občasné zatuhnutí NB

[alonsoalonso2]

23:14:50.0890 4020 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:14:51.0062 4020 ============================================================
23:14:51.0062 4020 Current date / time: 2013/01/07 23:14:51.0062
23:14:51.0062 4020 SystemInfo:
23:14:51.0062 4020
23:14:51.0062 4020 OS Version: 6.1.7601 ServicePack: 1.0
23:14:51.0062 4020 Product type: Workstation
23:14:51.0062 4020 ComputerName: JIRKA-PC
23:14:51.0062 4020 UserName: Jirka
23:14:51.0062 4020 Windows directory: C:\Windows
23:14:51.0062 4020 System windows directory: C:\Windows
23:14:51.0062 4020 Running under WOW64
23:14:51.0062 4020 Processor architecture: Intel x64
23:14:51.0062 4020 Number of processors: 8
23:14:51.0062 4020 Page size: 0x1000
23:14:51.0062 4020 Boot type: Normal boot
23:14:51.0062 4020 ============================================================
23:14:56.0475 4020 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:14:56.0491 4020 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:14:56.0506 4020 ============================================================
23:14:56.0506 4020 \Device\Harddisk0\DR0:
23:14:56.0506 4020 MBR partitions:
23:14:56.0506 4020 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2AF98B5, BlocksNum 0xE8DFF31
23:14:56.0506 4020 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x113DA000, BlocksNum 0x28FAB800
23:14:56.0506 4020 \Device\Harddisk1\DR1:
23:14:56.0506 4020 MBR partitions:
23:14:56.0506 4020 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1BD800
23:14:56.0506 4020 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1D1BE000, BlocksNum 0x1D1C6C41
23:14:56.0506 4020 ============================================================
23:14:56.0506 4020 C: <-> \Device\Harddisk0\DR0\Partition1
23:14:56.0506 4020 D: <-> \Device\Harddisk0\DR0\Partition2
23:14:56.0522 4020 F: <-> \Device\Harddisk1\DR1\Partition1
23:14:56.0522 4020 G: <-> \Device\Harddisk1\DR1\Partition2
23:14:56.0522 4020 ============================================================
23:14:56.0522 4020 Initialize success
23:14:56.0522 4020 ============================================================
23:15:33.0775 6724 ============================================================
23:15:33.0775 6724 Scan started
23:15:33.0775 6724 Mode: Manual; SigCheck; TDLFS;
23:15:33.0775 6724 ============================================================
23:15:37.0753 6724 ================ Scan system memory ========================
23:15:37.0753 6724 System memory - ok
23:15:37.0753 6724 ================ Scan services =============================
23:15:38.0096 6724 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:15:38.0268 6724 1394ohci - ok
23:15:38.0299 6724 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:15:38.0330 6724 ACPI - ok
23:15:38.0346 6724 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:15:38.0392 6724 AcpiPmi - ok
23:15:38.0424 6724 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:15:38.0470 6724 adp94xx - ok
23:15:38.0502 6724 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:15:38.0548 6724 adpahci - ok
23:15:38.0564 6724 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:15:38.0595 6724 adpu320 - ok
23:15:38.0642 6724 [ C0BF554D2277F7A4C735D475ADE2E3B2 ] ADSMService C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
23:15:38.0658 6724 ADSMService ( UnsignedFile.Multi.Generic ) - warning
23:15:38.0658 6724 ADSMService - detected UnsignedFile.Multi.Generic (1)
23:15:38.0673 6724 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:15:38.0767 6724 AeLookupSvc - ok
23:15:38.0782 6724 [ 734D1BA96BE6AD8D04E6AFEAD569EA8A ] AFBAgent C:\Windows\system32\FBAgent.exe
23:15:38.0845 6724 AFBAgent - ok
23:15:38.0876 6724 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:15:38.0923 6724 AFD - ok
23:15:38.0938 6724 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:15:38.0970 6724 agp440 - ok
23:15:38.0970 6724 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:15:39.0016 6724 ALG - ok
23:15:39.0032 6724 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:15:39.0063 6724 aliide - ok
23:15:39.0079 6724 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:15:39.0110 6724 amdide - ok
23:15:39.0126 6724 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:15:39.0172 6724 AmdK8 - ok
23:15:39.0188 6724 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:15:39.0235 6724 AmdPPM - ok
23:15:39.0250 6724 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:15:39.0282 6724 amdsata - ok
23:15:39.0297 6724 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:15:39.0328 6724 amdsbs - ok
23:15:39.0344 6724 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:15:39.0375 6724 amdxata - ok
23:15:39.0406 6724 [ E8494519BCB9E3B1B72E5604993A76E3 ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
23:15:39.0438 6724 Amsp - ok
23:15:39.0453 6724 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:15:39.0547 6724 AppID - ok
23:15:39.0547 6724 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:15:39.0640 6724 AppIDSvc - ok
23:15:39.0640 6724 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
23:15:39.0734 6724 Appinfo - ok
23:15:39.0750 6724 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
23:15:39.0781 6724 AppMgmt - ok
23:15:39.0796 6724 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
23:15:39.0828 6724 arc - ok
23:15:39.0843 6724 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:15:39.0874 6724 arcsas - ok
23:15:39.0906 6724 [ 88FBC8BEBFD38566235EAA5E4DBC4E05 ] AsDsm C:\Windows\system32\drivers\AsDsm.sys
23:15:39.0937 6724 AsDsm - ok
23:15:39.0952 6724 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
23:15:39.0968 6724 ASLDRService - ok
23:15:39.0984 6724 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
23:15:39.0999 6724 ASMMAP64 - ok
23:15:40.0030 6724 [ 11E7E87A24F5B042972B77500D4A0CF4 ] AsusgmsFltr C:\Windows\system32\drivers\Asusgms.sys
23:15:40.0077 6724 AsusgmsFltr - ok
23:15:40.0093 6724 [ 48C1470F7D119FE1ABAB72BABD8281BB ] ASUSProcObsrv C:\eSupport\eDriver\I386\AsPrOb64.sys
23:15:40.0124 6724 ASUSProcObsrv - ok
23:15:40.0140 6724 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
23:15:40.0171 6724 aswFsBlk - ok
23:15:40.0186 6724 [ 6B91E6D483AADB3FC4E13E2355200611 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
23:15:40.0202 6724 aswKbd - ok
23:15:40.0218 6724 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
23:15:40.0249 6724 aswMonFlt - ok
23:15:40.0264 6724 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
23:15:40.0296 6724 aswRdr - ok
23:15:40.0358 6724 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
23:15:40.0420 6724 aswSnx - ok
23:15:40.0436 6724 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
23:15:40.0483 6724 aswSP - ok
23:15:40.0483 6724 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
23:15:40.0514 6724 aswTdi - ok
23:15:40.0530 6724 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:15:40.0608 6724 AsyncMac - ok
23:15:40.0639 6724 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:15:40.0670 6724 atapi - ok
23:15:40.0732 6724 [ F8633CDD09647A64EE8DB550630427FF ] athr C:\Windows\system32\DRIVERS\athrx.sys
23:15:40.0826 6724 athr - ok
23:15:40.0826 6724 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
23:15:40.0857 6724 ATKGFNEXSrv - ok
23:15:40.0873 6724 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
23:15:40.0904 6724 atksgt - ok
23:15:40.0935 6724 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:15:41.0029 6724 AudioEndpointBuilder - ok
23:15:41.0044 6724 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:15:41.0138 6724 AudioSrv - ok
23:15:41.0169 6724 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
23:15:41.0200 6724 avast! Antivirus - ok
23:15:41.0216 6724 avast! Firewall - ok
23:15:41.0216 6724 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:15:41.0278 6724 AxInstSV - ok
23:15:41.0310 6724 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:15:41.0356 6724 b06bdrv - ok
23:15:41.0388 6724 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:15:41.0434 6724 b57nd60a - ok
23:15:41.0450 6724 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:15:41.0497 6724 BDESVC - ok
23:15:41.0497 6724 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:15:41.0590 6724 Beep - ok
23:15:41.0622 6724 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:15:41.0715 6724 BFE - ok
23:15:41.0746 6724 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
23:15:41.0856 6724 BITS - ok
23:15:41.0871 6724 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:15:41.0918 6724 blbdrive - ok
23:15:41.0918 6724 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:15:41.0965 6724 bowser - ok
23:15:41.0965 6724 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:15:42.0012 6724 BrFiltLo - ok
23:15:42.0027 6724 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:15:42.0074 6724 BrFiltUp - ok
23:15:42.0090 6724 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:15:42.0121 6724 Browser - ok
23:15:42.0136 6724 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:15:42.0199 6724 Brserid - ok
23:15:42.0199 6724 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:15:42.0246 6724 BrSerWdm - ok
23:15:42.0261 6724 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:15:42.0308 6724 BrUsbMdm - ok
23:15:42.0308 6724 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:15:42.0355 6724 BrUsbSer - ok
23:15:42.0370 6724 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
23:15:42.0417 6724 BthEnum - ok
23:15:42.0433 6724 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:15:42.0480 6724 BTHMODEM - ok
23:15:42.0480 6724 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:15:42.0526 6724 BthPan - ok
23:15:42.0558 6724 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
23:15:42.0604 6724 BTHPORT - ok
23:15:42.0620 6724 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:15:42.0698 6724 bthserv - ok
23:15:42.0714 6724 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
23:15:42.0760 6724 BTHUSB - ok
23:15:42.0792 6724 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
23:15:42.0823 6724 btusbflt - ok
23:15:42.0838 6724 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
23:15:42.0870 6724 btwaudio - ok
23:15:42.0885 6724 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
23:15:42.0916 6724 btwavdt - ok
23:15:42.0994 6724 [ 4E63C48E7328A11ED0E9075C18FCE782 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
23:15:43.0041 6724 btwdins - ok
23:15:43.0041 6724 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
23:15:43.0072 6724 btwl2cap - ok
23:15:43.0088 6724 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
23:15:43.0104 6724 btwrchid - ok
23:15:43.0119 6724 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:15:43.0197 6724 cdfs - ok
23:15:43.0213 6724 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:15:43.0260 6724 cdrom - ok
23:15:43.0260 6724 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:15:43.0353 6724 CertPropSvc - ok
23:15:43.0353 6724 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:15:43.0400 6724 circlass - ok
23:15:43.0416 6724 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:15:43.0478 6724 CLFS - ok
23:15:43.0494 6724 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:15:43.0572 6724 clr_optimization_v2.0.50727_32 - ok
23:15:43.0587 6724 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:15:43.0634 6724 clr_optimization_v2.0.50727_64 - ok
23:15:43.0681 6724 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:15:43.0728 6724 clr_optimization_v4.0.30319_32 - ok
23:15:43.0743 6724 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:15:43.0790 6724 clr_optimization_v4.0.30319_64 - ok
23:15:43.0806 6724 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:15:43.0852 6724 CmBatt - ok
23:15:43.0852 6724 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:15:43.0884 6724 cmdide - ok
23:15:43.0946 6724 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
23:15:43.0993 6724 CNG - ok
23:15:44.0024 6724 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:15:44.0055 6724 Compbatt - ok
23:15:44.0071 6724 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:15:44.0118 6724 CompositeBus - ok
23:15:44.0149 6724 COMSysApp - ok
23:15:44.0164 6724 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:15:44.0196 6724 crcdisk - ok
23:15:44.0211 6724 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
23:15:44.0227 6724 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
23:15:44.0227 6724 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
23:15:44.0242 6724 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
23:15:44.0258 6724 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
23:15:44.0258 6724 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
23:15:44.0274 6724 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:15:44.0305 6724 CryptSvc - ok
23:15:44.0336 6724 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
23:15:44.0383 6724 CSC - ok
23:15:44.0414 6724 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
23:15:44.0461 6724 CscService - ok
23:15:44.0523 6724 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
23:15:44.0570 6724 cvhsvc - ok
23:15:44.0617 6724 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:15:44.0726 6724 DcomLaunch - ok
23:15:44.0757 6724 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:15:44.0851 6724 defragsvc - ok
23:15:44.0851 6724 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:15:44.0944 6724 DfsC - ok
23:15:44.0976 6724 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
23:15:45.0007 6724 dg_ssudbus - ok
23:15:45.0038 6724 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:15:45.0085 6724 Dhcp - ok
23:15:45.0100 6724 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:15:45.0210 6724 discache - ok
23:15:45.0225 6724 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:15:45.0256 6724 Disk - ok
23:15:45.0272 6724 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:15:45.0350 6724 Dnscache - ok
