Prosím o kontrolu logu - preventivní

Příspěvekod **jaro3** » 17 čer 2013 22:36

potřebuji i druhý log , OTL.txt

Reklama

paveliknecas · Příspěvekod **paveliknecas** » 18 čer 2013 11:57

Promiň, zapomněl jsem na něho. tady je:

OTL logfile created on: 18. 6. 2013 11:40:08 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\pavel_000\Desktop
Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

2,75 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 71,07% Memory free
5,50 Gb Paging File | 4,59 Gb Available in Paging File | 83,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52,47 Gb Total Space | 19,24 Gb Free Space | 36,66% Space Free | Partition Type: NTFS
Drive H: | 298,09 Gb Total Space | 250,88 Gb Free Space | 84,16% Space Free | Partition Type: NTFS

Computer Name: PAVEL-PC | User Name: pavel_000 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/17 21:24:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\pavel_000\Desktop\OTL.exe
PRC - [2013/06/04 18:39:14 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/04/09 01:37:29 | 000,207,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2013/04/08 23:52:09 | 000,300,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013/03/02 10:24:03 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostex.exe
PRC - [2012/11/16 22:44:46 | 000,217,088 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012/10/11 07:56:41 | 002,115,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012/09/25 15:22:54 | 000,291,328 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Ultraslim Plus Wireless Keyboard & Mouse\VolOSD.exe
PRC - [2012/09/25 12:56:08 | 000,077,824 | ---- | M] (Primax Electronics Ltd.) -- C:\Program Files\Lenovo\Lenovo Ultraslim Plus Wireless Keyboard & Mouse\Pelico.exe
PRC - [2012/09/21 11:47:56 | 000,159,842 | ---- | M] (Primax Electronics Ltd.) -- C:\Program Files\Lenovo\Lenovo Mouse Suite\PELMICED.EXE
PRC - [2012/07/26 05:20:44 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe
PRC - [2012/07/10 17:24:20 | 000,069,632 | ---- | M] (Primax Electronics Ltd.) -- C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.exe
PRC - [2012/01/31 11:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2011/03/16 12:10:22 | 001,695,744 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Ultraslim Plus Wireless Keyboard & Mouse\LeDaemon.exe
PRC - [2011/02/03 13:50:46 | 000,506,712 | ---- | M] (Dolby Laboratories Inc.) -- C:\Program Files\Dolby Tuning and Profile Creator\pcee4.exe
PRC - [2010/06/01 17:41:38 | 000,155,648 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Mouse Suite\PelElvDm.exe
PRC - [2010/04/22 15:04:22 | 000,184,320 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe
PRC - [2010/03/10 16:44:56 | 000,496,184 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
PRC - [2009/12/17 07:33:56 | 004,114,368 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe
PRC - [2009/12/17 07:31:22 | 006,223,808 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe
PRC - [2008/11/20 17:27:28 | 000,020,480 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE

