Prosím o kontrolu logu Vyřešeno

[janecek76]

Zdravím, prosím o kontrolu logu. Pc se chová divně. Zapínaní trvá dýl než 5 min, když dám režim spánku tak se automaticky zapne asi po 5 minutách. Občas mi vypadne i internet, který nelze nahodit ani restarten routeru, abych ho rozjel musím odinstalovat driver a znovu nainstalovat. Prosím o pomoc děkuji


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:13:30, on 20.6.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Users\Jan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Jan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan\Downloads\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.splashtop.com/asusexpress ... pe%3DWEB01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [4gameTray] C:\Program Files (x86)\4game\4game\4GameTray.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: 4game - Innova Systems LLC - C:\Program Files (x86)\4game\4game\4GameService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\Windows\ATKKBService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Folding@home-CPU-[1] - Unknown owner - C:\Folding@HomeCPU\1\Fah.exe
O23 - Service: Folding@home-CPU-[2] - Unknown owner - C:\Folding@HomeCPU\2\Fah.exe
O23 - Service: HideMyIpSRV - Hide My IP - C:\Program Files (x86)\Hide My IP\HideMyIpSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10396 bytes

[Reklama]

[Žbeky]

Po čem to začlo dělat?

Fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.splashtop.com/asusexpress ... pe%3DWEB01
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

[janecek76]

no pc mi blb dřív tak jste mi tady poradily pak jel tak 2-3 dny v pořádku a ted zase začal blnout. Dneska mi začal hlásit že můj procesor přesáhl 60°C tak prosím o pomoc


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.06.14.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Jan :: JAN PC [administrátor]

20.6.2012 19:10:21
mbam-log-2012-06-20 (19-17-03).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 268785
Uplynulý čas: 6 minut, 25 sekund

Nalezené procesy v paměti: 1
C:\Users\Jan\P-7-78-8964-9648-3874\winpvc.exe (Trojan.Backdoor) -> 1384 -> Žádná instrukce nebyla provedena.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Microsoft Windows System (Trojan.Backdoor) -> Data: C:\Users\Jan\P-7-78-8964-9648-3874\winpvc.exe -> Žádná instrukce nebyla provedena.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\Users\Jan\P-7-78-8964-9648-3874\winpvc.exe (Trojan.Backdoor) -> Žádná instrukce nebyla provedena.
C:\Users\Jan\AppData\Roaming\msnsvconfig.txt (Malware.Trace) -> Žádná instrukce nebyla provedena.

(konec)

[Žbeky]

Přehřívání softwarově nevyřešíme. Vyčisti PC od prachu

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

[janecek76]

Když jsem dokončil MbAM tak sem klikl na restart, pak už jsem nemohl najít nový log. Dal jsem znovu sken, napsalo to že nebyl nalezen žádný malware a že sken proběhl úpěšně.

Tady je log MbAM

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.06.14.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Jan :: JAN PC [administrátor]

20.6.2012 19:52:00
mbam-log-2012-06-20 (19-52-00).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 258751
Uplynulý čas: 2 minut, 18 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[janecek76]

