Prosím o kontrolu logu

[Gottwy]

Potřeboval bych zkontrolovat log.Skoro určitě mám vir, projevuje se to tak, že nejde spustit správce úloh, ani registry a taky nefungují háčky a čárky na klávesnici (vedle backspace).Předem děkuji za pomoc.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Gottwy at 2012-07-26 11:16:43
Microsoft Windows 7 Home Premium
System drive C: has 56 GB (24%) free of 238 GB
Total RAM: 2047 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:17:26, on 26.7.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Steam\Steam.exe
C:\Program Files (x86)\Sound Volume Hotkeys\SoundVolumeHotkeys.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Gottwy\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Xfire\Xfire.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
C:\Fraps\fraps.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe
I:\Adaware_Installer.exe
C:\Users\Gottwy\AppData\Local\Temp\ebe9675d-4dcb-42c7-b1bb-30e05c901b29.exe
C:\Windows\SysWOW64\MSIEXEC.EXE
C:\Windows\syswow64\MsiExec.exe
C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Gottwy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SoundVolumeHotkeys.{9547D1C7-4F18-4104-8674-046DCD12BDF9}] C:\Program Files (x86)\Sound Volume Hotkeys\SoundVolumeHotkeys.exe -a
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Gottwy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [updater] C:\Users\Gottwy\AppData\Local\Temp\updater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-813073150-566962921-3886102698-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-813073150-566962921-3886102698-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Dropbox.lnk = Gottwy\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: DokanMounter - Unknown owner - C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10255 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9bcc5fda-449c-4779-82bf-deb4c903506b -SystemEventPortName:HostProcess-49885efc-ea15-4618-b689-3d9a81d1869e -IoCancelEventPortName:HostProcess-217c2c12-92be-498d-afd8-ed9cf22db45c -NonStateChangingEventPortName:HostProcess-1a486928-1784-4fea-84fb-5ef4eef2d3f1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:19ee6839-c390-48d9-9fe4-cb88955c2c42
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 2344
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Steam\Steam.exe" -silent
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Sound Volume Hotkeys\SoundVolumeHotkeys.exe" -a
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Users\Gottwy\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Xfire\Xfire.exe"
"C:\Program Files (x86)\Xfire\xfire64.exe" xfire64.exe /pid 3636
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Xfire\xfire64.exe" xfire64.exe /pid 3636
"C:\Fraps\fraps.exe"
"C:\Fraps\fraps64.dat"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="2784.0.210699073\1407205637" /prefetch:3
"C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --extension-process --renderer-print-preview --channel="2784.1.1924197570\1058712257" /prefetch:3
"C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --extension-process --renderer-print-preview --channel="2784.2.1479836830\135110475" /prefetch:3
"C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --extension-process --renderer-print-preview --channel="2784.3.471082601\251899037" /prefetch:3
"C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2784.4.106188668\395951820" --ignored=" --type=renderer " /prefetch:12
"C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="2784.5.194212007\729076633" /prefetch:3
"C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="2784.13.470085089\2070776565" /prefetch:3
"C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="2784.16.584482548\1881670754" /prefetch:3
"C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="2784.17.1607326793\494062545" /prefetch:3
"C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="2784.22.1386570760\1825053703" /prefetch:3
"C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="2784.23.1986296117\337788803" /prefetch:3
"I:\Adaware_Installer.exe"
"C:\Users\Gottwy\AppData\Local\Temp\ebe9675d-4dcb-42c7-b1bb-30e05c901b29.exe" /S /v"/qn CREATEDESCTOPSHORTCUT=true INSTALLDIR=\"C:\Program Files (x86)\Ad-Aware Antivirus\" REBOOT=ReallySuppress SHOW_LAVAGUARD_TOOLBAR=1"
MSIEXEC.EXE /i "C:\Users\Gottwy\AppData\Local\Downloaded Installations\{51BF914E-B76F-4EE2-92E8-46C41F52718A}\Ad-Aware Antivirus.msi" /qn CREATEDESCTOPSHORTCUT=true INSTALLDIR="C:\Program Files (x86)\Ad-Aware Antivirus" REBOOT=ReallySuppress SHOW_LAVAGUARD_TOOLBAR=1 SETUPEXEDIR="C:\Users\Gottwy\AppData\Local\Temp" SETUPEXENAME="ebe9675d-4dcb-42c7-b1bb-30e05c901b29.exe"
C:\Windows\system32\msiexec.exe /V
C:\Windows\syswow64\MsiExec.exe -Embedding 03D0710E46E179BA29DEA051DCC78552
"C:\Users\Gottwy\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="2784.27.315779976\785529053" /prefetch:3
C:\Windows\syswow64\MsiExec.exe -Embedding 5EA520AA74B2BBDFF5B6DB572999A743 M Global\MSI0000
C:\Users\Gottwy\AppData\Local\Temp\{EA15D9E3-DCA5-4F64-BDFE-EEB40615D73F}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{192700EE-2FA0-45F6-8CDC-FADA79E8B037}
"I:\RSITx64.exe"
"C:\Program Files (x86)\Ad-Aware Antivirus\SBSetupDrivers.exe" /update "C:\Program Files (x86)\Ad-Aware Antivirus\" /hips /ap
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-813073150-566962921-3886102698-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-813073150-566962921-3886102698-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-813073150-566962921-3886102698-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-813073150-566962921-3886102698-1003UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-813073150-566962921-3886102698-1004Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-813073150-566962921-3886102698-1004UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-07-03 1387952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll [2012-01-10 79240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05 453544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05 157616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-07-03 1387952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-03-27 12459112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Gottwy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-03 116648]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-03 17417392]
"Steam"=C:\Steam\steam.exe [2012-04-05 1242448]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"updater"=C:\Users\Gottwy\AppData\Local\Temp\updater.exe [2012-07-25 4734464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2012-03-28 404568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-06-27 1996200]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SoundVolumeHotkeys.{9547D1C7-4F18-4104-8674-046DCD12BDF9}"=C:\Program Files (x86)\Sound Volume Hotkeys\SoundVolumeHotkeys.exe [2010-09-19 126976]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-07-03 4273976]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]

