Pomalé PC

[Šmíďák]

Dobrý den,

počítač přítelkyně je poslední dobou hodně pomalý a často i internet je pomalý, stejně tak stahování, avšak připojením to být nemůže (aspoň tedy myslím), jelikož máme na bytě všichni stejné, ale zlobí jen to její. Přikládám log z RSIT. Děkuji


Logfile of random's system information tool 1.09 (written by random/random)
Run by Janinka at 2013-02-03 12:54:16
Microsoft Windows 7 Home Premium
System drive C: has 142 GB (31%) free of 459 GB
Total RAM: 3066 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:54:20, on 3.2.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Activ Software\ActivDriver\ActivControl2.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Olympus\ib\olycamdetect.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Activ Software\ActivDriver\activmgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\Janinka\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Janinka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TuneClone] C:\Program Files\TuneClone\TuneClone.exe /silence
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [ActivControl] C:\Program Files\Activ Software\ActivDriver\ActivControl2.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup
O4 - HKCU\..\Run: [WindowsSysControl] C:\Users\Public\winsvrcn.exe
O4 - HKCU\..\Run: [JDK5SWFMZY] C:\Users\Janinka\AppData\Local\Temp\Vmz.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Janinka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Fydsdx] C:\Users\Janinka\AppData\Roaming\Fydsdx.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C0BE6625-7FBE-48A7-AA57-F152A1EDE1EB}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE605EB3-C8BA-4782-971A-A468AE27B873}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\windows\system32\guard32.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 13205 bytes

======Scheduled tasks folder======

C:\windows\tasks\Ad-Aware Update (Weekly).job
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1007189617-1149851593-3231655990-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1007189617-1149851593-3231655990-1001UA.job
C:\windows\tasks\HPCeeScheduleForJaninka.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "DTToolbar@toolbarnet.com:1.1.1.0014, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, personas@christopher.beard:1.6.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.5.3&q="

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647]
"Description"=12.0.1.647
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\extensions\
DTToolbar@toolbarnet.com
personas@christopher.beard
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\searchplugins\
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-07-10 386776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-05 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-05 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-07-27 288312]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-25 186904]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2009-06-18 563736]
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-30 1545512]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"MDS_Menu"=C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"TkBellExe"=C:\Program Files\Real\RealPlayer\Update\realsched.exe [2011-07-10 273544]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16 81920]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2010-11-03 1246544]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"TuneClone"=C:\Program Files\TuneClone\TuneClone.exe /silence []
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-01-10 2548040]
"ActivControl"=C:\Program Files\Activ Software\ActivDriver\ActivControl2.exe [2012-02-24 1094000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
"Olympus ib"=C:\Program Files\Olympus\ib\olycamdetect.exe [2010-02-04 93376]
"WindowsSysControl"=C:\Users\Public\winsvrcn.exe []
"JDK5SWFMZY"=C:\Users\Janinka\AppData\Local\Temp\Vmz.exe []
"Google Update"=C:\Users\Janinka\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-16 136176]
"RegistryBooster"=C:\Program Files\Uniblue\RegistryBooster\launcher.exe delay 20000 []
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-16 221184]
"Fydsdx"=C:\Users\Janinka\AppData\Roaming\Fydsdx.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Janinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\windows\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=tsccvid.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\System32\CScript.exe "%1" %*
.scr - open - "%1" /S "%3"
.vbs - open - %SystemRoot%\System32\CScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-02-03 12:51:47 ----D---- C:\rsit
2013-02-03 12:51:47 ----D---- C:\Program Files\trend micro
2013-01-22 21:47:26 ----A---- C:\windows\system32\FlashPlayerApp.exe
2013-01-22 11:19:52 ----D---- C:\Program Files\Mozilla Firefox
2013-01-09 19:49:36 ----A---- C:\windows\system32\usp10.dll
2013-01-09 19:49:34 ----A---- C:\windows\system32\win32k.sys
2013-01-09 19:49:32 ----A---- C:\windows\system32\win32spl.dll
2013-01-09 19:24:13 ----A---- C:\windows\system32\msxml6.dll
2013-01-09 19:24:06 ----A---- C:\windows\system32\KernelBase.dll
2013-01-09 19:24:03 ----A---- C:\windows\system32\winsrv.dll
2013-01-09 19:24:03 ----A---- C:\windows\system32\kernel32.dll
2013-01-09 19:24:03 ----A---- C:\windows\system32\conhost.exe
2013-01-09 19:24:02 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 19:24:02 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 19:24:02 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 19:24:02 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 19:24:01 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 19:24:01 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 19:24:01 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 19:24:01 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 19:24:00 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 19:24:00 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 19:24:00 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 19:24:00 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 19:23:59 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 19:23:59 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 19:23:59 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 19:23:58 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 19:23:57 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 19:23:57 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 19:23:56 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 19:23:56 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 19:23:55 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 19:23:55 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 19:23:55 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 19:23:55 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 19:23:50 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 19:23:48 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 19:23:44 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 19:23:43 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 19:22:34 ----A---- C:\windows\system32\Wpc.dll
2013-01-09 19:22:34 ----A---- C:\windows\system32\gameux.dll
2013-01-09 19:22:07 ----A---- C:\windows\system32\ncrypt.dll
2013-01-07 18:55:53 ----D---- C:\Program Files\The Witcher

======List of files/folders modified in the last 1 month======

2013-02-03 12:54:07 ----D---- C:\windows\Prefetch
2013-02-03 12:52:06 ----D---- C:\windows\Temp
2013-02-03 12:51:47 ----RD---- C:\Program Files
2013-02-03 12:51:17 ----D---- C:\windows\system32\config
2013-02-03 12:00:46 ----D---- C:\Users\Janinka\AppData\Roaming\Skype
2013-02-03 11:58:59 ----D---- C:\Users\Janinka\AppData\Roaming\uTorrent
2013-02-01 23:25:54 ----D---- C:\windows\system32\Tasks
2013-02-01 23:25:49 ----D---- C:\Program Files\Microsoft Games
2013-02-01 23:25:21 ----HD---- C:\ProgramData
2013-01-30 21:22:45 ----SHD---- C:\windows\Installer
2013-01-30 21:22:44 ----SHD---- C:\Config.Msi
2013-01-30 21:22:44 ----D---- C:\Users\Janinka\AppData\Roaming\Mozilla
2013-01-29 06:35:52 ----D---- C:\windows\system32\NDF
2013-01-29 00:23:52 ----D---- C:\ProgramData\PDFC
2013-01-27 17:27:54 ----D---- C:\windows\System32
2013-01-27 17:27:54 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-01-27 17:27:53 ----D---- C:\windows\inf
2013-01-25 23:06:25 ----SHD---- C:\System Volume Information
2013-01-25 15:35:26 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-01-25 15:34:44 ----D---- C:\windows\system32\catroot2
2013-01-23 00:00:42 ----SD---- C:\Users\Janinka\AppData\Roaming\Microsoft
2013-01-22 21:54:11 ----D---- C:\ProgramData\Adobe
2013-01-22 21:47:28 ----D---- C:\windows\Tasks
2013-01-12 18:54:13 ----D---- C:\windows\rescache
2013-01-11 18:59:25 ----D---- C:\windows\Microsoft.NET
2013-01-11 18:58:15 ----RSD---- C:\windows\assembly
2013-01-11 11:37:49 ----D---- C:\windows\winsxs
2013-01-11 11:30:57 ----D---- C:\windows\system32\cs-CZ
2013-01-10 11:17:04 ----D---- C:\ProgramData\Microsoft Help
2013-01-10 11:02:47 ----A---- C:\windows\system32\MRT.exe
2013-01-09 19:22:03 ----D---- C:\windows\system32\catroot
2013-01-07 19:09:46 ----D---- C:\Windows
2013-01-07 18:55:52 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 25656]
R0 iaStor;Intel RAID Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 Lbd;Lbd; C:\windows\system32\DRIVERS\Lbd.sys [2010-12-03 64288]
R0 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-01-09 691696]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\windows\System32\DRIVERS\cmderd.sys [2011-01-06 17256]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\windows\System32\DRIVERS\cmdguard.sys [2011-01-06 236600]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\windows\System32\DRIVERS\cmdhlp.sys [2011-01-06 35768]
R1 inspect;COMODO Internet Security Firewall Driver; C:\windows\system32\DRIVERS\inspect.sys [2011-01-06 80064]
R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2009-05-16 214024]
R1 mfetdik;McAfee Inc. mfetdik; C:\windows\system32\drivers\mfetdik.sys [2009-05-16 55336]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2010-12-11 281760]
R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2010-12-11 25888]
R3 5U876UVC;HP Webcam [2 MP series]; C:\windows\system32\DRIVERS\5U876.sys [2009-06-30 118656]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 33848]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 Afc;PPdus ASPI Shell; C:\windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\windows\system32\drivers\AtiHdmi.sys [2009-07-24 103440]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-08-04 4994048]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-30 213680]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S0 tclondrv;tclondrv; C:\windows\system32\DRIVERS\tclondrv.sys []
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393216]
S3 connctfy;Connectify Service; C:\windows\system32\DRIVERS\connctfy.sys []
S3 connctfyMP;connctfyMP; C:\windows\system32\DRIVERS\connctfy.sys []
S3 dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Scan.sys [2009-07-14 10752]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102912]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 KMWDFILTERx86;HIDServiceDesc; C:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
S3 MfeAVFK;McAfee Inc. MfeAVFK; C:\windows\system32\drivers\MfeAVFK.sys [2009-05-16 79816]
S3 MfeBOPK;McAfee Inc. MfeBOPK; C:\windows\system32\drivers\MfeBOPK.sys [2009-05-16 35272]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\windows\system32\drivers\MfeRKDK.sys [2009-05-16 34248]
S3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\NETw1v32.sys [2009-07-21 5958656]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 OlyCamComm;OLYMPUS USB Communication Device; C:\windows\system32\DRIVERS\OlyCamComm.sys [2009-09-10 21648]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\windows\system32\drivers\RTL2832UBDA.sys [2009-08-13 93216]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\windows\System32\Drivers\RTL2832UUSB.sys [2009-08-13 32800]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-08-04 176128]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-30 582944]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-01-11 1771288]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2009-07-08 26168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-25 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
R2 ProtexisLicensing;ProtexisLicensing; C:\Program Files\Common Files\Protexis\License Service\PSIService.exe [2006-11-02 174656]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-22 251400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-22 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-04-30 74392]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-06-03 1343400]

-----------------EOF-----------------

[vyosek]

Zdravim

Se pritelkyne dala na chov konicku trojskych ci co

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[Šmíďák]

Log z Rkillu

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/03/2013 01:51:02 PM in x86 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Active Proxy Server Detected

* Proxy Disabled.
* ProxyOverride value deleted.
* ProxyServer value deleted.
* AutoConfigURL value deleted.
* Proxy settings were backed up to Registry file.