========== Modules (No Company Name) ==========

MOD - [2013/06/12 19:20:51 | 013,361,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web\d65a3cef9b398132410dcdb7cf16d549\System.Web.ni.dll
MOD - [2013/06/04 18:39:32 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2013/05/22 14:08:24 | 012,739,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\b96032c23f558bb34c110d2363775b98\System.Windows.Forms.ni.dll
MOD - [2013/05/22 14:05:50 | 000,958,976 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\499a3a7300c23ff88887989747ecb6ac\System.Configuration.ni.dll
MOD - [2013/05/22 14:05:41 | 003,916,288 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\f7df6857b933adbbdba4a5ab343ef827\WindowsBase.ni.dll
MOD - [2013/05/22 14:05:16 | 007,021,056 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\d2d2daf29278ef72bcde4170a38bba45\System.Core.ni.dll
MOD - [2013/05/21 14:58:11 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\d29382ad4b800178b51631569c928f0b\System.Configuration.ni.dll
MOD - [2013/05/21 14:57:16 | 002,297,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\da04cb0eeee804dc97cac658c87f1457\System.Core.ni.dll
MOD - [2013/05/20 17:08:06 | 012,436,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5cb0754debdf19b9f0d63d4d8721f532\System.Windows.Forms.ni.dll
MOD - [2013/05/20 17:07:51 | 014,344,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9cf677f8f94b2e8a90b6a1432f83e655\PresentationFramework.ni.dll
MOD - [2013/05/20 17:07:24 | 012,240,384 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\65c7ca72a747cff9843964e86e279765\PresentationCore.ni.dll
MOD - [2013/05/20 17:07:03 | 003,349,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\398e7010fffe84888b310c1ad6c02e74\WindowsBase.ni.dll
MOD - [2013/02/14 22:07:31 | 000,220,160 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\79379863cca64cbf0bad610b3c217c2c\System.ServiceProcess.ni.dll
MOD - [2013/01/25 17:29:11 | 005,453,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\ae31f7dc9817e359d05c9c8efdd5f359\System.Xml.ni.dll
MOD - [2013/01/25 17:28:42 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7e6b074d3f3e3cc8e0270a3552c47aaa\System.Drawing.ni.dll
MOD - [2013/01/25 17:09:24 | 007,988,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\28c2c6e7f48ff80c680a97b08df66a72\System.ni.dll
MOD - [2013/01/25 17:09:13 | 011,494,912 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\8d2929ad589e1092eb62a43424361465\mscorlib.ni.dll
MOD - [2013/01/21 19:20:24 | 000,467,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\8b9770e46dd342044513b3fd039662c1\PresentationFramework.Aero2.ni.dll
MOD - [2013/01/21 19:20:22 | 018,628,608 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\dd7d5793fd3df1d6b2e5d78159480171\PresentationFramework.ni.dll
MOD - [2013/01/21 19:20:07 | 010,937,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\6144b05c64d540e9d409534da3d19aeb\PresentationCore.ni.dll
MOD - [2013/01/21 19:19:36 | 000,786,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\0f3105eac8a32465e5a0eb969138f529\System.Runtime.Remoting.ni.dll
MOD - [2013/01/21 19:19:18 | 001,632,256 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\1394772747ea3e2b70712c5846e66ce6\System.Drawing.ni.dll
MOD - [2013/01/21 19:19:16 | 007,620,608 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\922c870d3781e97ba1006ed4b7c4aa59\System.Xml.ni.dll
MOD - [2013/01/21 19:19:07 | 001,895,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\17b3598869888be0e644e0b4bccaf7db\System.Xaml.ni.dll
MOD - [2013/01/21 19:18:53 | 009,973,248 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\ebb28407a339287ae5b0a7360b530f13\System.ni.dll
MOD - [2013/01/21 19:18:45 | 015,176,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\2101e637579b5a64195bc2a2d8d3f017\mscorlib.ni.dll
MOD - [2012/09/27 10:48:44 | 000,106,496 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Ultraslim Plus Wireless Keyboard & Mouse\LeUtil.dll
MOD - [2012/09/25 15:22:54 | 000,291,328 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Ultraslim Plus Wireless Keyboard & Mouse\VolOSD.exe
MOD - [2012/06/12 19:31:09 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012/06/05 17:56:06 | 000,057,344 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Ultraslim Plus Wireless Keyboard & Mouse\LeComm.dll
MOD - [2011/03/16 12:10:22 | 001,695,744 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Ultraslim Plus Wireless Keyboard & Mouse\LeDaemon.exe
MOD - [2010/12/31 17:22:32 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Ultraslim Plus Wireless Keyboard & Mouse\LeDrv.dll
MOD - [2010/12/03 11:16:06 | 000,049,152 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Ultraslim Plus Wireless Keyboard & Mouse\LeHooks.dll
MOD - [2008/12/20 04:20:50 | 000,063,304 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\KbdHook.dll
MOD - [2008/12/20 04:20:08 | 000,051,016 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\HookLib.dll
MOD - [2008/11/20 17:27:28 | 000,020,480 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE

========== Services (SafeList) ==========

SRV - [2013/06/11 17:32:39 | 001,064,312 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/06/04 18:39:14 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2013/05/21 14:11:06 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/05/04 06:57:04 | 000,371,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2013/05/04 06:56:05 | 000,143,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2013/04/08 23:51:05 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/02 10:23:17 | 000,114,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker)
SRV - [2013/03/02 10:23:15 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2013/01/29 01:07:34 | 001,160,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/01/10 01:26:37 | 001,532,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2013/01/10 01:26:01 | 000,349,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2012/11/16 22:44:46 | 000,217,088 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012/11/06 06:54:13 | 002,205,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/09/20 08:32:32 | 002,151,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService)
SRV - [2012/09/20 07:53:51 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2012/07/26 05:20:19 | 000,051,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2012/07/26 05:20:13 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2012/07/26 05:20:11 | 000,192,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2012/07/26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2012/07/26 05:20:04 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2012/07/26 05:19:54 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2012/07/26 05:19:40 | 002,028,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2012/07/26 05:19:21 | 000,138,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2012/07/26 05:19:21 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2012/07/26 05:18:47 | 000,043,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2012/07/26 05:18:24 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2012/07/26 05:18:18 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2012/07/26 05:18:13 | 000,261,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2012/07/26 05:17:58 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)
SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss)
SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv)
SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2012/01/31 11:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2011/08/05 13:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011/08/05 13:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011/08/05 13:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2010/04/22 15:04:22 | 000,184,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe -- (PelService)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2013/05/09 10:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/05/09 10:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/05/09 10:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 10:59:10 | 000,061,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\Drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013/05/09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 10:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\Drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 10:59:09 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2013/05/09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/05/04 07:20:57 | 000,362,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2013/05/04 07:20:54 | 000,238,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\spaceport.sys -- (spaceport)
DRV - [2013/05/04 07:20:54 | 000,180,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\UCX01000.SYS -- (UCX01000)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/03/02 11:54:25 | 000,121,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\tpm.sys -- (TPM)
DRV - [2013/03/02 11:06:16 | 000,057,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\pdc.sys -- (pdc)
DRV - [2013/03/02 10:52:49 | 000,268,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2013/03/02 10:52:47 | 000,066,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\storahci.sys -- (storahci)
DRV - [2013/02/02 09:31:49 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2013/01/29 02:02:46 | 000,029,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdBoot.sys -- (WdBoot)
DRV - [2013/01/29 01:07:34 | 000,193,936 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdFilter.sys -- (WdFilter)
DRV - [2013/01/10 03:07:00 | 000,024,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2012/11/27 05:53:14 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2012/11/20 06:56:58 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hidi2c.sys -- (hidi2c)
DRV - [2012/11/16 23:07:06 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012/11/16 21:38:48 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012/11/06 05:52:56 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\fxppm.sys -- (FxPPM)
DRV - [2012/10/12 09:12:33 | 000,023,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/10/11 07:45:31 | 000,050,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\dam.sys -- (dam)
DRV - [2012/10/11 07:28:23 | 000,046,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\sdstor.sys -- (sdstor)
DRV - [2012/10/11 06:40:26 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WSDScan.sys -- (WSDScan)
DRV - [2012/09/21 12:31:18 | 000,026,112 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\PELUSBLF.SYS -- (pelusblf)
DRV - [2012/09/20 09:09:32 | 000,031,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2012/09/20 08:34:07 | 000,097,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2012/07/26 06:17:18 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\condrv.sys -- (condrv)
DRV - [2012/07/26 05:48:44 | 000,058,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\acpiex.sys -- (acpiex)
DRV - [2012/07/26 05:42:33 | 000,068,848 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2012/07/26 05:42:32 | 000,099,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2012/07/26 05:42:32 | 000,070,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2012/07/26 05:42:31 | 000,085,232 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\3ware.sys -- (3ware)
DRV - [2012/07/26 05:42:19 | 000,285,424 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2012/07/26 05:42:19 | 000,080,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2012/07/26 05:42:18 | 000,076,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uaspstor.sys -- (UASPStor)
DRV - [2012/07/26 05:42:15 | 000,059,120 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\mvumis.sys -- (mvumis)
DRV - [2012/07/26 05:40:36 | 000,038,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2012/07/26 05:40:10 | 000,256,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\clfs.sys -- (CLFS)
DRV - [2012/07/26 05:39:55 | 000,029,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\terminpt.sys -- (terminpt)
DRV - [2012/07/26 05:33:00 | 000,130,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmbus.sys -- (vmbus)
DRV - [2012/07/26 05:33:00 | 000,042,344 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmstorfl.sys -- (storflt)
DRV - [2012/07/26 05:33:00 | 000,032,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storvsc.sys -- (storvsc)
DRV - [2012/07/26 04:37:58 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2012/07/26 04:36:54 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2012/07/26 04:36:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2012/07/26 04:36:36 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\HyperVideo.sys -- (HyperVideo)
DRV - [2012/07/26 04:36:35 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicRender.sys -- (BasicRender)
DRV - [2012/07/26 04:35:30 | 000,006,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vms3cap.sys -- (s3cap)
DRV - [2012/07/26 04:35:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2012/07/26 04:35:10 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\kdnic.sys -- (kdnic)
DRV - [2012/07/26 04:35:06 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpitime.sys -- (acpitime)
DRV - [2012/07/26 04:35:04 | 000,009,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vmgencounter.sys -- (gencounter)
DRV - [2012/07/26 04:34:43 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpipagr.sys -- (acpipagr)
DRV - [2012/07/26 04:34:42 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV - [2012/07/26 04:34:22 | 000,018,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2012/07/26 04:34:04 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2012/07/26 04:33:53 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx.sys -- (SerCx)
DRV - [2012/07/26 04:33:50 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SpbCx.sys -- (SpbCx)
DRV - [2012/07/26 04:33:50 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vwifimp.sys -- (vwifimp)
DRV - [2012/07/26 04:33:37 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\winusb.sys -- (WinUSB)
DRV - [2012/07/26 04:33:29 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012/07/26 04:33:16 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2012/07/26 04:32:54 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/07/26 04:32:53 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\dmvsc.sys -- (dmvsc)
DRV - [2012/07/26 04:32:02 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\wpcfltr.sys -- (wpcfltr)
DRV - [2012/07/26 04:31:11 | 000,110,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2012/07/26 04:30:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\mslldp.sys -- (MsLldp)
DRV - [2012/07/26 04:30:39 | 000,084,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\Ndu.sys -- (Ndu)
DRV - [2012/07/16 01:46:20 | 000,015,016 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2012/06/22 06:02:52 | 000,093,848 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\L1C63x86.sys -- (L1C)
DRV - [2012/06/19 06:07:52 | 000,044,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\usbfilter.sys -- (usbfilter)
DRV - [2012/06/06 15:54:02 | 000,019,968 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\LEMo6022.SYS -- (LEMo6022)
DRV - [2012/06/02 16:31:32 | 004,704,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\BCMWL63.SYS -- (BCM43XX)
DRV - [2012/04/09 10:13:58 | 000,048,256 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.2)
DRV - [2011/04/02 12:00:02 | 000,019,456 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\PELMOUSE.SYS -- (pelmouse)
DRV - [2011/01/05 11:28:20 | 000,012,544 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\LEub6022.SYS -- (LEub6022)
DRV - [2010/11/04 17:13:08 | 000,011,904 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\LECs6022.sys -- (LECs6022)
DRV - [2010/04/22 13:08:22 | 000,218,744 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010/03/24 18:57:16 | 000,191,008 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010/01/20 07:14:42 | 000,023,136 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2010/01/18 18:45:00 | 000,514,104 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2009/11/02 16:00:14 | 000,010,240 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\PELVENDR.SYS -- (pelvendr)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013/03/20 20:24:02 | 000,000,000 | ---D | M]