19:36:09.0025 5044 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
19:36:09.0290 5044 ============================================================
19:36:09.0290 5044 Current date / time: 2012/06/20 19:36:09.0290
19:36:09.0290 5044 SystemInfo:
19:36:09.0290 5044
19:36:09.0290 5044 OS Version: 6.1.7601 ServicePack: 1.0
19:36:09.0290 5044 Product type: Workstation
19:36:09.0290 5044 ComputerName: JAN PC
19:36:09.0290 5044 UserName: Jan
19:36:09.0290 5044 Windows directory: C:\Windows
19:36:09.0290 5044 System windows directory: C:\Windows
19:36:09.0290 5044 Running under WOW64
19:36:09.0290 5044 Processor architecture: Intel x64
19:36:09.0290 5044 Number of processors: 2
19:36:09.0290 5044 Page size: 0x1000
19:36:09.0290 5044 Boot type: Normal boot
19:36:09.0290 5044 ============================================================
19:36:11.0490 5044 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:36:11.0490 5044 ============================================================
19:36:11.0490 5044 \Device\Harddisk0\DR0:
19:36:11.0490 5044 MBR partitions:
19:36:11.0490 5044 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:36:11.0490 5044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
19:36:11.0490 5044 ============================================================
19:36:11.0506 5044 C: <-> \Device\Harddisk0\DR0\Partition1
19:36:11.0506 5044 ============================================================
19:36:11.0506 5044 Initialize success
19:36:11.0506 5044 ============================================================
19:36:13.0924 4388 ============================================================
19:36:13.0924 4388 Scan started
19:36:13.0924 4388 Mode: Manual;
19:36:13.0924 4388 ============================================================
19:36:15.0125 4388 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:36:15.0125 4388 1394ohci - ok
19:36:15.0234 4388 4game (008bd0d672383068e8981d44199e9354) C:\Program Files (x86)\4game\4game\4GameService.exe
19:36:15.0234 4388 4game - ok
19:36:15.0281 4388 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:36:15.0281 4388 ACPI - ok
19:36:15.0312 4388 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:36:15.0312 4388 AcpiPmi - ok
19:36:15.0421 4388 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:36:15.0421 4388 AdobeFlashPlayerUpdateSvc - ok
19:36:15.0468 4388 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:36:15.0468 4388 adp94xx - ok
19:36:15.0499 4388 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:36:15.0499 4388 adpahci - ok
19:36:15.0530 4388 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:36:15.0530 4388 adpu320 - ok
19:36:15.0546 4388 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:36:15.0546 4388 AeLookupSvc - ok
19:36:15.0593 4388 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
19:36:15.0593 4388 AFD - ok
19:36:15.0624 4388 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:36:15.0624 4388 agp440 - ok
19:36:15.0655 4388 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:36:15.0655 4388 ALG - ok
19:36:15.0671 4388 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:36:15.0671 4388 aliide - ok
19:36:15.0686 4388 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:36:15.0686 4388 amdide - ok
19:36:15.0718 4388 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:36:15.0718 4388 AmdK8 - ok
19:36:15.0733 4388 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:36:15.0733 4388 AmdPPM - ok
19:36:15.0749 4388 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:36:15.0764 4388 amdsata - ok
19:36:15.0796 4388 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:36:15.0796 4388 amdsbs - ok
19:36:15.0827 4388 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:36:15.0827 4388 amdxata - ok
19:36:15.0858 4388 Andbus (48cd7e6520d47d62eab0e6ce3ec30c65) C:\Windows\system32\DRIVERS\lgandbus64.sys
19:36:15.0858 4388 Andbus - ok
19:36:15.0889 4388 AndDiag (08cbacc00d15dcdbbaae1a7c8f231c61) C:\Windows\system32\DRIVERS\lganddiag64.sys
19:36:15.0889 4388 AndDiag - ok
19:36:15.0905 4388 AndGps (cea9a4cd6b3a83428ce8501240833668) C:\Windows\system32\DRIVERS\lgandgps64.sys
19:36:15.0920 4388 AndGps - ok
19:36:15.0936 4388 ANDModem (e2b5663e547fa5e756b253efa8ec8286) C:\Windows\system32\DRIVERS\lgandmodem64.sys
19:36:15.0936 4388 ANDModem - ok
19:36:15.0967 4388 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:36:15.0967 4388 AppID - ok
19:36:15.0998 4388 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:36:15.0998 4388 AppIDSvc - ok
19:36:16.0045 4388 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:36:16.0061 4388 Appinfo - ok
19:36:16.0076 4388 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
19:36:16.0076 4388 AppMgmt - ok
19:36:16.0108 4388 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:36:16.0123 4388 arc - ok
19:36:16.0123 4388 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:36:16.0139 4388 arcsas - ok
19:36:16.0248 4388 asComSvc (fb03a917c1294d3e6d671f24722e1ba3) C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
19:36:16.0264 4388 asComSvc - ok
19:36:16.0342 4388 ASDR (4b720cc508b4fb999a7bf0e6d84f73e1) C:\Windows\SysWOW64\ASDR.exe
19:36:16.0342 4388 ASDR - ok
19:36:16.0388 4388 asHmComSvc (a63173897ea1a73a75d0e65036de5b15) C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
19:36:16.0388 4388 asHmComSvc - ok
19:36:16.0435 4388 AsIO (fef9dd9ea587f8886ade43c1befbdafe) C:\Windows\syswow64\drivers\AsIO.sys
19:36:16.0435 4388 AsIO - ok
19:36:16.0576 4388 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:36:16.0638 4388 aspnet_state - ok
19:36:16.0669 4388 AsSysCtrlService (5c31dfb196cb3a488a041881634d86d2) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
19:36:16.0669 4388 AsSysCtrlService - ok
19:36:16.0700 4388 AsUpIO (1392b92179b07b672720763d9b1028a5) C:\Windows\syswow64\drivers\AsUpIO.sys
19:36:16.0700 4388 AsUpIO - ok
19:36:16.0778 4388 asusgsb (e1dc1a4aad0c676ebefd499e20427b49) C:\Windows\system32\drivers\asusgsb.sys
19:36:16.0778 4388 asusgsb - ok
19:36:16.0810 4388 asuskbnt (f84679e8bbb2c722d5e1ff1437104c28) C:\Windows\system32\drivers\atkkbnt.sys
19:36:16.0810 4388 asuskbnt - ok
19:36:16.0841 4388 aswFsBlk (afaa42c47cb137ed9b43a8f19896612b) C:\Windows\system32\drivers\aswFsBlk.sys
19:36:16.0841 4388 aswFsBlk - ok
19:36:16.0856 4388 aswMonFlt (8395c339792bc0ecdbb52093f1138a9b) C:\Windows\system32\drivers\aswMonFlt.sys
19:36:16.0856 4388 aswMonFlt - ok
19:36:16.0872 4388 aswRdr (b5d91c4df68b6027caaf33212bd2c72e) C:\Windows\system32\drivers\aswRdr.sys
19:36:16.0888 4388 aswRdr - ok
19:36:16.0919 4388 aswSnx (0afdfaae7b89116001bac782ac45e78c) C:\Windows\system32\drivers\aswSnx.sys
19:36:16.0919 4388 aswSnx - ok
19:36:16.0950 4388 aswSP (211565897755b1e0e99fbe6a8b501744) C:\Windows\system32\drivers\aswSP.sys
19:36:16.0950 4388 aswSP - ok
19:36:16.0997 4388 aswTdi (b9bce4564c5fce143a113e9a1bace7b1) C:\Windows\system32\drivers\aswTdi.sys
19:36:16.0997 4388 aswTdi - ok
19:36:17.0044 4388 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:36:17.0044 4388 AsyncMac - ok
19:36:17.0075 4388 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:36:17.0075 4388 atapi - ok
19:36:17.0106 4388 ATKKeyboardService (9d0cb86f7254bc17409611f444f87ded) C:\Windows\ATKKBService.exe
19:36:17.0106 4388 ATKKeyboardService - ok
19:36:17.0168 4388 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:36:17.0168 4388 AudioEndpointBuilder - ok
19:36:17.0168 4388 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:36:17.0184 4388 AudioSrv - ok
19:36:17.0278 4388 avast! Antivirus (519ba1dcd20e7c1182dc2dbc0b8b5030) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
19:36:17.0278 4388 avast! Antivirus - ok
19:36:17.0324 4388 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:36:17.0324 4388 AxInstSV - ok
19:36:17.0371 4388 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:36:17.0371 4388 b06bdrv - ok
19:36:17.0402 4388 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:36:17.0402 4388 b57nd60a - ok
19:36:17.0480 4388 BCUService (328e794278cc30ca7c06e346a18b1abc) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
19:36:17.0480 4388 BCUService - ok
19:36:17.0512 4388 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:36:17.0512 4388 BDESVC - ok
19:36:17.0527 4388 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:36:17.0527 4388 Beep - ok
19:36:17.0574 4388 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:36:17.0574 4388 BFE - ok
19:36:17.0636 4388 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
19:36:17.0652 4388 BITS - ok
19:36:17.0730 4388 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:36:17.0730 4388 blbdrive - ok
19:36:17.0761 4388 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:36:17.0761 4388 bowser - ok
19:36:17.0792 4388 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:36:17.0792 4388 BrFiltLo - ok
19:36:17.0808 4388 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:36:17.0824 4388 BrFiltUp - ok
19:36:17.0855 4388 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
19:36:17.0855 4388 BridgeMP - ok
19:36:17.0902 4388 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:36:17.0902 4388 Browser - ok
19:36:17.0933 4388 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:36:17.0933 4388 Brserid - ok
19:36:17.0948 4388 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:36:17.0948 4388 BrSerWdm - ok
19:36:17.0980 4388 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:36:17.0980 4388 BrUsbMdm - ok
19:36:17.0995 4388 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:36:17.0995 4388 BrUsbSer - ok
19:36:18.0011 4388 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:36:18.0011 4388 BTHMODEM - ok
19:36:18.0042 4388 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:36:18.0042 4388 bthserv - ok
19:36:18.0073 4388 catchme - ok
19:36:18.0089 4388 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:36:18.0089 4388 cdfs - ok
19:36:18.0120 4388 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
19:36:18.0120 4388 cdrom - ok
19:36:18.0167 4388 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:36:18.0167 4388 CertPropSvc - ok
