\Windows\SysWOW64\hu-HU
2013-03-01 14:40:40 ----D---- C:\Windows\SysWOW64\fr-FR
2013-03-01 14:40:40 ----D---- C:\Windows\SysWOW64\el-GR
2013-03-01 14:40:39 ----D---- C:\Windows\SysWOW64\tr-TR
2013-03-01 14:40:39 ----D---- C:\Windows\SysWOW64\sv-SE
2013-03-01 14:40:39 ----D---- C:\Windows\SysWOW64\fi-FI
2013-03-01 14:40:39 ----D---- C:\Windows\SysWOW64\es-ES
2013-03-01 14:40:38 ----D---- C:\Windows\SysWOW64\zh-TW
2013-03-01 14:40:38 ----D---- C:\Windows\SysWOW64\zh-CN
2013-03-01 14:40:38 ----D---- C:\Windows\SysWOW64\de-DE
2013-03-01 14:40:38 ----D---- C:\Windows\SysWOW64\cs-CZ
2013-03-01 14:40:37 ----D---- C:\Windows\SysWOW64\ru-RU
2013-03-01 14:40:37 ----D---- C:\Windows\SysWOW64\nb-NO
2013-03-01 14:40:37 ----D---- C:\Windows\SysWOW64\ja-JP
2013-03-01 14:40:37 ----D---- C:\Windows\SysWOW64\en-US
2013-03-01 14:40:37 ----D---- C:\Windows\SysWOW64\da-DK
2013-02-28 13:03:30 ----D---- C:\ProgramData\Skype
2013-02-25 21:58:22 ----D---- C:\Windows\Tasks
2013-02-19 10:58:20 ----D---- C:\Program Files (x86)\Microsoft Security Client

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys []
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys []
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys []
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys []
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys []
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys []
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys []
R3 johci;JMicron 1394 Filter Driver; C:\Windows\system32\DRIVERS\johci.sys []
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys []
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\drivers\usbfilter.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
S1 chtqeqec;chtqeqec; \??\C:\Windows\system32\drivers\chtqeqec.sys []
S2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys []
S3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys []
S3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\drivers\amdhub30.sys []
S3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\amdxhc.sys []
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys []
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\amppal.sys []
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys []
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys []
S3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys []
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys []
S3 BTWDPAN;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\btwdpan.sys []
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 19984]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys []
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys []
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys []
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys []
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
S3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys []
S3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-17 135952]
S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-02-01 945440]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 DpHost;@C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-03-27 493904]
S2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-02-26 626960]
S2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-10-19 1564368]
S2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-03-14 152992]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
S2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
S2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe []
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-03-01 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-28 165144]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-28 277784]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-03-06 1134584]
S2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4; C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files (x86)/PostgreSQL/8.4/data -w []
S2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-02-26 148752]
S2 RoxioBurnLauncher;Roxio Burn Launcher; C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2012-03-20 536848]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2013-01-14 769920]
S2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-03-05 314880]
S2 uArcCapture;ArcCapture; C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe [2012-02-03 498352]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-28 363800]
S2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-03-20 2325584]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-04-02 276248]
S3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-06-12 1421728]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 51445112]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-02-26 273168]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2012-03-07 1118480]
S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2011-12-07 76416]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-03-09 117552]

-----------------EOF-----------------

Zdravim, pekne odpoledne preji a vitam Vas u nas na foru

Spyware Terminatora odinstalujte, uz zdaleka neni to co byval

S OTM jste tam provadel co prosim

Dejte mi sem tyto logy

• C:\AdwCleaner[S1].txt
• C:\TDSSKiller.2.8.16.0_18.03.2013_15.18.34_log.txt

Již si přesně nepamatuji, co jsem kde dělal, snažil jsem se tu najít vlákna, kde to vypadalo, že se řeší podobný problém. Zkusím najít to vlákno, kde jsem narazil na OTM, zatím se mi to nedaří. Logy přikládám.


# AdwCleaner v2.115 - Log vytvooen 18/03/2013 v 14:37:13
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : Michal - MICHAL-PC
# Spuštin systém : Nouzový režim s prací v síti
# Spuštino z : C:\Users\Michal\Desktop\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****

Zastaveno & vymazáno : ICQ Service

***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files (x86)\ICQ6Toolbar
Složka Vymazáno : C:\ProgramData\Babylon
Složka Vymazáno : C:\ProgramData\BrowserProtect
Složka Vymazáno : C:\ProgramData\ICQ\ICQToolbar
Složka Vymazáno : C:\Users\Michal\AppData\Roaming\Babylon
Soubor Vymazáno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Soubor Vymazáno : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\searchplugins\icqplugin.xml
Soubor Vymazáno : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\searchplugins\icqplugin-1.xml

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\BabylonToolbar
Klíe Vymazáno : HKCU\Software\DataMngr
Klíe Vymazáno : HKCU\Software\DataMngr_Toolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKCU\Software\5b6d6dab13cbf13
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\Software\DataMngr
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\5b6d6dab13cbf13
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16470

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0.2 (cs)

Soubor : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\prefs.js

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\user.js ... Vymazáno !

Vymazáno : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119816&tt=070312_w2&babs[...]
Vymazáno : user_pref("avg.install.userSPSettings", "Delta Search");
Vymazáno : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119816&tt=0 ... bsrc=NT_ss[...]
Vymazáno : user_pref("browser.search.selectedEngine", "Delta Search");
Vymazáno : user_pref("icqtoolbar.allowSendURL", false);
Vymazáno : user_pref("icqtoolbar.engineVerified", false);
Vymazáno : user_pref("icqtoolbar.firstTbRun", false);
Vymazáno : user_pref("icqtoolbar.geolastmodified", 1350682087);
Vymazáno : user_pref("icqtoolbar.hiddenElements", "itb_options itb_people itb_zoom_in itb_zoom_out itb_zoom_def[...]
Vymazáno : user_pref("icqtoolbar.icqgeo", 42);
Vymazáno : user_pref("icqtoolbar.installTime", "1350682087");
Vymazáno : user_pref("icqtoolbar.numberOfSearches", 0);
Vymazáno : user_pref("icqtoolbar.previousFFVersion", "15.0.1");
Vymazáno : user_pref("icqtoolbar.skip_default_search", "no");
Vymazáno : user_pref("icqtoolbar.suggestions", false);
Vymazáno : user_pref("icqtoolbar.uninstStatSent", true);
Vymazáno : user_pref("icqtoolbar.uniqueID", "135064801413506482541350682087098");
Vymazáno : user_pref("icqtoolbar.usageStatstTimestamp", 1350682089);
Vymazáno : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Vymazáno : user_pref("icqtoolbar.xmlLanguage", "cs");
Vymazáno : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.1&q=");

-\\ Google Chrome v25.0.1364.172

Soubor : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences

Vymazáno [l.1749] : homepage = "hxxp://start.icq.com/",
Vymazáno [l.2023] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?affID=119816&tt=070312_w2&babsrc[...]

*************************

AdwCleaner[R1].txt - [5065 octets] - [18/03/2013 14:35:40]
AdwCleaner[R2].txt - [5125 octets] - [18/03/2013 14:36:33]
AdwCleaner[S1].txt - [5179 octets] - [18/03/2013 14:37:13]