23:15:45.0381 6724 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:15:45.0475 6724 dot3svc - ok
23:15:45.0475 6724 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:15:45.0568 6724 DPS - ok
23:15:45.0584 6724 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:15:45.0646 6724 drmkaud - ok
23:15:45.0693 6724 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:15:45.0756 6724 DXGKrnl - ok
23:15:45.0771 6724 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:15:45.0865 6724 EapHost - ok
23:15:45.0943 6724 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:15:46.0083 6724 ebdrv - ok
23:15:46.0083 6724 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:15:46.0130 6724 EFS - ok
23:15:46.0161 6724 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:15:46.0239 6724 ehRecvr - ok
23:15:46.0255 6724 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:15:46.0286 6724 ehSched - ok
23:15:46.0317 6724 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:15:46.0364 6724 elxstor - ok
23:15:46.0380 6724 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:15:46.0411 6724 ErrDev - ok
23:15:46.0442 6724 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:15:46.0536 6724 EventSystem - ok
23:15:46.0551 6724 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:15:46.0645 6724 exfat - ok
23:15:46.0660 6724 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:15:46.0738 6724 fastfat - ok
23:15:46.0785 6724 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:15:46.0832 6724 Fax - ok
23:15:46.0848 6724 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:15:46.0879 6724 fdc - ok
23:15:46.0894 6724 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:15:46.0988 6724 fdPHost - ok
23:15:46.0988 6724 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:15:47.0082 6724 FDResPub - ok
23:15:47.0097 6724 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:15:47.0128 6724 FileInfo - ok
23:15:47.0128 6724 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:15:47.0238 6724 Filetrace - ok
23:15:47.0238 6724 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:15:47.0284 6724 flpydisk - ok
23:15:47.0300 6724 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:15:47.0331 6724 FltMgr - ok
23:15:47.0362 6724 [ 480E31B064E6F7B4EAAB8B00437298B6 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
23:15:47.0394 6724 FLxHCIc - ok
23:15:47.0409 6724 [ E9CF4C5A0C31197351F89A1DF4522B96 ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
23:15:47.0440 6724 FLxHCIh - ok
23:15:47.0487 6724 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
23:15:47.0550 6724 FontCache - ok
23:15:47.0565 6724 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:15:47.0596 6724 FontCache3.0.0.0 - ok
23:15:47.0612 6724 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:15:47.0643 6724 FsDepends - ok
23:15:47.0643 6724 [ 5814011B2F6E088E29D689B5FCD49B8F ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:15:47.0674 6724 fssfltr - ok
23:15:47.0706 6724 [ F6717211C1EC2CDDAA81B97B0727C2E9 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
23:15:47.0752 6724 fsssvc - ok
23:15:47.0752 6724 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:15:47.0799 6724 Fs_Rec - ok
23:15:47.0815 6724 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:15:47.0846 6724 fvevol - ok
23:15:47.0862 6724 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:15:47.0893 6724 gagp30kx - ok
23:15:47.0908 6724 [ 7D66EBDE8B7F9B4E00BEEFEEE82670D4 ] ghaio C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
23:15:47.0940 6724 ghaio - ok
23:15:47.0955 6724 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:15:48.0064 6724 gpsvc - ok
23:15:48.0064 6724 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:15:48.0111 6724 hcw85cir - ok
23:15:48.0252 6724 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:15:48.0314 6724 HdAudAddService - ok
23:15:48.0314 6724 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:15:48.0361 6724 HDAudBus - ok
23:15:48.0376 6724 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:15:48.0408 6724 HECIx64 - ok
23:15:48.0408 6724 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:15:48.0454 6724 HidBatt - ok
23:15:48.0454 6724 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:15:48.0517 6724 HidBth - ok
23:15:48.0517 6724 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:15:48.0564 6724 HidIr - ok
23:15:48.0579 6724 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:15:48.0673 6724 hidserv - ok
23:15:48.0673 6724 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:15:48.0720 6724 HidUsb - ok
23:15:48.0720 6724 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:15:48.0829 6724 hkmsvc - ok
23:15:48.0829 6724 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:15:48.0891 6724 HomeGroupListener - ok
23:15:48.0922 6724 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:15:48.0969 6724 HomeGroupProvider - ok
23:15:49.0000 6724 [ 53DCA61931847E35C950504BFB7559C6 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
23:15:49.0016 6724 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - warning
23:15:49.0016 6724 HP LaserJet Service - detected UnsignedFile.Multi.Generic (1)
23:15:49.0032 6724 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:15:49.0063 6724 HpSAMD - ok
23:15:49.0094 6724 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:15:49.0203 6724 HTTP - ok
23:15:49.0219 6724 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:15:49.0250 6724 hwpolicy - ok
23:15:49.0266 6724 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:15:49.0312 6724 i8042prt - ok
23:15:49.0344 6724 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:15:49.0375 6724 iaStor - ok
23:15:49.0422 6724 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:15:49.0468 6724 iaStorV - ok
23:15:49.0500 6724 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:15:49.0578 6724 idsvc - ok
23:15:49.0578 6724 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:15:49.0609 6724 iirsp - ok
23:15:49.0656 6724 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:15:49.0765 6724 IKEEXT - ok
23:15:49.0843 6724 [ BD9D02F706FCAF28D89F5435F18A4A04 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:15:49.0936 6724 IntcAzAudAddService - ok
23:15:49.0936 6724 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:15:49.0983 6724 intelide - ok
23:15:49.0983 6724 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:15:50.0030 6724 intelppm - ok
23:15:50.0030 6724 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:15:50.0124 6724 IPBusEnum - ok
23:15:50.0139 6724 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:15:50.0233 6724 IpFilterDriver - ok
23:15:50.0264 6724 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:15:50.0311 6724 iphlpsvc - ok
23:15:50.0326 6724 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:15:50.0373 6724 IPMIDRV - ok
23:15:50.0389 6724 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:15:50.0467 6724 IPNAT - ok
23:15:50.0498 6724 ipswuio - ok
23:15:50.0498 6724 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:15:50.0545 6724 IRENUM - ok
23:15:50.0560 6724 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:15:50.0592 6724 isapnp - ok
23:15:50.0607 6724 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:15:50.0654 6724 iScsiPrt - ok
23:15:50.0654 6724 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
23:15:50.0685 6724 kbdclass - ok
23:15:50.0701 6724 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:15:50.0732 6724 kbdhid - ok
23:15:50.0748 6724 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
23:15:50.0779 6724 kbfiltr - ok
23:15:50.0779 6724 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:15:50.0826 6724 KeyIso - ok
23:15:50.0841 6724 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:15:50.0872 6724 KSecDD - ok
23:15:50.0888 6724 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:15:50.0919 6724 KSecPkg - ok
23:15:50.0935 6724 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:15:51.0013 6724 ksthunk - ok
23:15:51.0044 6724 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:15:51.0138 6724 KtmRm - ok
23:15:51.0153 6724 [ 9DDC68B87A9B837736A2B193EE14A4A5 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
23:15:51.0184 6724 L1C - ok
23:15:51.0200 6724 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:15:51.0294 6724 LanmanServer - ok
23:15:51.0340 6724 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:15:51.0434 6724 LanmanWorkstation - ok
23:15:51.0465 6724 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
23:15:51.0496 6724 lirsgt - ok
23:15:51.0512 6724 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:15:51.0590 6724 lltdio - ok
23:15:51.0606 6724 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:15:51.0715 6724 lltdsvc - ok
23:15:51.0715 6724 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:15:51.0808 6724 lmhosts - ok
23:15:51.0824 6724 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:15:51.0855 6724 LMS ( UnsignedFile.Multi.Generic ) - warning
23:15:51.0855 6724 LMS - detected UnsignedFile.Multi.Generic (1)
23:15:51.0855 6724 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:15:51.0902 6724 LSI_FC - ok
23:15:51.0902 6724 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:15:51.0949 6724 LSI_SAS - ok
23:15:51.0949 6724 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:15:51.0980 6724 LSI_SAS2 - ok
23:15:52.0011 6724 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:15:52.0042 6724 LSI_SCSI - ok
23:15:52.0058 6724 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:15:52.0152 6724 luafv - ok
23:15:52.0167 6724 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
23:15:52.0198 6724 MarvinBus - ok
23:15:52.0214 6724 [ 9B4B4838A6C8DC97416581C13CB6482C ] massfilter_hs C:\Windows\system32\drivers\massfilter_hs.sys
23:15:52.0230 6724 massfilter_hs - ok
23:15:52.0261 6724 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
23:15:52.0276 6724 MBfilt - ok
23:15:52.0292 6724 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:15:52.0339 6724 Mcx2Svc - ok
23:15:52.0354 6724 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:15:52.0386 6724 megasas - ok
23:15:52.0417 6724 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:15:52.0448 6724 MegaSR - ok
23:15:52.0464 6724 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:15:52.0557 6724 MMCSS - ok
23:15:52.0557 6724 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:15:52.0651 6724 Modem - ok
23:15:52.0651 6724 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:15:52.0698 6724 monitor - ok
23:15:52.0713 6724 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:15:52.0744 6724 mouclass - ok
23:15:52.0744 6724 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:15:52.0791 6724 mouhid - ok
23:15:52.0807 6724 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:15:52.0838 6724 mountmgr - ok
23:15:52.0854 6724 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:15:52.0900 6724 mpio - ok
23:15:52.0900 6724 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:15:52.0994 6724 mpsdrv - ok
23:15:53.0025 6724 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:15:53.0134 6724 MpsSvc - ok
23:15:53.0150 6724 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:15:53.0197 6724 MRxDAV - ok
23:15:53.0212 6724 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:15:53.0259 6724 mrxsmb - ok
23:15:53.0275 6724 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:15:53.0322 6724 mrxsmb10 - ok
23:15:53.0322 6724 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:15:53.0368 6724 mrxsmb20 - ok
23:15:53.0384 6724 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
23:15:53.0415 6724 msahci - ok
23:15:53.0431 6724 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:15:53.0462 6724 msdsm - ok
23:15:53.0478 6724 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:15:53.0524 6724 MSDTC - ok
23:15:53.0540 6724 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:15:53.0618 6724 Msfs - ok
23:15:53.0634 6724 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:15:53.0712 6724 mshidkmdf - ok
23:15:53.0727 6724 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:15:53.0758 6724 msisadrv - ok
23:15:53.0774 6724 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:15:53.0868 6724 MSiSCSI - ok
23:15:53.0868 6724 msiserver - ok
23:15:53.0883 6724 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:15:53.0961 6724 MSKSSRV - ok
23:15:53.0977 6724 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:15:54.0070 6724 MSPCLOCK - ok
23:15:54.0086 6724 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:15:54.0164 6724 MSPQM - ok
23:15:54.0226 6724 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:15:54.0273 6724 MsRPC - ok
23:15:54.0289 6724 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:15:54.0320 6724 mssmbios - ok
23:15:54.0320 6724 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:15:54.0414 6724 MSTEE - ok
23:15:54.0414 6724 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:15:54.0476 6724 MTConfig - ok
23:15:54.0476 6724 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
23:15:54.0507 6724 MTsensor - ok
23:15:54.0507 6724 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:15:54.0538 6724 Mup - ok
23:15:54.0554 6724 [ 86292363B050C1B55FE77D75AF3EFB71 ] mvusbews C:\Windows\system32\Drivers\mvusbews.sys
23:15:54.0585 6724 mvusbews - ok
23:15:54.0616 6724 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:15:54.0741 6724 napagent - ok
23:15:54.0772 6724 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:15:54.0819 6724 NativeWifiP - ok
23:15:54.0866 6724 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:15:54.0928 6724 NDIS - ok
23:15:54.0944 6724 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:15:55.0038 6724 NdisCap - ok
23:15:55.0053 6724 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:15:55.0131 6724 NdisTapi - ok
23:15:55.0147 6724 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:15:55.0225 6724 Ndisuio - ok
23:15:55.0240 6724 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:15:55.0334 6724 NdisWan - ok