19:36:18.0182 4388 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:36:18.0198 4388 circlass - ok
19:36:18.0229 4388 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:36:18.0229 4388 CLFS - ok
19:36:18.0307 4388 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:36:18.0307 4388 clr_optimization_v2.0.50727_32 - ok
19:36:18.0354 4388 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:36:18.0370 4388 clr_optimization_v2.0.50727_64 - ok
19:36:18.0432 4388 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:36:18.0541 4388 clr_optimization_v4.0.30319_32 - ok
19:36:18.0572 4388 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:36:18.0572 4388 clr_optimization_v4.0.30319_64 - ok
19:36:18.0588 4388 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:36:18.0604 4388 CmBatt - ok
19:36:18.0635 4388 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:36:18.0635 4388 cmdide - ok
19:36:18.0682 4388 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:36:18.0682 4388 CNG - ok
19:36:18.0728 4388 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:36:18.0728 4388 Compbatt - ok
19:36:18.0744 4388 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:36:18.0744 4388 CompositeBus - ok
19:36:18.0760 4388 COMSysApp - ok
19:36:18.0775 4388 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:36:18.0775 4388 crcdisk - ok
19:36:18.0806 4388 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
19:36:18.0806 4388 CryptSvc - ok
19:36:18.0853 4388 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
19:36:18.0853 4388 CSC - ok
19:36:18.0884 4388 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
19:36:18.0900 4388 CscService - ok
19:36:18.0947 4388 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:36:18.0947 4388 DcomLaunch - ok
19:36:18.0994 4388 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:36:18.0994 4388 defragsvc - ok
19:36:19.0072 4388 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:36:19.0072 4388 DfsC - ok
19:36:19.0118 4388 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:36:19.0118 4388 Dhcp - ok
19:36:19.0150 4388 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:36:19.0150 4388 discache - ok
19:36:19.0165 4388 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:36:19.0181 4388 Disk - ok
19:36:19.0212 4388 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:36:19.0212 4388 Dnscache - ok
19:36:19.0259 4388 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:36:19.0259 4388 dot3svc - ok
19:36:19.0290 4388 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:36:19.0290 4388 DPS - ok
19:36:19.0321 4388 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:36:19.0321 4388 drmkaud - ok
19:36:19.0399 4388 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:36:19.0399 4388 DXGKrnl - ok
19:36:19.0430 4388 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:36:19.0430 4388 EapHost - ok
19:36:19.0524 4388 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:36:19.0586 4388 ebdrv - ok
19:36:19.0696 4388 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:36:19.0696 4388 EFS - ok
19:36:19.0774 4388 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:36:19.0774 4388 ehRecvr - ok
19:36:19.0805 4388 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:36:19.0805 4388 ehSched - ok
19:36:19.0867 4388 EIO64 (343ada10d948db29251f2d9c809af204) C:\Windows\system32\DRIVERS\EIO64.sys
19:36:19.0867 4388 EIO64 - ok
19:36:19.0914 4388 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:36:19.0914 4388 elxstor - ok
19:36:19.0945 4388 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:36:19.0945 4388 ErrDev - ok
19:36:19.0992 4388 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:36:19.0992 4388 EventSystem - ok
19:36:20.0023 4388 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:36:20.0023 4388 exfat - ok
19:36:20.0054 4388 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:36:20.0054 4388 fastfat - ok
19:36:20.0101 4388 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:36:20.0117 4388 Fax - ok
19:36:20.0132 4388 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:36:20.0132 4388 fdc - ok
19:36:20.0148 4388 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:36:20.0148 4388 fdPHost - ok
19:36:20.0179 4388 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:36:20.0179 4388 FDResPub - ok
19:36:20.0210 4388 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:36:20.0210 4388 FileInfo - ok
19:36:20.0242 4388 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:36:20.0242 4388 Filetrace - ok
19:36:20.0257 4388 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:36:20.0257 4388 flpydisk - ok
19:36:20.0304 4388 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:36:20.0304 4388 FltMgr - ok
19:36:20.0335 4388 Folding@home-CPU-[1] - ok
19:36:20.0351 4388 Folding@home-CPU-[2] - ok
19:36:20.0413 4388 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
19:36:20.0444 4388 FontCache - ok
19:36:20.0585 4388 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:36:20.0585 4388 FontCache3.0.0.0 - ok
19:36:20.0663 4388 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:36:20.0663 4388 FsDepends - ok
19:36:20.0694 4388 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:36:20.0694 4388 Fs_Rec - ok
19:36:20.0741 4388 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:36:20.0741 4388 fvevol - ok
19:36:20.0756 4388 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:36:20.0756 4388 gagp30kx - ok
19:36:20.0834 4388 GGSAFERDriver - ok
19:36:20.0881 4388 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:36:20.0897 4388 gpsvc - ok
19:36:20.0928 4388 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:36:20.0928 4388 hcw85cir - ok
19:36:20.0975 4388 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:36:20.0990 4388 HdAudAddService - ok
19:36:21.0006 4388 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:36:21.0006 4388 HDAudBus - ok
19:36:21.0022 4388 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:36:21.0037 4388 HidBatt - ok
19:36:21.0053 4388 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:36:21.0053 4388 HidBth - ok
19:36:21.0193 4388 HideMyIpSRV (1fde827f2b511d41b6fb99fd1bcfa659) C:\Program Files (x86)\Hide My IP\HideMyIpSrv.exe
19:36:21.0240 4388 HideMyIpSRV - ok
19:36:21.0365 4388 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:36:21.0365 4388 HidIr - ok
19:36:21.0396 4388 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
19:36:21.0412 4388 hidserv - ok
19:36:21.0443 4388 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:36:21.0443 4388 HidUsb - ok
19:36:21.0490 4388 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:36:21.0490 4388 hkmsvc - ok
19:36:21.0521 4388 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:36:21.0536 4388 HomeGroupListener - ok
19:36:21.0552 4388 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:36:21.0552 4388 HomeGroupProvider - ok
19:36:21.0583 4388 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:36:21.0583 4388 HpSAMD - ok
19:36:21.0630 4388 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:36:21.0630 4388 HTTP - ok
19:36:21.0677 4388 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:36:21.0677 4388 hwpolicy - ok
19:36:21.0724 4388 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:36:21.0739 4388 i8042prt - ok
19:36:21.0770 4388 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:36:21.0770 4388 iaStorV - ok
19:36:21.0880 4388 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:36:21.0880 4388 IDriverT - ok
19:36:22.0020 4388 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:36:22.0036 4388 idsvc - ok
19:36:22.0129 4388 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:36:22.0129 4388 iirsp - ok
19:36:22.0192 4388 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:36:22.0192 4388 IKEEXT - ok
19:36:22.0285 4388 IntcAzAudAddService (589b94a9b73a0e819ff873743a480834) C:\Windows\system32\drivers\RTKVHD64.sys
19:36:22.0301 4388 IntcAzAudAddService - ok
19:36:22.0410 4388 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:36:22.0410 4388 intelide - ok
19:36:22.0426 4388 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:36:22.0426 4388 intelppm - ok
19:36:22.0472 4388 IOMap (a01c412699b6f21645b2885c2bae4454) C:\Windows\system32\drivers\IOMap64.sys
19:36:22.0488 4388 IOMap - ok
19:36:22.0519 4388 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:36:22.0519 4388 IPBusEnum - ok
19:36:22.0550 4388 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:36:22.0550 4388 IpFilterDriver - ok
19:36:22.0597 4388 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:36:22.0597 4388 iphlpsvc - ok
19:36:22.0628 4388 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:36:22.0628 4388 IPMIDRV - ok
19:36:22.0660 4388 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:36:22.0660 4388 IPNAT - ok
19:36:22.0675 4388 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:36:22.0675 4388 IRENUM - ok
19:36:22.0706 4388 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:36:22.0706 4388 isapnp - ok
19:36:22.0722 4388 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:36:22.0738 4388 iScsiPrt - ok
19:36:22.0753 4388 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:36:22.0753 4388 kbdclass - ok
19:36:22.0769 4388 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:36:22.0784 4388 kbdhid - ok
19:36:22.0816 4388 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:36:22.0816 4388 KeyIso - ok
19:36:22.0831 4388 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:36:22.0831 4388 KSecDD - ok
19:36:22.0847 4388 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:36:22.0862 4388 KSecPkg - ok
19:36:22.0894 4388 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:36:22.0894 4388 ksthunk - ok
19:36:22.0925 4388 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:36:22.0940 4388 KtmRm - ok
19:36:22.0972 4388 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
19:36:22.0987 4388 LanmanServer - ok
19:36:23.0018 4388 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:36:23.0018 4388 LanmanWorkstation - ok
19:36:23.0050 4388 LgBttPort (174803f2eea3b22165dfe0e5a1f20685) C:\Windows\system32\DRIVERS\lgbtpt64.sys
19:36:23.0050 4388 LgBttPort - ok