########## EOF - C:\AdwCleaner[S1].txt - [5239 octets] ##########

15:18:34.0941 0756 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:18:35.0050 0756 ============================================================
15:18:35.0050 0756 Current date / time: 2013/03/18 15:18:35.0050
15:18:35.0050 0756 SystemInfo:
15:18:35.0050 0756
15:18:35.0050 0756 OS Version: 6.1.7601 ServicePack: 1.0
15:18:35.0050 0756 Product type: Workstation
15:18:35.0050 0756 ComputerName: MICHAL-PC
15:18:35.0050 0756 UserName: Michal
15:18:35.0050 0756 Windows directory: C:\Windows
15:18:35.0050 0756 System windows directory: C:\Windows
15:18:35.0050 0756 Running under WOW64
15:18:35.0050 0756 Processor architecture: Intel x64
15:18:35.0050 0756 Number of processors: 4
15:18:35.0050 0756 Page size: 0x1000
15:18:35.0050 0756 Boot type: Safe boot with network
15:18:35.0050 0756 ============================================================
15:18:35.0596 0756 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:18:35.0596 0756 ============================================================
15:18:35.0596 0756 \Device\Harddisk0\DR0:
15:18:35.0596 0756 MBR partitions:
15:18:35.0596 0756 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
15:18:35.0596 0756 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x376AF000
15:18:35.0596 0756 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37745800, BlocksNum 0x283F000
15:18:35.0596 0756 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39F84800, BlocksNum 0x3FD800
15:18:35.0596 0756 ============================================================
15:18:35.0612 0756 C: <-> \Device\Harddisk0\DR0\Partition2
15:18:35.0643 0756 D: <-> \Device\Harddisk0\DR0\Partition3
15:18:35.0659 0756 E: <-> \Device\Harddisk0\DR0\Partition4
15:18:35.0659 0756 ============================================================
15:18:35.0659 0756 Initialize success
15:18:35.0659 0756 ============================================================
15:18:38.0264 1452 ============================================================
15:18:38.0264 1452 Scan started
15:18:38.0264 1452 Mode: Manual;
15:18:38.0264 1452 ============================================================
15:18:38.0545 1452 ================ Scan system memory ========================
15:18:38.0545 1452 System memory - ok
15:18:38.0545 1452 ================ Scan services =============================
15:18:38.0732 1452 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:18:38.0732 1452 1394ohci - ok
15:18:38.0779 1452 [ EE9407D42154190C3169D11EA4B8C711 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
15:18:38.0794 1452 Accelerometer - ok
15:18:38.0826 1452 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:18:38.0841 1452 ACPI - ok
15:18:38.0888 1452 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:18:38.0888 1452 AcpiPmi - ok
15:18:39.0044 1452 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:18:39.0044 1452 AdobeARMservice - ok
15:18:39.0169 1452 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:18:39.0169 1452 AdobeFlashPlayerUpdateSvc - ok
15:18:39.0200 1452 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:18:39.0200 1452 adp94xx - ok
15:18:39.0231 1452 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:18:39.0231 1452 adpahci - ok
15:18:39.0247 1452 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:18:39.0247 1452 adpu320 - ok
15:18:39.0278 1452 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:18:39.0278 1452 AeLookupSvc - ok
15:18:39.0325 1452 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:18:39.0325 1452 AFD - ok
15:18:39.0356 1452 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:18:39.0356 1452 agp440 - ok
15:18:39.0372 1452 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:18:39.0372 1452 ALG - ok
15:18:39.0387 1452 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:18:39.0387 1452 aliide - ok
15:18:39.0434 1452 [ C17BAFA60F941A1AF5C2B10D8632C409 ] amdhub30 C:\Windows\system32\drivers\amdhub30.sys
15:18:39.0434 1452 amdhub30 - ok
15:18:39.0434 1452 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:18:39.0434 1452 amdide - ok
15:18:39.0450 1452 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:18:39.0450 1452 AmdK8 - ok
15:18:39.0465 1452 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:18:39.0465 1452 AmdPPM - ok
15:18:39.0512 1452 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:18:39.0512 1452 amdsata - ok
15:18:39.0528 1452 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:18:39.0528 1452 amdsbs - ok
15:18:39.0543 1452 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:18:39.0543 1452 amdxata - ok
15:18:39.0559 1452 [ 3DC51308F5E7A4BB8020D16E64E9D882 ] amdxhc C:\Windows\system32\drivers\amdxhc.sys
15:18:39.0559 1452 amdxhc - ok
15:18:39.0590 1452 [ 157B1C973637919DCD0D0464167C86BA ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
15:18:39.0590 1452 AMPPAL - ok
15:18:39.0590 1452 [ 157B1C973637919DCD0D0464167C86BA ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
15:18:39.0606 1452 AMPPALP - ok
15:18:39.0652 1452 [ FB70F8C1283C8CC6BFAA6F9971107E68 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
15:18:39.0668 1452 AMPPALR3 - ok
15:18:39.0699 1452 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:18:39.0699 1452 AppID - ok
15:18:39.0715 1452 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:18:39.0715 1452 AppIDSvc - ok
15:18:39.0730 1452 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:18:39.0730 1452 Appinfo - ok
15:18:39.0762 1452 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:18:39.0762 1452 AppMgmt - ok
15:18:39.0777 1452 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:18:39.0793 1452 arc - ok
15:18:39.0793 1452 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:18:39.0793 1452 arcsas - ok
15:18:39.0840 1452 [ DA63270378BAA19446F6DA23FEEB75D6 ] ARCVCAM C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys
15:18:39.0840 1452 ARCVCAM - ok
15:18:39.0902 1452 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:18:39.0933 1452 aspnet_state - ok
15:18:39.0964 1452 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:18:39.0964 1452 AsyncMac - ok
15:18:39.0980 1452 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:18:39.0980 1452 atapi - ok
15:18:40.0011 1452 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:18:40.0027 1452 AudioEndpointBuilder - ok
15:18:40.0027 1452 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:18:40.0042 1452 AudioSrv - ok
15:18:40.0058 1452 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:18:40.0058 1452 AxInstSV - ok
15:18:40.0089 1452 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:18:40.0089 1452 b06bdrv - ok
15:18:40.0120 1452 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:18:40.0120 1452 b57nd60a - ok
15:18:40.0152 1452 [ BC9E4469FE2CE605902D4C8BB09E8236 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
15:18:40.0152 1452 bcbtums - ok
15:18:40.0183 1452 [ 0B2A432AD87C2F8D244A1C9C6945B85F ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
15:18:40.0183 1452 BCM42RLY - ok
15:18:40.0261 1452 [ 94387EFC7254F2E74C6C6E6019ACA53A ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
15:18:40.0276 1452 BCM43XX - ok
15:18:40.0308 1452 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:18:40.0308 1452 BDESVC - ok
15:18:40.0323 1452 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:18:40.0323 1452 Beep - ok
15:18:40.0354 1452 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:18:40.0370 1452 BFE - ok
15:18:40.0401 1452 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:18:40.0495 1452 BITS - ok
15:18:40.0526 1452 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:18:40.0526 1452 blbdrive - ok
15:18:40.0557 1452 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:18:40.0557 1452 bowser - ok
15:18:40.0573 1452 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:18:40.0573 1452 BrFiltLo - ok
15:18:40.0588 1452 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:18:40.0588 1452 BrFiltUp - ok
15:18:40.0620 1452 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:18:40.0620 1452 Browser - ok
15:18:40.0635 1452 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:18:40.0651 1452 Brserid - ok
15:18:40.0666 1452 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:18:40.0666 1452 BrSerWdm - ok
15:18:40.0682 1452 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:18:40.0682 1452 BrUsbMdm - ok
15:18:40.0698 1452 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:18:40.0698 1452 BrUsbSer - ok
15:18:40.0744 1452 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:18:40.0744 1452 BthEnum - ok
15:18:40.0760 1452 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:18:40.0760 1452 BTHMODEM - ok
15:18:40.0776 1452 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:18:40.0791 1452 BthPan - ok
15:18:40.0807 1452 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
15:18:40.0807 1452 BTHPORT - ok
15:18:40.0838 1452 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:18:40.0838 1452 bthserv - ok
15:18:40.0854 1452 [ FA2D081709A764F6BEE16B7FFE03E36C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
15:18:40.0869 1452 BTHSSecurityMgr - ok
15:18:40.0900 1452 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
15:18:40.0900 1452 BTHUSB - ok
15:18:40.0947 1452 [ 93F0E54C65EF7FCB56287FA685E4C4B7 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
15:18:40.0963 1452 btwampfl - ok
15:18:40.0994 1452 [ D1F3C58892C621935947C0261BAEF3C0 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
15:18:40.0994 1452 btwaudio - ok
15:18:41.0010 1452 [ 9C7A3858D87F3A2574C1D326CA6C1461 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
15:18:41.0025 1452 btwavdt - ok
15:18:41.0088 1452 [ CE6AD9E2874D19069569F03C819B558C ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:18:41.0103 1452 btwdins - ok
15:18:41.0134 1452 [ AC602E3B6940B48E454D90545D85E8C3 ] BTWDPAN C:\Windows\system32\DRIVERS\btwdpan.sys
15:18:41.0134 1452 BTWDPAN - ok
15:18:41.0150 1452 [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
15:18:41.0150 1452 btwl2cap - ok
15:18:41.0166 1452 [ BB892C59D453E127797F8C5B203678DC ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
15:18:41.0166 1452 btwrchid - ok
15:18:41.0197 1452 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:18:41.0197 1452 cdfs - ok
15:18:41.0228 1452 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:18:41.0228 1452 cdrom - ok
15:18:41.0259 1452 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:18:41.0259 1452 CertPropSvc - ok
15:18:41.0306 1452 chtqeqec - ok
15:18:41.0322 1452 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:18:41.0322 1452 circlass - ok
15:18:41.0353 1452 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:18:41.0353 1452 CLFS - ok
15:18:41.0400 1452 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:18:41.0400 1452 clr_optimization_v2.0.50727_32 - ok
15:18:41.0431 1452 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:18:41.0431 1452 clr_optimization_v2.0.50727_64 - ok
15:18:41.0478 1452 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:18:41.0634 1452 clr_optimization_v4.0.30319_32 - ok
15:18:41.0665 1452 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:18:41.0774 1452 clr_optimization_v4.0.30319_64 - ok
15:18:41.0790 1452 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:18:41.0805 1452 CmBatt - ok
15:18:41.0805 1452 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:18:41.0805 1452 cmdide - ok
15:18:41.0836 1452 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:18:41.0852 1452 CNG - ok
15:18:41.0883 1452 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:18:41.0883 1452 Compbatt - ok
15:18:41.0899 1452 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:18:41.0899 1452 CompositeBus - ok
15:18:41.0899 1452 COMSysApp - ok
15:18:41.0977 1452 [ 04D9DC335863B587D8A421A257051D9A ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:18:41.0977 1452 cphs - ok
15:18:41.0992 1452 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:18:41.0992 1452 crcdisk - ok
15:18:42.0039 1452 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:18:42.0039 1452 CryptSvc - ok
15:18:42.0070 1452 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
15:18:42.0070 1452 CSC - ok
15:18:42.0086 1452 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
15:18:42.0102 1452 CscService - ok
15:18:42.0133 1452 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:18:42.0133 1452 DcomLaunch - ok
15:18:42.0164 1452 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:18:42.0180 1452 defragsvc - ok
15:18:42.0195 1452 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:18:42.0195 1452 DfsC - ok
15:18:42.0226 1452 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:18:42.0226 1452 Dhcp - ok
15:18:42.0242 1452 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:18:42.0242 1452 discache - ok
15:18:42.0258 1452 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:18:42.0258 1452 Disk - ok
15:18:42.0289 1452 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
15:18:42.0289 1452 dmvsc - ok
15:18:42.0320 1452 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:18:42.0320 1452 Dnscache - ok
15:18:42.0367 1452 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:18:42.0367 1452 dot3svc - ok
15:18:42.0445 1452 [ CB0FE41D50B865295B1299145BE3C9B3 ] DpHost C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
15:18:42.0445 1452 DpHost - ok
15:18:42.0460 1452 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:18:42.0460 1452 DPS - ok
15:18:42.0507 1452 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:18:42.0507 1452 drmkaud - ok
15:18:42.0538 1452 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:18:42.0538 1452 dtsoftbus01 - ok
15:18:42.0585 1452 [ AE2661B8ADFA325AF0EA096D969533F3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:18:42.0601 1452 DXGKrnl - ok
15:18:42.0632 1452 [ 2E83CF60759CAEA3F0CEB26D58208CAB ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
15:18:42.0632 1452 e1cexpress - ok
15:18:42.0663 1452 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:18:42.0663 1452 EapHost - ok
15:18:42.0726 1452 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:18:42.0757 1452 ebdrv - ok
15:18:42.0772 1452 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:18:42.0772 1452 EFS - ok
15:18:42.0819 1452 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:18:42.0835 1452 ehRecvr - ok
15:18:42.0850 1452 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:18:42.0850 1452 ehSched - ok
15:18:42.0882 1452 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:18:42.0882 1452 elxstor - ok
15:18:42.0897 1452 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:18:42.0897 1452 ErrDev - ok
15:18:42.0991 1452 [ DF96C3CD6AE15F6D0A6BCB70F9C1E88D ] esgiguard C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys
15:18:42.0991 1452 esgiguard - ok
15:18:42.0991 1452 EsgScanner - ok
15:18:43.0006 1452 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:18:43.0022 1452 EventSystem - ok
15:18:43.0100 1452 [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:18:43.0100 1452 EvtEng - ok
15:18:43.0116 1452 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:18:43.0116 1452 exfat - ok
15:18:43.0131 1452 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:18:43.0131 1452 fastfat - ok
15:18:43.0162 1452 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:18:43.0178 1452 Fax - ok
15:18:43.0194 1452 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:18:43.0209 1452 fdc - ok
15:18:43.0225 1452 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:18:43.0225 1452 fdPHost - ok
15:18:43.0240 1452 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:18:43.0240 1452 FDResPub - ok
15:18:43.0256 1452 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:18:43.0256 1452 FileInfo - ok
15:18:43.0272 1452 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:18:43.0272 1452 Filetrace - ok
15:18:43.0287 1452 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:18:43.0287 1452 flpydisk - ok
15:18:43.0318 1452 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:18:43.0318 1452 FltMgr - ok
15:18:43.0365 1452 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
15:18:43.0381 1452 FontCache - ok
15:18:43.0428 1452 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:18:43.0428 1452 FontCache3.0.0.0 - ok
15:18:43.0428 1452 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:18:43.0428 1452 FsDepends - ok
15:18:43.0459 1452 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:18:43.0459 1452 Fs_Rec - ok
15:18:43.0490 1452 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:18:43.0490 1452 fvevol - ok
15:18:43.0506 1452 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:18:43.0506 1452 gagp30kx - ok
15:18:43.0552 1452 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:18:43.0568 1452 gpsvc - ok
15:18:43.0630 1452 [ E859CA020ED61899F3C74A8D0032D05C ] Guard.Mail.ru C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
15:18:43.0646 1452 Guard.Mail.ru - ok
15:18:43.0662 1452 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:18:43.0662 1452 hcw85cir - ok
15:18:43.0693 1452 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:18:43.0708 1452 HdAudAddService - ok
15:18:43.0724 1452 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:18:43.0724 1452 HDAudBus - ok
15:18:43.0740 1452 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:18:43.0740 1452 HidBatt - ok
15:18:43.0740 1452 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:18:43.0755 1452 HidBth - ok
15:18:43.0755 1452 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:18:43.0755 1452 HidIr - ok
15:18:43.0786 1452 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:18:43.0786 1452 hidserv - ok
15:18:43.0818 1452 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:18:43.0818 1452 HidUsb - ok
15:18:43.0849 1452 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:18:43.0849 1452 hkmsvc - ok
15:18:43.0864 1452 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:18:43.0864 1452 HomeGroupListener - ok
15:18:43.0880 1452 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:18:43.0880 1452 HomeGroupProvider - ok
15:18:43.0911 1452 [ 44AD1D87919994161131D5FB16C5B551 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
15:18:43.0911 1452 HP Power Assistant Service - ok
15:18:43.0974 1452 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
15:18:43.0974 1452 HP Support Assistant Service - ok
15:18:44.0020 1452 [ 5838D8904E9682C2B5BAA01E3077C8AA ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