[2013/01/11 04:05:40 | 000,033,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

O1 HOSTS File: ([2013/03/20 20:31:58 | 000,000,916 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe Acrobat Create PDF Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AMD AVT] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [CNAP2 Launcher] C:\Windows\System32\spool\drivers\w32x86\3\CNAP2LAK.EXE (CANON INC.)
O4 - HKLM..\Run: [Daemon for Mouse Suite] C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE (Primax Electronics Ltd.)
O4 - HKLM..\Run: [Dolby Tuning and Profile Creator] C:\Program Files\Dolby Tuning and Profile Creator\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [Lenovo Input Device Main Program] C:\Program Files\Lenovo\Lenovo Ultraslim Plus Wireless Keyboard & Mouse\Pelico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing

paveliknecas · Příspěvekod **paveliknecas** » 18 čer 2013 11:58

pokračování OLT.txt
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06739808-4456-42F3-958C-BBFE79556468}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/06/11 18:00:57 | 000,000,000 | ---D | M] - H:\autocad -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\WINDOWS\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: wlidsvc - C:\Windows\System32\wlidsvc.dll (Microsoft Corporation)
NetSvcs: SystemEventsBroker - C:\Windows\System32\SystemEventsBrokerServer.dll (Microsoft Corporation)
NetSvcs: DsmSvc - C:\Windows\System32\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs: NcaSvc - C:\Windows\System32\NcaSvc.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/06/17 21:24:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\pavel_000\Desktop\OTL.exe
[2013/06/17 12:06:09 | 000,000,000 | --SD | C] -- C:\Users\pavel_000\Disk Google
[2013/06/17 12:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013/06/17 12:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/06/17 12:02:23 | 000,000,000 | ---D | C] -- C:\Users\pavel_000\AppData\Local\Google
[2013/06/17 09:02:40 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/06/16 11:00:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/06/16 09:50:47 | 000,021,576 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2013/06/16 09:29:30 | 000,000,000 | ---D | C] -- C:\Users\pavel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/06/16 09:29:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/06/16 09:26:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/06/16 09:24:28 | 000,000,000 | ---D | C] -- C:\Users\pavel_000\AppData\Roaming\TuneUp Software
[2013/06/16 09:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013/06/16 09:22:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/06/16 09:21:49 | 000,000,000 | ---D | C] -- C:\Users\pavel_000\AppData\Roaming\OpenCandy
[2013/06/16 09:19:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/06/16 09:19:03 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/06/16 09:19:01 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/06/16 09:19:01 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/06/16 09:19:01 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/06/16 09:18:17 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/06/16 09:11:14 | 000,368,944 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/06/16 09:11:14 | 000,029,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/06/16 09:11:13 | 000,061,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr2.sys
[2013/06/16 09:11:13 | 000,056,080 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/06/16 09:11:11 | 000,765,736 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/06/16 09:11:10 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/06/16 09:11:03 | 000,229,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/06/16 09:09:30 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/06/16 09:07:29 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/06/16 09:05:36 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/06/15 08:43:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/06/15 08:29:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/06/13 16:39:14 | 000,000,000 | ---D | C] -- C:\Users\pavel_000\AppData\Local\ElevatedDiagnostics
[2013/06/13 16:18:20 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/06/13 16:18:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2013/06/13 16:15:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/06/13 16:15:20 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013/06/13 15:22:42 | 000,000,000 | ---D | C] -- C:\Users\pavel_000\Desktop\tdsskiller
[2013/06/13 15:16:14 | 000,000,000 | ---D | C] -- C:\Users\pavel_000\Desktop\RK_Quarantine
[2013/06/13 15:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013/06/12 21:19:20 | 000,000,000 | ---D | C] -- C:\Users\pavel_000\AppData\Local\AMD
[2013/06/12 19:10:23 | 000,693,112 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/12 19:10:23 | 000,078,200 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/06/12 19:06:38 | 000,044,712 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\System32\drivers\usbfilter.sys
[2013/06/12 19:06:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2013/06/12 19:04:27 | 000,015,016 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\drivers\AtiPcie.sys
[2013/06/12 18:33:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/06/12 16:01:31 | 000,000,000 | ---D | C] -- C:\Users\pavel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013/06/12 16:01:29 | 000,000,000 | ---D | C] -- C:\Program Files\HJ
[2013/06/12 15:30:25 | 005,575,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2013/06/12 15:28:53 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript9.dll
[2013/06/12 15:28:51 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2013/06/12 15:28:51 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\UXInit.dll
[2013/06/12 15:28:51 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2013/06/12 15:28:50 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.tlb
[2013/06/12 15:28:43 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\certutil.exe
[2013/06/12 15:28:22 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cryptdlg.dll
[2013/06/12 15:26:27 | 010,788,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.UI.Xaml.dll
[2013/06/12 15:26:16 | 000,975,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentServer.dll
[2013/06/12 15:25:48 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\twinui.dll
[2013/06/12 15:25:46 | 000,371,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netprofmsvc.dll
[2013/06/12 15:25:45 | 002,035,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\authui.dll