19:36:23.0065 4388 lgbusenum (565f93bb7c0361e61b3daea670c354d6) C:\Windows\system32\DRIVERS\lgbtbs64.sys
19:36:23.0065 4388 lgbusenum - ok
19:36:23.0096 4388 LGVMODEM (abf477857b7ced873362ec92c6ce10a7) C:\Windows\system32\DRIVERS\lgvmdm64.sys
19:36:23.0096 4388 LGVMODEM - ok
19:36:23.0112 4388 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:36:23.0112 4388 lltdio - ok
19:36:23.0143 4388 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:36:23.0143 4388 lltdsvc - ok
19:36:23.0174 4388 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:36:23.0174 4388 lmhosts - ok
19:36:23.0221 4388 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:36:23.0237 4388 LMS - ok
19:36:23.0268 4388 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:36:23.0268 4388 LSI_FC - ok
19:36:23.0299 4388 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:36:23.0299 4388 LSI_SAS - ok
19:36:23.0315 4388 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:36:23.0330 4388 LSI_SAS2 - ok
19:36:23.0346 4388 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:36:23.0346 4388 LSI_SCSI - ok
19:36:23.0393 4388 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:36:23.0393 4388 luafv - ok
19:36:23.0424 4388 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:36:23.0424 4388 Mcx2Svc - ok
19:36:23.0440 4388 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:36:23.0440 4388 megasas - ok
19:36:23.0455 4388 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:36:23.0471 4388 MegaSR - ok
19:36:23.0502 4388 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:36:23.0502 4388 MEIx64 - ok
19:36:23.0533 4388 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:36:23.0533 4388 MMCSS - ok
19:36:23.0564 4388 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:36:23.0564 4388 Modem - ok
19:36:23.0580 4388 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:36:23.0580 4388 monitor - ok
19:36:23.0611 4388 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:36:23.0611 4388 mouclass - ok
19:36:23.0627 4388 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:36:23.0627 4388 mouhid - ok
19:36:23.0674 4388 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:36:23.0674 4388 mountmgr - ok
19:36:23.0705 4388 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:36:23.0705 4388 mpio - ok
19:36:23.0720 4388 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:36:23.0736 4388 mpsdrv - ok
19:36:23.0767 4388 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:36:23.0783 4388 MpsSvc - ok
19:36:23.0814 4388 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:36:23.0814 4388 MRxDAV - ok
19:36:23.0861 4388 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:36:23.0861 4388 mrxsmb - ok
19:36:23.0892 4388 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:36:23.0892 4388 mrxsmb10 - ok
19:36:23.0908 4388 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:36:23.0923 4388 mrxsmb20 - ok
19:36:23.0954 4388 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:36:23.0954 4388 msahci - ok
19:36:23.0970 4388 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:36:23.0970 4388 msdsm - ok
19:36:24.0001 4388 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:36:24.0001 4388 MSDTC - ok
19:36:24.0048 4388 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:36:24.0048 4388 Msfs - ok
19:36:24.0064 4388 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:36:24.0064 4388 mshidkmdf - ok
19:36:24.0079 4388 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:36:24.0079 4388 msisadrv - ok
19:36:24.0126 4388 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:36:24.0126 4388 MSiSCSI - ok
19:36:24.0126 4388 msiserver - ok
19:36:24.0142 4388 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:36:24.0157 4388 MSKSSRV - ok
19:36:24.0157 4388 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:36:24.0173 4388 MSPCLOCK - ok
19:36:24.0188 4388 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:36:24.0188 4388 MSPQM - ok
19:36:24.0220 4388 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:36:24.0235 4388 MsRPC - ok
19:36:24.0266 4388 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:36:24.0266 4388 mssmbios - ok
19:36:24.0266 4388 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:36:24.0266 4388 MSTEE - ok
19:36:24.0298 4388 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:36:24.0298 4388 MTConfig - ok
19:36:24.0329 4388 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:36:24.0329 4388 Mup - ok
19:36:24.0360 4388 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:36:24.0360 4388 napagent - ok
19:36:24.0391 4388 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:36:24.0391 4388 NativeWifiP - ok
19:36:24.0422 4388 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:36:24.0438 4388 NDIS - ok
19:36:24.0469 4388 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:36:24.0469 4388 NdisCap - ok
19:36:24.0500 4388 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:36:24.0500 4388 NdisTapi - ok
19:36:24.0532 4388 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:36:24.0532 4388 Ndisuio - ok
19:36:24.0563 4388 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:36:24.0578 4388 NdisWan - ok
19:36:24.0610 4388 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:36:24.0610 4388 NDProxy - ok
19:36:24.0625 4388 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:36:24.0625 4388 NetBIOS - ok
19:36:24.0656 4388 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:36:24.0656 4388 NetBT - ok
19:36:24.0703 4388 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:36:24.0703 4388 Netlogon - ok
19:36:24.0750 4388 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:36:24.0750 4388 Netman - ok
19:36:24.0890 4388 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:36:24.0922 4388 NetMsmqActivator - ok
19:36:24.0922 4388 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:36:24.0922 4388 NetPipeActivator - ok
19:36:24.0953 4388 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:36:24.0968 4388 netprofm - ok
19:36:24.0968 4388 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:36:24.0968 4388 NetTcpActivator - ok
19:36:24.0968 4388 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:36:24.0984 4388 NetTcpPortSharing - ok
19:36:25.0046 4388 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:36:25.0046 4388 nfrd960 - ok
19:36:25.0078 4388 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:36:25.0078 4388 NlaSvc - ok
19:36:25.0093 4388 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:36:25.0093 4388 Npfs - ok
19:36:25.0124 4388 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:36:25.0124 4388 nsi - ok
19:36:25.0140 4388 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:36:25.0140 4388 nsiproxy - ok
19:36:25.0202 4388 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:36:25.0234 4388 Ntfs - ok
19:36:25.0358 4388 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:36:25.0358 4388 Null - ok
19:36:25.0405 4388 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
19:36:25.0405 4388 NVHDA - ok
19:36:25.0702 4388 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:36:25.0780 4388 nvlddmkm - ok
19:36:25.0920 4388 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:36:25.0920 4388 nvraid - ok
19:36:25.0936 4388 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:36:25.0936 4388 nvstor - ok
19:36:25.0998 4388 NVSvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
19:36:25.0998 4388 NVSvc - ok
19:36:26.0138 4388 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:36:26.0201 4388 nvUpdatusService - ok
19:36:26.0341 4388 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:36:26.0341 4388 nv_agp - ok
19:36:26.0357 4388 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:36:26.0357 4388 ohci1394 - ok
19:36:26.0435 4388 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:36:26.0435 4388 ose64 - ok
19:36:26.0591 4388 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:36:26.0684 4388 osppsvc - ok
19:36:26.0825 4388 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:36:26.0825 4388 p2pimsvc - ok
19:36:26.0856 4388 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:36:26.0856 4388 p2psvc - ok
19:36:26.0918 4388 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:36:26.0918 4388 Parport - ok
19:36:26.0950 4388 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:36:26.0950 4388 partmgr - ok
19:36:26.0965 4388 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:36:26.0981 4388 PcaSvc - ok
19:36:27.0012 4388 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:36:27.0012 4388 pci - ok
19:36:27.0028 4388 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:36:27.0028 4388 pciide - ok
19:36:27.0059 4388 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:36:27.0059 4388 pcmcia - ok
19:36:27.0090 4388 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:36:27.0090 4388 pcw - ok
19:36:27.0121 4388 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:36:27.0121 4388 PEAUTH - ok
19:36:27.0184 4388 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
19:36:27.0215 4388 PeerDistSvc - ok
19:36:27.0293 4388 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:36:27.0293 4388 PerfHost - ok
19:36:27.0402 4388 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:36:27.0433 4388 pla - ok
19:36:27.0464 4388 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:36:27.0480 4388 PlugPlay - ok
19:36:27.0511 4388 PnkBstrA - ok
19:36:27.0527 4388 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:36:27.0527 4388 PNRPAutoReg - ok
19:36:27.0558 4388 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:36:27.0558 4388 PNRPsvc - ok
19:36:27.0589 4388 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:36:27.0589 4388 PolicyAgent - ok
19:36:27.0620 4388 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:36:27.0620 4388 Power - ok
19:36:27.0683 4388 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:36:27.0698 4388 PptpMiniport - ok
19:36:27.0714 4388 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:36:27.0714 4388 Processor - ok
19:36:27.0745 4388 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
19:36:27.0745 4388 ProfSvc - ok