Checking Registry for malware related settings:

* No issues found in the Registry.

Backup Registry file created at:
C:\Users\Janinka\Desktop\rkill\rkill-02-03-2013-01-51-06.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
* HKCU\SOFTWARE\Classes\.exe has been deleted!

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 02/03/2013 01:51:23 PM
Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)

[vyosek]

OK, pockam si na ComboFix

[Šmíďák]

A log z ComboFixu

ComboFix 13-02-02.05 - Janinka 03.02.2013 14:02:16.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3066.1921 [GMT 1:00]
Spuštěný z: c:\users\Janinka\Desktop\ComboFix.exe
AV: COMODO Antivirus *Disabled/Updated* {675CEE69-9702-A524-3989-6D7CC8BF3695}
FW: COMODO Firewall *Disabled* {5F676F4C-DD6D-A47C-12D6-C449366C71EE}
SP: COMODO Defense+ *Disabled/Updated* {DC3D0F8D-B138-AAAA-0339-560EB3387C28}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-03 do 2013-02-03 )))))))))))))))))))))))))))))))
.
.
2013-02-03 13:11 . 2013-02-03 13:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-03 11:51 . 2013-02-03 11:54 -------- d-----w- C:\rsit
2013-02-03 11:51 . 2013-02-03 11:54 -------- d-----w- c:\program files\trend micro
2013-01-22 23:00 . 2013-01-22 23:00 -------- d-----w- c:\users\Janinka\AppData\Local\Macromedia
2013-01-22 20:47 . 2013-01-22 21:10 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-09 18:49 . 2012-11-22 09:33 627712 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 18:49 . 2012-11-23 03:06 2344960 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 18:49 . 2012-11-09 04:49 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 18:23 . 2012-11-30 04:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 18:22 . 2012-12-07 03:21 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2013-01-07 19:26 . 2013-02-03 01:04 -------- d-----w- c:\users\Janinka\AppData\Local\The Witcher
2013-01-07 17:55 . 2013-01-07 23:18 -------- d-----w- c:\program files\The Witcher
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-22 21:10 . 2011-09-03 10:24 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 14:25 . 2012-12-22 02:00 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:25 . 2012-12-22 02:00 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-11-14 02:09 . 2012-12-13 09:06 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-13 09:06 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-13 09:06 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-13 09:06 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-13 09:06 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-13 09:06 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:49 . 2012-12-12 08:40 2048 ----a-w- c:\windows\system32\tzres.dll
2013-01-22 10:19 . 2013-01-22 10:19 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"Olympus ib"="c:\program files\Olympus\ib\olycamdetect.exe" [2010-02-04 93376]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-07-27 288312]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-25 186904]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2009-06-18 563736]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-30 1545512]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"MDS_Menu"="c:\program files\Olympus\ib\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" [2011-07-10 273544]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-03 1246544]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-01-10 2548040]
"ActivControl"="c:\program files\Activ Software\ActivDriver\ActivControl2.exe" [2012-02-24 1094000]
.
c:\users\Janinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-30 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R0 tclondrv;tclondrv;c:\windows\system32\DRIVERS\tclondrv.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [x]
R3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw1v32.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 OlyCamComm;OLYMPUS USB Communication Device;c:\windows\system32\DRIVERS\OlyCamComm.sys [x]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [x]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [x]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [x]
S2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe [x]
S3 5U876UVC;HP Webcam [2 MP series];c:\windows\system32\DRIVERS\5U876.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
yksvcs REG_MULTI_SZ yksvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-22 21:10]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1007189617-1149851593-3231655990-1001Core.job
- c:\users\Janinka\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-16 18:41]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1007189617-1149851593-3231655990-1001UA.job
- c:\users\Janinka\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-16 18:41]
.
2013-01-25 c:\windows\Tasks\HPCeeScheduleForJaninka.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 21:15]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=cs_CZ&c=92&bd=all&pf=cmnb
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 10.20.100.1
TCP: Interfaces\{C0BE6625-7FBE-48A7-AA57-F152A1EDE1EB}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{DE605EB3-C8BA-4782-971A-A468AE27B873}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{DE605EB3-C8BA-4782-971A-A468AE27B873}\2457B616A6E65647: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{DE605EB3-C8BA-4782-971A-A468AE27B873}\661627F6D266275656: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{DE605EB3-C8BA-4782-971A-A468AE27B873}\840584B4: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{DE605EB3-C8BA-4782-971A-A468AE27B873}\E43423: NameServer = 156.154.70.25,156.154.71.25
FF - ProfilePath - c:\users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-WindowsSysControl - c:\users\Public\winsvrcn.exe
HKCU-Run-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
HKCU-Run-Fydsdx - c:\users\Janinka\AppData\Roaming\Fydsdx.exe
HKLM-Run-TuneClone - c:\program files\TuneClone\TuneClone.exe
AddRemove-E77704EF5E71F4F18CADFBFA68595AFE036D5D97 - c:\progra~1\DIFX\25C232B9F73C1237\DPInst.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1007189617-1149851593-3231655990-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:d1,94,98,a9,04,92,17,25,cc,83,74,ad,58,9f,9f,3c,7f,65,ee,c3,e1,b9,ae,
7a,51,4d,c1,ea,83,a0,98,f5,eb,55,81,ab,41,12,4b,ec,01,87,30,d6,76,99,73,cc,\
"??"=hex:61,34,2b,25,08,9d,11,4a,52,d2,76,50,e1,80,a1,71
.
[HKEY_USERS\S-1-5-21-1007189617-1149851593-3231655990-1001\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:0c,13,b0,b4,61,f3,e1,b4,dd,d9,45,83,58,1b,17,26,51,df,af,a3,66,
ad,7b,27,90,b5,c8,ab,fd,91,a5,22,43,d4,a1,ba,96,07,72,da,b3,c6,ef,63,a5,82,\
"rkeysecu"=hex:46,96,df,48,6e,4a,7d,7d,e4,ee,c2,5d,72,f1,ef,79
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(724)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'lsass.exe'(624)
c:\windows\system32\guard32.dll
.
Celkový čas: 2013-02-03 14:14:05
ComboFix-quarantined-files.txt 2013-02-03 13:14
.
Před spuštěním: Volných bajtů: 153 201 778 688
Po spuštění: Volných bajtů: 153 464 766 464
.
- - End Of File - - 468749058FC5567C240B4902C0B1AA46

[vyosek]

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Search
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

[Šmíďák]

log z AdwCleaner

# AdwCleaner v2.109 - Logfile created 02/03/2013 at 14:23:17
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium (32 bits)
# User : Janinka - KLEMENT
# Boot Mode : Normal
# Running from : C:\Users\Janinka\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\searchplugins\icqplugin.xml
File Found : C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\searchplugins\icqplugin-3.xml
Folder Found : C:\Program Files\DAEMON Tools Toolbar
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Found : C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\extensions\DTToolbar@toolbarnet.com

***** [Registry] *****

Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKU\S-1-5-21-1007189617-1149851593-3231655990-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-1007189617-1149851593-3231655990-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v18.0.1 (cs)

File : C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\prefs.js

Found : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=");

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Janinka\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [3372 octets] - [03/02/2013 14:23:17]

########## EOF - C:\AdwCleaner[R1].txt - [3432 octets] ##########

[vyosek]

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Delete
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

[Šmíďák]

opět log z AdwCleaner

# AdwCleaner v2.109 - Logfile created 02/03/2013 at 14:27:44
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium (32 bits)
# User : Janinka - KLEMENT
# Boot Mode : Normal
# Running from : C:\Users\Janinka\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\searchplugins\icqplugin-3.xml
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Deleted : C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\extensions\DTToolbar@toolbarnet.com

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.1 (cs)

File : C:\Users\Janinka\AppData\Roaming\Mozilla\Firefox\Profiles\qr69lpao.default\prefs.js

Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=");

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Janinka\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [3501 octets] - [03/02/2013 14:23:17]
AdwCleaner[S1].txt - [3209 octets] - [03/02/2013 14:27:44]

########## EOF - C:\AdwCleaner[S1].txt - [3269 octets] ##########

[vyosek]

Poprosim o DDS http://forum.viry.cz/viewtopic.php?f=13&t=125171

[Šmíďák]