15:18:44.0036 1452 hpCMSrv - ok
15:18:44.0052 1452 [ 7D2F0F709D88ED2617AFB0864D7B963E ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
15:18:44.0052 1452 hpdskflt - ok
15:18:44.0083 1452 [ 0A9F0B8E8388C4D50B1264FC65E8AADA ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
15:18:44.0083 1452 hpHotkeyMonitor - ok
15:18:44.0114 1452 [ B98EE5D4535A685634B90F7E04DE0DF7 ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
15:18:44.0114 1452 HpqKbFiltr - ok
15:18:44.0161 1452 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
15:18:44.0176 1452 hpqwmiex - ok
15:18:44.0192 1452 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:18:44.0192 1452 HpSAMD - ok
15:18:44.0208 1452 [ 21685DC7E55FE3A0BB74DDD1606843B8 ] hpsrv C:\Windows\system32\Hpservice.exe
15:18:44.0208 1452 hpsrv - ok
15:18:44.0239 1452 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:18:44.0239 1452 HTTP - ok
15:18:44.0254 1452 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:18:44.0254 1452 hwpolicy - ok
15:18:44.0270 1452 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:18:44.0270 1452 i8042prt - ok
15:18:44.0317 1452 [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:18:44.0317 1452 iaStor - ok
15:18:44.0395 1452 [ 7DEC78C80C628E9D36883C06C3C07E3C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:18:44.0395 1452 IAStorDataMgrSvc - ok
15:18:44.0442 1452 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:18:44.0442 1452 iaStorV - ok
15:18:44.0488 1452 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:18:44.0488 1452 idsvc - ok
15:18:44.0707 1452 [ 3FB253E8059A1AAC3A8B83A31D094CC5 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:18:44.0910 1452 igfx - ok
15:18:44.0925 1452 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:18:44.0925 1452 iirsp - ok
15:18:44.0972 1452 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:18:44.0972 1452 IKEEXT - ok
15:18:45.0003 1452 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:18:45.0019 1452 IntcDAud - ok
15:18:45.0066 1452 [ 0043EC20C06FD9FE339B5D37474B731E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
15:18:45.0066 1452 Intel(R) Capability Licensing Service Interface - ok
15:18:45.0081 1452 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:18:45.0081 1452 intelide - ok
15:18:45.0097 1452 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:18:45.0097 1452 intelppm - ok
15:18:45.0112 1452 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:18:45.0112 1452 IPBusEnum - ok
15:18:45.0128 1452 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:18:45.0128 1452 IpFilterDriver - ok
15:18:45.0159 1452 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:18:45.0159 1452 iphlpsvc - ok
15:18:45.0175 1452 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:18:45.0175 1452 IPMIDRV - ok
15:18:45.0190 1452 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:18:45.0190 1452 IPNAT - ok
15:18:45.0222 1452 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:18:45.0222 1452 IRENUM - ok
15:18:45.0237 1452 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:18:45.0237 1452 isapnp - ok
15:18:45.0253 1452 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:18:45.0253 1452 iScsiPrt - ok
15:18:45.0284 1452 [ B2381712638B0B714D0EEAB9A1F7C640 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
15:18:45.0284 1452 iusb3hcs - ok
15:18:45.0300 1452 [ FD2C6457232E95C014DAD21DEBC64867 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
15:18:45.0315 1452 iusb3hub - ok
15:18:45.0331 1452 [ F6A2B5D030BE7EDF8ADC12C9A40825A8 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
15:18:45.0331 1452 iusb3xhc - ok
15:18:45.0378 1452 [ 4E0B89D1F647166EC78FEF5430126EE0 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:18:45.0378 1452 jhi_service - ok
15:18:45.0409 1452 [ B0C3023507CD1C2EB63249FC952504AE ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
15:18:45.0409 1452 JMCR - ok
15:18:45.0440 1452 [ FBF2B35AD5911C9DFD00D83CC7BCF0B2 ] johci C:\Windows\system32\DRIVERS\johci.sys
15:18:45.0440 1452 johci - ok
15:18:45.0471 1452 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:18:45.0471 1452 kbdclass - ok
15:18:45.0487 1452 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:18:45.0487 1452 kbdhid - ok
15:18:45.0502 1452 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:18:45.0502 1452 KeyIso - ok
15:18:45.0534 1452 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:18:45.0534 1452 KSecDD - ok
15:18:45.0549 1452 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:18:45.0549 1452 KSecPkg - ok
15:18:45.0565 1452 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:18:45.0565 1452 ksthunk - ok
15:18:45.0596 1452 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:18:45.0596 1452 KtmRm - ok
15:18:45.0612 1452 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:18:45.0612 1452 LanmanServer - ok
15:18:45.0643 1452 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:18:45.0643 1452 LanmanWorkstation - ok
15:18:45.0674 1452 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:18:45.0674 1452 lltdio - ok
15:18:45.0705 1452 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:18:45.0705 1452 lltdsvc - ok
15:18:45.0721 1452 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:18:45.0721 1452 lmhosts - ok
15:18:45.0768 1452 [ 23C20B19120BE3394EB7968ABD755A2D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:18:45.0768 1452 LMS - ok
15:18:45.0799 1452 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:18:45.0799 1452 LSI_FC - ok
15:18:45.0814 1452 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:18:45.0830 1452 LSI_SAS - ok
15:18:45.0830 1452 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:18:45.0830 1452 LSI_SAS2 - ok
15:18:45.0846 1452 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:18:45.0846 1452 LSI_SCSI - ok
15:18:45.0861 1452 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:18:45.0861 1452 luafv - ok
15:18:45.0924 1452 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:18:45.0924 1452 MBAMProtector - ok
15:18:45.0970 1452 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:18:45.0986 1452 MBAMScheduler - ok
15:18:46.0002 1452 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:18:46.0002 1452 MBAMService - ok
15:18:46.0033 1452 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:18:46.0033 1452 Mcx2Svc - ok
15:18:46.0048 1452 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:18:46.0048 1452 megasas - ok
15:18:46.0064 1452 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:18:46.0064 1452 MegaSR - ok
15:18:46.0095 1452 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:18:46.0095 1452 MEIx64 - ok
15:18:46.0126 1452 Microsoft SharePoint Workspace Audit Service - ok
15:18:46.0158 1452 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:18:46.0158 1452 MMCSS - ok
15:18:46.0173 1452 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:18:46.0173 1452 Modem - ok
15:18:46.0204 1452 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:18:46.0204 1452 monitor - ok
15:18:46.0236 1452 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:18:46.0236 1452 mouclass - ok
15:18:46.0251 1452 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:18:46.0251 1452 mouhid - ok
15:18:46.0267 1452 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:18:46.0267 1452 mountmgr - ok
15:18:46.0298 1452 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:18:46.0298 1452 MozillaMaintenance - ok
15:18:46.0360 1452 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:18:46.0360 1452 MpFilter - ok
15:18:46.0392 1452 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:18:46.0392 1452 mpio - ok
15:18:46.0407 1452 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:18:46.0407 1452 mpsdrv - ok
15:18:46.0438 1452 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:18:46.0438 1452 MpsSvc - ok
15:18:46.0470 1452 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:18:46.0470 1452 MRxDAV - ok
15:18:46.0485 1452 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:18:46.0485 1452 mrxsmb - ok
15:18:46.0501 1452 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:18:46.0516 1452 mrxsmb10 - ok
15:18:46.0532 1452 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:18:46.0532 1452 mrxsmb20 - ok
15:18:46.0548 1452 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:18:46.0548 1452 msahci - ok
15:18:46.0563 1452 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:18:46.0563 1452 msdsm - ok
15:18:46.0579 1452 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:18:46.0579 1452 MSDTC - ok
15:18:46.0594 1452 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:18:46.0594 1452 Msfs - ok
15:18:46.0610 1452 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:18:46.0610 1452 mshidkmdf - ok
15:18:46.0610 1452 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:18:46.0610 1452 msisadrv - ok
15:18:46.0641 1452 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:18:46.0657 1452 MSiSCSI - ok
15:18:46.0657 1452 msiserver - ok
15:18:46.0672 1452 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:18:46.0672 1452 MSKSSRV - ok
15:18:46.0719 1452 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:18:46.0719 1452 MsMpSvc - ok
15:18:46.0735 1452 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:18:46.0735 1452 MSPCLOCK - ok
15:18:46.0735 1452 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:18:46.0735 1452 MSPQM - ok
15:18:46.0750 1452 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:18:46.0766 1452 MsRPC - ok
15:18:46.0782 1452 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:18:46.0782 1452 mssmbios - ok
15:18:46.0797 1452 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:18:46.0797 1452 MSTEE - ok
15:18:46.0797 1452 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:18:46.0797 1452 MTConfig - ok
15:18:46.0813 1452 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:18:46.0828 1452 Mup - ok
15:18:46.0860 1452 [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:18:46.0875 1452 MyWiFiDHCPDNS - ok
15:18:46.0906 1452 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:18:46.0906 1452 napagent - ok
15:18:46.0938 1452 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:18:46.0938 1452 NativeWifiP - ok
15:18:46.0984 1452 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:18:47.0000 1452 NDIS - ok
15:18:47.0016 1452 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:18:47.0016 1452 NdisCap - ok
15:18:47.0047 1452 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:18:47.0047 1452 NdisTapi - ok
15:18:47.0062 1452 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:18:47.0062 1452 Ndisuio - ok
15:18:47.0078 1452 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:18:47.0078 1452 NdisWan - ok
15:18:47.0078 1452 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:18:47.0078 1452 NDProxy - ok
15:18:47.0109 1452 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:18:47.0109 1452 NetBIOS - ok
15:18:47.0109 1452 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:18:47.0125 1452 NetBT - ok
15:18:47.0125 1452 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:18:47.0125 1452 Netlogon - ok
15:18:47.0156 1452 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:18:47.0172 1452 Netman - ok
15:18:47.0218 1452 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:18:47.0234 1452 NetMsmqActivator - ok
15:18:47.0234 1452 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:18:47.0234 1452 NetPipeActivator - ok
15:18:47.0265 1452 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:18:47.0265 1452 netprofm - ok
15:18:47.0265 1452 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:18:47.0265 1452 NetTcpActivator - ok
15:18:47.0281 1452 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:18:47.0281 1452 NetTcpPortSharing - ok
15:18:47.0296 1452 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:18:47.0296 1452 nfrd960 - ok
15:18:47.0312 1452 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:18:47.0328 1452 NisDrv - ok
15:18:47.0359 1452 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
15:18:47.0359 1452 NisSrv - ok
15:18:47.0390 1452 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:18:47.0406 1452 NlaSvc - ok
15:18:47.0421 1452 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:18:47.0421 1452 Npfs - ok
15:18:47.0437 1452 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:18:47.0437 1452 nsi - ok
15:18:47.0437 1452 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:18:47.0437 1452 nsiproxy - ok
15:18:47.0499 1452 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:18:47.0515 1452 Ntfs - ok
15:18:47.0530 1452 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:18:47.0530 1452 Null - ok
15:18:47.0562 1452 [ C25CC69829E976C67B34152334EEDDD1 ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
15:18:47.0562 1452 nusb3hub - ok
15:18:47.0577 1452 [ 20BC4B57A6DBA0447ADB3B623C200F8E ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
15:18:47.0577 1452 nusb3xhc - ok
15:18:47.0608 1452 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:18:47.0608 1452 nvraid - ok
15:18:47.0624 1452 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:18:47.0640 1452 nvstor - ok
15:18:47.0671 1452 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:18:47.0671 1452 nv_agp - ok
15:18:47.0686 1452 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:18:47.0686 1452 ohci1394 - ok
15:18:47.0718 1452 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:18:47.0718 1452 ose64 - ok
15:18:47.0827 1452 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:18:47.0858 1452 osppsvc - ok
15:18:47.0889 1452 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:18:47.0889 1452 p2pimsvc - ok
15:18:47.0905 1452 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:18:47.0905 1452 p2psvc - ok
15:18:47.0936 1452 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:18:47.0936 1452 Parport - ok
15:18:47.0967 1452 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:18:47.0967 1452 partmgr - ok
15:18:47.0998 1452 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:18:47.0998 1452 PcaSvc - ok
15:18:48.0014 1452 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:18:48.0014 1452 pci - ok
15:18:48.0030 1452 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:18:48.0030 1452 pciide - ok
15:18:48.0045 1452 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:18:48.0061 1452 pcmcia - ok
15:18:48.0061 1452 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:18:48.0061 1452 pcw - ok
15:18:48.0092 1452 pdfcDispatcher - ok
15:18:48.0123 1452 [ BAF3216DDAA12E66EBBB31760E02BC14 ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
15:18:48.0139 1452 PdiService - ok
15:18:48.0154 1452 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:18:48.0170 1452 PEAUTH - ok
15:18:48.0201 1452 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:18:48.0217 1452 PeerDistSvc - ok
15:18:48.0279 1452 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:18:48.0279 1452 PerfHost - ok
15:18:48.0310 1452 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:18:48.0326 1452 pla - ok
15:18:48.0373 1452 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:18:48.0373 1452 PlugPlay - ok
15:18:48.0388 1452 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:18:48.0388 1452 PNRPAutoReg - ok
15:18:48.0420 1452 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:18:48.0420 1452 PNRPsvc - ok
15:18:48.0451 1452 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:18:48.0451 1452 PolicyAgent - ok
15:18:48.0498 1452 postgresql-8.4 - ok
15:18:48.0513 1452 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
15:18:48.0513 1452 Power - ok
15:18:48.0544 1452 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:18:48.0544 1452 PptpMiniport - ok
15:18:48.0560 1452 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:18:48.0560 1452 Processor - ok
15:18:48.0607 1452 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:18:48.0607 1452 ProfSvc - ok
15:18:48.0622 1452 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:18:48.0622 1452 ProtectedStorage - ok
15:18:48.0638 1452 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:18:48.0638 1452 Psched - ok
15:18:48.0669 1452 [ D5132DDFDAA653CF2D7D621FD604BB5A ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:18:48.0669 1452 PxHlpa64 - ok
15:18:48.0716 1452 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:18:48.0732 1452 ql2300 - ok
15:18:48.0747 1452 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:18:48.0747 1452 ql40xx - ok
15:18:48.0763 1452 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:18:48.0763 1452 QWAVE - ok
15:18:48.0778 1452 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:18:48.0778 1452 QWAVEdrv - ok
15:18:48.0810 1452 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:18:48.0810 1452 RasAcd - ok
15:18:48.0841 1452 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:18:48.0841 1452 RasAgileVpn - ok
15:18:48.0856 1452 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:18:48.0856 1452 RasAuto - ok
15:18:48.0872 1452 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:18:48.0872 1452 Rasl2tp - ok
15:18:48.0888 1452 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:18:48.0888 1452 RasMan - ok
15:18:48.0888 1452 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:18:48.0888 1452 RasPppoe - ok
15:18:48.0919 1452 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:18:48.0919 1452 RasSstp - ok
15:18:48.0934 1452 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:18:48.0934 1452 rdbss - ok
15:18:48.0950 1452 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:18:48.0950 1452 rdpbus - ok
15:18:48.0966 1452 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:18:48.0966 1452 RDPCDD - ok
15:18:48.0997 1452 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:18:48.0997 1452 RDPDR - ok
15:18:49.0012 1452 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:18:49.0012 1452 RDPENCDD - ok
15:18:49.0012 1452 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:18:49.0028 1452 RDPREFMP - ok
15:18:49.0059 1452 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:18:49.0059 1452 RDPWD - ok
15:18:49.0090 1452 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:18:49.0090 1452 rdyboost - ok
15:18:49.0122 1452 [ 0C2B4C3B10D183BE116A38353E937F62 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:18:49.0122 1452 RegSrvc - ok
15:18:49.0137 1452 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:18:49.0153 1452 RemoteAccess - ok