23:15:55.0365 6724 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:15:55.0443 6724 NDProxy - ok
23:15:55.0459 6724 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:15:55.0537 6724 NetBIOS - ok
23:15:55.0552 6724 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:15:55.0646 6724 NetBT - ok
23:15:55.0662 6724 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:15:55.0708 6724 Netlogon - ok
23:15:55.0740 6724 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:15:55.0833 6724 Netman - ok
23:15:55.0864 6724 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:15:55.0958 6724 netprofm - ok
23:15:55.0958 6724 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:15:55.0989 6724 NetTcpPortSharing - ok
23:15:56.0005 6724 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:15:56.0036 6724 nfrd960 - ok
23:15:56.0052 6724 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:15:56.0114 6724 NlaSvc - ok
23:15:56.0114 6724 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:15:56.0208 6724 Npfs - ok
23:15:56.0208 6724 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:15:56.0301 6724 nsi - ok
23:15:56.0317 6724 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:15:56.0410 6724 nsiproxy - ok
23:15:56.0457 6724 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:15:56.0566 6724 Ntfs - ok
23:15:56.0566 6724 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:15:56.0660 6724 Null - ok
23:15:56.0676 6724 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
23:15:56.0707 6724 NVHDA - ok
23:15:57.0003 6724 [ 01502A328AE7CF595698A3FD954D18F0 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:15:57.0440 6724 nvlddmkm - ok
23:15:57.0565 6724 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:15:57.0612 6724 nvraid - ok
23:15:57.0627 6724 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:15:57.0674 6724 nvstor - ok
23:15:57.0705 6724 [ 9196496E4EDC48BA7C7162D29698BCAA ] nvsvc C:\Windows\system32\nvvsvc.exe
23:15:57.0768 6724 nvsvc - ok
23:15:57.0846 6724 [ AB56C9BF8B0B830833C2CB6A63947D2F ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:15:57.0939 6724 nvUpdatusService - ok
23:15:57.0939 6724 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:15:57.0986 6724 nv_agp - ok
23:15:57.0986 6724 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:15:58.0033 6724 ohci1394 - ok
23:15:58.0048 6724 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:15:58.0080 6724 ose - ok
23:15:58.0220 6724 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:15:58.0392 6724 osppsvc - ok
23:15:58.0423 6724 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:15:58.0485 6724 p2pimsvc - ok
23:15:58.0501 6724 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:15:58.0563 6724 p2psvc - ok
23:15:58.0563 6724 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:15:58.0610 6724 Parport - ok
23:15:58.0626 6724 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:15:58.0657 6724 partmgr - ok
23:15:58.0672 6724 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:15:58.0719 6724 PcaSvc - ok
23:15:58.0735 6724 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:15:58.0782 6724 pci - ok
23:15:58.0782 6724 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
23:15:58.0813 6724 pciide - ok
23:15:58.0828 6724 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:15:58.0875 6724 pcmcia - ok
23:15:58.0875 6724 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:15:58.0922 6724 pcw - ok
23:15:58.0938 6724 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:15:59.0047 6724 PEAUTH - ok
23:15:59.0094 6724 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:15:59.0172 6724 PeerDistSvc - ok
23:15:59.0281 6724 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:15:59.0328 6724 PerfHost - ok
23:15:59.0390 6724 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:15:59.0515 6724 pla - ok
23:15:59.0546 6724 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:15:59.0593 6724 PlugPlay - ok
23:15:59.0608 6724 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:15:59.0655 6724 PNRPAutoReg - ok
23:15:59.0686 6724 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:15:59.0733 6724 PNRPsvc - ok
23:15:59.0749 6724 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:15:59.0858 6724 PolicyAgent - ok
23:15:59.0874 6724 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:15:59.0967 6724 Power - ok
23:15:59.0983 6724 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:16:00.0061 6724 PptpMiniport - ok
23:16:00.0061 6724 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:16:00.0108 6724 Processor - ok
23:16:00.0123 6724 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:16:00.0170 6724 ProfSvc - ok
23:16:00.0201 6724 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:16:00.0232 6724 ProtectedStorage - ok
23:16:00.0248 6724 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:16:00.0342 6724 Psched - ok
23:16:00.0388 6724 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:16:00.0482 6724 ql2300 - ok
23:16:00.0498 6724 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:16:00.0529 6724 ql40xx - ok
23:16:00.0544 6724 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:16:00.0607 6724 QWAVE - ok
23:16:00.0622 6724 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:16:00.0669 6724 QWAVEdrv - ok
23:16:00.0669 6724 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:16:00.0763 6724 RasAcd - ok
23:16:00.0763 6724 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:16:00.0856 6724 RasAgileVpn - ok
23:16:00.0856 6724 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:16:00.0966 6724 RasAuto - ok
23:16:00.0966 6724 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:16:01.0059 6724 Rasl2tp - ok
23:16:01.0075 6724 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:16:01.0184 6724 RasMan - ok
23:16:01.0184 6724 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:16:01.0278 6724 RasPppoe - ok
23:16:01.0293 6724 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:16:01.0371 6724 RasSstp - ok
23:16:01.0387 6724 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:16:01.0480 6724 rdbss - ok
23:16:01.0496 6724 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:16:01.0543 6724 rdpbus - ok
23:16:01.0543 6724 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:16:01.0621 6724 RDPCDD - ok
23:16:01.0652 6724 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:16:01.0683 6724 RDPDR - ok
23:16:01.0699 6724 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:16:01.0777 6724 RDPENCDD - ok
23:16:01.0792 6724 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:16:01.0870 6724 RDPREFMP - ok
23:16:01.0902 6724 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:16:01.0933 6724 RdpVideoMiniport - ok
23:16:01.0948 6724 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:16:01.0995 6724 RDPWD - ok
23:16:02.0011 6724 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:16:02.0042 6724 rdyboost - ok
23:16:02.0058 6724 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:16:02.0151 6724 RemoteAccess - ok
23:16:02.0167 6724 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:16:02.0260 6724 RemoteRegistry - ok
23:16:02.0292 6724 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:16:02.0338 6724 RFCOMM - ok
23:16:02.0354 6724 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:16:02.0463 6724 RpcEptMapper - ok
23:16:02.0479 6724 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:16:02.0526 6724 RpcLocator - ok
23:16:02.0541 6724 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
23:16:02.0650 6724 RpcSs - ok
23:16:02.0682 6724 [ 4EC9BAC49473043EBD1EEC6EA59D8B2F ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
23:16:02.0713 6724 RSPCIESTOR - ok
23:16:02.0728 6724 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:16:02.0806 6724 rspndr - ok
23:16:02.0822 6724 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
23:16:02.0853 6724 s3cap - ok
23:16:02.0869 6724 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:16:02.0900 6724 SamSs - ok
23:16:02.0916 6724 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:16:02.0947 6724 sbp2port - ok
23:16:02.0962 6724 SBRE - ok
23:16:02.0978 6724 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:16:03.0087 6724 SCardSvr - ok
23:16:03.0087 6724 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:16:03.0165 6724 scfilter - ok
23:16:03.0212 6724 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:16:03.0337 6724 Schedule - ok
23:16:03.0337 6724 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:16:03.0430 6724 SCPolicySvc - ok
23:16:03.0446 6724 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:16:03.0493 6724 SDRSVC - ok
23:16:03.0508 6724 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:16:03.0586 6724 secdrv - ok
23:16:03.0602 6724 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:16:03.0696 6724 seclogon - ok
23:16:03.0696 6724 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:16:03.0789 6724 SENS - ok
23:16:03.0805 6724 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:16:03.0867 6724 SensrSvc - ok
23:16:03.0867 6724 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:16:03.0914 6724 Serenum - ok
23:16:03.0914 6724 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:16:03.0961 6724 Serial - ok
23:16:03.0976 6724 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:16:04.0008 6724 sermouse - ok
23:16:04.0039 6724 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:16:04.0132 6724 SessionEnv - ok
23:16:04.0132 6724 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:16:04.0179 6724 sffdisk - ok
23:16:04.0179 6724 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:16:04.0226 6724 sffp_mmc - ok
23:16:04.0226 6724 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:16:04.0304 6724 sffp_sd - ok
23:16:04.0320 6724 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:16:04.0351 6724 sfloppy - ok
23:16:04.0382 6724 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
23:16:04.0444 6724 Sftfs - ok
23:16:04.0460 6724 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
23:16:04.0507 6724 sftlist - ok
23:16:04.0522 6724 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
23:16:04.0554 6724 Sftplay - ok
23:16:04.0569 6724 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
23:16:04.0585 6724 Sftredir - ok
23:16:04.0600 6724 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
23:16:04.0632 6724 Sftvol - ok
23:16:04.0647 6724 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
23:16:04.0678 6724 sftvsa - ok
23:16:04.0694 6724 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:16:04.0788 6724 SharedAccess - ok
23:16:04.0819 6724 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:16:04.0912 6724 ShellHWDetection - ok
23:16:04.0912 6724 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
23:16:04.0959 6724 SiSGbeLH - ok
23:16:04.0975 6724 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:16:05.0006 6724 SiSRaid2 - ok
23:16:05.0006 6724 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:16:05.0053 6724 SiSRaid4 - ok
23:16:05.0053 6724 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:16:05.0146 6724 Smb - ok
23:16:05.0162 6724 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:16:05.0209 6724 SNMPTRAP - ok
23:16:05.0271 6724 [ 2114518E55B380A3ACC28B2C27FD499A ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
23:16:05.0349 6724 SNP2UVC - ok
23:16:05.0380 6724 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
23:16:05.0427 6724 speedfan - ok
23:16:05.0427 6724 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:16:05.0458 6724 spldr - ok
23:16:05.0505 6724 [ 739DB668DBD812285ECC553E64A5E212 ] spmgr C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
23:16:05.0536 6724 spmgr - ok
23:16:05.0568 6724 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
23:16:05.0646 6724 Spooler - ok
23:16:05.0739 6724 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:16:05.0895 6724 sppsvc - ok
23:16:05.0911 6724 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:16:06.0036 6724 sppuinotify - ok
23:16:06.0051 6724 [ D519AD2DE7968CD2B47FEA807C5B29B2 ] sptd C:\Windows\System32\Drivers\sptd.sys
23:16:06.0067 6724 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: D519AD2DE7968CD2B47FEA807C5B29B2
23:16:06.0067 6724 sptd ( LockedFile.Multi.Generic ) - warning
23:16:06.0067 6724 sptd - detected LockedFile.Multi.Generic (1)
23:16:06.0082 6724 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:16:06.0129 6724 srv - ok
23:16:06.0160 6724 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:16:06.0207 6724 srv2 - ok
23:16:06.0223 6724 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:16:06.0270 6724 srvnet - ok
23:16:06.0285 6724 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:16:06.0379 6724 SSDPSRV - ok
23:16:06.0394 6724 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:16:06.0488 6724 SstpSvc - ok
23:16:06.0535 6724 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
23:16:06.0566 6724 ssudmdm - ok
23:16:06.0597 6724 [ 3D3816D395E92F7A3663C76A93157564 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:16:06.0628 6724 Stereo Service - ok
23:16:06.0644 6724 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:16:06.0675 6724 stexstor - ok
23:16:06.0706 6724 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:16:06.0769 6724 stisvc - ok
23:16:06.0784 6724 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
23:16:06.0816 6724 storflt - ok
23:16:06.0831 6724 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
23:16:06.0862 6724 storvsc - ok
23:16:06.0878 6724 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
23:16:06.0909 6724 swenum - ok
23:16:06.0940 6724 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:16:07.0065 6724 swprv - ok
23:16:07.0065 6724 Synth3dVsc - ok
23:16:07.0096 6724 [ 01A658167619075BAAD31C96074C0B38 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:16:07.0128 6724 SynTP - ok
23:16:07.0190 6724 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:16:07.0315 6724 SysMain - ok