[janecek76]

19:36:27.0776 4388 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:36:27.0776 4388 ProtectedStorage - ok
19:36:27.0823 4388 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:36:27.0823 4388 Psched - ok
19:36:27.0870 4388 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:36:27.0932 4388 ql2300 - ok
19:36:28.0042 4388 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:36:28.0042 4388 ql40xx - ok
19:36:28.0073 4388 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:36:28.0073 4388 QWAVE - ok
19:36:28.0104 4388 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:36:28.0104 4388 QWAVEdrv - ok
19:36:28.0120 4388 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:36:28.0120 4388 RasAcd - ok
19:36:28.0151 4388 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:36:28.0151 4388 RasAgileVpn - ok
19:36:28.0166 4388 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:36:28.0182 4388 RasAuto - ok
19:36:28.0213 4388 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:36:28.0213 4388 Rasl2tp - ok
19:36:28.0244 4388 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:36:28.0244 4388 RasMan - ok
19:36:28.0276 4388 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:36:28.0276 4388 RasPppoe - ok
19:36:28.0291 4388 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:36:28.0291 4388 RasSstp - ok
19:36:28.0338 4388 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:36:28.0338 4388 rdbss - ok
19:36:28.0354 4388 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:36:28.0369 4388 rdpbus - ok
19:36:28.0385 4388 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:36:28.0385 4388 RDPCDD - ok
19:36:28.0432 4388 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
19:36:28.0432 4388 RDPDR - ok
19:36:28.0447 4388 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:36:28.0447 4388 RDPENCDD - ok
19:36:28.0494 4388 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:36:28.0494 4388 RDPREFMP - ok
19:36:28.0525 4388 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
19:36:28.0525 4388 RdpVideoMiniport - ok
19:36:28.0556 4388 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
19:36:28.0556 4388 RDPWD - ok
19:36:28.0588 4388 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:36:28.0588 4388 rdyboost - ok
19:36:28.0619 4388 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:36:28.0634 4388 RemoteAccess - ok
19:36:28.0666 4388 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:36:28.0666 4388 RemoteRegistry - ok
19:36:28.0681 4388 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:36:28.0697 4388 RpcEptMapper - ok
19:36:28.0728 4388 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:36:28.0728 4388 RpcLocator - ok
19:36:28.0775 4388 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll
19:36:28.0775 4388 RpcSs - ok
19:36:28.0837 4388 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:36:28.0837 4388 rspndr - ok
19:36:28.0884 4388 RTL8167 (ed5873f7dfb2f96d37f13322211b6bdc) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:36:28.0884 4388 RTL8167 - ok
19:36:28.0915 4388 RtNdPt60 (e16b7c030a05ef649b18fab0a93d871f) C:\Windows\system32\DRIVERS\RtNdPt60.sys
19:36:28.0915 4388 RtNdPt60 - ok
19:36:28.0946 4388 RTTEAMPT (1de78f5008120cd79b34c12394dcd493) C:\Windows\system32\DRIVERS\RtTeam60.sys
19:36:28.0946 4388 RTTEAMPT - ok
19:36:28.0962 4388 RTVLANPT (b1018aa1b5735f5fa89fd4dadf4bea7a) C:\Windows\system32\DRIVERS\RtVlan60.sys
19:36:28.0962 4388 RTVLANPT - ok
19:36:28.0993 4388 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
19:36:28.0993 4388 s3cap - ok
19:36:29.0024 4388 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:36:29.0024 4388 SamSs - ok
19:36:29.0071 4388 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:36:29.0071 4388 sbp2port - ok
19:36:29.0102 4388 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:36:29.0102 4388 SCardSvr - ok
19:36:29.0134 4388 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:36:29.0134 4388 scfilter - ok
19:36:29.0180 4388 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:36:29.0196 4388 Schedule - ok
19:36:29.0227 4388 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:36:29.0227 4388 SCPolicySvc - ok
19:36:29.0274 4388 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:36:29.0274 4388 SDRSVC - ok
19:36:29.0368 4388 SeaPort (331e7bde228914574fc9ae6cd520dafa) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
19:36:29.0368 4388 SeaPort - ok
19:36:29.0446 4388 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:36:29.0446 4388 secdrv - ok
19:36:29.0477 4388 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:36:29.0477 4388 seclogon - ok
19:36:29.0508 4388 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
19:36:29.0508 4388 SENS - ok
19:36:29.0524 4388 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:36:29.0524 4388 SensrSvc - ok
19:36:29.0555 4388 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:36:29.0555 4388 Serenum - ok
19:36:29.0570 4388 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:36:29.0570 4388 Serial - ok
19:36:29.0602 4388 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:36:29.0602 4388 sermouse - ok
19:36:29.0648 4388 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:36:29.0648 4388 SessionEnv - ok
19:36:29.0680 4388 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:36:29.0680 4388 sffdisk - ok
19:36:29.0695 4388 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:36:29.0711 4388 sffp_mmc - ok
19:36:29.0726 4388 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:36:29.0726 4388 sffp_sd - ok
19:36:29.0758 4388 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:36:29.0758 4388 sfloppy - ok
19:36:29.0804 4388 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:36:29.0820 4388 SharedAccess - ok
19:36:29.0867 4388 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:36:29.0867 4388 ShellHWDetection - ok
19:36:29.0882 4388 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:36:29.0882 4388 SiSRaid2 - ok
19:36:29.0914 4388 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:36:29.0914 4388 SiSRaid4 - ok
19:36:29.0960 4388 SmartDefragDriver (dd0443bc6cc78a19fd399817f8c51401) C:\Windows\system32\Drivers\SmartDefragDriver.sys
19:36:29.0960 4388 SmartDefragDriver - ok
19:36:29.0976 4388 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:36:29.0976 4388 Smb - ok
19:36:30.0007 4388 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:36:30.0007 4388 SNMPTRAP - ok
19:36:30.0038 4388 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:36:30.0038 4388 spldr - ok
19:36:30.0085 4388 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:36:30.0101 4388 Spooler - ok
19:36:30.0210 4388 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:36:30.0272 4388 sppsvc - ok
19:36:30.0397 4388 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:36:30.0397 4388 sppuinotify - ok
19:36:30.0491 4388 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
19:36:30.0491 4388 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
19:36:30.0491 4388 sptd ( LockedFile.Multi.Generic ) - warning
19:36:30.0491 4388 sptd - detected LockedFile.Multi.Generic (1)
19:36:30.0538 4388 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:36:30.0538 4388 srv - ok
19:36:30.0569 4388 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:36:30.0584 4388 srv2 - ok
19:36:30.0600 4388 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:36:30.0600 4388 srvnet - ok
19:36:30.0647 4388 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:36:30.0647 4388 SSDPSRV - ok
19:36:30.0662 4388 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:36:30.0662 4388 SstpSvc - ok
19:36:30.0740 4388 Steam Client Service - ok
19:36:30.0850 4388 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:36:30.0850 4388 Stereo Service - ok
19:36:30.0881 4388 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:36:30.0881 4388 stexstor - ok
19:36:30.0928 4388 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:36:30.0943 4388 stisvc - ok
19:36:30.0974 4388 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
19:36:30.0974 4388 storflt - ok
19:36:30.0990 4388 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
19:36:31.0006 4388 storvsc - ok
19:36:31.0021 4388 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:36:31.0021 4388 swenum - ok
19:36:31.0115 4388 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:36:31.0115 4388 SwitchBoard - ok
19:36:31.0162 4388 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:36:31.0177 4388 swprv - ok
19:36:31.0193 4388 Synth3dVsc - ok
19:36:31.0255 4388 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:36:31.0286 4388 SysMain - ok
19:36:31.0427 4388 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:36:31.0427 4388 TabletInputService - ok
19:36:31.0458 4388 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:36:31.0458 4388 TapiSrv - ok
19:36:31.0489 4388 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:36:31.0489 4388 TBS - ok
19:36:31.0583 4388 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:36:31.0614 4388 Tcpip - ok
19:36:31.0754 4388 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:36:31.0770 4388 TCPIP6 - ok
19:36:31.0895 4388 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:36:31.0895 4388 tcpipreg - ok
19:36:31.0957 4388 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:36:31.0957 4388 TDPIPE - ok
19:36:31.0973 4388 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:36:31.0973 4388 TDTCP - ok
19:36:32.0035 4388 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:36:32.0035 4388 tdx - ok
19:36:32.0066 4388 TEAM (1de78f5008120cd79b34c12394dcd493) C:\Windows\system32\DRIVERS\RtTeam60.sys
19:36:32.0066 4388 TEAM - ok
19:36:32.0113 4388 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:36:32.0113 4388 TermDD - ok
19:36:32.0160 4388 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:36:32.0176 4388 TermService - ok
19:36:32.0207 4388 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:36:32.0207 4388 Themes - ok
19:36:32.0238 4388 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:36:32.0254 4388 THREADORDER - ok
19:36:32.0269 4388 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:36:32.0269 4388 TrkWks - ok
19:36:32.0347 4388 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:36:32.0347 4388 TrustedInstaller - ok
19:36:32.0378 4388 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:36:32.0378 4388 tssecsrv - ok
19:36:32.0410 4388 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:36:32.0410 4388 TsUsbFlt - ok
19:36:32.0410 4388 tsusbhub - ok
19:36:32.0456 4388 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:36:32.0456 4388 tunnel - ok
19:36:32.0488 4388 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:36:32.0503 4388 uagp35 - ok
19:36:32.0550 4388 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:36:32.0550 4388 udfs - ok
19:36:32.0581 4388 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:36:32.0581 4388 UI0Detect - ok
19:36:32.0612 4388 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:36:32.0628 4388 uliagpkx - ok
19:36:32.0644 4388 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
19:36:32.0644 4388 umbus - ok
19:36:32.0659 4388 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:36:32.0675 4388 UmPass - ok
19:36:32.0690 4388 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
19:36:32.0690 4388 UmRdpService - ok
19:36:32.0831 4388 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:36:32.0862 4388 UNS - ok
19:36:32.0987 4388 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:36:33.0002 4388 upnphost - ok
19:36:33.0049 4388 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:36:33.0065 4388 usbccgp - ok
19:36:33.0080 4388 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:36:33.0080 4388 usbcir - ok
19:36:33.0112 4388 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:36:33.0112 4388 usbehci - ok
19:36:33.0127 4388 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:36:33.0127 4388 usbhub - ok
19:36:33.0158 4388 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:36:33.0158 4388 usbohci - ok
19:36:33.0205 4388 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:36:33.0205 4388 usbprint - ok
19:36:33.0236 4388 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:36:33.0236 4388 usbscan - ok
19:36:33.0268 4388 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:36:33.0268 4388 USBSTOR - ok
19:36:33.0283 4388 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:36:33.0283 4388 usbuhci - ok
19:36:33.0330 4388 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:36:33.0330 4388 UxSms - ok
19:36:33.0361 4388 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:36:33.0377 4388 VaultSvc - ok
19:36:33.0392 4388 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:36:33.0392 4388 vdrvroot - ok
19:36:33.0424 4388 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:36:33.0439 4388 vds - ok
19:36:33.0470 4388 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:36:33.0470 4388 vga - ok
19:36:33.0486 4388 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:36:33.0486 4388 VgaSave - ok
19:36:33.0502 4388 VGPU - ok
19:36:33.0517 4388 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:36:33.0517 4388 vhdmp - ok
19:36:33.0533 4388 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:36:33.0548 4388 viaide - ok
19:36:33.0580 4388 Video3D (fc7eb58f50967eb910eb4aa2e1dae263) C:\Windows\system32\Drivers\Video3D64.sys
19:36:33.0580 4388 Video3D - ok
19:36:33.0642 4388 VLAN (b1018aa1b5735f5fa89fd4dadf4bea7a) C:\Windows\system32\DRIVERS\RtVLAN60.sys
19:36:33.0642 4388 VLAN - ok
19:36:33.0673 4388 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
19:36:33.0673 4388 vmbus - ok
19:36:33.0689 4388 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
19:36:33.0689 4388 VMBusHID - ok
19:36:33.0704 4388 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:36:33.0704 4388 volmgr - ok
19:36:33.0751 4388 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:36:33.0751 4388 volmgrx - ok
19:36:33.0782 4388 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:36:33.0782 4388 volsnap - ok
19:36:33.0829 4388 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:36:33.0829 4388 vsmraid - ok
19:36:33.0907 4388 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:36:33.0923 4388 VSS - ok
19:36:34.0032 4388 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
19:36:34.0032 4388 vwifibus - ok
19:36:34.0079 4388 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:36:34.0094 4388 W32Time - ok
19:36:34.0110 4388 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:36:34.0126 4388 WacomPen - ok
19:36:34.0141 4388 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:36:34.0141 4388 WANARP - ok
19:36:34.0157 4388 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:36:34.0157 4388 Wanarpv6 - ok
19:36:34.0219 4388 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:36:34.0250 4388 WatAdminSvc - ok
19:36:34.0313 4388 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:36:34.0344 4388 wbengine - ok
19:36:34.0469 4388 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:36:34.0484 4388 WbioSrvc - ok
19:36:34.0516 4388 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:36:34.0531 4388 wcncsvc - ok
19:36:34.0547 4388 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:36:34.0547 4388 WcsPlugInService - ok
19:36:34.0609 4388 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:36:34.0625 4388 Wd - ok
19:36:34.0656 4388 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:36:34.0656 4388 Wdf01000 - ok
19:36:34.0687 4388 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:36:34.0687 4388 WdiServiceHost - ok
19:36:34.0687 4388 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:36:34.0687 4388 WdiSystemHost - ok
19:36:34.0718 4388 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:36:34.0734 4388 WebClient - ok
19:36:34.0765 4388 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:36:34.0765 4388 Wecsvc - ok
19:36:34.0796 4388 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:36:34.0796 4388 wercplsupport - ok
19:36:34.0828 4388 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:36:34.0828 4388 WerSvc - ok
19:36:34.0906 4388 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:36:34.0906 4388 WfpLwf - ok
19:36:34.0921 4388 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:36:34.0921 4388 WIMMount - ok
19:36:34.0984 4388 WinDefend - ok
19:36:35.0030 4388 WinHttpAutoProxySvc - ok
19:36:35.0077 4388 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:36:35.0093 4388 Winmgmt - ok
19:36:35.0155 4388 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:36:35.0202 4388 WinRM - ok
19:36:35.0342 4388 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:36:35.0342 4388 WinUsb - ok
19:36:35.0405 4388 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:36:35.0420 4388 Wlansvc - ok
19:36:35.0545 4388 wlidsvc (98f138897ef4246381d197cb81846d62) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:36:35.0592 4388 wlidsvc - ok
19:36:35.0732 4388 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:36:35.0732 4388 WmiAcpi - ok
19:36:35.0810 4388 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:36:35.0810 4388 wmiApSrv - ok
19:36:35.0857 4388 WMPNetworkSvc - ok
19:36:35.0904 4388 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:36:35.0904 4388 WPCSvc - ok
19:36:35.0935 4388 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:36:35.0935 4388 WPDBusEnum - ok
19:36:35.0966 4388 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:36:35.0966 4388 ws2ifsl - ok
19:36:35.0982 4388 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
19:36:35.0998 4388 wscsvc - ok
19:36:35.0998 4388 WSearch - ok
19:36:36.0091 4388 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
19:36:36.0122 4388 wuauserv - ok
19:36:36.0278 4388 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:36:36.0278 4388 WudfPf - ok
19:36:36.0294 4388 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:36:36.0294 4388 WUDFRd - ok
19:36:36.0325 4388 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:36:36.0341 4388 wudfsvc - ok
19:36:36.0372 4388 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:36:36.0372 4388 WwanSvc - ok
19:36:36.0403 4388 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:36:36.0668 4388 \Device\Harddisk0\DR0 - ok
19:36:36.0684 4388 Boot (0x1200) (9ec7f42d1a7a0b4849c56348a8674338) \Device\Harddisk0\DR0\Partition0
19:36:36.0684 4388 \Device\Harddisk0\DR0\Partition0 - ok
19:36:36.0700 4388 Boot (0x1200) (f4e0a51f9cc527a90f6d81393bd1fed7) \Device\Harddisk0\DR0\Partition1
19:36:36.0700 4388 \Device\Harddisk0\DR0\Partition1 - ok
19:36:36.0700 4388 ============================================================
19:36:36.0700 4388 Scan finished
19:36:36.0700 4388 ============================================================
19:36:36.0700 3796 Detected object count: 1
19:36:36.0700 3796 Actual detected object count: 1
19:36:41.0114 3796 sptd ( LockedFile.Multi.Generic ) - skipped by user
19:36:41.0114 3796 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:36:47.0198 4660 Deinitialize success