15:18:49.0153 1452 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:18:49.0168 1452 RemoteRegistry - ok
15:18:49.0200 1452 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:18:49.0200 1452 RFCOMM - ok
15:18:49.0262 1452 [ DBF241307AAB32837A5FD07F002ED90F ] RoxioBurnLauncher C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
15:18:49.0262 1452 RoxioBurnLauncher - ok
15:18:49.0340 1452 [ 74D8C5F0CEE3E882FDE2B3C1EC689819 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:18:49.0356 1452 RoxMediaDB12OEM - ok
15:18:49.0387 1452 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:18:49.0387 1452 RpcEptMapper - ok
15:18:49.0402 1452 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:18:49.0402 1452 RpcLocator - ok
15:18:49.0434 1452 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:18:49.0434 1452 RpcSs - ok
15:18:49.0465 1452 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:18:49.0465 1452 rspndr - ok
15:18:49.0496 1452 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:18:49.0496 1452 s3cap - ok
15:18:49.0512 1452 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:18:49.0512 1452 SamSs - ok
15:18:49.0527 1452 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:18:49.0527 1452 sbp2port - ok
15:18:49.0543 1452 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:18:49.0543 1452 SCardSvr - ok
15:18:49.0558 1452 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:18:49.0558 1452 scfilter - ok
15:18:49.0590 1452 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:18:49.0605 1452 Schedule - ok
15:18:49.0636 1452 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:18:49.0636 1452 SCPolicySvc - ok
15:18:49.0668 1452 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
15:18:49.0668 1452 sdbus - ok
15:18:49.0699 1452 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:18:49.0699 1452 SDRSVC - ok
15:18:49.0730 1452 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:18:49.0730 1452 secdrv - ok
15:18:49.0746 1452 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:18:49.0746 1452 seclogon - ok
15:18:49.0761 1452 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:18:49.0761 1452 SENS - ok
15:18:49.0777 1452 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:18:49.0777 1452 SensrSvc - ok
15:18:49.0808 1452 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:18:49.0808 1452 Serenum - ok
15:18:49.0824 1452 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:18:49.0824 1452 Serial - ok
15:18:49.0839 1452 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:18:49.0839 1452 sermouse - ok
15:18:49.0870 1452 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:18:49.0870 1452 SessionEnv - ok
15:18:49.0886 1452 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:18:49.0886 1452 sffdisk - ok
15:18:49.0902 1452 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:18:49.0902 1452 sffp_mmc - ok
15:18:49.0917 1452 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:18:49.0917 1452 sffp_sd - ok
15:18:49.0933 1452 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:18:49.0933 1452 sfloppy - ok
15:18:49.0964 1452 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:18:49.0964 1452 SharedAccess - ok
15:18:49.0995 1452 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:18:49.0995 1452 ShellHWDetection - ok
15:18:50.0011 1452 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:18:50.0011 1452 SiSRaid2 - ok
15:18:50.0026 1452 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:18:50.0026 1452 SiSRaid4 - ok
15:18:50.0058 1452 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:18:50.0058 1452 SkypeUpdate - ok
15:18:50.0089 1452 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:18:50.0089 1452 Smb - ok
15:18:50.0120 1452 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:18:50.0120 1452 SNMPTRAP - ok
15:18:50.0136 1452 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:18:50.0136 1452 spldr - ok
15:18:50.0167 1452 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:18:50.0182 1452 Spooler - ok
15:18:50.0229 1452 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:18:50.0260 1452 sppsvc - ok
15:18:50.0276 1452 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:18:50.0276 1452 sppuinotify - ok
15:18:50.0354 1452 [ 685D7FDA1A2E019446872472A6295063 ] SPUVCbv C:\Windows\system32\Drivers\SPUVCbv_x64.sys
15:18:50.0370 1452 SPUVCbv - ok
15:18:50.0432 1452 [ 48AAE4C5E13611ED49C68F06857FF930 ] SpyHunter 4 Service C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
15:18:50.0448 1452 SpyHunter 4 Service - ok
15:18:50.0479 1452 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:18:50.0494 1452 srv - ok
15:18:50.0510 1452 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:18:50.0510 1452 srv2 - ok
15:18:50.0526 1452 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:18:50.0526 1452 srvnet - ok
15:18:50.0557 1452 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:18:50.0557 1452 SSDPSRV - ok
15:18:50.0588 1452 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:18:50.0588 1452 SstpSvc - ok
15:18:50.0635 1452 [ 78AA0311C611F2537ACD4DD3C839E83D ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
15:18:50.0650 1452 STacSV - ok
15:18:50.0666 1452 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:18:50.0666 1452 stexstor - ok
15:18:50.0682 1452 [ 9F21BBDA0227A08C86175C2AB5F17F70 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
15:18:50.0682 1452 STHDA - ok
15:18:50.0713 1452 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:18:50.0728 1452 stisvc - ok
15:18:50.0760 1452 [ F0B57D2DEC5F97E621FF5E986319EED2 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:18:50.0760 1452 stllssvr - ok
15:18:50.0775 1452 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:18:50.0775 1452 storflt - ok
15:18:50.0791 1452 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
15:18:50.0791 1452 StorSvc - ok
15:18:50.0822 1452 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:18:50.0822 1452 storvsc - ok
15:18:50.0838 1452 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:18:50.0838 1452 swenum - ok
15:18:50.0869 1452 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:18:50.0869 1452 swprv - ok
15:18:50.0900 1452 [ 48A191AE1F810F3F76F04187BA6B0F14 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:18:50.0916 1452 SynTP - ok
15:18:50.0931 1452 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:18:50.0962 1452 SysMain - ok
15:18:50.0962 1452 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:18:50.0962 1452 TabletInputService - ok
15:18:50.0994 1452 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:18:50.0994 1452 TapiSrv - ok
15:18:51.0009 1452 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:18:51.0009 1452 TBS - ok
15:18:51.0056 1452 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:18:51.0072 1452 Tcpip - ok
15:18:51.0103 1452 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:18:51.0103 1452 TCPIP6 - ok
15:18:51.0134 1452 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:18:51.0134 1452 tcpipreg - ok
15:18:51.0165 1452 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:18:51.0165 1452 TDPIPE - ok
15:18:51.0181 1452 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:18:51.0181 1452 TDTCP - ok
15:18:51.0212 1452 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:18:51.0212 1452 tdx - ok
15:18:51.0228 1452 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:18:51.0228 1452 TermDD - ok
15:18:51.0259 1452 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:18:51.0259 1452 TermService - ok
15:18:51.0274 1452 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:18:51.0274 1452 Themes - ok
15:18:51.0306 1452 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:18:51.0306 1452 THREADORDER - ok
15:18:51.0337 1452 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
15:18:51.0337 1452 TPM - ok
15:18:51.0352 1452 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:18:51.0352 1452 TrkWks - ok
15:18:51.0384 1452 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:18:51.0399 1452 TrustedInstaller - ok
15:18:51.0399 1452 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:18:51.0399 1452 tssecsrv - ok
15:18:51.0430 1452 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:18:51.0430 1452 TsUsbFlt - ok
15:18:51.0446 1452 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:18:51.0446 1452 TsUsbGD - ok
15:18:51.0462 1452 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:18:51.0462 1452 tunnel - ok
15:18:51.0477 1452 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:18:51.0477 1452 uagp35 - ok
15:18:51.0524 1452 [ F0458A5ABFC8C269798D398F664666A8 ] uArcCapture C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
15:18:51.0540 1452 uArcCapture - ok
15:18:51.0555 1452 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:18:51.0571 1452 udfs - ok
15:18:51.0602 1452 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:18:51.0602 1452 UI0Detect - ok
15:18:51.0633 1452 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:18:51.0633 1452 uliagpkx - ok
15:18:51.0664 1452 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:18:51.0664 1452 umbus - ok
15:18:51.0680 1452 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:18:51.0680 1452 UmPass - ok
15:18:51.0711 1452 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:18:51.0711 1452 UmRdpService - ok
15:18:51.0789 1452 [ 25F4EFE9D0624C7C7B0EC823DE901BF3 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:18:51.0789 1452 UNS - ok
15:18:51.0805 1452 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:18:51.0820 1452 upnphost - ok
15:18:51.0836 1452 [ 2B26FCB7C634C49313FD72120FB9946E ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:18:51.0836 1452 usbccgp - ok
15:18:51.0867 1452 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:18:51.0867 1452 usbcir - ok
15:18:51.0883 1452 [ AA68C758B3F225618A5FD1ED40C383C4 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:18:51.0883 1452 usbehci - ok
15:18:51.0898 1452 [ 33A58C5630200E17B51C8D73DD64181B ] usbfilter C:\Windows\system32\drivers\usbfilter.sys
15:18:51.0914 1452 usbfilter - ok
15:18:51.0930 1452 [ 66E1EF753543785D7E2C44719B2C5DAD ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:18:51.0930 1452 usbhub - ok
15:18:51.0930 1452 [ B26ACA4784AD1295C25A7501FD4AB79E ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:18:51.0945 1452 usbohci - ok
15:18:51.0961 1452 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:18:51.0961 1452 usbprint - ok
15:18:51.0976 1452 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:18:51.0976 1452 USBSTOR - ok
15:18:51.0992 1452 [ 35944CFF264134FFD2E7EED0F8B81A56 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:18:51.0992 1452 usbuhci - ok
15:18:52.0039 1452 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:18:52.0039 1452 usbvideo - ok
15:18:52.0070 1452 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
15:18:52.0070 1452 usb_rndisx - ok
15:18:52.0086 1452 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:18:52.0086 1452 UxSms - ok
15:18:52.0101 1452 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:18:52.0101 1452 VaultSvc - ok
15:18:52.0164 1452 [ EF3BD2119454883B0D5463AD5327DD10 ] vcsFPService C:\Windows\system32\vcsFPService.exe
15:18:52.0195 1452 vcsFPService - ok
15:18:52.0210 1452 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:18:52.0210 1452 vdrvroot - ok
15:18:52.0242 1452 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:18:52.0242 1452 vds - ok
15:18:52.0273 1452 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:18:52.0273 1452 vga - ok
15:18:52.0273 1452 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:18:52.0288 1452 VgaSave - ok
15:18:52.0304 1452 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:18:52.0304 1452 vhdmp - ok
15:18:52.0320 1452 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:18:52.0320 1452 viaide - ok
15:18:52.0351 1452 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:18:52.0351 1452 vmbus - ok
15:18:52.0366 1452 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:18:52.0366 1452 VMBusHID - ok
15:18:52.0382 1452 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:18:52.0382 1452 volmgr - ok
15:18:52.0398 1452 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:18:52.0398 1452 volmgrx - ok
15:18:52.0398 1452 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:18:52.0413 1452 volsnap - ok
15:18:52.0413 1452 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:18:52.0429 1452 vsmraid - ok
15:18:52.0476 1452 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:18:52.0491 1452 VSS - ok
15:18:52.0507 1452 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:18:52.0507 1452 vwifibus - ok
15:18:52.0507 1452 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:18:52.0522 1452 vwififlt - ok
15:18:52.0538 1452 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:18:52.0538 1452 vwifimp - ok
15:18:52.0554 1452 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:18:52.0569 1452 W32Time - ok
15:18:52.0585 1452 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:18:52.0585 1452 WacomPen - ok
15:18:52.0600 1452 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:18:52.0616 1452 WANARP - ok
15:18:52.0616 1452 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:18:52.0616 1452 Wanarpv6 - ok
15:18:52.0663 1452 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:18:52.0663 1452 WatAdminSvc - ok
15:18:52.0710 1452 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:18:52.0725 1452 wbengine - ok
15:18:52.0741 1452 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:18:52.0741 1452 WbioSrvc - ok
15:18:52.0756 1452 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:18:52.0756 1452 wcncsvc - ok
15:18:52.0772 1452 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:18:52.0772 1452 WcsPlugInService - ok
15:18:52.0788 1452 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:18:52.0788 1452 Wd - ok
15:18:52.0819 1452 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:18:52.0834 1452 Wdf01000 - ok
15:18:52.0850 1452 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:18:52.0850 1452 WdiServiceHost - ok
15:18:52.0850 1452 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:18:52.0850 1452 WdiSystemHost - ok
15:18:52.0866 1452 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:18:52.0866 1452 WebClient - ok
15:18:52.0881 1452 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:18:52.0881 1452 Wecsvc - ok
15:18:52.0897 1452 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:18:52.0897 1452 wercplsupport - ok
15:18:52.0928 1452 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:18:52.0928 1452 WerSvc - ok
15:18:52.0959 1452 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:18:52.0959 1452 WfpLwf - ok
15:18:52.0975 1452 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:18:52.0975 1452 WIMMount - ok
15:18:53.0006 1452 WinDefend - ok
15:18:53.0006 1452 WinHttpAutoProxySvc - ok
15:18:53.0053 1452 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:18:53.0053 1452 Winmgmt - ok
15:18:53.0100 1452 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:18:53.0115 1452 WinRM - ok
15:18:53.0146 1452 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
15:18:53.0146 1452 WinUSB - ok
15:18:53.0178 1452 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:18:53.0178 1452 Wlansvc - ok
15:18:53.0209 1452 [ 2107201D4B0D471B20FA62C8BBE3143F ] wltrysvc C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
15:18:53.0209 1452 wltrysvc - ok
15:18:53.0240 1452 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:18:53.0240 1452 WmiAcpi - ok
15:18:53.0256 1452 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:18:53.0256 1452 wmiApSrv - ok
15:18:53.0287 1452 WMPNetworkSvc - ok
15:18:53.0302 1452 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:18:53.0302 1452 WPCSvc - ok
15:18:53.0318 1452 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:18:53.0318 1452 WPDBusEnum - ok
15:18:53.0318 1452 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:18:53.0334 1452 ws2ifsl - ok
15:18:53.0334 1452 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:18:53.0334 1452 wscsvc - ok
15:18:53.0334 1452 WSearch - ok
15:18:53.0412 1452 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:18:53.0427 1452 wuauserv - ok
15:18:53.0458 1452 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:18:53.0458 1452 WudfPf - ok
15:18:53.0474 1452 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:18:53.0474 1452 WUDFRd - ok
15:18:53.0505 1452 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:18:53.0505 1452 wudfsvc - ok
15:18:53.0552 1452 [ F0B1D8725FAB9F4A559CCC91A960FCE0 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:18:53.0599 1452 WwanSvc - ok
15:18:53.0692 1452 [ D2FE4103450E52CB248D842501F84B90 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
15:18:53.0724 1452 ZeroConfigService - ok
15:18:53.0739 1452 ================ Scan global ===============================
15:18:53.0770 1452 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:18:53.0786 1452 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:18:53.0802 1452 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:18:53.0817 1452 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:18:53.0833 1452 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:18:53.0848 1452 [Global] - ok
15:18:53.0848 1452 ================ Scan MBR ==================================
15:18:53.0864 1452 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:18:54.0020 1452 \Device\Harddisk0\DR0 - ok
15:18:54.0020 1452 ================ Scan VBR ==================================
15:18:54.0020 1452 [ 90C133A186EE870343FD7BDA28F183D6 ] \Device\Harddisk0\DR0\Partition1
15:18:54.0020 1452 \Device\Harddisk0\DR0\Partition1 - ok
15:18:54.0036 1452 [ 97249E89224D146696474F6C9DE41CA5 ] \Device\Harddisk0\DR0\Partition2
15:18:54.0036 1452 \Device\Harddisk0\DR0\Partition2 - ok
15:18:54.0051 1452 [ 1A7E38E5518BDB24BD7AE0CC6A51810E ] \Device\Harddisk0\DR0\Partition3
15:18:54.0051 1452 \Device\Harddisk0\DR0\Partition3 - ok
15:18:54.0082 1452 [ 7D710A7D47A810CC39FC40458816E505 ] \Device\Harddisk0\DR0\Partition4
15:18:54.0082 1452 \Device\Harddisk0\DR0\Partition4 - ok
15:18:54.0082 1452 ============================================================
15:18:54.0082 1452 Scan finished
15:18:54.0082 1452 ============================================================
15:18:54.0082 0236 Detected object count: 0
15:18:54.0082 0236 Actual detected object count: 0
15:18:57.0405 0472 Deinitialize success