23:16:07.0330 6724 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:16:07.0393 6724 TabletInputService - ok
23:16:07.0408 6724 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:16:07.0533 6724 TapiSrv - ok
23:16:07.0533 6724 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:16:07.0642 6724 TBS - ok
23:16:07.0705 6724 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:16:07.0798 6724 Tcpip - ok
23:16:07.0861 6724 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:16:07.0939 6724 TCPIP6 - ok
23:16:07.0954 6724 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:16:08.0001 6724 tcpipreg - ok
23:16:08.0017 6724 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:16:08.0048 6724 TDPIPE - ok
23:16:08.0064 6724 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:16:08.0110 6724 TDTCP - ok
23:16:08.0110 6724 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:16:08.0220 6724 tdx - ok
23:16:08.0220 6724 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:16:08.0251 6724 TermDD - ok
23:16:08.0282 6724 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:16:08.0391 6724 TermService - ok
23:16:08.0407 6724 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:16:08.0454 6724 Themes - ok
23:16:08.0469 6724 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:16:08.0563 6724 THREADORDER - ok
23:16:08.0578 6724 [ 69D76CE06BB629B69165C81D83A4B03E ] TiMiniService C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
23:16:08.0641 6724 TiMiniService - ok
23:16:08.0734 6724 [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys
23:16:08.0750 6724 tmactmon - ok
23:16:08.0781 6724 [ 360E61217D4E1E333583D0C721057F70 ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys
23:16:08.0812 6724 tmcomm - ok
23:16:08.0812 6724 [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys
23:16:08.0844 6724 tmevtmgr - ok
23:16:08.0859 6724 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
23:16:08.0875 6724 tmtdi - ok
23:16:08.0890 6724 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:16:08.0984 6724 TrkWks - ok
23:16:09.0015 6724 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:16:09.0109 6724 TrustedInstaller - ok
23:16:09.0124 6724 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:16:09.0202 6724 tssecsrv - ok
23:16:09.0218 6724 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:16:09.0249 6724 TsUsbFlt - ok
23:16:09.0249 6724 tsusbhub - ok
23:16:09.0280 6724 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:16:09.0358 6724 tunnel - ok
23:16:09.0374 6724 [ B355581A9DA34C92E2DBAFA410D2F829 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
23:16:09.0405 6724 TurboB - ok
23:16:09.0421 6724 [ 6564E84B1522C12EA1C3A181ED03276F ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
23:16:09.0452 6724 TurboBoost - ok
23:16:09.0468 6724 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:16:09.0499 6724 uagp35 - ok
23:16:09.0514 6724 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:16:09.0608 6724 udfs - ok
23:16:09.0624 6724 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:16:09.0686 6724 UI0Detect - ok
23:16:09.0686 6724 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:16:09.0717 6724 uliagpkx - ok
23:16:09.0733 6724 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:16:09.0780 6724 umbus - ok
23:16:09.0780 6724 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:16:09.0826 6724 UmPass - ok
23:16:09.0842 6724 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
23:16:09.0904 6724 UmRdpService - ok
23:16:09.0967 6724 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:16:10.0029 6724 UNS ( UnsignedFile.Multi.Generic ) - warning
23:16:10.0029 6724 UNS - detected UnsignedFile.Multi.Generic (1)
23:16:10.0045 6724 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:16:10.0154 6724 upnphost - ok
23:16:10.0185 6724 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:16:10.0232 6724 usbccgp - ok
23:16:10.0248 6724 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:16:10.0294 6724 usbcir - ok
23:16:10.0310 6724 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:16:10.0357 6724 usbehci - ok
23:16:10.0372 6724 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:16:10.0419 6724 usbhub - ok
23:16:10.0435 6724 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:16:10.0482 6724 usbohci - ok
23:16:10.0482 6724 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:16:10.0528 6724 usbprint - ok
23:16:10.0544 6724 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:16:10.0575 6724 USBSTOR - ok
23:16:10.0591 6724 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:16:10.0638 6724 usbuhci - ok
23:16:10.0653 6724 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:16:10.0716 6724 usbvideo - ok
23:16:10.0731 6724 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:16:10.0825 6724 UxSms - ok
23:16:10.0840 6724 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:16:10.0872 6724 VaultSvc - ok
23:16:10.0887 6724 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:16:10.0918 6724 vdrvroot - ok
23:16:10.0950 6724 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:16:11.0059 6724 vds - ok
23:16:11.0074 6724 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:16:11.0121 6724 vga - ok
23:16:11.0121 6724 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:16:11.0230 6724 VgaSave - ok
23:16:11.0230 6724 VGPU - ok
23:16:11.0246 6724 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:16:11.0293 6724 vhdmp - ok
23:16:11.0293 6724 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:16:11.0324 6724 viaide - ok
23:16:11.0340 6724 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
23:16:11.0386 6724 vmbus - ok
23:16:11.0386 6724 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
23:16:11.0433 6724 VMBusHID - ok
23:16:11.0449 6724 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:16:11.0480 6724 volmgr - ok
23:16:11.0496 6724 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:16:11.0542 6724 volmgrx - ok
23:16:11.0558 6724 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:16:11.0605 6724 volsnap - ok
23:16:11.0620 6724 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:16:11.0667 6724 vsmraid - ok
23:16:11.0714 6724 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:16:11.0854 6724 VSS - ok
23:16:11.0870 6724 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:16:11.0917 6724 vwifibus - ok
23:16:11.0917 6724 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:16:11.0979 6724 vwififlt - ok
23:16:11.0979 6724 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:16:12.0042 6724 vwifimp - ok
23:16:12.0073 6724 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:16:12.0182 6724 W32Time - ok
23:16:12.0198 6724 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:16:12.0229 6724 WacomPen - ok
23:16:12.0244 6724 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:16:12.0338 6724 WANARP - ok
23:16:12.0354 6724 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:16:12.0432 6724 Wanarpv6 - ok
23:16:12.0494 6724 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:16:12.0588 6724 WatAdminSvc - ok
23:16:12.0650 6724 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:16:12.0759 6724 wbengine - ok
23:16:12.0775 6724 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:16:12.0837 6724 WbioSrvc - ok
23:16:12.0884 6724 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:16:12.0962 6724 wcncsvc - ok
23:16:12.0978 6724 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:16:13.0040 6724 WcsPlugInService - ok
23:16:13.0056 6724 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:16:13.0087 6724 Wd - ok
23:16:13.0134 6724 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:16:13.0212 6724 Wdf01000 - ok
23:16:13.0227 6724 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:16:13.0290 6724 WdiServiceHost - ok
23:16:13.0290 6724 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:16:13.0352 6724 WdiSystemHost - ok
23:16:13.0368 6724 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:16:13.0430 6724 WebClient - ok
23:16:13.0446 6724 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:16:13.0555 6724 Wecsvc - ok
23:16:13.0570 6724 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:16:13.0664 6724 wercplsupport - ok
23:16:13.0680 6724 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:16:13.0773 6724 WerSvc - ok
23:16:13.0789 6724 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:16:13.0882 6724 WfpLwf - ok
23:16:13.0898 6724 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
23:16:13.0929 6724 WimFltr - ok
23:16:13.0945 6724 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:16:13.0976 6724 WIMMount - ok
23:16:13.0976 6724 WinDefend - ok
23:16:13.0992 6724 WinHttpAutoProxySvc - ok
23:16:14.0038 6724 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:16:14.0148 6724 Winmgmt - ok
23:16:14.0210 6724 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:16:14.0382 6724 WinRM - ok
23:16:14.0413 6724 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:16:14.0460 6724 WinUsb - ok
23:16:14.0506 6724 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:16:14.0584 6724 Wlansvc - ok
23:16:14.0678 6724 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:16:14.0772 6724 wlidsvc - ok
23:16:14.0787 6724 [ 680A7846370000D20D7E74917D5B7936 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
23:16:14.0818 6724 WmBEnum - ok
23:16:14.0834 6724 [ 14C35BA8189C6F65D839163AA285E954 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
23:16:14.0865 6724 WmFilter - ok
23:16:14.0865 6724 [ AC4331AF118A720F13C9C5CABBFE27BD ] WmHidLo C:\Windows\system32\drivers\WmHidLo.sys
23:16:14.0896 6724 WmHidLo - ok
23:16:14.0912 6724 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:16:14.0959 6724 WmiAcpi - ok
23:16:14.0974 6724 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:16:15.0021 6724 wmiApSrv - ok
23:16:15.0037 6724 WMPNetworkSvc - ok
23:16:15.0052 6724 [ 8488DD91A3EE54A8E29F02AD7BB8201E ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
23:16:15.0084 6724 WmVirHid - ok
23:16:15.0084 6724 [ 14802B3A30AA849C97CB968CCC813BF3 ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
23:16:15.0115 6724 WmXlCore - ok
23:16:15.0130 6724 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:16:15.0177 6724 WPCSvc - ok
23:16:15.0193 6724 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:16:15.0240 6724 WPDBusEnum - ok
23:16:15.0255 6724 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:16:15.0349 6724 ws2ifsl - ok
23:16:15.0349 6724 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
23:16:15.0411 6724 wscsvc - ok
23:16:15.0427 6724 WSearch - ok
23:16:15.0489 6724 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:16:15.0614 6724 wuauserv - ok
23:16:15.0630 6724 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:16:15.0676 6724 WudfPf - ok
23:16:15.0692 6724 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:16:15.0739 6724 WUDFRd - ok
23:16:15.0754 6724 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:16:15.0801 6724 wudfsvc - ok
23:16:15.0832 6724 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
23:16:15.0895 6724 WwanSvc - ok
23:16:15.0973 6724 [ 74983ADDCA2D9618512C088D856D6615 ] {B154377D-700F-42cc-9474-23858FBDF4BD} C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl
23:16:15.0988 6724 {B154377D-700F-42cc-9474-23858FBDF4BD} - ok
23:16:16.0004 6724 ================ Scan global ===============================
23:16:16.0020 6724 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:16:16.0020 6724 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
23:16:16.0051 6724 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
23:16:16.0082 6724 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:16:16.0113 6724 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:16:16.0129 6724 [Global] - ok
23:16:16.0129 6724 ================ Scan MBR ==================================
23:16:16.0129 6724 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:16:16.0675 6724 \Device\Harddisk0\DR0 - ok
23:16:20.0107 6724 [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk1\DR1
23:16:20.0247 6724 \Device\Harddisk1\DR1 - ok
23:16:20.0247 6724 ================ Scan VBR ==================================
23:16:20.0247 6724 [ 9628A436606CA6C16C1BB99DF12AA447 ] \Device\Harddisk0\DR0\Partition1
23:16:20.0263 6724 \Device\Harddisk0\DR0\Partition1 - ok
23:16:20.0263 6724 [ DD5D9FB063EA846CF471438CCCBE6C5E ] \Device\Harddisk0\DR0\Partition2
23:16:20.0263 6724 \Device\Harddisk0\DR0\Partition2 - ok
23:16:20.0263 6724 [ B70DFF343B01B0CFAC00A228B3FA5709 ] \Device\Harddisk1\DR1\Partition1
23:16:20.0278 6724 \Device\Harddisk1\DR1\Partition1 - ok
23:16:20.0278 6724 [ DC3AAFF593092A6C95A2B710EFE4CFBA ] \Device\Harddisk1\DR1\Partition2
23:16:20.0278 6724 \Device\Harddisk1\DR1\Partition2 - ok
23:16:20.0278 6724 ============================================================
23:16:20.0278 6724 Scan finished
23:16:20.0278 6724 ============================================================
23:16:20.0294 2340 Detected object count: 7
23:16:20.0294 2340 Actual detected object count: 7
23:16:39.0529 2340 ADSMService ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:39.0529 2340 ADSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:39.0529 2340 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:39.0529 2340 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:39.0544 2340 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:39.0544 2340 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:39.0544 2340 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:39.0544 2340 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:39.0544 2340 LMS ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:39.0544 2340 LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:39.0544 2340 sptd ( LockedFile.Multi.Generic ) - skipped by user
23:16:39.0544 2340 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
23:16:39.0544 2340 UNS ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:39.0544 2340 UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip

[Márty84]

Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe , ulozte na plochu a spustte jako spravce.
Kliknete na Scan
Pak kliknete na Save log a ulozte ho treba na plochu
Obsah logu mi sem zkopirujte

[alonsoalonso2]

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-07 23:33:23
-----------------------------
23:33:23.533 OS Version: Windows x64 6.1.7601 Service Pack 1
23:33:23.533 Number of processors: 8 586 0x1E05
23:33:23.533 ComputerName: JIRKA-PC UserName: Jirka
23:33:25.935 Initialize success
23:33:26.247 AVAST engine defs: 13010700
23:33:28.182 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:33:28.182 Disk 0 Vendor: ST950056 SD22 Size: 476940MB BusType: 3
23:33:28.197 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
23:33:28.197 Disk 1 Vendor: ST950056 SD22 Size: 476940MB BusType: 3
23:33:28.213 Disk 0 MBR read successfully
23:33:28.229 Disk 0 MBR scan
23:33:28.229 Disk 0 Windows 7 default MBR code
23:33:28.244 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 22003 MB offset 63
23:33:28.260 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119231 MB offset 45062325
23:33:28.260 Disk 0 Partition - 00 0F Extended LBA 335704 MB offset 289249280
23:33:28.275 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 335703 MB offset 289251328
23:33:28.291 Disk 0 scanning C:\Windows\system32\drivers
23:33:34.125 Service scanning
23:33:41.364 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
23:33:44.297 Modules scanning
23:33:44.312 Disk 0 trace - called modules:
23:33:44.328 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys sptd.sys hal.dll
23:33:44.343 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e96790]
23:33:44.359 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> [0xfffffa8007c26e40]
23:33:44.375 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007c29050]
23:33:45.420 AVAST engine scan C:\Windows
23:33:47.573 AVAST engine scan C:\Windows\system32
23:35:26.477 AVAST engine scan C:\Windows\system32\drivers
23:35:38.021 AVAST engine scan C:\Users\Jirka
23:38:02.711 AVAST engine scan C:\ProgramData
23:39:19.479 Scan finished successfully
23:49:12.011 Disk 0 MBR has been saved successfully to "C:\Users\Jirka\Desktop\MBR.dat"
23:49:12.027 The log file has been saved successfully to "C:\Users\Jirka\Desktop\aswMBR.txt"

[Márty84]

Pokud nemate, zazalohujte si dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[alonsoalonso2]