[janecek76]

ComboFix


ComboFix 12-06-20.02 - Jan 20.06.2012 19:42:49.7.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.5102.3670 [GMT 2:00]
Running from: c:\users\Jan\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jan\P-7-78-8964-9648-3874
.
.
((((((((((((((((((((((((( Files Created from 2012-05-20 to 2012-06-20 )))))))))))))))))))))))))))))))
.
.
2012-06-20 17:49 . 2012-06-20 17:49 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-06-20 17:49 . 2012-06-20 17:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-20 17:49 . 2012-06-20 17:49 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-06-20 17:32 . 2012-06-20 17:32 -------- d-----w- c:\users\Jan\AppData\Local\Adobe
2012-06-20 14:57 . 2012-06-20 14:57 -------- d-----w- c:\windows\system32\Macromed
2012-06-20 13:32 . 2012-06-20 13:32 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-06-20 13:32 . 2012-06-20 13:32 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-06-20 13:32 . 2012-06-20 13:32 -------- d-----w- c:\users\Jan\AppData\Roaming\PunkBuster
2012-06-20 12:06 . 2012-06-20 12:06 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-06-20 08:32 . 2012-06-20 08:32 -------- d-----w- c:\users\Jan\AppData\Local\Aspyr
2012-06-20 08:21 . 2012-06-20 11:55 -------- d-----w- c:\program files (x86)\Aspyr
2012-06-17 22:00 . 2012-06-17 22:00 -------- d-----w- c:\users\Jan\AppData\Roaming\Ubisoft
2012-06-17 21:49 . 2012-06-20 13:24 -------- d-----w- c:\program files (x86)\Ubisoft
2012-06-16 12:40 . 2012-06-16 12:40 -------- d--h--w- c:\program files (x86)\DeviceVM
2012-06-16 12:38 . 2010-01-14 12:27 48416 ----a-r- c:\windows\system32\drivers\RtTeam60.sys
2012-06-16 12:38 . 2010-01-14 12:27 29472 ----a-r- c:\windows\system32\drivers\RtVlan60.sys
2012-06-16 12:38 . 2010-01-14 12:27 32544 ----a-r- c:\windows\system32\drivers\RtNdPt60.sys
2012-06-14 14:34 . 2012-06-14 14:34 -------- d-----w- c:\users\Jan\AppData\Roaming\Flock
2012-06-14 14:34 . 2012-06-14 14:34 -------- d-----w- c:\users\Jan\AppData\Local\Flock
2012-06-14 14:33 . 2012-06-14 14:38 -------- d-----w- c:\program files (x86)\Flock
2012-06-14 14:10 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5EDF8007-5BBA-4BB1-A1CC-B6CE08EE0935}\mpengine.dll
2012-06-09 23:21 . 2012-01-19 06:23 339320 ----a-w- c:\windows\SysWow64\HMIPCore.dll
2012-06-09 23:21 . 2012-06-09 23:21 -------- d-----w- c:\program files (x86)\Hide My IP
2012-06-08 15:58 . 2012-06-09 13:05 -------- d-----w- c:\users\Jan\AppData\Roaming\.minecraft
2012-06-05 18:10 . 2012-06-05 18:15 -------- d-----w- c:\programdata\HP Photo Creations
2012-06-05 18:10 . 2012-06-05 18:10 -------- d-----w- c:\program files (x86)\HP Photo Creations
2012-06-05 18:09 . 2012-06-05 18:09 -------- d-----w- c:\program files\HP
2012-06-04 16:59 . 2012-06-04 16:59 -------- d-----w- c:\users\Jan\AppData\Roaming\ML
2012-06-04 16:52 . 2012-06-04 16:52 -------- d-----w- c:\users\Jan\AppData\Local\LG Electronics
2012-06-04 16:47 . 2012-06-04 16:54 2984 ----a-w- C:\user.js
2012-06-02 13:41 . 2012-06-02 13:41 -------- d-----w- c:\users\Jan\AppData\Roaming\LolClient2
2012-05-29 16:26 . 2012-06-20 14:57 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-29 16:26 . 2012-06-20 14:57 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-28 17:55 . 2012-06-03 09:52 -------- d-----w- c:\users\Jan\AppData\Roaming\ICQ
2012-05-28 17:55 . 2012-05-28 17:55 -------- d-----w- c:\program files (x86)\ICQ7M
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-23 15:12 . 2012-02-02 20:08 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-04-23 15:12 . 2012-02-02 20:08 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-04-23 15:12 . 2012-02-02 20:08 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-04-23 15:12 . 2012-02-02 20:08 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-04-21 09:50 . 2012-04-21 09:50 1119680 ----a-w- c:\windows\PE_Rom.dll
2012-04-04 16:47 . 2012-05-09 20:12 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-04-04 16:47 . 2012-05-09 20:12 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-04 13:56 . 2012-03-26 18:51 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-31 10:43 . 2012-03-25 20:30 2829 ----a-w- c:\windows\War3Unin.pif
2012-03-31 10:43 . 2012-03-25 20:30 139264 ----a-w- c:\windows\War3Unin.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-06-19_22.46.52 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-06-19 22:46 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-06-20 17:40 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-06-19 22:46 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-20 17:40 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-19 22:46 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-20 17:40 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-01-29 17:26 . 2012-06-20 17:40 41016 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2012-06-19 22:47 40216 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-06-20 17:40 40216 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-01-29 17:17 . 2012-06-20 17:40 12596 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2163336548-1697645886-630390420-1000_UserData.bin
+ 2012-01-29 00:02 . 2012-06-20 17:38 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-01-29 00:02 . 2012-06-19 22:45 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-04-11 19:17 . 2012-06-20 17:38 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2012-04-11 19:17 . 2012-06-19 22:45 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-19 22:45 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-20 17:38 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-01-29 00:09 . 2012-06-19 22:33 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-01-29 00:09 . 2012-06-20 17:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-01-29 00:09 . 2012-06-20 17:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-01-29 00:09 . 2012-06-19 22:33 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-06-20 12:27 . 2012-06-20 12:27 65536 c:\windows\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut5_0CE1A6C0F3F749E68F9D2431F9827441.exe
+ 2012-06-20 08:32 . 2012-06-20 12:27 65536 c:\windows\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut4_0CE1A6C0F3F749E68F9D2431F9827441.exe
+ 2012-06-20 12:27 . 2012-06-20 12:27 65536 c:\windows\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut3_0CE1A6C0F3F749E68F9D2431F9827441.exe
+ 2012-06-20 12:27 . 2012-06-20 12:27 65536 c:\windows\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut2_0CE1A6C0F3F749E68F9D2431F9827441.exe
+ 2012-06-20 12:27 . 2012-06-20 12:27 10134 c:\windows\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\ARPPRODUCTICON.exe
- 2012-06-17 21:55 . 2012-06-17 21:55 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2012-06-17 21:55 . 2012-06-17 21:55 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2012-06-20 17:38 . 2012-06-20 17:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-19 22:45 . 2012-06-19 22:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-20 17:38 . 2012-06-20 17:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-06-19 22:45 . 2012-06-19 22:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-20 08:32 . 2012-06-20 12:27 8854 c:\windows\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\UNINST_Uninstall_G_0CE1A6C0F3F749E68F9D2431F9827441_1.exe
+ 2012-06-20 14:57 . 2012-06-20 14:57 686280 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
+ 2012-06-20 14:57 . 2012-06-20 14:57 465096 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.dll
+ 2012-05-29 16:26 . 2012-06-20 14:57 257224 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- 2009-07-14 02:36 . 2012-06-16 19:11 669026 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-06-20 15:04 669026 c:\windows\system32\perfh009.dat
+ 2012-01-29 19:16 . 2012-06-20 15:04 675100 c:\windows\system32\perfh005.dat
- 2012-01-29 19:16 . 2012-06-16 19:11 675100 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2012-06-20 15:04 125226 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-06-16 19:11 125226 c:\windows\system32\perfc009.dat
- 2012-01-29 19:16 . 2012-06-16 19:11 145054 c:\windows\system32\perfc005.dat
+ 2012-01-29 19:16 . 2012-06-20 15:04 145054 c:\windows\system32\perfc005.dat
+ 2012-06-20 14:57 . 2012-06-20 14:57 417480 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_257_ActiveX.exe
+ 2012-06-20 14:57 . 2012-06-20 14:57 512200 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_257_ActiveX.dll
+ 2009-07-14 05:01 . 2012-06-20 17:36 468724 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-06-19 22:44 468724 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-23 22:39 . 2012-06-20 17:30 864320 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2163336548-1697645886-630390420-1000-8192.dat
- 2012-03-23 22:39 . 2012-06-19 22:44 864320 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2163336548-1697645886-630390420-1000-8192.dat
- 2012-06-17 21:55 . 2012-06-17 21:55 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2012-06-17 21:55 . 2012-06-17 21:55 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2012-06-17 21:55 . 2012-06-17 21:55 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2012-06-17 21:55 . 2012-06-17 21:55 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2012-06-17 21:55 . 2012-06-17 21:55 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-17 21:55 . 2012-06-17 21:55 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-17 21:55 . 2012-06-17 21:55 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-17 21:55 . 2012-06-17 21:55 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-17 21:55 . 2012-06-17 21:55 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-17 21:55 . 2012-06-17 21:55 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-17 21:55 . 2012-06-17 21:55 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-17 21:55 . 2012-06-17 21:55 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-17 21:55 . 2012-06-17 21:55 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2012-06-17 21:55 . 2012-06-17 21:55 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2012-06-17 21:55 . 2012-06-17 21:55 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-17 21:55 . 2012-06-17 21:55 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-20 13:31 . 2012-06-20 13:31 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-10-17 22:32 . 2007-10-17 22:32 23855616 c:\windows\Installer\e811c9.msi
+ 2007-10-17 22:32 . 2007-10-17 22:32 23855616 c:\windows\Installer\12ff93.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-05-20 880496]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-03-23 1242448]
"4gameTray"="c:\program files (x86)\4game\4game\4GameTray.exe" [2012-03-05 813408]
"ICQ"="c:\program files (x86)\ICQ7M\ICQ.exe" [2012-05-28 127040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2010-03-05 411864]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-20 257224]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-03 918144]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2010-12-02 915584]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-03-05 235752]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 HideMyIpSRV;HideMyIpSRV;c:\program files (x86)\Hide My IP\HideMyIpSrv.exe [2012-01-19 3337216]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [x]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [x]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S4 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-29 14:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-01-05 17:19 132584 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
LSP: c:\windows\system32\HMIPCore.dll
TCP: DhcpNameServer = 10.0.0.138
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{F999A48B-1950-4D81-9971-79018F807B4B} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2163336548-1697645886-630390420-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:75,9d,d7,bb,46,4a,18,26,15,50,7f,d1,c7,e4,66,6d,30,3d,1b,26,ec,c4,b7,
da,a4,4c,a9,18,6f,71,17,c8,45,99,ae,7d,3d,14,6a,64,f1,49,db,0c,7c,c1,80,b9,\
"??"=hex:88,10,f0,d5,c4,8c,29,68,9a,a6,4c,ea,8e,9c,31,2a
.
[HKEY_USERS\S-1-5-21-2163336548-1697645886-630390420-1000\Software\SecuROM\License information*]
"datasecu"=hex:ea,ba,7c,5b,7e,f7,f7,60,97,71,e1,78,67,3f,4f,ed,23,a8,fd,51,9b,
d0,4d,97,20,fa,b5,93,0b,e9,6a,74,f1,97,00,e4,eb,3c,cb,40,c6,e9,6b,07,bc,88,\
"rkeysecu"=hex:3d,e0,31,7f,03,a0,f6,5e,1c,73,69,85,69,81,9f,03
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2012-06-20 19:51:22
ComboFix-quarantined-files.txt 2012-06-20 17:51