Uz to nehledejte, je to zbytecne

Pro OTM se pise vzdy skript pro dany pocitac, takze to co jste pouzil stejne na 99% nefungovalo

Chce to cist i pravidla http://forum.viry.cz/viewtopic.php?f=12&t=5601

2. Před položením dotazu použijte tlačítko Hledat. Možná již někdo problém podobným Vašemu řešil. Pokud ale ve vyřešeném tématu budou aplikovány různé utility\aplikace, nespouštějte je. Utility se používají až na pokyn rádce, jelikož mohou mazat stopy po havěti a v rukou ne-oborníka může mít jejich použití nedozírné následky.

Odinstalujte SpyHunter 4 a tez i MBAM a Hitmana

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

OTL Extras logfile created on: 18.3.2013 17:09:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michal\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,88 Gb Total Physical Memory | 2,75 Gb Available Physical Memory | 70,84% Memory free
7,77 Gb Paging File | 6,74 Gb Available in Paging File | 86,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,34 Gb Total Space | 256,14 Gb Free Space | 57,78% Space Free | Partition Type: NTFS
Drive D: | 20,12 Gb Total Space | 3,09 Gb Free Space | 15,36% Space Free | Partition Type: NTFS
Drive E: | 1,99 Gb Total Space | 1,97 Gb Free Space | 99,34% Space Free | Partition Type: FAT32

Computer Name: MICHAL-PC | User Name: Michal | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3709121103-697001368-1351868520-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09E6CD31-5206-4217-8AA3-36FBA254ACDE}" = lport=139 | protocol=6 | dir=in | app=system |
"{1309BFEA-B3EE-403D-9FBB-5E990132F17E}" = lport=445 | protocol=6 | dir=in | app=system |
"{15132AAD-769C-45DF-8DD8-A27E17984DF5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2ADEB38E-F1FF-4DD5-82FD-48BB901B9185}" = rport=137 | protocol=17 | dir=out | app=system |
"{3481AA62-E453-41C5-B280-E3E23EC2A9F6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3BE79F9F-B1B5-4BBF-96D2-A52C1EFE310C}" = rport=138 | protocol=17 | dir=out | app=system |
"{4843B3BF-473E-467D-87A1-2934E60F32F2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4919A2EA-2B2D-41C7-B03D-729885787C6B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4CD95354-0ED2-46A3-A764-13D87B315AFA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5ED8009D-B1C9-4262-B22B-DB187DB48E93}" = rport=139 | protocol=6 | dir=out | app=system |
"{713EEFC8-C41B-4C83-B897-9F6B94D4A076}" = lport=138 | protocol=17 | dir=in | app=system |
"{7E25CE1D-E945-4163-BECD-C10B3EC86E9E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8BA13DF6-E178-4CCC-96E0-811B8F676DFF}" = lport=137 | protocol=17 | dir=in | app=system |
"{8F7EBB57-D446-4B0F-BAD6-B71ABEC4BE42}" = lport=5432 | protocol=6 | dir=in | name=postgres |
"{9B617078-6AAE-4511-A658-F003A2BB9119}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9D7472FA-1121-4F31-8A81-9F9E460D091C}" = rport=445 | protocol=6 | dir=out | app=system |
"{A298B9DD-5D7F-4CDD-8BA2-F46C737DA3D2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A8CAEF1D-A6ED-40E1-B4D0-D13E8600AB06}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B58EF854-036C-44E0-AA24-6743CFDA8B78}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BDF50ECA-AE96-4CE6-8CA0-833F96FEDBEF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C31C6799-4DA9-4950-B6CD-237553E8542F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{F1A763E3-89CA-4C0F-A07D-46B1D8E2A2DB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F2E22640-D559-4067-94AE-6A399E1C172B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F6B97411-4D3E-451E-8DDC-A52555E60C4D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FA911AD3-0F8B-4E39-BB91-8CEFC064D2CC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12C0A109-D5FC-4237-B3F8-7F54A47CE751}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{143EF18B-C261-4DCE-8E1E-876205428F99}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{145871A8-DD40-4F24-B024-167B8A89393D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{225634CD-09FB-465D-9199-D819CE71078F}" = protocol=17 | dir=in | app=c:\users\michal\appdata\roaming\dropbox\bin\dropbox.exe |
"{31E80C83-1D67-4184-BEBD-6697746D214D}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{37F0CDEB-8824-46DB-9BF9-25482193B17A}" = protocol=6 | dir=in | app=c:\program files (x86)\wolfram research\wolfram cdf player\8.0\wolframcdfplayer.exe |
"{3ADBC5A5-350B-460D-8A7B-1F6F21DAF855}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{40413817-D7F9-4404-934C-F11CAB2D2D26}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4805956C-3F33-4C13-9465-00151EAC67A0}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{5E83D87A-D865-496D-B1E3-50FE49829D3D}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{63F129F8-0AA8-42CE-82BE-A228DAC41FBA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{666D866E-E810-45C4-8D33-3672061EE1DE}" = protocol=6 | dir=in | app=c:\program files (x86)\wolfram research\wolfram cdf player\8.0\math.exe |
"{694205AB-5D27-41F0-B0AF-E5739C698F50}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7376A69A-5AA6-4C7B-8329-9B4951739258}" = protocol=17 | dir=in | app=c:\program files (x86)\wolfram research\wolfram cdf player\8.0\math.exe |
"{75CE9697-1852-4AF4-9A42-924A9EB3AA07}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{7AC1CBF4-FFA7-4DC2-B1BF-4EBE9B5F6F67}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{859907B9-B915-4E2E-A97E-0D57938EC372}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{861FF019-6ED5-4021-A2D4-9085461D197D}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{884F41D7-3A57-4D53-8224-5584C0903B18}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{8A799E67-8933-44FD-9C43-86EEB08392B9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8EBBAE75-FE5E-4A8A-A4F6-12D2598DC419}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{93122BCF-DA27-4F3D-9B7A-274424F3E95F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9BE6EE72-BEFF-4483-99B4-734772E6635D}" = protocol=17 | dir=in | app=c:\program files (x86)\wolfram research\wolfram cdf player\8.0\wolframcdfplayer.exe |
"{A490A2D0-D8E2-4134-9683-F4E02F39C78C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A9BE40D2-454A-49C2-8C70-CC46E423E175}" = protocol=6 | dir=out | app=system |
"{AC547413-E7B6-46C5-BCAB-07412A46834F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{ACD86478-551A-43F4-9A14-457FE8DC27A6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B5AADDB0-7DF2-4D57-AFBF-A7A468EFB4F5}" = protocol=6 | dir=in | app=c:\users\michal\appdata\roaming\dropbox\bin\dropbox.exe |
"{B69B5A98-2726-4DEE-B4D7-A28CB43841F1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B9CECA69-DF04-49A9-8406-D07402B74086}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B9D2654D-5CFD-439D-A4EE-2653026F4B46}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{BBE6B214-CAC3-42F9-AAA6-C1862384CC8D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C3A490F1-8BBD-4D5D-8803-C359C4C61863}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{C4370952-1D12-4E19-A22B-84A43C7AB0F9}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{C91CE226-6103-4526-81AD-E47553F98AB5}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{D3C99943-AFC0-4FEB-B076-045E321E06AA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D3E55245-7532-48C7-994C-A4076C24EF64}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DE79264D-0360-4319-BA50-7B9E4BEDF947}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EAA59C49-352D-4BFF-8433-8D1022B3A8BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F053228A-02D7-4168-92B6-F8C74E687C47}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FEA8C337-A43C-4E0D-900C-0781D2A56A1B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{2965D78C-A743-46B4-B9A7-AE88479623E1}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{306B16D9-8EC9-4F8F-B981-F8A93E5E1EAA}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{3AC99DE6-45C5-481B-AC5A-2E6260CF8F64}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{6FEC3283-6577-489F-BB3D-E277DC138B8B}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{958935AB-10BF-4C5A-BFD8-A02CC76B638B}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{992BF823-5F2C-471D-B2DB-DFE0D1A4A7B4}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{A193D2DE-FE49-4530-9F73-307548ACE395}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{B68FB92C-F7ED-4A79-AF62-9753DEBB140B}C:\users\michal\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\michal\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{D1D57ED7-5908-4124-9CAE-9BEF1A370C07}C:\program files (x86)\icq7m\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"UDP Query User{3856FF5A-BF96-4C3D-9BB0-D2D92F094541}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{754D9E1F-9A6E-4233-9BF3-AC424352AE0A}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{81F6CE18-BA3E-466F-8DC0-118F1A09D5E9}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{82BEB642-3A7E-433F-8B51-3CCF16579294}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{8B6CDABF-FF14-4747-AE2F-DE2FD2535AE5}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{A353BA3E-7A2E-48B1-B2C3-D967AEA3BD6B}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{AF12C510-292A-4D46-9BB6-553A93D917BB}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{C9066F68-9204-4598-9BED-078B766A86F5}C:\program files (x86)\icq7m\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"UDP Query User{DB03C44D-88D0-48A2-A8A7-D31EBCD90FD8}C:\users\michal\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\michal\appdata\roaming\dropbox\bin\dropbox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0336B81E-E745-7FE9-74D5-157EBCDF71E3}" = AMD Catalyst Install Manager
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{171C7193-1BB5-4619-BF23-E962598CAB13}" = Intel® Trusted Connect Service Client
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{37EC048A-81A2-452A-8D1F-3BE2018E767D}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{5809F3E0-6638-46B4-A2FF-464131961117}" = HP 3D DriveGuard
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6FE8E073-D159-4419-93E2-CE2C5B078562}" = HP ProtectTools Security Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{93581599-ECF1-4DCD-BE36-BD969A6C8DB5}" = Validity Fingerprint Sensor Driver
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = Broadcom Bluetooth Software
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BBDDFD86-E8E5-42FA-85E4-373FAE1DC731}" = HP Power Assistant
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{E2D0B67F-8032-4E11-87C6-C8C721D331B3}" = Software Intel® PROSet/Wireless WiFi
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"A-WIN-Extras 8.0.4 2609412_is1" = Mathematica Extras 8.0 (2609412)
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Broadcom Wireless Utility" = Broadcom Wireless Utility
"HPProtectTools" = HP ProtectTools Security Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"MiKTeX 2.9" = MiKTeX 2.9
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"ProInst" = Intel PROSet Wireless
"PROSet" = Intel(R) Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}" = HP Wallpaper
"{13C96625-28E4-4c58-ADE0-CDAFC64752EB}" = JMicron 1394 Filter Driver
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{2687340C-C114-47DC-9F0E-C1BA85FEB001}" = POWERPREP II
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}" = SpyHunter
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012
"{593AFFA4-D08E-4272-BABB-420949D32A10}" = QUICKfind
"{6357258D-2BF9-49E7-A9EF-0C609D52C46D}" = HP ESU for Microsoft Windows 7
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{8FE60B86-0B99-426D-8DBE-BEC526FDED71}" = Roxio Secure Burn
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Roxio CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CB4FBA9-45C0-41AA-97CC-283B42E1A21E}" = Roxio MyDVD Business 2010
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{AB4CC828-05EE-4A9B-9097-E0308C27ECCB}" = HP Connection Manager
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Czech
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Secure Burn
"{BACE8BFA-8F39-421D-BEF1-6E78632BDC90}" = Roxio MyDVD Business 2010
"{C1C910A7-0B89-4260-8845-FE221D9285E8}_is1" = PC Chrono 1.1.0.6
"{C4E9E8A4-EEC4-4F9E-B140-520A8B75F430}" = HP System Default Settings
"{C97CC14E-4789-4FC5-BC75-79191F7CE009}" = HP Hotkey Support
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E7530589-81AA-40B4-8A7A-56B22DCF62EC}" = HP Software Framework
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F24F876B-7D71-4BD6-88E9-614D3BB84228}" = Alcor Micro Smart Card Reader Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"DAEMON Tools Lite" = DAEMON Tools Lite
"DjVuLibre+DjView" = DjVuLibre+DjView
"FormatFactory" = FormatFactory 3.00
"Guard.Mail.ru" = Guard.ICQ
"HoldemManager" = Holdem Manager
"ldoce4v2" = LONGMAN Dictionary of Contemporary English
"Mozilla Firefox 19.0.2 (x86 cs)" = Mozilla Firefox 19.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"M-WIN-D 8.0.4 2609533_is1" = Wolfram CDF Player (M-WIN-D 8.0.4 2609533)
"PDF Complete" = PDF Complete Corporate Edition
"PokerStars" = PokerStars
"PostgreSQL 8.4" = PostgreSQL 8.4
"PotPlayer" = Daum PotPlayer 1.5.28025
"QuickTime" = QuickTime
"SopCast" = SopCast 3.5.0
"Sunplus SPUVCb" = HP HD Webcam Driver
"SZCCID" = Alcor Micro Smart Card Reader Driver
"Texmaker" = Texmaker
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.3
"Winamp" = Winamp

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3709121103-697001368-1351868520-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 18.3.2013 7:31:51 | Computer Name = Michal-PC | Source = WinMgmt | ID = 10
Description =

Error - 18.3.2013 9:04:16 | Computer Name = Michal-PC | Source = WinMgmt | ID = 10
Description =

Error - 18.3.2013 9:39:12 | Computer Name = Michal-PC | Source = PostgreSQL | ID = 0
Description = 2013-03-18 14:39:12 CETFATAL: the database system is starting up

Error - 18.3.2013 9:39:16 | Computer Name = Michal-PC | Source = WinMgmt | ID = 10
Description =

Error - 18.3.2013 9:45:34 | Computer Name = Michal-PC | Source = WinMgmt | ID = 10
Description =

Error - 18.3.2013 9:58:30 | Computer Name = Michal-PC | Source = WinMgmt | ID = 10
Description =

Error - 18.3.2013 9:58:32 | Computer Name = Michal-PC | Source = PostgreSQL | ID = 0
Description = 2013-03-18 14:58:32 CETFATAL: the database system is starting up

Error - 18.3.2013 10:04:48 | Computer Name = Michal-PC | Source = WinMgmt | ID = 10
Description =

Error - 18.3.2013 10:25:20 | Computer Name = Michal-PC | Source = PostgreSQL | ID = 0
Description = 2013-03-18 15:25:20 CETFATAL: the database system is starting up

Error - 18.3.2013 10:25:29 | Computer Name = Michal-PC | Source = WinMgmt | ID = 10
Description =

Error - 18.3.2013 10:30:21 | Computer Name = Michal-PC | Source = WinMgmt | ID = 10
Description =

[ HP Connection Manager Events ]
Error - 16.1.2013 7:01:24 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.01.16 12:01:24.149|000017D0|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

Error - 19.1.2013 6:27:02 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.01.19 11:27:02.279|000017D0|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

Error - 4.2.2013 21:43:45 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.02.05 02:43:45.740|0000009C|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

Error - 7.2.2013 6:02:09 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.02.07 11:02:09.961|0000009C|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

Error - 7.2.2013 9:13:54 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.02.07 14:13:54.301|0000009C|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

Error - 8.2.2013 14:39:34 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.02.08 19:39:34.237|0000009C|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

Error - 22.2.2013 7:01:29 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.02.22 12:01:29.145|00001724|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

Error - 27.2.2013 6:31:36 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.02.27 11:31:36.663|00001688|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

Error - 12.3.2013 5:14:41 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.03.12 10:14:41.037|00001970|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

Error - 13.3.2013 7:50:49 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.03.13 12:50:49.695|00001880|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

[ HP Power Assistant Events ]
Error - 1.10.2012 5:24:53 | Computer Name = Michal-PC | Source = HP PA Service | ID = 1027
Description = An error occurred in HP Power Assistant application, [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Soubor C:\Windows\TEMP\djcndauo.dll nebyl nalezen.

Error - 1.10.2012 5:24:53 | Computer Name = Michal-PC | Source = HP PA Service | ID = 1027
Description = An error occurred in HP Power Assistant application, [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Soubor C:\Windows\TEMP\128dgrvm.dll nebyl nalezen.

Error - 1.10.2012 5:24:53 | Computer Name = Michal-PC | Source = HP PA Service | ID = 1027
Description = An error occurred in HP Power Assistant application, [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Soubor C:\Windows\TEMP\_by2tuvb.dll nebyl nalezen.

Error - 1.10.2012 5:24:53 | Computer Name = Michal-PC | Source = HP PA Service | ID = 1027
Description = An error occurred in HP Power Assistant application, [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Soubor C:\Windows\TEMP\8chdewgi.dll nebyl nalezen.