ComboFix 13-01-08.01 - Jirka 08.01.2013 17:48:35.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1029.18.8116.6124 [GMT 1:00]
Running from: c:\users\Jirka\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\esupport\eDriver\Software\ASUS\MultiFrame\XP32_Vista32_Vista64_Win7_32_Win7_64_1.0.0021\Desktop_.ini
c:\program files (x86)\Common Files\Net4Switch.ico
c:\programdata\FullRemove.exe
c:\windows\msvcr71.dll
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-12-08 to 2013-01-08 )))))))))))))))))))))))))))))))
.
.
2013-01-08 17:19 . 2013-01-08 17:19 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-08 17:19 . 2013-01-08 17:19 -------- d-----w- c:\users\Mcx1-JIRKA-PC\AppData\Local\temp
2013-01-08 17:19 . 2013-01-08 17:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-08 16:24 . 2013-01-08 16:24 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3E9EF1DA-651B-4AFD-A484-56097E6CCA7D}\offreg.dll
2013-01-08 16:19 . 2012-11-19 00:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3E9EF1DA-651B-4AFD-A484-56097E6CCA7D}\mpengine.dll
2013-01-07 19:43 . 2013-01-07 19:43 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-01-07 18:36 . 2012-05-31 10:25 279656 ------w- c:\windows\system32\MpSigStub.exe
2013-01-07 17:07 . 2013-01-07 17:21 -------- d-----w- c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus
2013-01-07 16:55 . 2013-01-07 18:17 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus
2013-01-06 22:54 . 2013-01-06 22:54 -------- d-----w- c:\users\Jirka\AppData\Local\Programs
2013-01-06 20:58 . 2013-01-06 20:58 -------- d-----w- C:\_OTL
2013-01-06 13:01 . 2013-01-06 13:01 512 ----a-w- C:\PhysicalMBR.bin
2013-01-06 12:14 . 2013-01-07 19:04 -------- d-----w- c:\program files (x86)\SpeedFan
2013-01-06 12:08 . 2013-01-06 12:08 -------- d-----w- c:\users\Jirka\AppData\Roaming\BOOKMARKS
2013-01-06 10:32 . 2013-01-06 10:33 -------- d-----w- C:\rsit
2013-01-02 20:32 . 2012-09-20 04:35 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-01-02 20:32 . 2012-09-20 04:35 102368 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-01-02 20:22 . 2013-01-02 20:22 -------- d-----w- c:\program files (x86)\MyFree Codec
2012-12-22 10:23 . 2012-12-22 10:37 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2012-12-22 10:23 . 2012-12-22 10:23 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2012-12-22 10:22 . 2012-12-22 10:37 -------- d-----w- c:\users\Jirka\AppData\Roaming\DVDVideoSoft
2012-12-21 00:10 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 00:10 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 00:10 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 00:10 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-15 13:58 . 2012-12-15 13:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-12-15 13:58 . 2012-12-15 13:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-12-15 13:58 . 2012-12-15 13:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-12-15 13:58 . 2012-12-15 13:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-12-15 13:58 . 2012-12-15 13:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-12-15 13:58 . 2012-12-15 13:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-12-15 13:58 . 2012-12-15 13:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-12-15 13:57 . 2012-12-15 13:58 -------- d-----w- c:\program files (x86)\QuickTime
2012-12-15 13:57 . 2012-12-15 13:57 -------- d-----w- c:\programdata\Apple Computer
2012-12-13 23:45 . 2012-11-14 07:06 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-12-13 23:45 . 2012-11-14 06:32 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-12-13 20:44 . 2012-12-13 20:44 -------- d-----w- c:\users\Jirka\AppData\Local\Pinnacle
2012-12-13 18:25 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-13 18:25 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-13 18:25 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-13 18:21 . 2012-10-04 17:41 424960 ----a-w- c:\windows\system32\KernelBase.dll
2012-12-13 18:21 . 2012-10-04 17:41 1161216 ----a-w- c:\windows\system32\kernel32.dll
2012-12-13 18:21 . 2012-10-04 17:45 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-12-13 18:21 . 2012-10-04 15:21 338432 ----a-w- c:\windows\system32\conhost.exe
2012-12-13 18:21 . 2012-10-04 16:47 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-12-13 18:19 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-13 18:19 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-11 22:20 . 2012-10-30 22:51 21136 ----a-w- c:\windows\system32\drivers\aswKbd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-07 18:19 . 2010-12-11 19:08 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-12-18 01:06 . 2011-07-26 15:26 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-12-18 01:06 . 2011-07-26 15:26 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-12-13 23:51 . 2010-12-21 20:54 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-11 18:28 . 2012-04-07 17:45 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 18:28 . 2011-05-19 17:53 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-30 22:51 . 2010-12-17 22:46 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2011-04-25 20:33 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2010-12-17 22:46 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2010-12-17 22:46 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2010-12-17 22:46 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2010-12-17 22:46 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2010-12-17 22:46 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-30 22:50 . 2011-01-27 23:55 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-10-23 21:05 . 2012-10-23 21:05 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-16 08:38 . 2012-11-27 19:58 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-27 19:58 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-27 19:58 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-15 16:59 . 2012-02-25 21:09 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"THX TruStudio NB Settings"="c:\program files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" [2010-03-24 899072]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-24 6806144]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Gaming Mouse Hid"="c:\program files (x86)\Gaming Mouse\hid.exe" [2010-01-19 428544]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-04-26 1597440]
"ASUS VIBE"="c:\program files (x86)\ASUS\ASUS VIBE\ASUS VIBE.exe" [2010-03-02 102400]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-24 136704]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 ASUSProcObsrv;ASUS Process Creation/Termination Observer;c:\esupport\eDriver\I386\AsPrOb64.sys [2010-05-26 12416]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-12-14 53800]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-11-12 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-11-12 79360]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2011-03-07 18456]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys [2010-10-14 20480]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-18 1255736]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/12/26 20:14];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [2010-02-24 10:14 146928]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-06-22 379520]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-03-04 382272]
S2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-17 13832]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-17 134928]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 AsusgmsFltr;Gaming Mouse;c:\windows\system32\drivers\Asusgms.sys [2010-01-11 11520]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2010-09-24 229376]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2010-09-24 69120]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-04-21 76912]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2010-07-26 318056]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 14:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://start.allgameshome.com/
mLocal Page =
TCP: DhcpNameServer = 10.0.0.1
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-08 18:27:26
ComboFix-quarantined-files.txt 2013-01-08 17:27
.
Pre-Run: Volných bajtu: 36 651 761 664
Post-Run: Volných bajtu: 36 017 922 048
.
- - End Of File - - 809FAB2645ADEC3F2F23586601DC23EB

[Márty84]

Odinstalujte Trend Micro Titanium Internet Security


Tento soubor C:\PhysicalMBR.bin otestujte na virustotal, pripadne jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846



Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Folder::
c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus
:\program files (x86)\Ad-Aware Antivirus

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[alonsoalonso2]

- Titanium odinstalovan
- PhysicalMBR je cisty na obou serverech
- ComboFIX probehl, ale opet zatuhlo PC v cerne obrazovce (asi pri restartu-nebyl jsem u toho, ale log je kompletni). Byl nutny tvrdy restart. Akorat na to F8 jsem zapomnel a zadal jsem "spustit system beznym zpusobem" - tak snad to nevadi. Zda se, ze vse funguje.
Jeste predtim v prubehu cisteni ComboFix vyhodil hlasku - nechtel pracovat na souboru ASUSupdate.exe (nebo tak nejak), neb pry je urcen k odstraneni a nejde s nim pracovat. Dal jsem o.k.

ComboFix 13-01-08.01 - Jirka 08.01.2013 19:29:41.2.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1029.18.8116.6241 [GMT 1:00]
Running from: c:\users\Jirka\Desktop\ComboFix.exe
Command switches used :: c:\users\Jirka\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus
c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus\application-settings.xml
c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus\definitions-date.xml
c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus\gaming-mode.xml
c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus\id-watch-dog.xml
c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus\language.xml
c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus\Logs\20130107T170725.291257PID4744\AdAware.log
c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus\Logs\20130107T170725.291257PID4744\GuiFramework.log
c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus\Logs\20130107T170725.291257PID4744\Sunbelt.log
c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus\Logs\20130107T172323.473674PID4620\AdAware.log
c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus\Logs\20130107T172323.473674PID4620\GuiFramework.log
c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus\Logs\20130107T172323.473674PID4620\Sunbelt.log
c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus\Logs\20130107T181657.018623PID3024\AdAwareLauncher.log
c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus\protection-status.xml
c:\users\Jirka\AppData\Roaming\Ad-Aware Antivirus\update-parameters.xml
.
.
((((((((((((((((((((((((( Files Created from 2012-12-08 to 2013-01-08 )))))))))))))))))))))))))))))))
.
.
2013-01-08 18:42 . 2013-01-08 18:42 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-08 18:42 . 2013-01-08 18:42 -------- d-----w- c:\users\Mcx1-JIRKA-PC\AppData\Local\temp
2013-01-08 16:19 . 2012-11-19 00:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3E9EF1DA-651B-4AFD-A484-56097E6CCA7D}\mpengine.dll
2013-01-07 19:43 . 2013-01-07 19:43 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-01-07 18:36 . 2012-05-31 10:25 279656 ------w- c:\windows\system32\MpSigStub.exe
2013-01-07 16:55 . 2013-01-07 18:17 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus
2013-01-06 22:54 . 2013-01-06 22:54 -------- d-----w- c:\users\Jirka\AppData\Local\Programs
2013-01-06 20:58 . 2013-01-06 20:58 -------- d-----w- C:\_OTL
2013-01-06 13:01 . 2013-01-06 13:01 512 ----a-w- C:\PhysicalMBR.bin
2013-01-06 12:14 . 2013-01-07 19:04 -------- d-----w- c:\program files (x86)\SpeedFan
2013-01-06 12:08 . 2013-01-06 12:08 -------- d-----w- c:\users\Jirka\AppData\Roaming\BOOKMARKS
2013-01-06 10:32 . 2013-01-06 10:33 -------- d-----w- C:\rsit
2013-01-02 20:32 . 2012-09-20 04:35 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-01-02 20:32 . 2012-09-20 04:35 102368 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-01-02 20:22 . 2013-01-02 20:22 -------- d-----w- c:\program files (x86)\MyFree Codec
2012-12-22 10:23 . 2012-12-22 10:37 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2012-12-22 10:23 . 2012-12-22 10:23 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2012-12-22 10:22 . 2012-12-22 10:37 -------- d-----w- c:\users\Jirka\AppData\Roaming\DVDVideoSoft
2012-12-21 00:10 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 00:10 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 00:10 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 00:10 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-15 13:58 . 2012-12-15 13:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-12-15 13:58 . 2012-12-15 13:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-12-15 13:58 . 2012-12-15 13:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-12-15 13:58 . 2012-12-15 13:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-12-15 13:58 . 2012-12-15 13:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-12-15 13:58 . 2012-12-15 13:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-12-15 13:58 . 2012-12-15 13:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-12-15 13:57 . 2012-12-15 13:58 -------- d-----w- c:\program files (x86)\QuickTime
2012-12-15 13:57 . 2012-12-15 13:57 -------- d-----w- c:\programdata\Apple Computer
2012-12-13 23:45 . 2012-11-14 07:06 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-12-13 23:45 . 2012-11-14 06:32 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-12-13 20:44 . 2012-12-13 20:44 -------- d-----w- c:\users\Jirka\AppData\Local\Pinnacle
2012-12-13 18:25 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-13 18:25 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-13 18:25 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-13 18:21 . 2012-10-04 17:41 424960 ----a-w- c:\windows\system32\KernelBase.dll
2012-12-13 18:21 . 2012-10-04 17:41 1161216 ----a-w- c:\windows\system32\kernel32.dll
2012-12-13 18:21 . 2012-10-04 17:45 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-12-13 18:21 . 2012-10-04 15:21 338432 ----a-w- c:\windows\system32\conhost.exe
2012-12-13 18:21 . 2012-10-04 16:47 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-12-13 18:19 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-13 18:19 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-11 22:20 . 2012-10-30 22:51 21136 ----a-w- c:\windows\system32\drivers\aswKbd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-08 18:43 . 2010-12-11 19:08 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-12-18 01:06 . 2011-07-26 15:26 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-12-18 01:06 . 2011-07-26 15:26 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-12-13 23:51 . 2010-12-21 20:54 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-11 18:28 . 2012-04-07 17:45 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 18:28 . 2011-05-19 17:53 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-30 22:51 . 2010-12-17 22:46 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2011-04-25 20:33 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2010-12-17 22:46 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2010-12-17 22:46 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2010-12-17 22:46 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2010-12-17 22:46 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2010-12-17 22:46 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-30 22:50 . 2011-01-27 23:55 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-10-23 21:05 . 2012-10-23 21:05 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-16 08:38 . 2012-11-27 19:58 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-27 19:58 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-27 19:58 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-15 16:59 . 2012-02-25 21:09 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"THX TruStudio NB Settings"="c:\program files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" [2010-03-24 899072]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-24 6806144]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Gaming Mouse Hid"="c:\program files (x86)\Gaming Mouse\hid.exe" [2010-01-19 428544]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-04-26 1597440]
"ASUS VIBE"="c:\program files (x86)\ASUS\ASUS VIBE\ASUS VIBE.exe" [2010-03-02 102400]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-24 136704]
R3 ASUSProcObsrv;ASUS Process Creation/Termination Observer;c:\esupport\eDriver\I386\AsPrOb64.sys [2010-05-26 12416]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-12-14 53800]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-11-12 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-11-12 79360]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2011-03-07 18456]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys [2010-10-14 20480]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-18 1255736]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/12/26 20:14];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [2010-02-24 10:14 146928]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-06-22 379520]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-03-04 382272]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-17 13832]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-17 134928]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 AsusgmsFltr;Gaming Mouse;c:\windows\system32\drivers\Asusgms.sys [2010-01-11 11520]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2010-09-24 229376]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2010-09-24 69120]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-04-21 76912]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2010-07-26 318056]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 14:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://start.allgameshome.com/
mLocal Page =
TCP: DhcpNameServer = 10.0.0.1
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\ASUS\Net4Switch\Net4Switch.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2013-01-08 19:49:08 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-08 18:49
ComboFix2.txt 2013-01-08 17:27
.
Pre-Run: Volných bajtu: 35 986 280 448
Post-Run: Volných bajtu: 35 891 982 336
.
- - End Of File - - 8BD748898FA86BD87F1F32F74FE78210