DDS log zde:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.7.2
Run by Janinka at 20:53:14 on 2013-02-03
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3066.1645 [GMT 1:00]
.
AV: COMODO Antivirus *Disabled/Updated* {675CEE69-9702-A524-3989-6D7CC8BF3695}
SP: COMODO Defense+ *Disabled/Updated* {DC3D0F8D-B138-AAAA-0339-560EB3387C28}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall *Disabled* {5F676F4C-DD6D-A47C-12D6-C449366C71EE}
.
============== Running Processes ================
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\windows\system32\atiesrxx.exe
C:\windows\system32\atieclxx.exe
C:\windows\system32\Hpservice.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\AEADISRV.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\System32\alg.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Activ Software\ActivDriver\ActivControl2.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Olympus\ib\olycamdetect.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\windows\system32\NOTEPAD.EXE
C:\Program Files\Activ Software\ActivDriver\activmgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\wuauclt.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\totalcmd\TOTALCMD.EXE
C:\Users\Janinka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\windows\system32\conhost.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k yksvcs
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.cz/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=cs_CZ&c=92&bd=all&pf=cmnb
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - c:\program files\hewlett-packard\hp support framework\resources\hpnetworkcheck\HPNetworkCheckPlugin.dll
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [Olympus ib] "c:\program files\olympus\ib\olycamdetect.exe" /Startup
uRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [PDF Complete] c:\program files\pdf complete\pdfsty.exe
mRun: [WirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [MDS_Menu] "c:\program files\olympus\ib\muitransfer\muistartmenu.exe" "c:\program files\olympus\ib" updatewithcreateonce "software\olympus\ib\1.0"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Logitech Download Assistant] c:\windows\system32\rundll32.exe c:\windows\system32\LogiLDA.dll,LogiFetch
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [ActivControl] c:\program files\activ software\activdriver\ActivControl2.exe
StartupFolder: c:\users\janinka\appdata\roaming\micros~1\windows\startm~1\programs\startup\vezyob~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - c:\program files\hewlett-packard\hp support framework\resources\hpnetworkcheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
TCP: NameServer = 10.20.100.1
TCP: Interfaces\{C0BE6625-7FBE-48A7-AA57-F152A1EDE1EB} : NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{C0BE6625-7FBE-48A7-AA57-F152A1EDE1EB} : DHCPNameServer = 10.20.100.1
TCP: Interfaces\{DE605EB3-C8BA-4782-971A-A468AE27B873} : NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{DE605EB3-C8BA-4782-971A-A468AE27B873}\2457B616A6E65647 : NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{DE605EB3-C8BA-4782-971A-A468AE27B873}\2457B616A6E65647 : DHCPNameServer = 192.168.10.1
TCP: Interfaces\{DE605EB3-C8BA-4782-971A-A468AE27B873}\661627F6D266275656 : NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{DE605EB3-C8BA-4782-971A-A468AE27B873}\661627F6D266275656 : DHCPNameServer = 10.10.4.1
TCP: Interfaces\{DE605EB3-C8BA-4782-971A-A468AE27B873}\840584B4 : NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{DE605EB3-C8BA-4782-971A-A468AE27B873}\840584B4 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{DE605EB3-C8BA-4782-971A-A468AE27B873}\E43423 : NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{DE605EB3-C8BA-4782-971A-A468AE27B873}\E43423 : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\windows\system32\guard32.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\janinka\appdata\roaming\mozilla\firefox\profiles\qr69lpao.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\users\janinka\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\users\janinka\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\janinka\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-1-14 64288]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [2011-1-6 17256]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2011-1-6 236600]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2011-1-6 35768]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-9-20 214024]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-4 176128]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\hewlett-packard\hp support framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\hewlett-packard\shared\HPDrvMntSvc.exe [2012-8-10 197536]
R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2009-7-8 26168]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\pdf complete\pdfsvc.exe [2009-9-20 635416]
R2 yksvc;Marvell Yukon Service;c:\windows\system32\svchost.exe -k yksvcs [2009-7-14 20992]
R3 5U876UVC;HP Webcam [2 MP series];c:\windows\system32\drivers\5U876.sys [2009-11-23 118656]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-11-23 29472]
R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2009-9-20 228408]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2010-1-13 6755840]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-20 313856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\drivers\ewdcsc.sys [2012-12-16 23424]
S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\drivers\KMWDFILTER.sys [2009-4-29 25088]
S3 MfeAVFK;McAfee Inc. MfeAVFK;c:\windows\system32\drivers\mfeavfk.sys [2009-9-20 79816]
S3 MfeBOPK;McAfee Inc. MfeBOPK;c:\windows\system32\drivers\mfebopk.sys [2009-9-20 35272]
S3 MfeRKDK;McAfee Inc. MfeRKDK;c:\windows\system32\drivers\mferkdk.sys [2009-9-20 34248]
S3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw1v32.sys [2009-7-21 5958656]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
S3 OlyCamComm;OLYMPUS USB Communication Device;c:\windows\system32\drivers\OlyCamComm.sys [2009-9-10 21648]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2009-6-13 1120752]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [2010-5-21 93216]
S3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\drivers\RTL2832UUSB.sys [2010-5-21 32800]
S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-3 1343400]
.
=============== Created Last 30 ================
.
2013-02-03 18:35:51 -------- d-----w- c:\users\janinka\appdata\local\GHISLER
2013-02-03 13:14:09 -------- d-sh--w- C:\$RECYCLE.BIN
2013-02-03 13:00:01 98816 ----a-w- c:\windows\sed.exe
2013-02-03 13:00:01 256000 ----a-w- c:\windows\PEV.exe
2013-02-03 13:00:01 208896 ----a-w- c:\windows\MBR.exe
2013-02-03 11:51:47 -------- d-----w- c:\program files\trend micro
2013-01-22 23:00:42 -------- d-----w- c:\users\janinka\appdata\local\Macromedia
2013-01-22 20:47:26 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-09 18:49:36 627712 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 18:49:34 2344960 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 18:49:32 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 18:23:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 18:22:39 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2013-01-07 19:26:51 -------- d-----w- c:\users\janinka\appdata\local\The Witcher
2013-01-07 17:55:53 -------- d-----w- c:\program files\The Witcher
.
==================== Find3M ====================
.
2013-01-22 21:10:48 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 14:25:27 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:25:19 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 05:04:20 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 04:57:38 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 05:06:15 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 05:00:06 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 03:07:41 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:51:41 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:51:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:51:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:51:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-20 05:10:07 219136 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:49:37 2048 ----a-w- c:\windows\system32\tzres.dll
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7600 Disk: ST950042 rev.0006 -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: >>UNKNOWN [0x83A37000]<< >>UNKNOWN [0x8C909000]<< >>UNKNOWN [0x8D5B1000]<< >>UNKNOWN [0x8D600000]<< >>UNKNOWN [0x83A00000]<< >>UNKNOWN [0x8CA2A000]<< >>UNKNOWN [0x8C6B4000]<< >>UNKNOWN [0x8695E938]<<
_asm { DEC EBP; POP EDX; NOP ; ADD [EBX], AL; ADD [EAX], AL; ADD [EAX+EAX], AL; ADD [EAX], AL; }
1 ntkrnlpa!IofCallDriver[0x83A726E3] -> \Device\Harddisk0\DR0[0x8827AAC8]
\Driver\Disk[0x882437D8] -> IRP_MJ_CREATE -> 0x8C90D39F
3 [0x8C90D59E] -> ntkrnlpa!IofCallDriver[0x83A726E3] -> [0x869D30F0]
\Driver\hpdskflt[0x882327D8] -> IRP_MJ_CREATE -> 0x8D601FB0
5 [0x8D602090] -> ntkrnlpa!IofCallDriver[0x83A726E3] -> \Device\Ide\IAAStorageDevice-1[0x87713028]
\Driver\iaStor[0x8775D888] -> IRP_MJ_CREATE -> 0x8CA74390
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [BP+0x0], 0x0; }
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
.
============= FINISH: 20:54:10,05 ===============

[vyosek]

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Kliknete na volbu Change parametrs
• V okne Additional Option zakliknete vsechny moznosti
• Kliknete na OK
• Utilite prikazte, at skenuje - klik na Start Scan
• Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
• Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
• Pokud mate vsude Skip, kliknete na Continue
• Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

[Šmíďák]