.
Pre-Run: Volných bajtu: 195 012 157 440
Post-Run: Volných bajtu: 194 936 995 840
.
- - End Of File - - 7C320A5E1F2FD64F0CBA1F74E78E2331

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

[janecek76]

ComboFix


ComboFix 12-06-20.02 - Jan 21.06.2012 0:26.8.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.5102.3649 [GMT 2:00]
Running from: c:\users\Jan\Desktop\ComboFix.exe
Command switches used :: c:\users\Jan\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-05-20 to 2012-06-20 )))))))))))))))))))))))))))))))
.
.
2012-06-20 22:32 . 2012-06-20 22:32 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-06-20 22:32 . 2012-06-20 22:32 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-06-20 22:32 . 2012-06-20 22:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-20 22:32 . 2012-06-20 22:32 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-06-20 17:51 . 2012-06-20 17:51 -------- d-----w- c:\users\Wohin
2012-06-20 17:32 . 2012-06-20 17:32 -------- d-----w- c:\users\Jan\AppData\Local\Adobe
2012-06-20 14:57 . 2012-06-20 14:57 -------- d-----w- c:\windows\system32\Macromed
2012-06-20 13:32 . 2012-06-20 13:32 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-06-20 13:32 . 2012-06-20 13:32 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-06-20 13:32 . 2012-06-20 13:32 -------- d-----w- c:\users\Jan\AppData\Roaming\PunkBuster
2012-06-20 12:06 . 2012-06-20 12:06 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-06-20 08:32 . 2012-06-20 08:32 -------- d-----w- c:\users\Jan\AppData\Local\Aspyr
2012-06-20 08:21 . 2012-06-20 11:55 -------- d-----w- c:\program files (x86)\Aspyr
2012-06-17 22:00 . 2012-06-17 22:00 -------- d-----w- c:\users\Jan\AppData\Roaming\Ubisoft
2012-06-17 21:49 . 2012-06-20 13:24 -------- d-----w- c:\program files (x86)\Ubisoft
2012-06-16 12:40 . 2012-06-16 12:40 -------- d--h--w- c:\program files (x86)\DeviceVM
2012-06-16 12:38 . 2010-01-14 12:27 48416 ----a-r- c:\windows\system32\drivers\RtTeam60.sys
2012-06-16 12:38 . 2010-01-14 12:27 29472 ----a-r- c:\windows\system32\drivers\RtVlan60.sys
2012-06-16 12:38 . 2010-01-14 12:27 32544 ----a-r- c:\windows\system32\drivers\RtNdPt60.sys
2012-06-14 14:34 . 2012-06-14 14:34 -------- d-----w- c:\users\Jan\AppData\Roaming\Flock
2012-06-14 14:34 . 2012-06-14 14:34 -------- d-----w- c:\users\Jan\AppData\Local\Flock
2012-06-14 14:33 . 2012-06-14 14:38 -------- d-----w- c:\program files (x86)\Flock
2012-06-14 14:10 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5EDF8007-5BBA-4BB1-A1CC-B6CE08EE0935}\mpengine.dll
2012-06-09 23:21 . 2012-01-19 06:23 339320 ----a-w- c:\windows\SysWow64\HMIPCore.dll
2012-06-09 23:21 . 2012-06-09 23:21 -------- d-----w- c:\program files (x86)\Hide My IP
2012-06-08 15:58 . 2012-06-09 13:05 -------- d-----w- c:\users\Jan\AppData\Roaming\.minecraft
2012-06-05 18:10 . 2012-06-05 18:15 -------- d-----w- c:\programdata\HP Photo Creations
2012-06-05 18:10 . 2012-06-05 18:10 -------- d-----w- c:\program files (x86)\HP Photo Creations
2012-06-05 18:09 . 2012-06-05 18:09 -------- d-----w- c:\program files\HP
2012-06-04 16:59 . 2012-06-04 16:59 -------- d-----w- c:\users\Jan\AppData\Roaming\ML
2012-06-04 16:52 . 2012-06-04 16:52 -------- d-----w- c:\users\Jan\AppData\Local\LG Electronics
2012-06-04 16:47 . 2012-06-04 16:54 2984 ----a-w- C:\user.js
2012-06-02 13:41 . 2012-06-02 13:41 -------- d-----w- c:\users\Jan\AppData\Roaming\LolClient2
2012-05-29 16:26 . 2012-06-20 14:57 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-29 16:26 . 2012-06-20 14:57 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-28 17:55 . 2012-06-03 09:52 -------- d-----w- c:\users\Jan\AppData\Roaming\ICQ
2012-05-28 17:55 . 2012-05-28 17:55 -------- d-----w- c:\program files (x86)\ICQ7M
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-23 15:12 . 2012-02-02 20:08 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-04-23 15:12 . 2012-02-02 20:08 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-04-23 15:12 . 2012-02-02 20:08 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-04-23 15:12 . 2012-02-02 20:08 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-04-21 09:50 . 2012-04-21 09:50 1119680 ----a-w- c:\windows\PE_Rom.dll
2012-04-04 16:47 . 2012-05-09 20:12 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-04-04 16:47 . 2012-05-09 20:12 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-04 13:56 . 2012-03-26 18:51 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-31 10:43 . 2012-03-25 20:30 2829 ----a-w- c:\windows\War3Unin.pif
2012-03-31 10:43 . 2012-03-25 20:30 139264 ----a-w- c:\windows\War3Unin.exe
.
.
((((((((((((((((((((((((((((( SnapShot_2012-06-20_17.49.45 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-06-20 17:40 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-06-20 22:22 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-06-20 17:40 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-20 22:22 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-20 22:22 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-20 17:40 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-01-29 17:26 . 2012-06-20 22:23 41048 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2012-06-20 17:40 40216 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-06-20 22:23 40216 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2012-01-29 17:17 . 2012-06-20 17:40 12596 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2163336548-1697645886-630390420-1000_UserData.bin
+ 2012-01-29 17:17 . 2012-06-20 22:23 12596 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2163336548-1697645886-630390420-1000_UserData.bin
+ 2012-01-29 00:02 . 2012-06-20 22:20 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-01-29 00:02 . 2012-06-20 17:38 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-04-11 19:17 . 2012-06-20 22:20 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2012-04-11 19:17 . 2012-06-20 17:38 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-20 17:38 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-20 22:20 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-01-29 00:09 . 2012-06-20 17:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-01-29 00:09 . 2012-06-20 22:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-01-29 00:09 . 2012-06-20 22:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-01-29 00:09 . 2012-06-20 17:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-06-20 17:38 . 2012-06-20 17:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-20 22:20 . 2012-06-20 22:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-20 22:20 . 2012-06-20 22:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-06-20 17:38 . 2012-06-20 17:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2012-06-20 15:04 669026 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-06-20 19:28 669026 c:\windows\system32\perfh009.dat
+ 2012-01-29 19:16 . 2012-06-20 19:28 675100 c:\windows\system32\perfh005.dat
- 2012-01-29 19:16 . 2012-06-20 15:04 675100 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2012-06-20 19:28 125226 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-06-20 15:04 125226 c:\windows\system32\perfc009.dat
+ 2012-01-29 19:16 . 2012-06-20 19:28 145054 c:\windows\system32\perfc005.dat
- 2012-01-29 19:16 . 2012-06-20 15:04 145054 c:\windows\system32\perfc005.dat
- 2009-07-14 05:01 . 2012-06-20 17:36 468724 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-06-20 18:03 468724 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-23 22:39 . 2012-06-20 18:03 864320 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2163336548-1697645886-630390420-1000-8192.dat
- 2012-03-23 22:39 . 2012-06-20 17:30 864320 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2163336548-1697645886-630390420-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-05-20 880496]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-03-23 1242448]
"4gameTray"="c:\program files (x86)\4game\4game\4GameTray.exe" [2012-03-05 813408]
"ICQ"="c:\program files (x86)\ICQ7M\ICQ.exe" [2012-05-28 127040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2010-03-05 411864]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-20 257224]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-03 918144]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2010-12-02 915584]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-03-05 235752]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 HideMyIpSRV;HideMyIpSRV;c:\program files (x86)\Hide My IP\HideMyIpSrv.exe [2012-01-19 3337216]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [x]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [x]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S4 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-29 14:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-01-05 17:19 132584 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
LSP: c:\windows\system32\HMIPCore.dll
TCP: DhcpNameServer = 10.0.0.138
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{F999A48B-1950-4D81-9971-79018F807B4B} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2163336548-1697645886-630390420-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:75,9d,d7,bb,46,4a,18,26,15,50,7f,d1,c7,e4,66,6d,30,3d,1b,26,ec,c4,b7,
da,a4,4c,a9,18,6f,71,17,c8,45,99,ae,7d,3d,14,6a,64,f1,49,db,0c,7c,c1,80,b9,\
"??"=hex:88,10,f0,d5,c4,8c,29,68,9a,a6,4c,ea,8e,9c,31,2a
.
[HKEY_USERS\S-1-5-21-2163336548-1697645886-630390420-1000\Software\SecuROM\License information*]
"datasecu"=hex:ea,ba,7c,5b,7e,f7,f7,60,97,71,e1,78,67,3f,4f,ed,23,a8,fd,51,9b,
d0,4d,97,20,fa,b5,93,0b,e9,6a,74,f1,97,00,e4,eb,3c,cb,40,c6,e9,6b,07,bc,88,\
"rkeysecu"=hex:3d,e0,31,7f,03,a0,f6,5e,1c,73,69,85,69,81,9f,03
.
Completion time: 2012-06-21 00:34:12
ComboFix-quarantined-files.txt 2012-06-20 22:34
ComboFix2.txt 2012-06-20 17:51
.
Pre-Run: Volných bajtu: 194 933 858 304
Post-Run: Volných bajtu: 194 858 778 624
.
- - End Of File - - DB0F7ADBD578174CB58ACC998EFC45D4