Error - 1.10.2012 5:24:54 | Computer Name = Michal-PC | Source = HP PA Service | ID = 1009
Description = A required file is either invalid or cannot be loaded. Power Assistant
cannot function properly. Please restart HP Power Assistant application. Additional
details may be available in the Details section. DETAILS Soubor C:\Windows\TEMP\ug_kpcjh.dll
nebyl nalezen.DAT File Error

Error - 1.10.2012 5:24:54 | Computer Name = Michal-PC | Source = HP PA Service | ID = 1027
Description = An error occurred in HP Power Assistant application, [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Soubor C:\Windows\TEMP\yq5zlh5v.dll nebyl nalezen.

Error - 1.10.2012 5:24:54 | Computer Name = Michal-PC | Source = HP PA Service | ID = 1027
Description = An error occurred in HP Power Assistant application, [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Soubor C:\Windows\TEMP\6vhp7eiu.dll nebyl nalezen.

Error - 1.10.2012 5:24:55 | Computer Name = Michal-PC | Source = HP PA Service | ID = 1027
Description = An error occurred in HP Power Assistant application, [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Soubor C:\Windows\TEMP\cowehl3c.dll nebyl nalezen.

Error - 1.10.2012 5:24:55 | Computer Name = Michal-PC | Source = HP PA Service | ID = 1006
Description = The Power Assistant service has crashed due to an unhandled exception.
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Cíl vyvolání způsobil výjimku.ServiceWorkerMethod ABORTED!
-

Error - 25.12.2012 11:58:12 | Computer Name = Michal-PC | Source = HP PA Application | ID = 1011
Description = Failed to send a PIP report. Please restart HP Power Assistant application.
Additional
details may be available in the Details section. DETAILS Nelze načíst soubor nebo
sestavení HP.SupportFramework, Version=1.0.0.0, Culture=neutral, PublicKeyToken=2a4860322af7ba08
nebo jeden z jejich závislých prvků. Systém nemůže nalézt uvedený soubor.Please
verify HPSF is properly installed.

[ HP Software Framework Events ]
Error - 15.10.2012 12:41:55 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2012.10.15 18:41:55.037|00000FA4|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Odkaz na objekt není nastaven na instanci
objektu.

Error - 15.10.2012 12:41:55 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2012.10.15 18:41:55.099|00000FA4|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged.2.0 event. Exception: Odkaz na objekt
není nastaven na instanci objektu.

Error - 7.11.2012 9:35:07 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2012.11.07 14:35:06.976|00000CBC|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
occurred in querying WMI for WmiMonitorBrightness: 'Not supported '

Error - 7.11.2012 9:35:12 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2012.11.07 14:35:12.483|000013A0|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
occurred in querying WMI for WmiMonitorBrightness: 'Not supported '

Error - 7.11.2012 9:35:13 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2012.11.07 14:35:13.637|00000808|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
occurred in querying WMI for WmiMonitorBrightness: 'Not supported '

Error - 24.11.2012 7:39:15 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2012.11.24 12:39:15.713|00000980|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
occurred in querying WMI for WmiMonitorBrightness: 'Not supported '

Error - 24.11.2012 7:39:15 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2012.11.24 12:39:15.713|000015A8|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
occurred in querying WMI for WmiMonitorBrightness: 'Not supported '

Error - 24.11.2012 7:39:19 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2012.11.24 12:39:19.831|000017CC|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
occurred in querying WMI for WmiMonitorBrightness: 'Not supported '

Error - 4.1.2013 3:10:47 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2013.01.04 08:10:46.950|000015F0|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Odkaz na objekt není nastaven na instanci
objektu.

Error - 4.1.2013 3:10:47 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2013.01.04 08:10:47.262|000015F0|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged.2.0 event. Exception: Odkaz na objekt
není nastaven na instanci objektu.

[ System Events ]
Error - 31.1.2013 9:37:37 | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby RoxioBurnLauncher bylo dosaženo
časového limitu (30000 ms).

Error - 3.2.2013 9:46:43 | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby lmhosts bylo dosaženo časového
limitu (30000 ms).

Error - 3.2.2013 9:46:43 | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby PlugPlay bylo dosaženo časového
limitu (30000 ms).

Error - 4.2.2013 8:50:36 | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby hpqwmiex bylo dosaženo časového
limitu (30000 ms).

Error - 4.2.2013 8:50:36 | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby RoxioBurnLauncher bylo dosaženo
časového limitu (30000 ms).

Error - 4.2.2013 8:50:44 | Computer Name = Michal-PC | Source = DCOM | ID = 10010
Description =

Error - 4.2.2013 23:02:33 | Computer Name = Michal-PC | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní
chyby: 10

Error - 8.2.2013 17:56:03 | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby lmhosts bylo dosaženo časového
limitu (30000 ms).

Error - 8.2.2013 17:56:03 | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Netman bylo dosaženo časového
limitu (30000 ms).

Error - 20.2.2013 9:01:07 | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby iphlpsvc bylo dosaženo časového
limitu (30000 ms).


< End of report >

OTL na půlky:

OTL logfile created on: 18.3.2013 17:09:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michal\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,88 Gb Total Physical Memory | 2,75 Gb Available Physical Memory | 70,84% Memory free
7,77 Gb Paging File | 6,74 Gb Available in Paging File | 86,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,34 Gb Total Space | 256,14 Gb Free Space | 57,78% Space Free | Partition Type: NTFS
Drive D: | 20,12 Gb Total Space | 3,09 Gb Free Space | 15,36% Space Free | Partition Type: NTFS
Drive E: | 1,99 Gb Total Space | 1,97 Gb Free Space | 99,34% Space Free | Partition Type: FAT32

Computer Name: MICHAL-PC | User Name: Michal | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.03.18 17:08:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michal\Desktop\OTL.exe
PRC - [2013.03.13 14:47:23 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013.03.08 12:05:40 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.02.11 18:51:50 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Michal\Desktop\Nová složka (2)\tdsskiller\TDSSKiller.exe


========== Modules (No Company Name) ==========

MOD - [2013.03.13 14:47:22 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013.03.08 12:05:21 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2010.01.21 00:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010.01.09 19:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV:64bit: - [2013.01.27 11:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013.01.27 11:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012.09.29 15:00:50 | 000,048,128 | ---- | M] (Broadcom Corporation) [Auto | Stopped] -- C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2012.04.26 13:56:00 | 000,033,560 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2012.03.27 16:02:44 | 000,493,904 | R--- | M] (DigitalPersona, Inc.) [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2012.03.20 06:45:18 | 002,694,224 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2012.03.14 13:23:06 | 000,152,992 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:64bit: - [2012.03.07 01:00:46 | 000,629,984 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2012.03.05 16:04:18 | 000,314,880 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012.02.26 04:07:52 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012.02.26 04:07:42 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012.02.26 04:07:32 | 000,626,960 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012.02.26 04:07:26 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012.02.01 17:31:02 | 000,945,440 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2012.01.17 15:12:28 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012.01.09 11:39:44 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.03.13 14:47:23 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.08 12:05:40 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.01.14 21:33:14 | 000,769,920 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Stopped] -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.10.19 22:28:04 | 001,564,368 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2012.09.27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012.06.12 13:51:06 | 001,421,728 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2012.04.02 09:30:08 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.03.28 18:38:26 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.03.28 18:38:24 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.03.28 18:38:08 | 000,165,144 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.03.20 17:55:10 | 000,536,848 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe -- (RoxioBurnLauncher)
SRV - [2012.03.20 06:28:20 | 002,325,584 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2012.03.14 13:50:56 | 000,365,440 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2012.03.09 10:22:42 | 000,117,552 | ---- | M] (Portrait Displays, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2012.03.07 00:18:30 | 001,118,480 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2012.03.06 20:10:04 | 001,134,584 | ---- | M] (PDF Complete Inc) [Auto | Stopped] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2012.03.01 03:06:36 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.02.03 05:42:00 | 000,498,352 | ---- | M] (ArcSoft, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe -- (uArcCapture)
SRV - [2011.01.28 06:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Auto | Stopped] -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe -- (postgresql-8.4)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.03.17 15:25:03 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.01.20 15:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.09.29 15:00:50 | 004,747,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012.09.29 15:00:50 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2012.04.26 13:56:00 | 000,043,800 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012.04.26 13:56:00 | 000,030,488 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012.03.27 10:13:20 | 000,789,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.03.27 10:13:20 | 000,356,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.03.27 10:13:18 | 000,019,224 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.03.27 06:09:56 | 014,748,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.03.26 16:14:04 | 002,891,512 | ---- | M] (Sunplus Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SPUVCBv_x64.sys -- (SPUVCbv)
DRV:64bit: - [2012.03.09 04:55:26 | 000,425,232 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.03.08 02:01:00 | 000,058,000 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2012.03.05 16:04:18 | 000,536,064 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.28 00:28:10 | 000,173,656 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2012.02.28 00:28:08 | 000,026,200 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2012.02.22 12:54:08 | 000,360,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2012.02.03 05:42:00 | 000,042,816 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV:64bit: - [2012.02.02 04:07:18 | 000,615,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2012.02.02 04:07:18 | 000,134,696 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2012.02.02 04:07:18 | 000,089,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:64bit: - [2012.02.02 04:07:12 | 000,211,496 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2012.02.02 04:07:12 | 000,184,360 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2012.02.02 04:07:12 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2012.02.02 04:07:12 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2012.02.01 23:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012.01.09 11:32:40 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.01.09 11:32:40 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012.01.04 06:24:18 | 000,220,288 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2012.01.04 06:24:18 | 000,103,552 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2011.12.13 19:44:16 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011.12.06 15:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.11.09 21:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.07.18 07:11:44 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.07.27 15:45:46 | 000,180,224 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.07.27 15:45:46 | 000,078,848 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.06.22 11:01:32 | 000,019,984 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\EsgScanner.sys -- (EsgScanner)
DRV - [2011.03.02 17:17:20 | 000,013,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledAddons: alertbox%40ajitk.com:0.4.6.20111013
FF - prefs.js..extensions.enabledAddons: %7Bada4b710-8346-4b82-8199-5de2b400a6ae%7D:2.0.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wolfram.com/Mathematica: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2609412\npmathplugin.dll (Wolfram Research, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Michal\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Michal\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2012.09.29 20:57:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 12:05:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 12:05:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 12:05:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 12:05:17 | 000,000,000 | ---D | M]

[2012.09.29 15:28:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michal\AppData\Roaming\Mozilla\Extensions
[2013.03.18 14:34:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\extensions
[2012.11.20 17:12:14 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2012.11.20 17:17:38 | 000,180,935 | ---- | M] () (No name found) -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\extensions\alertbox@ajitk.com.xpi
[2013.03.08 12:05:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.03.08 12:05:40 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.09 18:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2013.02.27 00:25:32 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.27 00:25:32 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.27 00:25:32 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.27 00:25:32 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.27 00:25:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========


O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE (Broadcom Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe (Hewlett-Packard Company, L.P.)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Guard.Mail.ru.gui] C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe ()
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3709121103-697001368-1351868520-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3709121103-697001368-1351868520-1000..\RunOnce: [Report] C:\AdwCleaner[S1].txt ()
O4 - Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.113.0.2 195.113.44.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{350719A6-CA5E-4B1C-B313-121017B2C3C7}: DhcpNameServer = 195.113.0.2 195.113.44.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0FC55BD-1CAA-47B9-8180-389DB3148571}: DhcpNameServer = 172.18.1.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D03125B1-40A3-4A5A-A573-151818EB3434}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.03.18 17:07:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Michal\Desktop\OTL.exe
[2013.03.18 15:56:26 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\Nová složka (2)
[2013.03.18 15:53:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2013.03.18 15:53:01 | 000,000,000 | ---D | C] -- C:\rsit
[2013.03.18 15:45:51 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Michal\Desktop\HijackThis.exe
[2013.03.18 15:29:37 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\záloha
[2013.03.18 14:55:16 | 000,000,000 | ---D | C] -- C:\_OTM
[2013.03.18 14:25:32 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013.03.18 14:08:59 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Malwarebytes
[2013.03.18 14:08:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.18 14:08:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.03.18 12:04:56 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Spyware Terminator
[2013.03.18 12:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2013.03.18 12:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
[2013.03.18 12:04:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
[2013.03.18 11:12:43 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2013.03.18 11:12:41 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013.03.18 11:12:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group
[2013.03.18 11:11:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.03.17 17:34:34 | 000,086,016 | ---- | C] (MindVision) -- C:\Windows\unvise32qt.exe
[2013.03.17 17:33:18 | 000,000,000 | ---D | C] -- C:\ProgramData\QuickTime
[2013.03.17 17:33:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013.03.17 17:32:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2013.03.17 17:32:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013.03.17 17:32:04 | 001,056,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSJET35.DLL
[2013.03.17 17:32:04 | 000,995,383 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.009
[2013.03.17 17:32:04 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSREPL35.DLL
[2013.03.17 17:32:04 | 000,379,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.006
[2013.03.17 17:32:04 | 000,266,293 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.008
[2013.03.17 17:32:04 | 000,252,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd2x35.dll
[2013.03.17 17:32:04 | 000,123,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjint35.dll
[2013.03.17 17:32:04 | 000,030,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.007
[2013.03.17 17:32:04 | 000,024,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjter35.dll
[2013.03.17 17:32:03 | 001,384,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.005
[2013.03.17 17:32:03 | 000,598,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.001
[2013.03.17 17:32:03 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.000
[2013.03.17 17:32:03 | 000,164,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.004
[2013.03.17 17:32:03 | 000,147,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.003
[2013.03.17 17:32:03 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.002
[2013.03.17 15:33:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\POWERPREP II
[2013.03.17 15:33:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ETS
[2013.03.17 14:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2013.03.17 14:35:03 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013.03.17 14:34:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2013.03.14 03:01:08 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.14 03:01:08 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.14 03:01:07 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.14 03:01:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.14 03:01:07 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.14 03:01:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.14 03:01:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.14 03:01:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.14 03:01:05 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.14 03:01:05 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.14 03:01:05 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.14 03:01:05 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.14 03:01:02 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.14 03:01:02 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.14 03:01:01 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