TDSS Killer

11:03:54.0871 11316 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:03:55.0066 11316 ============================================================
11:03:55.0066 11316 Current date / time: 2013/02/04 11:03:55.0066
11:03:55.0066 11316 SystemInfo:
11:03:55.0066 11316
11:03:55.0066 11316 OS Version: 6.1.7600 ServicePack: 0.0
11:03:55.0066 11316 Product type: Workstation
11:03:55.0067 11316 ComputerName: KLEMENT
11:03:55.0067 11316 UserName: Janinka
11:03:55.0067 11316 Windows directory: C:\windows
11:03:55.0067 11316 System windows directory: C:\windows
11:03:55.0067 11316 Processor architecture: Intel x86
11:03:55.0067 11316 Number of processors: 2
11:03:55.0067 11316 Page size: 0x1000
11:03:55.0067 11316 Boot type: Normal boot
11:03:55.0067 11316 ============================================================
11:03:55.0571 11316 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:03:55.0580 11316 ============================================================
11:03:55.0580 11316 \Device\Harddisk0\DR0:
11:03:55.0580 11316 MBR partitions:
11:03:55.0580 11316 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
11:03:55.0580 11316 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x380EF000
11:03:55.0580 11316 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38185800, BlocksNum 0x1E00000
11:03:55.0580 11316 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39F85800, BlocksNum 0x3FD800
11:03:55.0580 11316 ============================================================
11:03:55.0609 11316 C: <-> \Device\Harddisk0\DR0\Partition2
11:03:55.0634 11316 E: <-> \Device\Harddisk0\DR0\Partition4
11:03:55.0635 11316 ============================================================
11:03:55.0635 11316 Initialize success
11:03:55.0635 11316 ============================================================
11:05:03.0838 8552 ============================================================
11:05:03.0838 8552 Scan started
11:05:03.0838 8552 Mode: Manual; SigCheck; TDLFS;
11:05:03.0838 8552 ============================================================
11:05:05.0098 8552 ================ Scan system memory ========================
11:05:05.0098 8552 System memory - ok
11:05:05.0099 8552 ================ Scan services =============================
11:05:05.0315 8552 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
11:05:05.0448 8552 1394ohci - ok
11:05:05.0498 8552 [ 080A40550FB95A328917512F3F5A0409 ] 5U876UVC C:\windows\system32\DRIVERS\5U876.sys
11:05:05.0548 8552 5U876UVC - ok
11:05:05.0585 8552 [ 4DF5E6215A102A192B2B6DBB61F2FBA5 ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
11:05:05.0600 8552 Accelerometer - ok
11:05:05.0671 8552 ACDaemon - ok
11:05:05.0703 8552 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
11:05:05.0729 8552 ACPI - ok
11:05:05.0746 8552 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
11:05:05.0817 8552 AcpiPmi - ok
11:05:05.0878 8552 [ 6C61BCEB60C2C187E6F96001FD69493E ] ADIHdAudAddService C:\windows\system32\drivers\ADIHdAud.sys
11:05:05.0939 8552 ADIHdAudAddService - ok
11:05:06.0042 8552 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:05:06.0071 8552 AdobeFlashPlayerUpdateSvc - ok
11:05:06.0124 8552 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
11:05:06.0149 8552 adp94xx - ok
11:05:06.0170 8552 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
11:05:06.0193 8552 adpahci - ok
11:05:06.0228 8552 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
11:05:06.0246 8552 adpu320 - ok
11:05:06.0275 8552 [ 4DC6B0772D1698F04FC79053A21C8260 ] AEADIFilters C:\windows\system32\AEADISRV.EXE
11:05:06.0300 8552 AEADIFilters - ok
11:05:06.0330 8552 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
11:05:06.0404 8552 AeLookupSvc - ok
11:05:06.0440 8552 [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc C:\windows\system32\drivers\Afc.sys
11:05:06.0471 8552 Afc - ok
11:05:06.0525 8552 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\windows\system32\drivers\afd.sys
11:05:06.0590 8552 AFD - ok
11:05:06.0628 8552 [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem C:\windows\system32\DRIVERS\AGRSM.sys
11:05:06.0719 8552 AgereSoftModem - ok
11:05:06.0733 8552 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\DRIVERS\agp440.sys
11:05:06.0749 8552 agp440 - ok
11:05:06.0778 8552 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
11:05:06.0795 8552 aic78xx - ok
11:05:06.0828 8552 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
11:05:06.0901 8552 ALG - ok
11:05:06.0935 8552 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\DRIVERS\aliide.sys
11:05:06.0949 8552 aliide - ok
11:05:06.0979 8552 [ A236CEE2BF90381E981EBB870429FA9B ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
11:05:07.0028 8552 AMD External Events Utility - ok
11:05:07.0041 8552 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\DRIVERS\amdagp.sys
11:05:07.0058 8552 amdagp - ok
11:05:07.0089 8552 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\DRIVERS\amdide.sys
11:05:07.0105 8552 amdide - ok
11:05:07.0132 8552 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
11:05:07.0170 8552 AmdK8 - ok
11:05:07.0212 8552 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
11:05:07.0244 8552 AmdPPM - ok
11:05:07.0285 8552 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\windows\system32\drivers\amdsata.sys
11:05:07.0303 8552 amdsata - ok
11:05:07.0320 8552 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
11:05:07.0340 8552 amdsbs - ok
11:05:07.0366 8552 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\windows\system32\drivers\amdxata.sys
11:05:07.0382 8552 amdxata - ok
11:05:07.0409 8552 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\windows\system32\drivers\appid.sys
11:05:07.0486 8552 AppID - ok
11:05:07.0527 8552 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
11:05:07.0653 8552 AppIDSvc - ok
11:05:07.0672 8552 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\windows\System32\appinfo.dll
11:05:07.0701 8552 Appinfo - ok
11:05:07.0730 8552 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
11:05:07.0747 8552 arc - ok
11:05:07.0774 8552 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
11:05:07.0791 8552 arcsas - ok
11:05:07.0808 8552 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
11:05:07.0951 8552 AsyncMac - ok
11:05:08.0001 8552 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\DRIVERS\atapi.sys
11:05:08.0017 8552 atapi - ok
11:05:08.0058 8552 [ E2398389648B5D44DC63CA43FDD5B3F8 ] AtiHdmiService C:\windows\system32\drivers\AtiHdmi.sys
11:05:08.0073 8552 AtiHdmiService - ok
11:05:08.0176 8552 [ A4252328D2B1520571102992EF0B0E5C ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
11:05:08.0355 8552 atikmdag - ok
11:05:08.0413 8552 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\windows\system32\DRIVERS\atksgt.sys
11:05:08.0433 8552 atksgt - ok
11:05:08.0471 8552 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
11:05:08.0530 8552 AudioEndpointBuilder - ok
11:05:08.0540 8552 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\windows\System32\Audiosrv.dll
11:05:08.0576 8552 Audiosrv - ok
11:05:08.0612 8552 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\windows\System32\AxInstSV.dll
11:05:08.0692 8552 AxInstSV - ok
11:05:08.0712 8552 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
11:05:08.0770 8552 b06bdrv - ok
11:05:08.0801 8552 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
11:05:08.0839 8552 b57nd60x - ok
11:05:08.0867 8552 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
11:05:08.0937 8552 BDESVC - ok
11:05:08.0953 8552 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
11:05:08.0999 8552 Beep - ok
11:05:09.0037 8552 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\windows\System32\bfe.dll
11:05:09.0093 8552 BFE - ok
11:05:09.0130 8552 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\windows\system32\qmgr.dll
11:05:09.0201 8552 BITS - ok
11:05:09.0232 8552 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
11:05:09.0271 8552 blbdrive - ok
11:05:09.0310 8552 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\windows\system32\DRIVERS\bowser.sys
11:05:09.0370 8552 bowser - ok
11:05:09.0398 8552 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
11:05:09.0437 8552 BrFiltLo - ok
11:05:09.0462 8552 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
11:05:09.0513 8552 BrFiltUp - ok
11:05:09.0561 8552 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
11:05:09.0628 8552 BridgeMP - ok
11:05:09.0670 8552 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\windows\System32\browser.dll
11:05:09.0807 8552 Browser - ok
11:05:09.0828 8552 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
11:05:09.0918 8552 Brserid - ok
11:05:09.0940 8552 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
11:05:09.0985 8552 BrSerWdm - ok
11:05:10.0021 8552 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
11:05:10.0061 8552 BrUsbMdm - ok
11:05:10.0086 8552 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
11:05:10.0103 8552 BrUsbSer - ok
11:05:10.0154 8552 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
11:05:10.0260 8552 BthEnum - ok
11:05:10.0274 8552 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
11:05:10.0295 8552 BTHMODEM - ok
11:05:10.0321 8552 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
11:05:10.0343 8552 BthPan - ok
11:05:10.0379 8552 [ 04CEDA17A195924070B01174CB1F9AF8 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
11:05:10.0405 8552 BTHPORT - ok
11:05:10.0443 8552 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
11:05:10.0493 8552 bthserv - ok
11:05:10.0528 8552 [ 80E6384BEEC03B8BD45EDEA29802D657 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
11:05:10.0568 8552 BTHUSB - ok
11:05:10.0615 8552 [ D57D29132EFE13A83133D9BD449E0CF1 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
11:05:10.0628 8552 btwaudio - ok
11:05:10.0646 8552 [ D282C14A69357D0E1BAFAECC2CA98C3A ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
11:05:10.0661 8552 btwavdt - ok
11:05:10.0723 8552 [ 7D2DD14E60CE4FF3308D66FDA7990546 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
11:05:10.0749 8552 btwdins - ok
11:05:10.0766 8552 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
11:05:10.0778 8552 btwl2cap - ok
11:05:10.0803 8552 [ 02EB4D2B05967DF2D32F29C84AB1FB17 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
11:05:10.0815 8552 btwrchid - ok
11:05:10.0896 8552 catchme - ok
11:05:10.0924 8552 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
11:05:10.0976 8552 cdfs - ok
11:05:11.0018 8552 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
11:05:11.0059 8552 cdrom - ok
11:05:11.0097 8552 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\windows\System32\certprop.dll
11:05:11.0144 8552 CertPropSvc - ok
11:05:11.0173 8552 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
11:05:11.0224 8552 circlass - ok
11:05:11.0250 8552 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
11:05:11.0272 8552 CLFS - ok
11:05:11.0320 8552 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:05:11.0335 8552 clr_optimization_v2.0.50727_32 - ok
11:05:11.0428 8552 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:05:11.0475 8552 clr_optimization_v4.0.30319_32 - ok
11:05:11.0509 8552 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
11:05:11.0543 8552 CmBatt - ok
11:05:11.0616 8552 [ 49D6A05176B2DC471B4DA693C8E83EA7 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
11:05:11.0656 8552 cmdAgent - ok
11:05:11.0676 8552 [ DEE2298F837BD809E0323A6D442AFDFE ] cmderd C:\windows\system32\DRIVERS\cmderd.sys
11:05:11.0687 8552 cmderd - ok
11:05:11.0707 8552 [ 25257833BFE9751C54751477123F174E ] cmdGuard C:\windows\system32\DRIVERS\cmdguard.sys
11:05:11.0721 8552 cmdGuard - ok
11:05:11.0741 8552 [ 85B5D9FFA0B0D20A5137A356918E2E38 ] cmdHlp C:\windows\system32\DRIVERS\cmdhlp.sys
11:05:11.0753 8552 cmdHlp - ok
11:05:11.0777 8552 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
11:05:11.0792 8552 cmdide - ok
11:05:11.0820 8552 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\windows\system32\Drivers\cng.sys
11:05:11.0849 8552 CNG - ok
11:05:11.0919 8552 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
11:05:11.0935 8552 Com4QLBEx - ok
11:05:11.0953 8552 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
11:05:11.0970 8552 Compbatt - ok
11:05:12.0003 8552 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
11:05:12.0042 8552 CompositeBus - ok
11:05:12.0065 8552 COMSysApp - ok
11:05:12.0093 8552 connctfy - ok
11:05:12.0104 8552 connctfyMP - ok
11:05:12.0121 8552 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
11:05:12.0136 8552 crcdisk - ok
11:05:12.0181 8552 [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc C:\windows\system32\cryptsvc.dll
11:05:12.0205 8552 CryptSvc - ok
11:05:12.0235 8552 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\windows\system32\rpcss.dll
11:05:12.0290 8552 DcomLaunch - ok
11:05:12.0315 8552 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
11:05:12.0370 8552 defragsvc - ok
11:05:12.0395 8552 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\windows\system32\Drivers\dfsc.sys
11:05:12.0446 8552 DfsC - ok
11:05:12.0462 8552 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\windows\system32\dhcpcore.dll
11:05:12.0545 8552 Dhcp - ok
11:05:12.0568 8552 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
11:05:12.0615 8552 discache - ok
11:05:12.0673 8552 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
11:05:12.0690 8552 Disk - ok
11:05:12.0718 8552 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\windows\System32\dnsrslvr.dll
11:05:12.0771 8552 Dnscache - ok
11:05:12.0787 8552 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\windows\System32\dot3svc.dll
11:05:12.0839 8552 dot3svc - ok
11:05:12.0897 8552 [ B5E479EB83707DD698F66953E922042C ] dot4 C:\windows\system32\DRIVERS\Dot4.sys
11:05:12.0930 8552 dot4 - ok
11:05:12.0946 8552 [ C25FEA07A8E7767E8B89AB96A3B96519 ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys
11:05:12.0985 8552 Dot4Print - ok
11:05:13.0006 8552 [ 9F7DE667C505CE6500BECDD8E11644D7 ] Dot4Scan C:\windows\system32\DRIVERS\Dot4Scan.sys
11:05:13.0039 8552 Dot4Scan - ok