HJT

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:36:13, on 21.6.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Users\Jan\Downloads\hijackthis.exe
C:\Users\Jan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Jan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [4gameTray] C:\Program Files (x86)\4game\4game\4GameTray.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: 4game - Innova Systems LLC - C:\Program Files (x86)\4game\4game\4GameService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\Windows\ATKKBService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Folding@home-CPU-[1] - Unknown owner - C:\Folding@HomeCPU\1\Fah.exe
O23 - Service: Folding@home-CPU-[2] - Unknown owner - C:\Folding@HomeCPU\2\Fah.exe
O23 - Service: HideMyIpSRV - Hide My IP - C:\Program Files (x86)\Hide My IP\HideMyIpSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9916 bytes

aswMBR


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-21 00:38:13
-----------------------------
00:38:13.178 OS Version: Windows x64 6.1.7601 Service Pack 1
00:38:13.178 Number of processors: 2 586 0x2A07
00:38:13.178 ComputerName: JAN PC UserName: Jan
00:38:17.032 Initialize success
00:38:17.078 AVAST engine defs: 11010501
00:38:19.169 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3
00:38:19.169 Disk 0 Vendor: ST3500413AS JC4B Size: 476940MB BusType: 3
00:38:19.184 Disk 0 MBR read successfully
00:38:19.184 Disk 0 MBR scan
00:38:19.184 Disk 0 Windows 7 default MBR code
00:38:19.200 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
00:38:19.200 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
00:38:19.200 Disk 0 scanning C:\Windows\system32\drivers
00:38:29.246 Service scanning
00:38:42.038 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
00:38:46.750 Modules scanning
00:38:46.750 Disk 0 trace - called modules:
00:38:46.781 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8004fb12c0]<<spse.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
00:38:47.280 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80052b4140]
00:38:47.280 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> [0xfffffa80050d5810]
00:38:47.280 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0xfffffa8005140060]
00:38:47.296 \Driver\atapi[0xfffffa80050d3060] -> IRP_MJ_CREATE -> 0xfffffa8004fb12c0
00:38:47.998 AVAST engine scan C:\Windows
00:38:50.400 AVAST engine scan C:\Windows\system32
00:40:58.726 AVAST engine scan C:\Windows\system32\drivers
00:41:11.767 AVAST engine scan C:\Users\Jan
00:44:47.625 AVAST engine scan C:\ProgramData
00:45:56.234 Scan finished successfully
00:46:03.550 Disk 0 MBR has been saved successfully to "C:\Users\Jan\Desktop\MBR.dat"
00:46:03.550 The log file has been saved successfully to "C:\Users\Jan\Desktop\aswMBR.txt"

[janecek76]

CrystalDiskInfo


----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate Edition SP1 [6.1 Build 7601] (x64)
Date : 2012/06/21 0:48:55

-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ ATA Channel 0 (0) [ATA]
- HL-DT-ST DVDRAM GH22NS70 ATA Device
+ ATA Channel 1 (1) [ATA]
- ST3500413AS ATA Device
+ Intel(R) 6 Series/C200 Series Chipset Family 4 port Serial ATA Storage Controller - 1C00 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Intel(R) 6 Series/C200 Series Chipset Family 2 port Serial ATA Storage Controller - 1C08 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ A5U90LUK IDE Controller [SCSI]
- YXQDIJE M7GXMF09UV SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) ST3500413AS : 500,1 GB [0/3/0, pd1] - st

----------------------------------------------------------------------------
(1) ST3500413AS
----------------------------------------------------------------------------
Model : ST3500413AS
Firmware : JC4B
Serial Number : Z2A7N2R2
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/600
Power On Hours : 3017 hod.
Power On Count : 1141 krát
Host Reads : 189 GB
Host Writes : 600 GB
Temparature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : D0D0h [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 117 _99 __6 0000076CF4D3 Počet chyb čtení
03 100 100 __0 000000000000 Čas na roztočení ploten
04 _99 _99 _20 000000000478 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _78 _60 _30 0000039C820A Počet chybných hledání
09 _97 _97 __0 000000000BC9 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 _20 000000000475 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _98 __0 000000000140 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _64 _53 _45 000024170024 Teplota toku vzduchu
C2 _36 _47 __0 000E00000024 Teplota
C3 _52 _34 __0 0000076CF4D3 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 58E500001686 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 00004B1FF876 Total LBAs Written
F2 100 253 __0 000017B66D88 Total LBAs Read

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 5A32 5A32 4137 4E32 5232
020: 0000 8000 0004 4A43 3442 2020 2020 5354 3335 3030
030: 3431 3341 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 850E 850E 0004 0048 0040
080: 01F0 0029 346B 7F01 4163 BE01 BE01 4163 207F 0027
090: 0027 0000 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5000 C500
110: 3581 E091 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 004F 004F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3F00 9800
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103F 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1020 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 25A5

[jaro3]

Vyšší teplota disku , víc chladit!

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Stáhni si Memtest:

Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.