[2013/06/12 15:25:40 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ubpm.dll
[2013/06/12 15:25:40 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\rars.rs
[2013/06/12 15:25:39 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2013/06/12 15:25:38 | 000,362,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBHUB3.SYS
[2013/06/12 15:25:38 | 000,180,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\UCX01000.SYS
[2013/06/12 15:25:37 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Magnify.exe
[2013/06/12 15:25:37 | 000,554,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
[2013/06/12 15:25:37 | 000,238,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\spaceport.sys
[2013/06/12 15:25:37 | 000,103,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AuthHost.exe
[2013/06/12 15:25:37 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\psmsrv.dll
[2013/06/12 15:25:36 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltux.dll
[2013/06/12 15:25:36 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DevicePairing.dll
[2013/06/12 15:25:35 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gpprefcl.dll
[2013/06/12 15:25:35 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WUSettingsProvider.dll
[2013/06/12 15:25:35 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\biwinrt.dll
[2013/06/12 15:25:35 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys
[2013/06/12 15:25:32 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfmp4srcsnk.dll
[2013/06/12 15:25:32 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\intl.cpl
[2013/06/12 15:25:32 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\BCP47Langs.dll
[2013/06/12 15:25:32 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storewuauth.dll
[2013/06/12 15:25:32 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bisrv.dll
[2013/06/12 15:25:32 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuwebv.dll
[2013/06/12 15:25:32 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\npmproxy.dll
[2013/06/12 15:25:31 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wudriver.dll
[2013/06/12 15:25:31 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapp.exe
[2013/06/12 15:25:31 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\muifontsetup.dll
[2013/06/12 15:24:24 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\untfs.dll
[2013/06/11 17:34:26 | 000,000,000 | ---D | C] -- C:\Users\pavel_000\Documents\Inventor Server SDK ACAD 2014
[2013/06/11 17:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2014 – Čeština (Czech)
[2013/06/11 17:21:49 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Autodesk
[2013/06/11 17:09:55 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2013/06/11 17:09:54 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2013/06/11 17:09:52 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2013/06/11 17:09:51 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2013/06/11 17:09:51 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2013/06/07 18:13:12 | 000,000,000 | ---D | C] -- C:\Users\pavel_000\AppData\Roaming\Opera Software
[2013/06/07 18:13:12 | 000,000,000 | ---D | C] -- C:\Users\pavel_000\AppData\Local\Opera Software
[2013/05/29 15:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\Opera Next
[2013/05/20 15:28:56 | 002,767,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tquery.dll
[2013/05/20 15:28:54 | 001,593,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssrch.dll
[2013/05/20 15:28:39 | 001,113,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSAudDecMFT.dll
[2013/05/20 15:28:34 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssph.dll
[2013/05/20 15:28:33 | 003,390,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2013/05/20 15:28:31 | 000,248,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kd_02_10ec.dll
[2013/05/20 15:28:29 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\conhost.exe
[2013/05/20 15:28:29 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dwmredir.dll
[2013/05/20 15:28:28 | 000,426,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AudioEng.dll
[2013/05/20 15:28:27 | 000,324,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AudioSes.dll
[2013/05/20 15:28:27 | 000,207,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\audiodg.exe
[2013/05/20 15:28:26 | 001,166,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winload.efi
[2013/05/20 15:28:23 | 000,939,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winresume.exe
[2013/05/20 15:28:22 | 001,034,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winresume.efi
[2013/05/20 15:28:22 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpncore.dll
[2013/05/20 15:28:21 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winload.exe
[2013/05/20 15:28:20 | 000,659,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssvp.dll
[2013/05/20 15:28:20 | 000,614,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RecoveryDrive.exe
[2013/05/20 15:28:20 | 000,457,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ci.dll
[2013/05/20 15:28:20 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.Networking.dll
[2013/05/20 15:28:19 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.Networking.BackgroundTransfer.dll
[2013/05/20 15:28:18 | 000,123,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscapi.dll
[2013/05/20 15:28:18 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Robocopy.exe
[2013/05/20 15:28:17 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XpsGdiConverter.dll
[2013/05/20 15:28:17 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfreadwrite.dll
[2013/05/20 15:28:17 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmvdsitf.dll
[2013/05/20 15:28:16 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iuilp.dll
[2013/05/20 15:28:16 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fhengine.dll
[2013/05/20 15:28:16 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AudioEndpointBuilder.dll
[2013/05/20 15:28:15 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFMediaEngine.dll
[2013/05/20 15:28:15 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fhcfg.dll
[2013/05/20 15:28:15 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssphtb.dll
[2013/05/20 15:28:13 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fmifs.dll
[2013/05/20 15:28:12 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssprxy.dll
[2013/05/20 15:28:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshooks.dll
[2013/05/20 15:28:11 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\EncDump.dll
[2013/05/20 15:28:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tzres.dll
[2013/05/20 15:26:07 | 000,104,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\consent.exe