11:05:13.0059 8552 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
11:05:13.0098 8552 dot4usb - ok
11:05:13.0127 8552 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\windows\system32\dps.dll
11:05:13.0179 8552 DPS - ok
11:05:13.0221 8552 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
11:05:13.0259 8552 drmkaud - ok
11:05:13.0306 8552 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
11:05:13.0353 8552 DXGKrnl - ok
11:05:13.0372 8552 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
11:05:13.0422 8552 EapHost - ok
11:05:13.0500 8552 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
11:05:13.0616 8552 ebdrv - ok
11:05:13.0653 8552 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\windows\System32\lsass.exe
11:05:13.0705 8552 EFS - ok
11:05:13.0768 8552 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\windows\ehome\ehRecvr.exe
11:05:13.0863 8552 ehRecvr - ok
11:05:13.0887 8552 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
11:05:13.0944 8552 ehSched - ok
11:05:13.0981 8552 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
11:05:14.0006 8552 elxstor - ok
11:05:14.0031 8552 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
11:05:14.0047 8552 ErrDev - ok
11:05:14.0086 8552 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
11:05:14.0120 8552 EventSystem - ok
11:05:14.0154 8552 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
11:05:14.0205 8552 exfat - ok
11:05:14.0233 8552 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
11:05:14.0281 8552 fastfat - ok
11:05:14.0316 8552 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\windows\system32\fxssvc.exe
11:05:14.0387 8552 Fax - ok
11:05:14.0418 8552 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
11:05:14.0455 8552 fdc - ok
11:05:14.0480 8552 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
11:05:14.0528 8552 fdPHost - ok
11:05:14.0550 8552 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
11:05:14.0601 8552 FDResPub - ok
11:05:14.0621 8552 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
11:05:14.0637 8552 FileInfo - ok
11:05:14.0654 8552 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
11:05:14.0706 8552 Filetrace - ok
11:05:14.0726 8552 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
11:05:14.0759 8552 flpydisk - ok
11:05:14.0796 8552 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
11:05:14.0816 8552 FltMgr - ok
11:05:14.0852 8552 [ 7FE4995528A7529A761875151EE3D512 ] FontCache C:\windows\system32\FntCache.dll
11:05:14.0927 8552 FontCache - ok
11:05:14.0977 8552 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:05:14.0998 8552 FontCache3.0.0.0 - ok
11:05:15.0012 8552 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
11:05:15.0030 8552 FsDepends - ok
11:05:15.0051 8552 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
11:05:15.0066 8552 Fs_Rec - ok
11:05:15.0109 8552 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
11:05:15.0130 8552 fvevol - ok
11:05:15.0167 8552 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
11:05:15.0184 8552 gagp30kx - ok
11:05:15.0218 8552 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\windows\System32\gpsvc.dll
11:05:15.0277 8552 gpsvc - ok
11:05:15.0344 8552 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
11:05:15.0358 8552 hamachi - ok
11:05:15.0385 8552 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
11:05:15.0439 8552 hcw85cir - ok
11:05:15.0463 8552 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:05:15.0505 8552 HdAudAddService - ok
11:05:15.0549 8552 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
11:05:15.0586 8552 HDAudBus - ok
11:05:15.0624 8552 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
11:05:15.0661 8552 HidBatt - ok
11:05:15.0716 8552 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
11:05:15.0751 8552 HidBth - ok
11:05:15.0814 8552 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
11:05:15.0847 8552 HidIr - ok
11:05:15.0893 8552 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\System32\hidserv.dll
11:05:15.0956 8552 hidserv - ok
11:05:15.0994 8552 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
11:05:16.0027 8552 HidUsb - ok
11:05:16.0063 8552 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\windows\system32\kmsvc.dll
11:05:16.0117 8552 hkmsvc - ok
11:05:16.0169 8552 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:05:16.0204 8552 HomeGroupListener - ok
11:05:16.0227 8552 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:05:16.0269 8552 HomeGroupProvider - ok
11:05:16.0365 8552 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
11:05:16.0390 8552 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
11:05:16.0390 8552 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
11:05:16.0482 8552 [ B7382BEC806B7B00FC84B3E2061FF48E ] HPDrvMntSvc.exe C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
11:05:16.0503 8552 HPDrvMntSvc.exe - ok
11:05:16.0514 8552 [ E1D82F0C8456ABB03B7DF5D623CA47D1 ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
11:05:16.0527 8552 hpdskflt - ok
11:05:16.0557 8552 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
11:05:16.0608 8552 HpqKbFiltr - ok
11:05:16.0639 8552 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
11:05:16.0666 8552 hpqwmiex - ok
11:05:16.0692 8552 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
11:05:16.0708 8552 HpSAMD - ok
11:05:16.0721 8552 [ D1F817E61D52816996B8F1EBA9A38276 ] hpsrv C:\windows\system32\Hpservice.exe
11:05:16.0734 8552 hpsrv - ok
11:05:16.0766 8552 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\windows\system32\drivers\HTTP.sys
11:05:16.0823 8552 HTTP - ok
11:05:16.0877 8552 [ C1258ADCBE6E51A3C06C234D2BDB81B5 ] Huawei C:\windows\system32\DRIVERS\ewdcsc.sys
11:05:16.0923 8552 Huawei - ok
11:05:16.0979 8552 [ 988C0A49F09D75D3341CB419141793C1 ] hwdatacard C:\windows\system32\DRIVERS\ewusbmdm.sys
11:05:17.0047 8552 hwdatacard - ok
11:05:17.0057 8552 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
11:05:17.0073 8552 hwpolicy - ok
11:05:17.0113 8552 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
11:05:17.0130 8552 i8042prt - ok
11:05:17.0184 8552 [ F54B3DB096ABD6E9BBBD052FD3878A48 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
11:05:17.0215 8552 IAANTMON - ok
11:05:17.0231 8552 [ 01446278D4563B3013C92830AE6CBB26 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
11:05:17.0247 8552 iaStor - ok
11:05:17.0314 8552 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
11:05:17.0366 8552 iaStorV - ok
11:05:17.0416 8552 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:05:17.0461 8552 idsvc - ok
11:05:17.0576 8552 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
11:05:17.0750 8552 igfx - ok
11:05:17.0802 8552 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
11:05:17.0826 8552 iirsp - ok
11:05:17.0879 8552 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\windows\System32\ikeext.dll
11:05:17.0944 8552 IKEEXT - ok
11:05:17.0985 8552 [ 3FD25C91BC2BE3465559E64801C10E33 ] inspect C:\windows\system32\DRIVERS\inspect.sys
11:05:17.0997 8552 inspect - ok
11:05:18.0030 8552 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\DRIVERS\intelide.sys
11:05:18.0046 8552 intelide - ok
11:05:18.0069 8552 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
11:05:18.0109 8552 intelppm - ok
11:05:18.0163 8552 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
11:05:18.0235 8552 IPBusEnum - ok
11:05:18.0279 8552 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
11:05:18.0309 8552 IpFilterDriver - ok
11:05:18.0347 8552 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
11:05:18.0411 8552 iphlpsvc - ok
11:05:18.0431 8552 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
11:05:18.0466 8552 IPMIDRV - ok
11:05:18.0499 8552 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
11:05:18.0550 8552 IPNAT - ok
11:05:18.0589 8552 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
11:05:18.0626 8552 IRENUM - ok
11:05:18.0665 8552 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
11:05:18.0682 8552 isapnp - ok
11:05:18.0698 8552 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
11:05:18.0717 8552 iScsiPrt - ok
11:05:18.0736 8552 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
11:05:18.0752 8552 kbdclass - ok
11:05:18.0782 8552 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
11:05:18.0829 8552 kbdhid - ok
11:05:18.0859 8552 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\windows\system32\lsass.exe
11:05:18.0874 8552 KeyIso - ok
11:05:18.0923 8552 [ 4476FE98AAF505ACDCD3EE6360AABEC1 ] KMWDFILTERx86 C:\windows\system32\DRIVERS\KMWDFILTER.sys
11:05:18.0936 8552 KMWDFILTERx86 - ok
11:05:18.0975 8552 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
11:05:18.0991 8552 KSecDD - ok
11:05:19.0009 8552 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
11:05:19.0027 8552 KSecPkg - ok
11:05:19.0080 8552 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
11:05:19.0167 8552 KtmRm - ok
11:05:19.0240 8552 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\windows\System32\srvsvc.dll
11:05:19.0310 8552 LanmanServer - ok
11:05:19.0462 8552 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\windows\System32\wkssvc.dll
11:05:19.0804 8552 LanmanWorkstation - ok
11:05:19.0871 8552 [ B7C19EC8B0DD7EFA58AD41FFEB8B8CDA ] Lbd C:\windows\system32\DRIVERS\Lbd.sys
11:05:19.0894 8552 Lbd - ok
11:05:19.0952 8552 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:05:19.0979 8552 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
11:05:19.0979 8552 LightScribeService - detected UnsignedFile.Multi.Generic (1)
11:05:20.0047 8552 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\windows\system32\DRIVERS\lirsgt.sys
11:05:20.0067 8552 lirsgt - ok
11:05:20.0105 8552 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
11:05:20.0156 8552 lltdio - ok
11:05:20.0201 8552 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
11:05:20.0258 8552 lltdsvc - ok
11:05:20.0286 8552 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
11:05:20.0331 8552 lmhosts - ok
11:05:20.0377 8552 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
11:05:20.0394 8552 LSI_FC - ok
11:05:20.0429 8552 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
11:05:20.0448 8552 LSI_SAS - ok
11:05:20.0475 8552 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
11:05:20.0492 8552 LSI_SAS2 - ok
11:05:20.0513 8552 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
11:05:20.0531 8552 LSI_SCSI - ok
11:05:20.0562 8552 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
11:05:20.0612 8552 luafv - ok
11:05:20.0648 8552 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
11:05:20.0669 8552 Mcx2Svc - ok
11:05:20.0687 8552 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
11:05:20.0703 8552 megasas - ok
11:05:20.0727 8552 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
11:05:20.0751 8552 MegaSR - ok
11:05:20.0774 8552 [ 64B96DE8C492BD435372D9130A535F1D ] MfeAVFK C:\windows\system32\drivers\MfeAVFK.sys
11:05:20.0788 8552 MfeAVFK - ok
11:05:20.0805 8552 [ 078E87A89D36CC3516F19D5FB518BDDC ] MfeBOPK C:\windows\system32\drivers\MfeBOPK.sys
11:05:20.0818 8552 MfeBOPK - ok
11:05:20.0851 8552 [ 168C565101FD5B9DB694EFDEC91FAFA9 ] mfehidk C:\windows\system32\drivers\mfehidk.sys
11:05:20.0868 8552 mfehidk - ok
11:05:20.0880 8552 [ E0842F67DC9BC4D21D1E319610EBE9E5 ] MfeRKDK C:\windows\system32\drivers\MfeRKDK.sys
11:05:20.0892 8552 MfeRKDK - ok
11:05:20.0910 8552 [ 43A7ACBBD70ECD62F0B63486C72089A3 ] mfetdik C:\windows\system32\drivers\mfetdik.sys
11:05:20.0924 8552 mfetdik - ok
11:05:20.0945 8552 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
11:05:20.0997 8552 MMCSS - ok
11:05:21.0038 8552 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
11:05:21.0096 8552 Modem - ok
11:05:21.0128 8552 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
11:05:21.0162 8552 monitor - ok
11:05:21.0219 8552 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
11:05:21.0247 8552 mouclass - ok
11:05:21.0285 8552 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
11:05:21.0347 8552 mouhid - ok
11:05:21.0390 8552 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
11:05:21.0406 8552 mountmgr - ok
11:05:21.0460 8552 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:05:21.0477 8552 MozillaMaintenance - ok
11:05:21.0503 8552 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\windows\system32\DRIVERS\mpio.sys
11:05:21.0521 8552 mpio - ok
11:05:21.0548 8552 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
11:05:21.0599 8552 mpsdrv - ok
11:05:21.0630 8552 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\windows\system32\mpssvc.dll
11:05:21.0680 8552 MpsSvc - ok
11:05:21.0716 8552 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
11:05:21.0752 8552 MRxDAV - ok
11:05:21.0804 8552 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
11:05:21.0866 8552 mrxsmb - ok
11:05:21.0920 8552 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
11:05:21.0973 8552 mrxsmb10 - ok
11:05:22.0019 8552 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
11:05:22.0046 8552 mrxsmb20 - ok
11:05:22.0064 8552 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\windows\system32\DRIVERS\msahci.sys
11:05:22.0079 8552 msahci - ok
11:05:22.0094 8552 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
11:05:22.0111 8552 msdsm - ok
11:05:22.0146 8552 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
11:05:22.0166 8552 MSDTC - ok
11:05:22.0198 8552 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
11:05:22.0228 8552 Msfs - ok
11:05:22.0259 8552 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
11:05:22.0310 8552 mshidkmdf - ok
11:05:22.0341 8552 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
11:05:22.0357 8552 msisadrv - ok
11:05:22.0390 8552 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
11:05:22.0421 8552 MSiSCSI - ok
11:05:22.0426 8552 msiserver - ok
11:05:22.0455 8552 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
11:05:22.0504 8552 MSKSSRV - ok
11:05:22.0527 8552 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
11:05:22.0573 8552 MSPCLOCK - ok
11:05:22.0587 8552 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
11:05:22.0639 8552 MSPQM - ok