C:\Users\Gottwy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Gottwy\AppData\Roaming\Dropbox\bin\Dropbox.exe
Xfire.lnk - C:\Program Files (x86)\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"VIDC.XFR1"=xfcodec64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-07-26 11:17:06 ----D---- C:\Program Files\trend micro
2012-07-26 11:16:43 ----D---- C:\rsit
2012-07-26 11:16:43 ----A---- C:\Users\Gottwy\AppData\Roaming\adaware-installer-reboot-required.tmp
2012-07-26 11:16:25 ----A---- C:\Windows\system32\drivers\sbhips.sys
2012-07-26 11:16:21 ----A---- C:\Windows\system32\sbbd.exe
2012-07-26 11:16:21 ----A---- C:\Windows\system32\drivers\sbredrv.sys
2012-07-26 11:16:12 ----D---- C:\ProgramData\Lavasoft
2012-07-26 11:16:03 ----D---- C:\Program Files (x86)\Ad-Aware Antivirus
2012-07-26 11:13:53 ----D---- C:\Users\Gottwy\AppData\Roaming\Ad-Aware Antivirus
2012-07-25 15:07:42 ----D---- C:\Users\Gottwy\AppData\Roaming\dclogs
2012-07-24 14:45:34 ----D---- C:\Program Files (x86)\Microsoft Chart Controls
2012-07-24 14:41:11 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-07-24 14:40:53 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-07-24 09:19:25 ----D---- C:\Program Files (x86)\Dokan
2012-07-21 09:11:40 ----A---- C:\Windows\system32\frapsv64.dll
2012-07-21 09:11:38 ----A---- C:\Windows\SYSWOW64\frapsvid.dll
2012-07-18 14:45:35 ----D---- C:\Users\Gottwy\AppData\Roaming\AtomZombieData
2012-07-18 10:55:41 ----D---- C:\Users\Gottwy\AppData\Roaming\Bioshock
2012-07-17 13:52:51 ----SHD---- C:\ProgramData\SecuROM
2012-07-17 13:48:35 ----RHD---- C:\Users\Gottwy\AppData\Roaming\SecuROM
2012-07-17 13:48:34 ----A---- C:\Windows\SYSWOW64\CmdLineExt_x64.dll
2012-07-17 12:35:02 ----D---- C:\Users\Gottwy\AppData\Roaming\AtomZombieDemoData
2012-07-17 08:30:31 ----D---- C:\Program Files (x86)\Oracle
2012-07-17 08:29:09 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-07-17 08:27:13 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-07-17 08:27:13 ----A---- C:\Windows\SYSWOW64\java.exe
2012-07-10 10:26:11 ----D---- C:\Program Files (x86)\Origin Games
2012-07-10 10:26:06 ----D---- C:\ProgramData\Origin
2012-07-10 10:23:38 ----D---- C:\Users\Gottwy\AppData\Roaming\Origin
2012-07-10 10:23:36 ----D---- C:\ProgramData\Electronic Arts
2012-07-10 10:22:57 ----D---- C:\Program Files (x86)\Origin
2012-07-03 10:32:17 ----D---- C:\Users\Gottwy\AppData\Roaming\Vessel
2012-07-03 10:23:01 ----A---- C:\Windows\tmp2Level.ini
2012-07-03 10:23:01 ----A---- C:\Windows\level.ini
2012-06-30 08:48:42 ----AH---- C:\Windows\system32\hamachi.sys
2012-06-30 08:48:39 ----D---- C:\Program Files (x86)\LogMeIn Hamachi