[Márty84]

Dejte mi sem novy log z RogueKilleru


Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

[alonsoalonso2]

RogueKiller V8.4.3 [Jan 8 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jirka [Práva správce]
Mód : Kontrola -- Datum : 01/08/2013 20:55:18

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST95005620AS +++++
--- User ---
[MBR] 697fe5d5f8f6c594432ea117b4bfe546
[BSP] b8e681ec20f3f51e484d81d4ade624cc : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 22003 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 45062325 | Size: 119231 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 289249280 | Size: 335704 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST95005620AS +++++
--- User ---
[MBR] 346058a5405d7640af2af52e3b13b18c
[BSP] e6c2cebec9d5914c6fe029aa4b621d92 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 238459 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 488366080 | Size: 238477 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_01082013_02d2055.txt >>
RKreport[1]_S_01082013_02d2055.txt

[Márty84]

Vyborne. Konecne zmizla ta hlaska o nakaze ¤¤¤ Nákaza : Root.MBR ¤¤¤


Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

[alonsoalonso2]

RogueKiller V8.4.3 [Jan 8 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jirka [Práva správce]
Mód : Odebrat -- Datum : 01/08/2013 21:12:44

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST95005620AS +++++
--- User ---
[MBR] 697fe5d5f8f6c594432ea117b4bfe546
[BSP] b8e681ec20f3f51e484d81d4ade624cc : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 22003 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 45062325 | Size: 119231 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 289249280 | Size: 335704 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST95005620AS +++++
--- User ---
[MBR] 346058a5405d7640af2af52e3b13b18c
[BSP] e6c2cebec9d5914c6fe029aa4b621d92 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 238459 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 488366080 | Size: 238477 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[2]_D_01082013_02d2112.txt >>
RKreport[1]_S_01082013_02d2055.txt ; RKreport[2]_D_01082013_02d2112.txt

[alonsoalonso2]

RogueKiller V8.4.3 [Jan 8 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jirka [Práva správce]
Mód : Oprava HOSTS -- Datum : 01/08/2013 21:13:10

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Resetovaný HOSTS: ¤¤¤


Dokončeno : << RKreport[3]_H_01082013_02d2113.txt >>
RKreport[1]_S_01082013_02d2055.txt ; RKreport[2]_D_01082013_02d2112.txt ; RKreport[3]_H_01082013_02d2113.txt

[Márty84]

Vsechny tyto programy - vcetne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)
Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak sem dejte novy log z RSIT a napiste, jak se chova pocitac

[alonsoalonso2]

PC se nyni chova normalne (ale i drive bylo zatuhnuti jen obcasne, tak uvidime. Ale verim, ted uz to bude o.k.).
Po provedenych krocich se pri prvnim spusteni RSIT zatuhnul pri vytvareni logu, ale PC jinak slo normalne. Tak jsem restartoval a pak RSIT spustil znovu.
Ted jiz zcela o.k.
Log prikladam.
P.S. mohl byste mi v kostce sdelit, co jsme to vlastne cele ty 3 dny delali? Jaky malware tam byl? Diky moc za Vas cas.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2013-01-08 23:49:44
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 38 GB (32%) free of 119 GB
Total RAM: 8116 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:49:47, on 8.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Gaming Mouse\Tray.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe
C:\Program Files\trend micro\Jirka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.allgameshome.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Gaming Mouse Hid] "C:\Program Files (x86)\Gaming Mouse\hid.exe"
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ASUS VIBE] C:\Program Files (x86)\ASUS\ASUS VIBE\ASUS VIBE.exe /S
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKUS\S-1-5-21-775553629-3771518508-497794663-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O9 - Extra button: Pridat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8770 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
taskeng.exe {53708352-D1B8-41BC-921E-268BC0A3D6B6}
"C:\Windows\system32\Dwm.exe"
taskeng.exe {EB6CBAFF-5FC7-4CB9-B560-992C2948FF0A}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Windows\AsScrPro.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\TurboBoost\TurboBoost.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
WLIDSvcM.exe 3556
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Gaming Mouse\hid.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe"
"C:\Program Files (x86)\Gaming Mouse\Tray.exe"
ATKOSD.exe
WDC.exe
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:4484 CREDAT:203009
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-775553629-3771518508-497794663-10013_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-775553629-3771518508-497794663-10013 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 548 552 560 65536 556
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Jirka\Desktop\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2012-10-30 1502288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-08-27 75656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-08-18 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2012-10-30 1502288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-05 2085160]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"THXCfg64"=C:\Windows\system32\THXCfg64.dll [2009-10-15 17920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-11-12 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS VIBE]
C:\Program Files (x86)\ASUS\ASUS VIBE\ASUS VIBE.exe [2010-03-02 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [2011-08-17 737104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boingo Wi-Fi]
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2010-11-12 2429]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTrackingLEDM]
C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [2009-08-04 30264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-22 11075176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Speech Recognition]
C:\Windows\Speech\Common\sapisvr.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Syncables]
C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [2010-07-19 370480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trend Micro Client Framework]
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trend Micro Titanium]
C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush none none []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VizorHtmlDialog.exe]
C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe DEF EULA C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html DEF DEF DEF []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2010-03-12 1083680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~2\MICROS~1\Office\OSA9.EXE [1999-02-17 65588]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"THX TruStudio NB Settings"=C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [2010-03-24 899072]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-06-24 6806144]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-05-03 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Gaming Mouse Hid"=C:\Program Files (x86)\Gaming Mouse\hid.exe [2010-01-19 428544]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-04-26 1597440]
"ASUS VIBE"=C:\Program Files (x86)\ASUS\ASUS VIBE\ASUS VIBE.exe [2010-03-02 102400]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-10-30 4297136]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-01-08 23:35:04 ----D---- C:\rsit
2013-01-08 21:45:16 ----D---- C:\Program Files\Defraggler
2013-01-08 21:28:42 ----SHD---- C:\$RECYCLE.BIN
2013-01-08 19:49:11 ----D---- C:\Windows\temp
2013-01-08 17:44:56 ----D---- C:\Windows\erdnt
2013-01-07 20:43:07 ----D---- C:\Program Files (x86)\CrystalDiskInfo
2013-01-07 19:36:42 ----N---- C:\Windows\system32\MpSigStub.exe
2013-01-07 18:05:09 ----A---- C:\AdwCleaner[S1].txt
2013-01-07 17:55:40 ----A---- C:\AdwCleaner[R1].txt
2013-01-07 17:55:10 ----D---- C:\Program Files (x86)\Ad-Aware Antivirus
2013-01-06 13:14:02 ----D---- C:\Program Files (x86)\SpeedFan
2013-01-06 13:08:34 ----D---- C:\Users\Jirka\AppData\Roaming\BOOKMARKS
2013-01-02 21:32:14 ----A---- C:\Windows\system32\drivers\ssudmdm.sys
2013-01-02 21:32:14 ----A---- C:\Windows\system32\drivers\ssudbus.sys
2013-01-02 21:22:34 ----D---- C:\Program Files (x86)\MyFree Codec
2012-12-23 12:00:09 ----A---- C:\Windows\system32\SBRC.dat
2012-12-22 11:23:18 ----D---- C:\Program Files (x86)\DVDVideoSoft
2012-12-22 11:22:01 ----D---- C:\Users\Jirka\AppData\Roaming\DVDVideoSoft
2012-12-21 01:10:11 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-12-21 01:10:10 ----A---- C:\Windows\system32\atmlib.dll
2012-12-21 01:10:08 ----A---- C:\Windows\system32\atmfd.dll
2012-12-21 01:10:06 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-12-15 14:57:58 ----D---- C:\ProgramData\Apple Computer
2012-12-15 14:57:58 ----D---- C:\Program Files (x86)\QuickTime
2012-12-14 00:46:32 ----A---- C:\Windows\system32\mshtmled.dll
2012-12-14 00:46:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-12-14 00:46:30 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-12-14 00:46:28 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-12-14 00:46:27 ----A---- C:\Windows\system32\ieUnatt.exe
2012-12-14 00:46:27 ----A---- C:\Windows\system32\ieui.dll
2012-12-14 00:46:25 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-12-14 00:46:24 ----A---- C:\Windows\SYSWOW64\url.dll
2012-12-14 00:46:24 ----A---- C:\Windows\system32\url.dll
2012-12-14 00:46:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-12-14 00:46:21 ----A---- C:\Windows\system32\urlmon.dll
2012-12-14 00:46:18 ----A---- C:\Windows\system32\jscript9.dll
2012-12-14 00:46:17 ----A---- C:\Windows\system32\msfeeds.dll
2012-12-14 00:46:15 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-12-14 00:46:13 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-12-14 00:46:13 ----A---- C:\Windows\system32\wininet.dll
2012-12-14 00:46:11 ----A---- C:\Windows\system32\jsproxy.dll
2012-12-14 00:46:09 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-12-14 00:46:09 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-12-14 00:46:08 ----A---- C:\Windows\system32\vbscript.dll
2012-12-14 00:46:08 ----A---- C:\Windows\system32\jscript.dll
2012-12-14 00:46:06 ----A---- C:\Windows\system32\iertutil.dll
2012-12-14 00:46:05 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-12-14 00:46:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-12-14 00:45:56 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-12-14 00:45:51 ----A---- C:\Windows\system32\mshtml.dll
2012-12-14 00:45:48 ----A---- C:\Windows\system32\ieframe.dll
2012-12-14 00:45:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-12-13 19:25:37 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-12-13 19:25:37 ----A---- C:\Windows\system32\tzres.dll
2012-12-13 19:25:20 ----A---- C:\Windows\system32\win32k.sys
2012-12-13 19:21:31 ----A---- C:\Windows\system32\KernelBase.dll
2012-12-13 19:21:28 ----A---- C:\Windows\system32\kernel32.dll
2012-12-13 19:21:27 ----A---- C:\Windows\system32\winsrv.dll
2012-12-13 19:21:25 ----A---- C:\Windows\system32\conhost.exe
2012-12-13 19:21:22 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-12-13 19:21:21 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-12-13 19:20:48 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-12-13 19:20:48 ----A---- C:\Windows\system32\wow64win.dll
2012-12-13 19:20:47 ----A---- C:\Windows\system32\wow64.dll
2012-12-13 19:20:46 ----A---- C:\Windows\system32\ntvdm64.dll
2012-12-13 19:20:45 ----A---- C:\Windows\system32\wow64cpu.dll
2012-12-13 19:20:44 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-12-13 19:20:43 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-12-13 19:20:34 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-12-13 19:20:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-13 19:20:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-12-13 19:20:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-13 19:20:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-12-13 19:20:27 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-12-13 19:20:26 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-12-13 19:20:26 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-12-13 19:20:26 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-12-13 19:20:26 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-13 19:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-12-13 19:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-13 19:20:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-12-13 19:20:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-13 19:20:24 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-12-13 19:20:24 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-13 19:20:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-12-13 19:20:23 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-12-13 19:20:23 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-13 19:20:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-13 19:20:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-13 19:20:22 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-13 19:20:22 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-13 19:20:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-12-13 19:20:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-12-13 19:20:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-12-13 19:20:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-13 19:20:20 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-12-13 19:20:20 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-13 19:20:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-13 19:20:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-12-13 19:20:19 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-13 19:20:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-13 19:20:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-12-13 19:20:18 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-12-13 19:20:18 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-13 19:20:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-12-13 19:20:17 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-12-13 19:20:17 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-12-13 19:20:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-13 19:20:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-12-13 19:20:16 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-13 19:20:16 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-12-13 19:20:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-12-13 19:20:15 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-12-13 19:20:15 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-13 19:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-12-13 19:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-12-13 19:20:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-12-13 19:20:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-12-13 19:20:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-12-13 19:20:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-12-13 19:20:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-13 19:20:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-12-13 19:20:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-12-13 19:20:11 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-12-13 19:20:10 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-12-13 19:20:09 ----A---- C:\Windows\SYSWOW64\user.exe
2012-12-13 19:19:48 ----A---- C:\Windows\system32\dpnet.dll
2012-12-13 19:19:46 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2012-12-11 23:20:14 ----A---- C:\Windows\system32\drivers\aswKbd.sys