11:05:22.0655 8552 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
11:05:22.0674 8552 MsRPC - ok
11:05:22.0688 8552 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
11:05:22.0704 8552 mssmbios - ok
11:05:22.0715 8552 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
11:05:22.0745 8552 MSTEE - ok
11:05:22.0761 8552 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
11:05:22.0804 8552 MTConfig - ok
11:05:22.0833 8552 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
11:05:22.0849 8552 Mup - ok
11:05:22.0872 8552 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\windows\system32\qagentRT.dll
11:05:22.0928 8552 napagent - ok
11:05:22.0967 8552 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
11:05:23.0017 8552 NativeWifiP - ok
11:05:23.0050 8552 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\windows\system32\drivers\ndis.sys
11:05:23.0087 8552 NDIS - ok
11:05:23.0099 8552 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
11:05:23.0129 8552 NdisCap - ok
11:05:23.0161 8552 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
11:05:23.0189 8552 NdisTapi - ok
11:05:23.0204 8552 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
11:05:23.0254 8552 Ndisuio - ok
11:05:23.0279 8552 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
11:05:23.0328 8552 NdisWan - ok
11:05:23.0334 8552 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
11:05:23.0366 8552 NDProxy - ok
11:05:23.0391 8552 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
11:05:23.0421 8552 NetBIOS - ok
11:05:23.0435 8552 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
11:05:23.0483 8552 NetBT - ok
11:05:23.0505 8552 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\windows\system32\lsass.exe
11:05:23.0520 8552 Netlogon - ok
11:05:23.0557 8552 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
11:05:23.0612 8552 Netman - ok
11:05:23.0640 8552 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
11:05:23.0700 8552 netprofm - ok
11:05:23.0742 8552 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:05:23.0757 8552 NetTcpPortSharing - ok
11:05:23.0906 8552 [ D1F531B61CB35422D691E545DE60554C ] NETw1v32 C:\windows\system32\DRIVERS\NETw1v32.sys
11:05:24.0105 8552 NETw1v32 - ok
11:05:24.0272 8552 [ 5B2DFA9C5C02DDF2A113CC0F551B59DF ] NETw5s32 C:\windows\system32\DRIVERS\NETw5s32.sys
11:05:24.0500 8552 NETw5s32 - ok
11:05:24.0593 8552 [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32 C:\windows\system32\DRIVERS\netw5v32.sys
11:05:24.0742 8552 netw5v32 - ok
11:05:24.0776 8552 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
11:05:24.0792 8552 nfrd960 - ok
11:05:24.0813 8552 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\windows\System32\nlasvc.dll
11:05:24.0869 8552 NlaSvc - ok
11:05:24.0896 8552 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
11:05:24.0927 8552 Npfs - ok
11:05:24.0935 8552 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
11:05:24.0967 8552 nsi - ok
11:05:24.0981 8552 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
11:05:25.0031 8552 nsiproxy - ok
11:05:25.0090 8552 [ 5126C5402C730C2A953275D8497A4715 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
11:05:25.0166 8552 Ntfs - ok
11:05:25.0181 8552 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
11:05:25.0235 8552 Null - ok
11:05:25.0270 8552 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\windows\system32\drivers\nvraid.sys
11:05:25.0288 8552 nvraid - ok
11:05:25.0301 8552 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\windows\system32\drivers\nvstor.sys
11:05:25.0320 8552 nvstor - ok
11:05:25.0341 8552 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
11:05:25.0358 8552 nv_agp - ok
11:05:25.0440 8552 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:05:25.0492 8552 odserv - ok
11:05:25.0511 8552 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
11:05:25.0546 8552 ohci1394 - ok
11:05:25.0583 8552 [ F4CB9C1991314B1352DDBD8A968E4471 ] OlyCamComm C:\windows\system32\DRIVERS\OlyCamComm.sys
11:05:25.0596 8552 OlyCamComm - ok
11:05:25.0640 8552 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:05:25.0665 8552 ose - ok
11:05:25.0702 8552 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
11:05:25.0761 8552 p2pimsvc - ok
11:05:25.0786 8552 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
11:05:25.0809 8552 p2psvc - ok
11:05:25.0840 8552 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
11:05:25.0858 8552 Parport - ok
11:05:25.0890 8552 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\windows\system32\drivers\partmgr.sys
11:05:25.0907 8552 partmgr - ok
11:05:25.0916 8552 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
11:05:25.0954 8552 Parvdm - ok
11:05:25.0977 8552 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
11:05:26.0024 8552 PcaSvc - ok
11:05:26.0051 8552 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\windows\system32\DRIVERS\pci.sys
11:05:26.0068 8552 pci - ok
11:05:26.0082 8552 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\DRIVERS\pciide.sys
11:05:26.0097 8552 pciide - ok
11:05:26.0127 8552 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
11:05:26.0145 8552 pcmcia - ok
11:05:26.0165 8552 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
11:05:26.0182 8552 pcw - ok
11:05:26.0209 8552 pdfcDispatcher - ok
11:05:26.0227 8552 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
11:05:26.0270 8552 PEAUTH - ok
11:05:26.0321 8552 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\windows\system32\pla.dll
11:05:26.0394 8552 pla - ok
11:05:26.0421 8552 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\windows\system32\umpnpmgr.dll
11:05:26.0478 8552 PlugPlay - ok
11:05:26.0490 8552 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
11:05:26.0531 8552 PNRPAutoReg - ok
11:05:26.0560 8552 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
11:05:26.0579 8552 PNRPsvc - ok
11:05:26.0612 8552 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
11:05:26.0648 8552 PolicyAgent - ok
11:05:26.0677 8552 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\windows\system32\umpo.dll
11:05:26.0713 8552 Power - ok
11:05:26.0737 8552 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
11:05:26.0783 8552 PptpMiniport - ok
11:05:26.0810 8552 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
11:05:26.0849 8552 Processor - ok
11:05:26.0887 8552 [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc C:\windows\system32\profsvc.dll
11:05:26.0944 8552 ProfSvc - ok
11:05:26.0953 8552 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\windows\system32\lsass.exe
11:05:26.0969 8552 ProtectedStorage - ok
11:05:27.0027 8552 [ 64E413BA0C529AA40C3924BBCC4153DB ] ProtexisLicensing C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
11:05:27.0055 8552 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - warning
11:05:27.0055 8552 ProtexisLicensing - detected UnsignedFile.Multi.Generic (1)
11:05:27.0095 8552 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
11:05:27.0141 8552 Psched - ok
11:05:27.0169 8552 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\windows\system32\Drivers\PxHelp20.sys
11:05:27.0183 8552 PxHelp20 - ok
11:05:27.0217 8552 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
11:05:27.0271 8552 ql2300 - ok
11:05:27.0283 8552 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
11:05:27.0300 8552 ql40xx - ok
11:05:27.0327 8552 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
11:05:27.0370 8552 QWAVE - ok
11:05:27.0401 8552 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
11:05:27.0440 8552 QWAVEdrv - ok
11:05:27.0466 8552 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
11:05:27.0518 8552 RasAcd - ok
11:05:27.0551 8552 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
11:05:27.0579 8552 RasAgileVpn - ok
11:05:27.0592 8552 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
11:05:27.0642 8552 RasAuto - ok
11:05:27.0669 8552 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
11:05:27.0719 8552 Rasl2tp - ok
11:05:27.0756 8552 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\windows\System32\rasmans.dll
11:05:27.0814 8552 RasMan - ok
11:05:27.0837 8552 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
11:05:27.0867 8552 RasPppoe - ok
11:05:27.0883 8552 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
11:05:27.0912 8552 RasSstp - ok
11:05:27.0930 8552 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
11:05:27.0979 8552 rdbss - ok
11:05:28.0013 8552 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
11:05:28.0050 8552 rdpbus - ok
11:05:28.0075 8552 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
11:05:28.0104 8552 RDPCDD - ok
11:05:28.0128 8552 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
11:05:28.0175 8552 RDPENCDD - ok
11:05:28.0184 8552 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
11:05:28.0216 8552 RDPREFMP - ok
11:05:28.0248 8552 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
11:05:28.0325 8552 RDPWD - ok
11:05:28.0344 8552 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
11:05:28.0363 8552 rdyboost - ok
11:05:28.0387 8552 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
11:05:28.0434 8552 RemoteAccess - ok
11:05:28.0467 8552 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
11:05:28.0519 8552 RemoteRegistry - ok
11:05:28.0564 8552 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
11:05:28.0584 8552 RFCOMM - ok
11:05:28.0676 8552 [ 85F9924FB26D924C4A10DC620AE2C350 ] RoxMediaDB10 c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
11:05:28.0741 8552 RoxMediaDB10 - ok
11:05:28.0759 8552 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
11:05:28.0791 8552 RpcEptMapper - ok
11:05:28.0806 8552 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
11:05:28.0842 8552 RpcLocator - ok
11:05:28.0868 8552 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\windows\system32\rpcss.dll
11:05:28.0903 8552 RpcSs - ok
11:05:28.0930 8552 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
11:05:28.0961 8552 rspndr - ok
11:05:28.0987 8552 [ CF9733CD3E9C942A7F8FFFF6A861DD06 ] RTL2832UBDA C:\windows\system32\drivers\RTL2832UBDA.sys
11:05:29.0001 8552 RTL2832UBDA - ok
11:05:29.0031 8552 [ DDBE09D473AFD9490548769819FFA632 ] RTL2832UUSB C:\windows\system32\Drivers\RTL2832UUSB.sys
11:05:29.0046 8552 RTL2832UUSB - ok
11:05:29.0057 8552 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\windows\system32\lsass.exe
11:05:29.0073 8552 SamSs - ok
11:05:29.0096 8552 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
11:05:29.0112 8552 sbp2port - ok
11:05:29.0127 8552 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
11:05:29.0178 8552 SCardSvr - ok
11:05:29.0201 8552 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
11:05:29.0254 8552 scfilter - ok
11:05:29.0302 8552 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\windows\system32\schedsvc.dll
11:05:29.0346 8552 Schedule - ok
11:05:29.0356 8552 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\windows\System32\certprop.dll
11:05:29.0385 8552 SCPolicySvc - ok
11:05:29.0402 8552 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\windows\System32\SDRSVC.dll
11:05:29.0457 8552 SDRSVC - ok
11:05:29.0480 8552 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
11:05:29.0528 8552 secdrv - ok
11:05:29.0554 8552 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
11:05:29.0608 8552 seclogon - ok
11:05:29.0631 8552 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\system32\sens.dll
11:05:29.0664 8552 SENS - ok
11:05:29.0676 8552 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
11:05:29.0704 8552 SensrSvc - ok
11:05:29.0725 8552 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
11:05:29.0741 8552 Serenum - ok
11:05:29.0757 8552 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
11:05:29.0792 8552 Serial - ok
11:05:29.0814 8552 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
11:05:29.0830 8552 sermouse - ok
11:05:29.0856 8552 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\windows\system32\sessenv.dll
11:05:29.0890 8552 SessionEnv - ok
11:05:29.0917 8552 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys
11:05:29.0952 8552 sffdisk - ok
11:05:29.0977 8552 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys
11:05:29.0995 8552 sffp_mmc - ok
11:05:30.0007 8552 [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys
11:05:30.0050 8552 sffp_sd - ok
11:05:30.0087 8552 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
11:05:30.0128 8552 sfloppy - ok
11:05:30.0169 8552 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
11:05:30.0226 8552 SharedAccess - ok
11:05:30.0254 8552 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:05:30.0280 8552 ShellHWDetection - ok
11:05:30.0293 8552 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\DRIVERS\sisagp.sys
11:05:30.0309 8552 sisagp - ok
11:05:30.0327 8552 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
11:05:30.0343 8552 SiSRaid2 - ok
11:05:30.0356 8552 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
11:05:30.0373 8552 SiSRaid4 - ok
11:05:30.0431 8552 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
11:05:30.0446 8552 SkypeUpdate - ok
11:05:30.0473 8552 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
11:05:30.0525 8552 Smb - ok
11:05:30.0566 8552 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
11:05:30.0605 8552 SNMPTRAP - ok
11:05:30.0630 8552 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
11:05:30.0645 8552 spldr - ok
11:05:30.0685 8552 [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler C:\windows\System32\spoolsv.exe
11:05:30.0748 8552 Spooler - ok
11:05:30.0828 8552 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\windows\system32\sppsvc.exe
11:05:30.0952 8552 sppsvc - ok
11:05:30.0977 8552 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\windows\system32\sppuinotify.dll
11:05:31.0029 8552 sppuinotify - ok
11:05:31.0081 8552 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\windows\system32\Drivers\sptd.sys
11:05:31.0081 8552 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
11:05:31.0084 8552 sptd ( LockedFile.Multi.Generic ) - warning
11:05:31.0084 8552 sptd - detected LockedFile.Multi.Generic (1)
11:05:31.0108 8552 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\windows\system32\DRIVERS\srv.sys