========== Files - Modified Within 30 Days ==========

[2013/06/18 11:07:00 | 000,000,964 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/18 11:03:38 | 000,000,960 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/18 11:03:21 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/17 21:24:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\pavel_000\Desktop\OTL.exe
[2013/06/17 14:09:32 | 000,727,488 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013/06/17 14:09:32 | 000,710,244 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/06/17 14:09:32 | 000,148,006 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013/06/17 14:09:32 | 000,132,614 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/06/17 14:02:14 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/06/17 14:02:13 | 2359,042,048 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/17 12:09:52 | 000,001,038 | ---- | M] () -- C:\Users\pavel_000\Desktop\Google Drive.lnk
[2013/06/17 11:28:41 | 000,890,839 | ---- | M] () -- C:\Users\pavel_000\Desktop\SecurityCheck.exe
[2013/06/16 13:21:25 | 000,001,294 | ---- | M] () -- C:\Users\pavel_000\Desktop\Lenovo Ultraslim Plus Wireless Keyboard & Mouse Driver.lnk
[2013/06/16 11:00:35 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\config.nt
[2013/06/16 11:00:35 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/06/16 09:45:55 | 000,001,896 | ---- | M] () -- C:\Users\pavel_000\Desktop\Dolby Home Theater.lnk
[2013/06/16 09:26:39 | 000,001,028 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/06/16 09:22:31 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2013/06/16 09:18:33 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/06/16 09:18:27 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/06/16 09:18:27 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/06/16 09:18:20 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013/06/16 09:18:20 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/06/16 09:18:20 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/06/13 15:11:30 | 000,816,128 | ---- | M] () -- C:\Users\pavel_000\Desktop\winlogon.exe.exe
[2013/06/13 15:10:53 | 000,648,201 | ---- | M] () -- C:\Users\pavel_000\Desktop\adwcleaner.exe
[2013/06/12 20:24:11 | 003,851,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/12 16:01:31 | 000,002,989 | ---- | M] () -- C:\Users\pavel_000\Desktop\HiJackThis.lnk
[2013/06/11 17:38:08 | 000,002,003 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk 360.lnk
[2013/06/11 17:31:48 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD 2014 – Čeština (Czech).lnk
[2013/06/05 00:09:22 | 000,693,112 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/05 00:09:22 | 000,078,200 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/05/29 15:44:54 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Opera next.lnk
[2013/05/22 13:22:08 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

========== Files Created - No Company Name ==========

[2013/06/17 12:09:52 | 000,001,038 | ---- | C] () -- C:\Users\pavel_000\Desktop\Google Drive.lnk
[2013/06/17 12:02:28 | 000,000,964 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/17 12:02:28 | 000,000,960 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/17 11:28:34 | 000,890,839 | ---- | C] () -- C:\Users\pavel_000\Desktop\SecurityCheck.exe
[2013/06/16 13:21:25 | 000,001,294 | ---- | C] () -- C:\Users\pavel_000\Desktop\Lenovo Ultraslim Plus Wireless Keyboard & Mouse Driver.lnk
[2013/06/16 11:00:35 | 000,002,079 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/06/16 09:45:55 | 000,001,896 | ---- | C] () -- C:\Users\pavel_000\Desktop\Dolby Home Theater.lnk
[2013/06/16 09:26:39 | 000,001,028 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/06/16 09:11:11 | 000,174,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/06/16 09:11:11 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/06/13 15:10:58 | 000,816,128 | ---- | C] () -- C:\Users\pavel_000\Desktop\winlogon.exe.exe
[2013/06/13 15:10:29 | 000,648,201 | ---- | C] () -- C:\Users\pavel_000\Desktop\adwcleaner.exe
[2013/06/12 20:24:05 | 003,851,088 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/12 16:01:31 | 000,002,989 | ---- | C] () -- C:\Users\pavel_000\Desktop\HiJackThis.lnk
[2013/06/12 15:25:31 | 000,386,646 | ---- | C] () -- C:\WINDOWS\System32\ApnDatabase.xml
[2013/06/11 17:38:08 | 000,002,003 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk 360.lnk
[2013/06/11 17:31:48 | 000,002,098 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD 2014 – Čeština (Czech).lnk
[2013/05/29 15:44:55 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\Opera next.lnk
[2013/05/29 15:44:55 | 000,001,130 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera next.lnk
[2013/02/16 20:44:14 | 000,004,096 | -H-- | C] () -- C:\Users\pavel_000\AppData\Local\keyfile3.drm
[2013/02/16 16:53:33 | 000,000,135 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2013/02/12 17:09:47 | 000,005,384 | ---- | C] () -- C:\Users\pavel_000\AppData\Local\SRDownloader.nast
[2013/01/29 16:31:01 | 000,000,147 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2013/01/23 18:52:25 | 000,000,165 | ---- | C] () -- C:\WINDOWS\pdf2word.INI
[2013/01/21 18:03:48 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\OEMLicense.dll
[2013/01/20 14:50:54 | 000,007,643 | ---- | C] () -- C:\Users\pavel_000\AppData\Local\Resmon.ResmonCfg
[2013/01/19 17:38:59 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2013/01/19 17:38:59 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2013/01/19 17:38:59 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll
[2013/01/19 17:38:53 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2013/01/19 17:38:46 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2013/01/19 17:29:37 | 000,006,088 | ---- | C] () -- C:\WINDOWS\System32\drivers\CDConfig.bin
[2013/01/19 17:02:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/12/19 16:45:04 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\clinfo.exe
[2012/11/16 21:53:26 | 000,204,952 | ---- | C] () -- C:\WINDOWS\System32\ativvsvl.dat
[2012/11/16 21:53:26 | 000,157,144 | ---- | C] () -- C:\WINDOWS\System32\ativvsva.dat
[2012/07/26 10:05:42 | 000,727,488 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2012/07/26 10:05:42 | 000,296,594 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2012/07/26 10:05:42 | 000,148,006 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2012/07/26 10:05:42 | 000,038,682 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2012/07/26 08:55:27 | 000,710,244 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2012/07/26 08:55:27 | 000,296,742 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2012/07/26 08:55:27 | 000,132,614 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2012/07/26 08:55:27 | 000,033,362 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2012/07/26 08:53:47 | 000,215,943 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2012/07/26 08:53:46 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2012/07/26 08:03:55 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/07/26 03:20:38 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\BthpanContextHandler.dll
[2012/07/26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\BWContextHandler.dll
[2012/07/25 22:41:36 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012/07/25 22:24:47 | 000,526,068 | ---- | C] () -- C:\WINDOWS\System32\staticurllist.bin
[2012/07/14 04:00:46 | 000,043,882 | ---- | C] () -- C:\WINDOWS\System32\srms.dat
[2012/06/02 22:25:24 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\settings.dat
[2012/06/02 16:31:24 | 001,520,828 | ---- | C] () -- C:\WINDOWS\System32\WpcNBModel.bin
[2012/06/02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2012/04/18 19:39:06 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\kdbsdk32.dll
[2012/03/06 19:59:32 | 000,618,823 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\WINDOWS\System32\atipblag.dat