========== Files - Modified Within 7 Days ==========

[2013.03.18 17:10:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.18 17:08:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michal\Desktop\OTL.exe
[2013.03.18 15:52:36 | 000,781,383 | ---- | M] () -- C:\Users\Michal\Desktop\RSIT.exe
[2013.03.18 15:46:03 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Michal\Desktop\HijackThis.exe
[2013.03.18 15:28:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.18 15:28:26 | 4170,940,416 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.18 14:09:38 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.18 14:09:38 | 000,666,194 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.03.18 14:09:38 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.18 14:09:38 | 000,139,890 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.03.18 14:09:38 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.18 11:52:35 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.18 11:07:01 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000UA.job
[2013.03.18 11:07:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000Core.job
[2013.03.18 09:18:13 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.18 09:18:13 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.18 09:10:15 | 000,486,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.03.17 17:33:16 | 000,028,672 | ---- | M] () -- C:\Windows\SysWow64\qttask.exe
[2013.03.17 17:33:13 | 000,000,388 | ---- | M] () -- C:\Windows\SysWow64\QuickTime.qtp
[2013.03.17 15:25:03 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013.03.13 14:47:23 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.13 14:47:23 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2013.03.18 17:10:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.03.18 15:52:34 | 000,781,383 | ---- | C] () -- C:\Users\Michal\Desktop\RSIT.exe
[2013.03.17 17:33:15 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\qttask.exe
[2013.03.17 17:32:41 | 000,000,388 | ---- | C] () -- C:\Windows\SysWow64\QuickTime.qtp
[2012.11.14 00:05:20 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2012.09.30 23:40:38 | 001,555,776 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.09.29 20:31:02 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012.09.29 15:03:28 | 000,094,776 | ---- | C] () -- C:\Windows\un_dext.exe
[2012.09.29 15:03:28 | 000,087,928 | ---- | C] () -- C:\Windows\SPRemove_x64.exe
[2012.09.29 15:03:28 | 000,014,479 | ---- | C] () -- C:\Windows\TWAIN2080.ini
[2012.09.29 15:03:28 | 000,003,926 | ---- | C] () -- C:\Windows\Dext_12.ini
[2012.09.29 15:03:28 | 000,003,892 | ---- | C] () -- C:\Windows\Dext_27.ini
[2012.09.29 15:03:28 | 000,003,884 | ---- | C] () -- C:\Windows\Dext_25.ini
[2012.09.29 15:03:28 | 000,003,882 | ---- | C] () -- C:\Windows\Dext_21.ini
[2012.09.29 15:03:28 | 000,003,820 | ---- | C] () -- C:\Windows\Dext_11.ini
[2012.09.29 15:03:28 | 000,003,802 | ---- | C] () -- C:\Windows\Dext_14.ini
[2012.09.29 15:03:28 | 000,003,802 | ---- | C] () -- C:\Windows\Dext_05.ini
[2012.09.29 15:03:28 | 000,003,704 | ---- | C] () -- C:\Windows\Dext_10.ini
[2012.09.29 15:03:28 | 000,003,700 | ---- | C] () -- C:\Windows\Dext_16.ini
[2012.09.29 15:03:28 | 000,003,682 | ---- | C] () -- C:\Windows\Dext_08.ini
[2012.09.29 15:03:28 | 000,003,672 | ---- | C] () -- C:\Windows\Dext_31.ini
[2012.09.29 15:03:28 | 000,003,648 | ---- | C] () -- C:\Windows\Dext_36.ini
[2012.09.29 15:03:28 | 000,003,624 | ---- | C] () -- C:\Windows\Dext_1046.ini
[2012.09.29 15:03:28 | 000,003,622 | ---- | C] () -- C:\Windows\Dext_20.ini
[2012.09.29 15:03:28 | 000,003,588 | ---- | C] () -- C:\Windows\Dext_06.ini
[2012.09.29 15:03:28 | 000,003,586 | ---- | C] () -- C:\Windows\Dext_22.ini
[2012.09.29 15:03:28 | 000,003,550 | ---- | C] () -- C:\Windows\Dext_19.ini
[2012.09.29 15:03:28 | 000,003,550 | ---- | C] () -- C:\Windows\Dext_07.ini
[2012.09.29 15:03:28 | 000,003,522 | ---- | C] () -- C:\Windows\Dext_02.ini
[2012.09.29 15:03:28 | 000,003,492 | ---- | C] () -- C:\Windows\Dext_24.ini
[2012.09.29 15:03:28 | 000,003,450 | ---- | C] () -- C:\Windows\Dext_29.ini
[2012.09.29 15:03:28 | 000,003,416 | ---- | C] () -- C:\Windows\Dext_01.ini
[2012.09.29 15:03:28 | 000,003,342 | ---- | C] () -- C:\Windows\Dext_30.ini
[2012.09.29 15:03:28 | 000,003,220 | ---- | C] () -- C:\Windows\Dext_09.ini
[2012.09.29 15:03:28 | 000,003,174 | ---- | C] () -- C:\Windows\Dext_13.ini
[2012.09.29 15:03:28 | 000,002,895 | ---- | C] () -- C:\Windows\remove.ini
[2012.09.29 15:03:28 | 000,002,850 | ---- | C] () -- C:\Windows\Dext_04.ini
[2012.09.29 15:03:28 | 000,002,750 | ---- | C] () -- C:\Windows\Dext_17.ini
[2012.09.29 15:03:28 | 000,002,674 | ---- | C] () -- C:\Windows\Dext_18.ini
[2012.09.29 15:03:28 | 000,002,638 | ---- | C] () -- C:\Windows\Dext_2052.ini
[2012.06.22 11:01:32 | 000,019,984 | ---- | C] () -- C:\Windows\SysWow64\ESGScanner.sys
[2012.06.22 11:01:32 | 000,019,984 | ---- | C] () -- C:\Windows\SysWow64\drivers\EsgScanner.sys
[2012.04.12 13:56:38 | 000,000,256 | R--- | C] () -- C:\Windows\SysWow64\DPPassFilter.dll.hpsign
[2012.04.12 13:56:38 | 000,000,256 | R--- | C] () -- C:\Windows\SysWow64\DPCrProv.dll.hpsign
[2012.04.12 13:56:26 | 000,000,256 | R--- | C] () -- C:\Windows\SysWow64\DPLic.dll.hpsign
[2012.03.29 21:59:18 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012.03.27 16:02:54 | 000,000,256 | R--- | C] () -- C:\Windows\SysWow64\DPFPApiUI.dll.hpsign
[2012.03.27 16:02:44 | 000,000,256 | R--- | C] () -- C:\Windows\SysWow64\DPSCEL.dll.hpsign
[2012.03.27 16:02:44 | 000,000,256 | R--- | C] () -- C:\Windows\SysWow64\DPFPApi.dll.hpsign
[2012.03.27 16:02:44 | 000,000,256 | R--- | C] () -- C:\Windows\SysWow64\DPClback.dll.hpsign
[2012.03.27 06:19:12 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.03.27 06:19:10 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.03.27 06:03:48 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.03.27 04:53:44 | 013,024,768 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012.03.21 11:08:52 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\vcsAPIShared.dll.hpsign
[2012.03.07 00:40:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012.02.10 01:43:04 | 000,014,192 | ---- | C] () -- C:\Windows\HPun2430Version.dll
[2011.10.12 01:02:14 | 000,187,728 | ---- | C] () -- C:\Windows\SysWow64\PassThroughOTP.dll
[2011.10.12 01:02:14 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\PassThroughOTP.dll.hpsign
[2011.09.07 09:35:30 | 000,065,536 | R--- | C] () -- C:\Windows\SysWow64\scardsyn.dll

========== ZeroAccess Check ==========

[2012.11.09 23:09:20 | 000,000,596 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}\defaults\printing\icons\@.png
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.09.29 20:17:43 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
[2012.09.29 21:01:51 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DigitalPersona
[2013.03.18 15:26:47 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Dropbox
[2012.11.13 23:53:33 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\HEM Data
[2012.12.19 23:11:53 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ICQ
[2012.10.19 22:28:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ICQ Search
[2012.10.14 21:05:52 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ldoce4
[2012.12.08 12:29:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\PotPlayerMini
[2012.09.29 15:05:21 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Sierra Wireless
[2013.03.18 12:04:56 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Spyware Terminator
[2012.10.11 16:47:19 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\SumatraPDF
[2012.09.29 15:54:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Synaptics
[2013.03.18 11:50:29 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\uTorrent
[2012.10.11 19:22:07 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\xm1

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,588 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.09.29 15:05:00 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.29 17:09:48 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000Core.job
[2012.09.29 17:09:48 | 000,000,966 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000UA.job
[2012.10.08 18:45:14 | 000,000,336 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForMichal.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\55ff0f20a379d1442eb4ecbd4f5f378c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\55ff0f20a379d1442eb4ecbd4f5f378c\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.09.30 19:50:42 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Adobe
[2012.09.29 20:17:43 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
[2012.09.29 21:01:51 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DigitalPersona
[2013.03.18 15:26:47 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Dropbox
[2012.09.29 20:57:45 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\FLEXnet
[2012.11.13 23:53:33 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\HEM Data
[2012.10.08 18:45:05 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Hewlett-Packard
[2012.09.29 16:18:36 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Hewlett-Packard Company
[2012.09.29 20:57:59 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\hpqLog
[2012.12.19 23:11:53 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ICQ
[2012.10.19 22:28:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ICQ Search
[2012.09.29 14:32:34 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Identities
[2012.09.29 15:00:54 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\InstallShield
[2012.09.29 15:21:59 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Intel
[2012.09.29 15:36:14 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Intel Corporation
[2012.10.14 21:05:52 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ldoce4
[2012.09.29 16:48:00 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Macromedia
[2012.09.29 20:57:47 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Macrovision
[2013.03.18 14:08:59 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Malwarebytes
[2012.10.03 16:19:51 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\MathematicaPlayer
[2010.11.21 08:16:58 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Media Center Programs
[2012.10.09 20:36:23 | 000,000,000 | --SD | M] -- C:\Users\Michal\AppData\Roaming\Microsoft
[2012.10.11 19:16:15 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\MiKTeX
[2012.09.29 15:28:20 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Mozilla
[2012.12.08 12:29:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\PotPlayerMini
[2012.10.14 20:35:44 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Roxio
[2012.10.14 20:35:43 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Roxio Burn
[2012.09.29 15:50:10 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Roxio Log Files
[2012.10.14 21:04:26 | 000,000,000 | RH-D | M] -- C:\Users\Michal\AppData\Roaming\SecuROM
[2012.09.29 15:05:21 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Sierra Wireless
[2013.03.18 15:26:47 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Skype
[2013.03.18 12:04:56 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Spyware Terminator
[2012.10.11 16:47:19 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\SumatraPDF
[2012.09.29 15:54:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Synaptics
[2013.03.18 11:50:29 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\uTorrent
[2013.03.13 20:32:48 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\vlc
[2012.09.30 11:16:36 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Winamp
[2012.09.29 15:47:59 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\WinRAR
[2012.10.11 19:22:07 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\xm1

< %APPDATA%\*.exe /s >
[2013.01.20 20:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2013.01.20 20:29:54 | 000,203,264 | ---- | M] (Dropbox, Inc.) -- C:\Users\Michal\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2012.08.27 05:21:14 | 000,874,384 | ---- | M] (Dropbox, Inc.) -- C:\Users\Michal\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.08.27 05:21:24 | 000,181,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\Michal\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.09.29 20:57:46 | 001,373,552 | ---- | M] (Flexera Software, Inc.) -- C:\Users\Michal\AppData\Roaming\FLEXnet\Connect\11\agent.exe
[2012.09.29 20:57:46 | 000,206,112 | ---- | M] (InstallShield Software Corporation) -- C:\Users\Michal\AppData\Roaming\FLEXnet\Connect\11\dwusplay.exe
[2012.09.29 20:57:46 | 000,439,664 | ---- | M] (Flexera Software, Inc.) -- C:\Users\Michal\AppData\Roaming\FLEXnet\Connect\11\isdm.exe
[2012.09.29 20:57:46 | 000,087,408 | ---- | M] (Flexera Software, Inc.) -- C:\Users\Michal\AppData\Roaming\FLEXnet\Connect\11\issch.exe
[2012.09.29 20:57:48 | 000,718,192 | ---- | M] (Flexera Software, Inc.) -- C:\Users\Michal\AppData\Roaming\Macrovision\FLEXnet Connect\11\agent.exe
[2012.09.29 20:57:47 | 000,742,768 | ---- | M] (Flexera Software, Inc.) -- C:\Users\Michal\AppData\Roaming\Macrovision\FLEXnet Connect\6\agent.exe
[2013.03.18 11:12:43 | 000,110,080 | R--- | M] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Installer\{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}\IconCF33A0CE.exe
[2013.03.18 11:12:43 | 000,110,080 | R--- | M] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Installer\{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}\IconD7F16134.exe
[2013.03.18 11:12:43 | 000,110,080 | R--- | M] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Installer\{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}\IconF7A21AF7.exe
[2012.09.29 15:44:32 | 000,010,134 | R--- | M] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Installer\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}\ARPPRODUCTICON.exe
[2012.04.24 15:39:36 | 003,431,424 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\MiKTeX\2.9\miktex\bin\x64\miktex-taskbar-icon.exe
[2012.04.24 15:39:36 | 003,431,424 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\MiKTeX\2.9\miktex\bin\x64\miktex-update.exe
[2012.04.24 15:40:37 | 003,431,424 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\MiKTeX\2.9\miktex\bin\x64\miktex-update_admin.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.03.18 11:52:35 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.03.18 11:07:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000Core.job
[2013.03.18 11:07:01 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000UA.job
[2013.02.26 18:53:03 | 000,000,336 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForMichal.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.03.18 09:13:02 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2013.03.17 17:34:28 | 000,002,470 | ---- | M] () -- C:\Windows\system32\qtplugin.log
[2013.03.17 17:33:16 | 000,028,672 | ---- | M] () -- C:\Windows\system32\qttask.exe
[2013.03.17 17:33:13 | 000,000,388 | ---- | M] () -- C:\Windows\system32\QuickTime.qtp

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.09.29 17:09:46 | 000,116,648 | ---- | M] (Google Inc.)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.01.08 12:59:26 | 018,705,664 | R--- | M] (Skype Technologies S.A.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013.03.14 09:23:30 | 003,672,640 | ---- | M] (Disc Soft Ltd)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.03.08 12:05:40 | 000,917,400 | ---- | M] (Mozilla Corporation) MD5=BF2F2717C13A4BD4FD73F2788534E86B -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.02.02 05:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=DDE5A0DFAF7C6370FB36402D7A746ED3 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.03.18 17:10:35 | 000,000,512 | ---- | M] () MD5=4FCDD660C8D704E957E4088501FEC5E5 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.09.28 15:54:35 | 000,015,860 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Roaming\uTorrent\Might And Magic Heroes VI Crack.torrent