11:05:31.0167 8552 srv - ok
11:05:31.0184 8552 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
11:05:31.0222 8552 srv2 - ok
11:05:31.0246 8552 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
11:05:31.0289 8552 srvnet - ok
11:05:31.0320 8552 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
11:05:31.0372 8552 SSDPSRV - ok
11:05:31.0404 8552 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
11:05:31.0452 8552 SstpSvc - ok
11:05:31.0478 8552 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
11:05:31.0493 8552 stexstor - ok
11:05:31.0517 8552 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\windows\System32\wiaservc.dll
11:05:31.0568 8552 StiSvc - ok
11:05:31.0608 8552 [ FF5EB78AF7DFB68C2FB363537AAF753E ] stllssvr c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
11:05:31.0621 8552 stllssvr - ok
11:05:31.0634 8552 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\DRIVERS\swenum.sys
11:05:31.0649 8552 swenum - ok
11:05:31.0663 8552 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
11:05:31.0720 8552 swprv - ok
11:05:31.0817 8552 [ 1DE40024679CDE0E573465253519730E ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
11:05:31.0840 8552 SynTP - ok
11:05:31.0874 8552 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\windows\system32\sysmain.dll
11:05:31.0944 8552 SysMain - ok
11:05:31.0969 8552 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\windows\System32\TabSvc.dll
11:05:31.0991 8552 TabletInputService - ok
11:05:32.0006 8552 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\windows\System32\tapisrv.dll
11:05:32.0041 8552 TapiSrv - ok
11:05:32.0052 8552 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
11:05:32.0106 8552 TBS - ok
11:05:32.0130 8552 tclondrv - ok
11:05:32.0187 8552 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\windows\system32\drivers\tcpip.sys
11:05:32.0257 8552 Tcpip - ok
11:05:32.0300 8552 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
11:05:32.0334 8552 TCPIP6 - ok
11:05:32.0362 8552 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
11:05:32.0392 8552 tcpipreg - ok
11:05:32.0413 8552 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
11:05:32.0441 8552 TDPIPE - ok
11:05:32.0471 8552 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
11:05:32.0517 8552 TDTCP - ok
11:05:32.0543 8552 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\windows\system32\DRIVERS\tdx.sys
11:05:32.0581 8552 tdx - ok
11:05:32.0606 8552 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
11:05:32.0623 8552 TermDD - ok
11:05:32.0646 8552 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\windows\System32\termsrv.dll
11:05:32.0694 8552 TermService - ok
11:05:32.0708 8552 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
11:05:32.0748 8552 Themes - ok
11:05:32.0776 8552 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
11:05:32.0806 8552 THREADORDER - ok
11:05:32.0835 8552 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM C:\windows\system32\drivers\tpm.sys
11:05:32.0851 8552 TPM - ok
11:05:32.0867 8552 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
11:05:32.0920 8552 TrkWks - ok
11:05:32.0980 8552 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:05:33.0006 8552 TrustedInstaller - ok
11:05:33.0021 8552 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
11:05:33.0067 8552 tssecsrv - ok
11:05:33.0101 8552 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
11:05:33.0152 8552 tunnel - ok
11:05:33.0177 8552 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
11:05:33.0193 8552 uagp35 - ok
11:05:33.0213 8552 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\windows\system32\DRIVERS\udfs.sys
11:05:33.0248 8552 udfs - ok
11:05:33.0269 8552 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
11:05:33.0289 8552 UI0Detect - ok
11:05:33.0306 8552 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
11:05:33.0322 8552 uliagpkx - ok
11:05:33.0351 8552 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\windows\system32\DRIVERS\umbus.sys
11:05:33.0395 8552 umbus - ok
11:05:33.0427 8552 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
11:05:33.0466 8552 UmPass - ok
11:05:33.0491 8552 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
11:05:33.0528 8552 upnphost - ok
11:05:33.0562 8552 [ C31AE588E403042632DC796CF09E30B0 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
11:05:33.0614 8552 usbccgp - ok
11:05:33.0627 8552 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
11:05:33.0646 8552 usbcir - ok
11:05:33.0658 8552 [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
11:05:33.0691 8552 usbehci - ok
11:05:33.0716 8552 [ BDCD7156EC37448F08633FD899823620 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
11:05:33.0754 8552 usbhub - ok
11:05:33.0777 8552 [ EB2D819A639015253C871CDA09D91D58 ] usbohci C:\windows\system32\drivers\usbohci.sys
11:05:33.0820 8552 usbohci - ok
11:05:33.0860 8552 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
11:05:33.0894 8552 usbprint - ok
11:05:33.0921 8552 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
11:05:33.0940 8552 usbscan - ok
11:05:33.0974 8552 [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
11:05:34.0035 8552 USBSTOR - ok
11:05:34.0048 8552 [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
11:05:34.0064 8552 usbuhci - ok
11:05:34.0118 8552 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
11:05:34.0171 8552 usbvideo - ok
11:05:34.0192 8552 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
11:05:34.0240 8552 UxSms - ok
11:05:34.0263 8552 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\windows\system32\lsass.exe
11:05:34.0279 8552 VaultSvc - ok
11:05:34.0301 8552 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
11:05:34.0317 8552 vdrvroot - ok
11:05:34.0337 8552 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\windows\System32\vds.exe
11:05:34.0386 8552 vds - ok
11:05:34.0423 8552 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
11:05:34.0442 8552 vga - ok
11:05:34.0453 8552 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
11:05:34.0503 8552 VgaSave - ok
11:05:34.0528 8552 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
11:05:34.0547 8552 vhdmp - ok
11:05:34.0569 8552 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\DRIVERS\viaagp.sys
11:05:34.0586 8552 viaagp - ok
11:05:34.0598 8552 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
11:05:34.0632 8552 ViaC7 - ok
11:05:34.0656 8552 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\DRIVERS\viaide.sys
11:05:34.0671 8552 viaide - ok
11:05:34.0685 8552 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
11:05:34.0702 8552 volmgr - ok
11:05:34.0720 8552 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
11:05:34.0742 8552 volmgrx - ok
11:05:34.0787 8552 [ 59F06B4968E58BC83DFC56CA4517960E ] volsnap C:\windows\system32\drivers\volsnap.sys
11:05:34.0818 8552 volsnap - ok
11:05:34.0856 8552 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
11:05:34.0874 8552 vsmraid - ok
11:05:34.0912 8552 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\windows\system32\vssvc.exe
11:05:34.0982 8552 VSS - ok
11:05:35.0010 8552 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
11:05:35.0029 8552 vwifibus - ok
11:05:35.0054 8552 [ 7090D3436EEB4E7DA3373090A23448F7 ] VWiFiFlt C:\windows\system32\DRIVERS\vwififlt.sys
11:05:35.0096 8552 VWiFiFlt - ok
11:05:35.0132 8552 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
11:05:35.0171 8552 vwifimp - ok
11:05:35.0201 8552 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
11:05:35.0261 8552 W32Time - ok
11:05:35.0298 8552 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
11:05:35.0338 8552 WacomPen - ok
11:05:35.0370 8552 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
11:05:35.0418 8552 WANARP - ok
11:05:35.0423 8552 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
11:05:35.0453 8552 Wanarpv6 - ok
11:05:35.0542 8552 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
11:05:35.0615 8552 WatAdminSvc - ok
11:05:35.0653 8552 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\windows\system32\wbengine.exe
11:05:35.0744 8552 wbengine - ok
11:05:35.0762 8552 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
11:05:35.0786 8552 WbioSrvc - ok
11:05:35.0826 8552 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\windows\System32\wcncsvc.dll
11:05:35.0895 8552 wcncsvc - ok
11:05:35.0910 8552 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:05:35.0938 8552 WcsPlugInService - ok
11:05:35.0958 8552 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
11:05:35.0974 8552 Wd - ok
11:05:36.0012 8552 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
11:05:36.0041 8552 Wdf01000 - ok
11:05:36.0055 8552 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
11:05:36.0076 8552 WdiServiceHost - ok
11:05:36.0081 8552 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
11:05:36.0102 8552 WdiSystemHost - ok
11:05:36.0143 8552 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\windows\System32\webclnt.dll
11:05:36.0202 8552 WebClient - ok
11:05:36.0215 8552 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
11:05:36.0267 8552 Wecsvc - ok
11:05:36.0294 8552 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
11:05:36.0326 8552 wercplsupport - ok
11:05:36.0352 8552 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
11:05:36.0385 8552 WerSvc - ok
11:05:36.0412 8552 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
11:05:36.0461 8552 WfpLwf - ok
11:05:36.0484 8552 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
11:05:36.0499 8552 WIMMount - ok
11:05:36.0554 8552 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:05:36.0592 8552 WinDefend - ok
11:05:36.0600 8552 WinHttpAutoProxySvc - ok
11:05:36.0643 8552 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
11:05:36.0677 8552 Winmgmt - ok
11:05:36.0712 8552 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\windows\system32\WsmSvc.dll
11:05:36.0803 8552 WinRM - ok
11:05:36.0858 8552 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
11:05:36.0896 8552 WinUsb - ok
11:05:36.0938 8552 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
11:05:36.0984 8552 Wlansvc - ok
11:05:37.0058 8552 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:05:37.0125 8552 wlidsvc - ok
11:05:37.0155 8552 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
11:05:37.0186 8552 WmiAcpi - ok
11:05:37.0215 8552 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
11:05:37.0253 8552 wmiApSrv - ok
11:05:37.0332 8552 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:05:37.0383 8552 WMPNetworkSvc - ok
11:05:37.0409 8552 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
11:05:37.0432 8552 WPCSvc - ok
11:05:37.0444 8552 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
11:05:37.0518 8552 WPDBusEnum - ok
11:05:37.0536 8552 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
11:05:37.0565 8552 ws2ifsl - ok
11:05:37.0607 8552 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\windows\system32\wscsvc.dll
11:05:37.0625 8552 wscsvc - ok
11:05:37.0631 8552 WSearch - ok
11:05:37.0703 8552 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
11:05:37.0779 8552 wuauserv - ok
11:05:37.0800 8552 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
11:05:37.0833 8552 WudfPf - ok
11:05:37.0853 8552 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
11:05:37.0872 8552 WUDFRd - ok
11:05:37.0890 8552 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
11:05:37.0925 8552 wudfsvc - ok
11:05:37.0950 8552 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
11:05:37.0974 8552 WwanSvc - ok
11:05:38.0013 8552 [ F0CEEA6CC0E5BFEFC745B66DC5E9816B ] yksvc C:\windows\System32\yk62x86.dll
11:05:38.0093 8552 yksvc - ok
11:05:38.0130 8552 [ 3EB1576F77B60A6C79DD7742B67219B8 ] yukonw7 C:\windows\system32\DRIVERS\yk62x86.sys
11:05:38.0177 8552 yukonw7 - ok
11:05:38.0209 8552 ================ Scan global ===============================
11:05:38.0230 8552 [ 9A595DF601070DA78C40481120DD2C06 ] C:\windows\system32\basesrv.dll
11:05:38.0268 8552 [ A031E84E7A5884841171E13A73315A7B ] C:\windows\system32\winsrv.dll
11:05:38.0278 8552 [ A031E84E7A5884841171E13A73315A7B ] C:\windows\system32\winsrv.dll
11:05:38.0297 8552 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
11:05:38.0327 8552 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
11:05:38.0334 8552 [Global] - ok
11:05:38.0335 8552 ================ Scan MBR ==================================
11:05:38.0347 8552 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
11:05:38.0749 8552 \Device\Harddisk0\DR0 - ok
11:05:38.0754 8552 ================ Scan VBR ==================================
11:05:38.0756 8552 [ 71A91550D1265D8A13C3BE3A9D3EE537 ] \Device\Harddisk0\DR0\Partition1
11:05:38.0758 8552 \Device\Harddisk0\DR0\Partition1 - ok
11:05:38.0769 8552 [ EFFC5EB75027A6E573343EF22C3C1E3C ] \Device\Harddisk0\DR0\Partition2
11:05:38.0772 8552 \Device\Harddisk0\DR0\Partition2 - ok
11:05:38.0806 8552 [ BBB3ABF0FEA5462678F5F358DC61BB08 ] \Device\Harddisk0\DR0\Partition3
11:05:38.0808 8552 \Device\Harddisk0\DR0\Partition3 - ok
11:05:38.0822 8552 [ 8F675375320E185EF73B7471C39955F4 ] \Device\Harddisk0\DR0\Partition4
11:05:38.0823 8552 \Device\Harddisk0\DR0\Partition4 - ok
11:05:38.0824 8552 ============================================================
11:05:38.0824 8552 Scan finished
11:05:38.0824 8552 ============================================================
11:05:38.0838 11816 Detected object count: 4
11:05:38.0838 11816 Actual detected object count: 4
11:05:53.0332 11816 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:05:53.0332 11816 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:05:53.0332 11816 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
11:05:53.0332 11816 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:05:53.0335 11816 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - skipped by user
11:05:53.0335 11816 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:05:53.0337 11816 sptd ( LockedFile.Multi.Generic ) - skipped by user
11:05:53.0337 11816 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
11:06:03.0124 6536 Deinitialize success