========== ZeroAccess Check ==========

[2013/01/29 16:21:53 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2012/07/26 05:20:13 | 000,354,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2012/07/26 05:42:31 | 000,055,536 | ---- | M] (Microsoft Corporation) MD5=73BB2C687305C4195ED7511587B041AA -- C:\Windows\System32\Drivers\AGP440.sys
[2012/07/26 05:42:31 | 000,055,536 | ---- | M] (Microsoft Corporation) MD5=73BB2C687305C4195ED7511587B041AA -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_38ff1f7a86c4c6d7\AGP440.sys
[2012/07/26 05:42:31 | 000,055,536 | ---- | M] (Microsoft Corporation) MD5=73BB2C687305C4195ED7511587B041AA -- C:\Windows\WinSxS\x86_machine.inf_31bf3856ad364e35_6.2.9200.16384_none_b6bdf91c90179e3b\AGP440.sys

< MD5 for: ATAPI.SYS >
[2012/07/26 05:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\System32\Drivers\atapi.sys
[2012/07/26 05:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_79ee6a786812523f\atapi.sys
[2012/07/26 05:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_c73107fbdd37000b\atapi.sys
[2012/07/26 05:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\WinSxS\x86_mshdc.inf_31bf3856ad364e35_6.2.9200.16384_none_d9e333faf2f0935d\atapi.sys
[2012/07/26 05:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\WinSxS\x86_mshdc.inf_31bf3856ad364e35_6.2.9200.16548_none_da12789ef2cc8343\atapi.sys
[2012/07/26 05:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\WinSxS\x86_mshdc.inf_31bf3856ad364e35_6.2.9200.20652_none_da8b43c20bf7a6f4\atapi.sys

< MD5 for: IASTORV.SYS >
[2012/07/26 05:42:33 | 000,333,552 | ---- | M] (Intel Corporation) MD5=C444F83C318BE18719DC1FDAEFF10898 -- C:\Windows\System32\Drivers\iaStorV.sys
[2012/07/26 05:42:33 | 000,333,552 | ---- | M] (Intel Corporation) MD5=C444F83C318BE18719DC1FDAEFF10898 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_819876bbe5c3b25f\iaStorV.sys
[2012/07/26 05:42:33 | 000,333,552 | ---- | M] (Intel Corporation) MD5=C444F83C318BE18719DC1FDAEFF10898 -- C:\Windows\WinSxS\x86_iastorv.inf_31bf3856ad364e35_6.2.9200.16384_none_abbc5e59592ebf50\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2012/07/26 05:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\System32\netlogon.dll
[2012/07/26 05:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\WinSxS\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_fa62c3240960ad18\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2012/07/26 05:42:15 | 000,141,552 | ---- | M] (NVIDIA Corporation) MD5=108DD54A5B1E73F583AF7DC94CCE52B8 -- C:\Windows\System32\Drivers\nvstor.sys
[2012/07/26 05:42:15 | 000,141,552 | ---- | M] (NVIDIA Corporation) MD5=108DD54A5B1E73F583AF7DC94CCE52B8 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_7ba65ba4b222e751\nvstor.sys
[2012/07/26 05:42:15 | 000,141,552 | ---- | M] (NVIDIA Corporation) MD5=108DD54A5B1E73F583AF7DC94CCE52B8 -- C:\Windows\WinSxS\x86_nvraid.inf_31bf3856ad364e35_6.2.9200.16384_none_3685cf0890656928\nvstor.sys

< MD5 for: SCECLI.DLL >
[2012/07/26 05:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\System32\scecli.dll
[2012/07/26 05:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\WinSxS\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_34b8ee3caa8233d3\scecli.dll