======List of files/folders modified in the last 1 month======

2013-01-08 23:49:46 ----D---- C:\Program Files\Trend Micro
2013-01-08 23:44:58 ----D---- C:\Windows\system32\config
2013-01-08 23:42:32 ----D---- C:\Windows\Prefetch
2013-01-08 23:42:08 ----D---- C:\Windows\inf
2013-01-08 23:41:53 ----D---- C:\Windows\system32\Tasks
2013-01-08 23:41:43 ----A---- C:\Windows\system32\acovcnt.exe
2013-01-08 23:41:37 ----A---- C:\Windows\SYSWOW64\log.txt
2013-01-08 23:41:18 ----D---- C:\Windows
2013-01-08 23:41:18 ----D---- C:\ProgramData\NVIDIA
2013-01-08 22:17:12 ----SHD---- C:\System Volume Information
2013-01-08 21:45:16 ----RD---- C:\Program Files
2013-01-08 21:41:30 ----D---- C:\Windows\Panther
2013-01-08 21:41:30 ----D---- C:\Windows\ModemLogs
2013-01-08 21:41:30 ----D---- C:\Users\Jirka\AppData\Roaming\DAEMON Tools Lite
2013-01-08 21:41:29 ----D---- C:\Windows\Logs
2013-01-08 21:40:31 ----D---- C:\Program Files\CCleaner
2013-01-08 21:26:18 ----D---- C:\Windows\system32\drivers
2013-01-08 19:43:33 ----A---- C:\Windows\system.ini
2013-01-08 19:43:27 ----D---- C:\Windows\system32\drivers\etc
2013-01-08 19:35:41 ----D---- C:\Windows\SYSWOW64\drivers
2013-01-08 19:35:41 ----D---- C:\Windows\SysWOW64
2013-01-08 19:35:41 ----D---- C:\Windows\AppPatch
2013-01-08 19:35:37 ----D---- C:\Program Files (x86)\Common Files
2013-01-08 19:17:05 ----SHD---- C:\Windows\Installer
2013-01-08 19:16:35 ----D---- C:\Windows\System32
2013-01-08 19:16:09 ----D---- C:\ProgramData\Trend Micro
2013-01-08 18:17:33 ----D---- C:\Windows\SYSWOW64\System32
2013-01-08 18:17:28 ----D---- C:\ProgramData
2013-01-08 17:29:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-07 20:43:07 ----RD---- C:\Program Files (x86)
2013-01-07 19:55:19 ----D---- C:\Users\Jirka\AppData\Roaming\HAC_Data
2013-01-07 19:50:49 ----D---- C:\Program Files (x86)\Google
2013-01-07 17:31:22 ----A---- C:\Windows\system32\ServiceFilter.ini
2013-01-06 22:29:14 ----A---- C:\Windows\system32\AutoRunFilter.ini
2013-01-06 22:01:51 ----D---- C:\Windows\Tasks
2013-01-06 13:05:06 ----D---- C:\Windows\system32\catroot2
2013-01-03 00:16:18 ----D---- C:\Temp
2013-01-02 21:52:44 ----D---- C:\Windows\system32\catroot
2013-01-02 21:32:41 ----D---- C:\Windows\system32\DriverStore
2013-01-02 21:18:27 ----D---- C:\Windows\Microsoft.NET
2012-12-22 11:37:55 ----RSD---- C:\Windows\assembly
2012-12-22 11:18:52 ----D---- C:\Program Files (x86)\audiograbber
2012-12-22 09:49:39 ----D---- C:\Windows\winsxs
2012-12-18 02:06:10 ----A---- C:\Windows\MASetupCaller.dll
2012-12-18 02:06:06 ----A---- C:\Windows\SYSWOW64\MAMACExtract.dll
2012-12-16 13:42:50 ----D---- C:\Windows\debug
2012-12-14 23:00:20 ----D---- C:\Windows\rescache
2012-12-14 21:54:08 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2012-12-14 21:54:08 ----D---- C:\Windows\SYSWOW64\sl-SI
2012-12-14 21:54:08 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-12-14 21:54:08 ----D---- C:\Windows\SYSWOW64\ro-RO
2012-12-14 21:54:08 ----D---- C:\Windows\SYSWOW64\pl-PL
2012-12-14 21:54:08 ----D---- C:\Windows\SYSWOW64\lv-LV
2012-12-14 21:54:08 ----D---- C:\Windows\SYSWOW64\lt-LT
2012-12-14 21:54:08 ----D---- C:\Windows\SYSWOW64\hu-HU
2012-12-14 21:54:08 ----D---- C:\Windows\SYSWOW64\hr-HR
2012-12-14 21:54:08 ----D---- C:\Windows\SYSWOW64\et-EE
2012-12-14 21:54:08 ----D---- C:\Windows\SYSWOW64\en-US
2012-12-14 21:54:08 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-12-14 21:54:08 ----D---- C:\Windows\SYSWOW64\bg-BG
2012-12-14 21:54:08 ----D---- C:\Windows\system32\sr-Latn-CS
2012-12-14 21:54:08 ----D---- C:\Windows\system32\sl-SI
2012-12-14 21:54:08 ----D---- C:\Windows\system32\sk-SK
2012-12-14 21:54:08 ----D---- C:\Windows\system32\ro-RO
2012-12-14 21:54:08 ----D---- C:\Windows\system32\pl-PL
2012-12-14 21:54:08 ----D---- C:\Windows\system32\lv-LV
2012-12-14 21:54:08 ----D---- C:\Windows\system32\lt-LT
2012-12-14 21:54:08 ----D---- C:\Windows\system32\hu-HU
2012-12-14 21:54:08 ----D---- C:\Windows\system32\hr-HR
2012-12-14 21:54:08 ----D---- C:\Windows\system32\et-EE
2012-12-14 21:54:08 ----D---- C:\Windows\system32\en-US
2012-12-14 21:54:08 ----D---- C:\Windows\system32\cs-CZ
2012-12-14 21:54:08 ----D---- C:\Windows\system32\bg-BG
2012-12-14 21:53:56 ----D---- C:\Windows\SYSWOW64\migration
2012-12-14 21:53:56 ----D---- C:\Program Files (x86)\Internet Explorer
2012-12-14 21:53:55 ----D---- C:\Windows\system32\migration
2012-12-14 21:53:55 ----D---- C:\Program Files\Internet Explorer
2012-12-14 00:51:17 ----A---- C:\Windows\system32\MRT.exe
2012-12-12 19:09:05 ----D---- C:\ProgramData\Ad-Aware Browsing Protection
2012-12-11 19:28:22 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2012-04-10 35384]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-29 530488]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-30 21136]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 984144]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 370288]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 59728]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-12-20 314016]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 17464]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-12-20 43680]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-04-17 13832]
R3 AsusgmsFltr;Gaming Mouse; C:\Windows\system32\drivers\Asusgms.sys [2010-01-11 11520]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1594368]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\DRIVERS\FLxHCIc.sys [2010-09-24 229376]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver; C:\Windows\system32\DRIVERS\FLxHCIh.sys [2010-09-24 69120]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-22 2435816]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-04-21 76912]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2010-07-26 318056]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-20 1800192]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-05 316464]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 26440]
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S3 ASUSProcObsrv;ASUS Process Creation/Termination Observer; \??\C:\eSupport\eDriver\I386\AsPrOb64.sys [2010-05-26 12416]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-12-14 53800]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-01-15 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 21288]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter_hs.sys [2011-03-07 18456]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2010-10-14 20480]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 154168]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-06-22 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-03-12 873248]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-03-04 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-05 2458944]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-03-04 382272]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-04-17 134928]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
R3 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-24 136704]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-11-12 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-11-12 79360]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-18 1255736]
S4 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe []

-----------------EOF-----------------

[Márty84]

Pokud to obcasne zamrznuti bude pokracovat, ma to na svedomi disk. Je tam spousta chyb cteni a hledani.

PC byl zavirovan, byla tam jedna poradna svine. Ale uz by mela byt pryc. Pak tam byla spousta drobnosti a smeti.

V pc zustaly nejake zbytky po tom Titaniu, tak to jeste dame pryc



Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[CreateRestorePoint]
[RESETHOSTS]
[Purity]

:services
SBRE

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trend Micro Client Framework] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trend Micro Titanium] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VizorHtmlDialog.exe] /64

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)