[vyosek]

Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.

• Utilitu spustte a prikazte ji, at skenuje - klik na Scan
• Kliknutim na Save log ulozte log aswMBR na plochu
• Obsah logu aswMBR mi sem vlozte

[Šmíďák]

aswMBR log:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-04 18:02:43
-----------------------------
18:02:43.162 OS Version: Windows 6.1.7600
18:02:43.162 Number of processors: 2 586 0x170A
18:02:43.164 ComputerName: KLEMENT UserName: Janinka
18:02:44.997 Initialize success
18:23:24.960 AVAST engine defs: 13020400
18:24:00.676 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:24:00.679 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3
18:24:00.688 Disk 0 MBR read successfully
18:24:00.691 Disk 0 MBR scan
18:24:00.721 Disk 0 Windows VISTA default MBR code
18:24:00.738 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
18:24:00.755 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459230 MB offset 616448
18:24:00.791 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15360 MB offset 941119488
18:24:00.807 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 2043 MB offset 972576768
18:24:00.815 Disk 0 scanning sectors +976760832
18:24:00.875 Disk 0 scanning C:\windows\system32\drivers
18:24:12.114 Service scanning
18:24:28.684 Service sptd C:\windows\System32\Drivers\sptd.sys **LOCKED** 32
18:24:34.256 Modules scanning
18:24:43.126 Disk 0 trace - called modules:
18:24:43.145 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll iaStor.sys sphb.sys >>UNKNOWN [0x8695e938]<<
18:24:43.152 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8827aac8]
18:24:43.158 3 CLASSPNP.SYS[8c90d59e] -> nt!IofCallDriver -> [0x869d30f0]
18:24:43.165 5 hpdskflt.sys[8d602090] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x87713028]
18:24:47.473 AVAST engine scan C:\windows
18:24:50.730 AVAST engine scan C:\windows\system32
18:27:55.306 AVAST engine scan C:\windows\system32\drivers
18:28:10.458 AVAST engine scan C:\Users\Janinka
18:43:16.576 AVAST engine scan C:\ProgramData
18:44:28.523 Scan finished successfully
18:44:40.753 Disk 0 MBR has been saved successfully to "C:\Users\Janinka\Desktop\MBR.dat"
18:44:40.753 The log file has been saved successfully to "C:\Users\Janinka\Desktop\aswMBR.txt"