< %systemroot%\*. /mp /s >

< End of report >

Příspěvekod **jaro3** » 18 čer 2013 15:47

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\amdiox86.sys -- (amdiox86)
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
O1 HOSTS File: ([2013/03/20 20:31:58 | 000,000,916 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com 
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
[2013/06/17 14:09:32 | 000,727,488 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013/06/17 14:09:32 | 000,710,244 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/06/17 14:09:32 | 000,148,006 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013/06/17 14:09:32 | 000,132,614 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/07/26 10:05:42 | 000,727,488 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2012/07/26 10:05:42 | 000,296,594 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2012/07/26 10:05:42 | 000,148,006 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2012/07/26 10:05:42 | 000,038,682 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2012/07/26 08:55:27 | 000,710,244 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2012/07/26 08:55:27 | 000,296,742 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2012/07/26 08:55:27 | 000,132,614 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2012/07/26 08:55:27 | 000,033,362 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Users\pavel_000\Desktop\RK_Quarantine
C:\Users\pavel_000\Desktop\winlogon.exe.exe
C:\WINDOWS\AutoKMS.ini
C:\WINDOWS\ativpsrm.bin
ipconfig /flushdns /c

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\WINDOWS\System32\staticurllist.bin
C:\WINDOWS\System32\srms.dat
C:\WINDOWS\System32\settings.dat
C:\WINDOWS\System32\WpcNBModel.bin

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

paveliknecas · Příspěvekod **paveliknecas** » 19 čer 2013 19:05

https://www.virustotal.com/cs/file/da64606e31d19b073b4a884be5ceb437b282e6260723def5caa1e243304bc93b/analysis/1371661297/
https://www.virustotal.com/cs/file/6783c43e59b577e960caf9471c3b29d53a90d9884f201694ccc7a647d9022e7c/analysis/1371661257/
https://www.virustotal.com/cs/file/7fbb3e503ed8a4a8e5d5fab601883cbb31d2e06d6b598460e570fb7a763ee555/analysis/1371661374/
https://www.virustotal.com/cs/file/45a34ced73dce582d701fb9596f3e7e6c969ee79a34088d123dfdcb4b9861149/analysis/1371661435/

paveliknecas · Příspěvekod **paveliknecas** » 19 čer 2013 19:06

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service amdiox86 stopped successfully!
Service amdiox86 deleted successfully!
File C:\WINDOWS\System32\drivers\amdiox86.sys not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
127.0.0.1 lmlicenses.wip4.adobe.com removed from HOSTS file successfully
127.0.0.1 lm.licenses.adobe.com removed from HOSTS file successfully
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
FastUserSwitchingCompatibility removed from NetSvcs value successfully!
Nla removed from NetSvcs value successfully!
Ntmssvc removed from NetSvcs value successfully!
NWCWorkstation removed from NetSvcs value successfully!
Nwsapagent removed from NetSvcs value successfully!
SRService removed from NetSvcs value successfully!
WmdmPmSp removed from NetSvcs value successfully!
LogonHours removed from NetSvcs value successfully!
PCAudit removed from NetSvcs value successfully!
helpsvc removed from NetSvcs value successfully!
uploadmgr removed from NetSvcs value successfully!
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc005.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
File C:\WINDOWS\System32\perfh005.dat not found.
C:\Windows\System32\perfi005.dat moved successfully.
File C:\WINDOWS\System32\perfc005.dat not found.
C:\Windows\System32\perfd005.dat moved successfully.
File C:\WINDOWS\System32\perfh009.dat not found.
C:\Windows\System32\perfi009.dat moved successfully.
File C:\WINDOWS\System32\perfc009.dat not found.
C:\Windows\System32\perfd009.dat moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Users\pavel_000\Desktop\RK_Quarantine folder moved successfully.
C:\Users\pavel_000\Desktop\winlogon.exe.exe moved successfully.
C:\WINDOWS\AutoKMS.ini moved successfully.
C:\WINDOWS\ativpsrm.bin moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\pavel_000\Desktop\cmd.bat deleted successfully.
C:\Users\pavel_000\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: pavel_000
->Temp folder emptied: 8826819 bytes
->Temporary Internet Files folder emptied: 1831622 bytes
->Java cache emptied: 1832742 bytes
->Opera cache emptied: 10575504 bytes
->Flash cache emptied: 59635 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 476302 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 23,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: pavel_000
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 06192013_184800

Files\Folders moved on Reboot...
File move failed. C:\Users\pavel_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Příspěvekod **jaro3** » 19 čer 2013 21:07

C:\WINDOWS\System32\srms.dat nevíš , k čemu to má patřit?

Jsou nějaké problémy?

paveliknecas · Příspěvekod **paveliknecas** » 19 čer 2013 21:25

patří to ke gom playeru, pc se stále občas seká, nejčastěji neprodleně po startu a při spuštění více aplikací

Příspěvekod **jaro3** » 20 čer 2013 09:55

Spusť OTL a klikni na Vyčisti.

To sekání s viry nesouvisí.

Zkontroluj si HW : HDD, RAM ap.
Založ si nové téma v sekci Problémy s HW.

Pokud nejsou jiné problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Prosím o kontrolu logu - preventivní Vyřešeno

Re: Prosím o kontrolu logu - preventivní

Re: Prosím o kontrolu logu - preventivní

Re: Prosím o kontrolu logu - preventivní

Re: Prosím o kontrolu logu - preventivní

Re: Prosím o kontrolu logu - preventivní

Re: Prosím o kontrolu logu - preventivní

Re: Prosím o kontrolu logu - preventivní

Re: Prosím o kontrolu logu - preventivní

Re: Prosím o kontrolu logu - preventivní Vyřešeno

Kdo je online