< *keygen* /s >
[2010.04.13 20:26:14 | 000,009,728 | ---- | M] () -- \Program Files (x86)\RVG Software\Holdem Manager\KeyGenerateClassLibrary.dll
[2012.10.07 10:06:19 | 000,000,573 | ---- | M] () -- \Users\Michal\AppData\Roaming\uTorrent\Wolfram Mathematica v8.0.4 KeyGen Only by AGAiN (For Windows OS).zip.torrent
[2012.09.28 15:51:48 | 000,007,507 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Roaming\uTorrent\Heroes VI Might and Magic 6 KEYGEN 2011.torrent

< *loader* /s >
[2009.10.22 00:01:42 | 000,249,672 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2009.10.22 00:01:42 | 000,018,248 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.03.07 00:21:00 | 000,053,511 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Generic\Images\themeloader_default_chapter.jpg
[2012.03.07 00:21:00 | 000,053,511 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Generic\Images\themeloader_default_menu.jpg
[2012.03.05 20:36:02 | 000,007,990 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1028\Strings\RCMFormatLoaderStrings.xml
[2012.03.05 20:36:04 | 000,008,029 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1030\Strings\RCMFormatLoaderStrings.xml
[2012.03.05 20:36:04 | 000,008,063 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1031\Strings\RCMFormatLoaderStrings.xml
[2012.03.05 20:36:06 | 000,008,026 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1033\Strings\RCMFormatLoaderStrings.xml
[2012.03.05 20:36:06 | 000,008,158 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1035\Strings\RCMFormatLoaderStrings.xml
[2012.03.05 20:36:06 | 000,008,038 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1036\Strings\RCMFormatLoaderStrings.xml
[2012.03.05 20:36:08 | 000,008,052 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1040\Strings\RCMFormatLoaderStrings.xml
[2012.03.05 20:36:10 | 000,008,654 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1041\Strings\RCMFormatLoaderStrings.xml
[2012.03.05 20:36:10 | 000,008,187 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1042\Strings\RCMFormatLoaderStrings.xml
[2012.03.05 20:36:10 | 000,008,164 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1043\Strings\RCMFormatLoaderStrings.xml
[2012.03.05 20:36:12 | 000,008,076 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1044\Strings\RCMFormatLoaderStrings.xml
[2012.03.05 20:36:12 | 000,008,283 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1046\Strings\RCMFormatLoaderStrings.xml
[2012.03.05 20:36:14 | 000,008,694 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1049\Strings\RCMFormatLoaderStrings.xml
[2012.03.05 20:36:14 | 000,008,032 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1053\Strings\RCMFormatLoaderStrings.xml
[2012.03.05 20:36:16 | 000,007,967 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\2052\Strings\RCMFormatLoaderStrings.xml
[2012.03.05 20:36:16 | 000,008,350 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\2070\Strings\RCMFormatLoaderStrings.xml
[2012.03.05 20:36:16 | 000,008,413 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\3082\Strings\RCMFormatLoaderStrings.xml
[2012.03.07 00:16:18 | 000,233,744 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFileLoader.dll
[2012.03.07 00:16:26 | 000,086,288 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderBMP.dll
[2012.03.07 00:16:30 | 000,074,000 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderECDC.dll
[2012.03.07 00:16:34 | 000,094,480 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderGIF.dll
[2012.03.07 00:16:38 | 000,209,168 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderJPG2.dll
[2012.03.07 00:19:44 | 000,074,000 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderMDC.dll
[2012.03.07 00:16:42 | 000,135,440 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderPNG.dll
[2012.03.07 00:16:46 | 000,106,768 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderTIFF.dll
[2012.03.07 00:18:08 | 000,151,824 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\LeResourceLoader.dll
[2012.10.19 22:27:47 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.10.19 22:27:47 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.10.19 22:27:47 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.10.19 22:29:28 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2005.01.31 10:31:04 | 000,003,025 | ---- | M] () -- \Program Files (x86)\Longman\ldoce4v2\components\uriloader.xpt
[2011.01.28 06:45:02 | 000,015,473 | ---- | M] () -- \Program Files (x86)\PostgreSQL\8.4\doc\pljava\pljava\org\postgresql\pljava\sqlj\Loader.html
[2011.01.28 04:13:46 | 000,000,708 | ---- | M] () -- \Program Files (x86)\PostgreSQL\8.4\include\server\utils\dynamic_loader.h
[2012.01.11 19:42:26 | 000,143,632 | ---- | M] () -- \Program Files (x86)\Roxio\OEM\VideoCore 12\VOBLoader.ax
[2012.03.08 18:08:34 | 000,172,304 | ---- | M] () -- \Program Files (x86)\Roxio\OEM\VideoUI 12\DSThemeLoader.dll
[2012.03.08 18:08:56 | 000,114,960 | ---- | M] () -- \Program Files (x86)\Roxio\OEM\VideoUI 12\DVDFormatLoaderPlugIn.dll
[2012.03.08 17:43:56 | 000,040,000 | R--- | M] () -- \Program Files (x86)\Roxio\OEM\VideoUI 12\Skins\Default\Generic\Images\themeloader_hourglass.jpg
[2009.10.22 00:24:38 | 000,370,504 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2009.10.22 00:24:38 | 000,018,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.05.21 11:41:00 | 000,379,444 | ---- | M] () -- \Program Files\MiKTeX 2.9\doc\luatex\luatexbase\luatexbase-loader.pdf
[2011.05.21 11:41:00 | 000,000,555 | ---- | M] () -- \Program Files\MiKTeX 2.9\doc\luatex\luatexbase\test-loader-latex.tex
[2011.05.21 11:41:00 | 000,000,548 | ---- | M] () -- \Program Files\MiKTeX 2.9\doc\luatex\luatexbase\test-loader-plain.tex
[2011.05.21 11:41:00 | 000,000,411 | ---- | M] () -- \Program Files\MiKTeX 2.9\doc\luatex\luatexbase\test-loader.lua
[2011.05.21 11:41:00 | 000,000,419 | ---- | M] () -- \Program Files\MiKTeX 2.9\doc\luatex\luatexbase\test-loader.sub.lua
[2012.04.26 16:32:56 | 000,003,848 | ---- | M] () -- \Program Files\MiKTeX 2.9\tex\generic\oberdiek\luatex-loader.sty
[2011.05.21 11:41:00 | 000,002,580 | ---- | M] () -- \Program Files\MiKTeX 2.9\tex\luatex\luatexbase\luatexbase-loader.sty
[2011.05.21 11:41:00 | 000,002,075 | ---- | M] () -- \Program Files\MiKTeX 2.9\tex\luatex\luatexbase\luatexbase.loader.lua
[2012.06.09 18:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.1.361\js\downloader.js
[2012.02.01 00:16:24 | 000,006,643 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.1.362\js\downloader.js
[2012.02.01 00:16:24 | 000,006,643 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Local\Microsoft\BingBar\Apps\FacebookLike_08e57417866d4faa981702780b0d36c4\7.1.362\js\downloader.js
[2012.02.01 00:16:24 | 000,006,643 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Local\Microsoft\BingBar\Apps\fbsharedservices_bb9c6e8b961d477e9ec95f9698bde610\7.1.362\js\downloader.js
[2012.02.01 00:16:24 | 000,006,643 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Local\Microsoft\BingBar\Apps\Featured_ce53daa069a4a3ad2e3d7d81081f340d\7.1.362\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Local\Microsoft\BingBar\Apps\Chat_cf57b0088a3b4f61a0bfaad0ba784240\7.1.361\js\downloader.js
[2012.07.17 13:18:16 | 000,009,051 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.07.17 13:18:16 | 000,016,119 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.07.17 13:18:16 | 000,018,434 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.03.21 01:30:05 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.03.21 01:30:05 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.03.21 01:30:05 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.03.21 01:30:05 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.03.21 01:30:05 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.09.30 23:47:47 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.09.30 23:47:47 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.09.30 23:47:48 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.09.30 23:47:48 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.09.30 23:47:48 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.03.21 01:26:17 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\..\URLSearchHook: - No CLSID value found
  IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
  O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  O4 - HKU\S-1-5-21-3709121103-697001368-1351868520-1000..\RunOnce: [Report] C:\AdwCleaner[S1].txt ()
  O1364bit: - gopher Prefix: missing
  O13 - gopher Prefix: missing
  O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
  O18 - Protocol\Handler\ms-help - No CLSID value found
  O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  [2013.03.18 14:08:59 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Malwarebytes
  [2013.03.18 14:08:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
  [2013.03.18 14:08:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
  [2013.03.18 12:04:56 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Spyware Terminator
  [2013.03.18 12:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
  [2013.03.18 12:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
  [2013.03.18 12:04:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
  [2013.03.18 11:12:43 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
  [2013.03.18 11:12:41 | 000,000,000 | ---D | C] -- C:\sh4ldr
  [2013.03.18 11:12:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group
  [1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [9 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\55ff0f20a379d1442eb4ecbd4f5f378c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\55ff0f20a379d1442eb4ecbd4f5f378c\*.tmp -> ]
  [2013.03.18 11:12:43 | 000,110,080 | R--- | M] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Installer\{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}\IconCF33A0CE.exe
  [2013.03.18 11:12:43 | 000,110,080 | R--- | M] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Installer\{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}\IconD7F16134.exe
  [2013.03.18 11:12:43 | 000,110,080 | R--- | M] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Installer\{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}\IconF7A21AF7.exe
  [2012.09.29 15:44:32 | 000,010,134 | R--- | M] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Installer\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}\ARPPRODUCTICON.exe
  [2012.04.24 15:39:36 | 003,431,424 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\MiKTeX\2.9\miktex\bin\x64\miktex-taskbar-icon.exe
  [2012.04.24 15:39:36 | 003,431,424 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\MiKTeX\2.9\miktex\bin\x64\miktex-update.exe
  [2012.04.24 15:40:37 | 003,431,424 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\MiKTeX\2.9\miktex\bin\x64\miktex-update_admin.exe
  [2013.03.18 11:52:35 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
  [2013.03.18 11:07:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000Core.job
  [2013.03.18 11:07:01 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000UA.job
  [2013.02.26 18:53:03 | 000,000,336 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForMichal.job
  
  :reg
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Option]
  "OptionValue"=dword:00000000
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  ""=-
  "PDF Complete"=-
  "WinampAgent"=-
  "Adobe ARM"=-
  "Guard.Mail.ru.gui"-
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
  "Malwarebytes Anti-Malware"=-
  "OTM"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "Google Update"=-
  "Skype"=-
  "DAEMON Tools Lite"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
  "Report"=-
  
  :files
  C:\Windows\unvise32qt.exe
  C:\Users\Michal\Desktop\Nová složka (2)\tdsskiller
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Můžu se zeptat, jak dlouho by ta oprava měla trvat? Vypadá to, že se mi OTL vždy sekne.
Zkoušel jsem Váš postup několikrát (pro jistotu co dělám: spouštím jako správce, vkládám skript, žádné nastavení neměním, tj. Pro 64 bitové OS zaškrtnuto, zbytek ne; dávám Opravit; pracuji v Nouzovém režimu), jednou jsem čekal asi 20 min. Jede to sotva několik sekund, dojdu k Processing Register data "Guard.Mail.ru.gui"-... a od té doby se nic neděje. Ve správci úloh je OTL jako "Neodpovídá".

Zkuste tento (upraveny) skript

Tento již fungoval. Něco se jistě změnilo k lepšímu, pc již funguje i v běžném režimu dobře, jen načtení Windows trvá stále dlouho (ne přímo načítání systému, ale zobrazení přihlašovací obrazovky; jestli to říkám srozumitelně) a chvíli po přihlášení mi přišel počítač takový zpomalenější.

All processes killed
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Option\\"OptionValue"|dword:00000000 /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PDF Complete not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Guard.Mail.ru.gui deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Malwarebytes Anti-Malware not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\OTM not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Report not found.
========== FILES ==========
C:\Windows\unvise32qt.exe moved successfully.
C:\Users\Michal\Desktop\Nová složka (2)\tdsskiller folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Michal
->Temp folder emptied: 2231 bytes
->Temporary Internet Files folder emptied: 41193 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 10668992 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1249 bytes

User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16156 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 10,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Michal
->Flash cache emptied: 0 bytes

User: postgres

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Michal
->Java cache emptied: 0 bytes

User: postgres

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 03182013_182548

Files\Folders moved on Reboot...
C:\Users\Michal\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Doporucuji provest defragmentaci disku

• Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
  • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
  • prepnete se do zalozky Nastroje
  • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
  • Toto provedte se vsemi disky
• Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
  • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
  • Kliknete na Analyzovat
  • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
  • Postup provedte se vsemi disky
• Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
  • Vyhodou programku je, ze se neinstaluje
  • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
  • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
  • Probehne analyza disku a nasledne i defragmentace

Nemate na plose nejake velke soubory?? Na plose by meli byt defakto jen zastupci

Uklizeno, pc šlape jako hodinky. Děkuji mnohokrát za pomoc, sám bych si jen těžko poradil! Minimálně v mém případě se mi tu dostalo servisu lepšího než kolikrát v placeném případě v jiné oblasti, chválím zéjména rychlost reakcí a určitě jako poděkování během týdne zašlu finanční odměnu.

Na závěr bych měl ještě dotaz ohledně prevence a ochrany:
Které programy proti havěti a zpomalování pc používat? Doposud jsem používal jen Microsoft Security Essentials. Hledám jen neplacené programy. Z vlákna http://forum.viry.cz/viewtopic.php?f=29&t=6152 vypadá jako nejlepší řešení Avira (jediná uvedená nevýhoda se mě netýká), ovšem avast! má všeobecně na internetu lepší ohlasy, alespoň mi to tak z několikaminutového googlení přijde. Rovněž je v uvedeném vlákně doporučen Spyware Terminator, ten jste ale Vy kritizoval.
S Ccleanerem a Defragglerem již počítám.
A poslední dotaz - někteří uživatelé sem posílají logy preventivně. Měl bych to také dělat, příp. jak často?

Ještě jednou děkuji.

Avira ma velmi dobrou detekci, ja doporucuji spise Avast, jeho nova osmickova verze je velmi dobre zpracovana - pro bezneho uzivatele dostacujici ochrana

Na cisteni PC zmineny CCleaner + Defragler, dalsi neni treba

Log preventivne se doporucuje cca jednou za tri mesice

Za podporu fora jmenem celeho tymu dekuji

A pokud nejsou problemy ci dotazy, je to z me strany vse