======List of files/folders modified in the last 1 month======

2012-07-26 11:17:06 ----RD---- C:\Program Files
2012-07-26 11:16:59 ----D---- C:\Windows\Temp
2012-07-26 11:16:33 ----D---- C:\Windows\system32\drivers
2012-07-26 11:16:22 ----SHD---- C:\Windows\Installer
2012-07-26 11:16:21 ----D---- C:\Windows\System32
2012-07-26 11:16:12 ----HD---- C:\ProgramData
2012-07-26 11:16:03 ----SHD---- C:\Config.Msi
2012-07-26 11:16:03 ----RD---- C:\Program Files (x86)
2012-07-26 10:58:03 ----D---- C:\Steam
2012-07-26 10:50:53 ----D---- C:\Users\Gottwy\AppData\Roaming\Skype
2012-07-26 09:28:33 ----D---- C:\Users\Gottwy\AppData\Roaming\Xfire
2012-07-26 08:59:25 ----D---- C:\Windows\system32\config
2012-07-26 08:53:01 ----D---- C:\Fraps
2012-07-26 08:53:00 ----D---- C:\Windows\system32\Tasks
2012-07-26 08:52:17 ----D---- C:\Users\Gottwy\AppData\Roaming\Dropbox
2012-07-26 08:52:07 ----RD---- C:\Dropbox
2012-07-26 08:48:25 ----D---- C:\ProgramData\NVIDIA
2012-07-25 14:03:50 ----D---- C:\Videos
2012-07-25 09:26:19 ----D---- C:\Users\Gottwy\AppData\Roaming\.techniclauncher
2012-07-25 09:16:02 ----D---- C:\ProgramData\Xfire
2012-07-25 09:13:27 ----D---- C:\Windows\system32\DriverStore
2012-07-24 15:25:28 ----D---- C:\Windows\Minidump
2012-07-24 15:25:28 ----D---- C:\Windows
2012-07-24 14:48:01 ----D---- C:\Windows\SysWOW64
2012-07-24 14:45:40 ----RSD---- C:\Windows\assembly
2012-07-24 14:43:50 ----SHD---- C:\System Volume Information
2012-07-24 14:42:03 ----D---- C:\Windows\winsxs
2012-07-24 14:40:47 ----D---- C:\Windows\system32\LogFiles
2012-07-24 13:53:03 ----D---- C:\Games
2012-07-24 10:44:40 ----D---- C:\Windows\SYSWOW64\directx
2012-07-23 09:18:37 ----D---- C:\Users\Gottwy\AppData\Roaming\vlc
2012-07-23 09:09:40 ----D---- C:\Windows\Prefetch
2012-07-23 09:05:36 ----D---- C:\Windows\Logs
2012-07-22 08:56:18 ----D---- C:\Windows\inf
2012-07-22 08:13:57 ----D---- C:\Users\Gottwy\AppData\Roaming\DAEMON Tools Lite
2012-07-21 19:15:17 ----D---- C:\Program Files (x86)\JDownloader
2012-07-17 14:28:17 ----D---- C:\Users\Gottwy\AppData\Roaming\NVIDIA
2012-07-17 13:46:00 ----D---- C:\Windows\system32\catroot2
2012-07-17 08:27:03 ----D---- C:\Program Files (x86)\Java
2012-07-12 14:43:56 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-07-11 09:32:22 ----D---- C:\Program Files\CCleaner
2012-07-11 09:24:39 ----A---- C:\Windows\SYSWOW64\lgAxconfig.ini
2012-07-10 10:23:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-07-09 20:42:09 ----D---- C:\ProgramData\Skype
2012-07-09 20:41:49 ----RD---- C:\Program Files (x86)\Skype
2012-07-09 15:32:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-05 22:06:30 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2012-07-05 22:06:20 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-07-04 12:05:09 ----D---- C:\LGP500
2012-07-04 12:04:06 ----D---- C:\ProgramData\LGMOBILEAX
2012-07-03 18:21:28 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-07-03 18:21:18 ----A---- C:\Windows\system32\aswBoot.exe
2012-07-03 15:31:55 ----D---- C:\Users\Gottwy\AppData\Roaming\Audacity
2012-07-03 14:50:14 ----D---- C:\ProgramData\Adobe
2012-07-03 14:47:58 ----D---- C:\Program Files (x86)\Adobe
2012-07-02 08:10:08 ----D---- C:\Users\Gottwy\AppData\Roaming\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-03-07 28504]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-07-03 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-07-03 958400]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-07-03 355856]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-07-03 59728]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-29 283200]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-07-03 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
R2 Dokan;Dokan; \??\C:\Windows\system32\drivers\dokan.sys [2011-01-10 120408]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x64.sys [2009-06-25 58368]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-03-27 4015592]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
S2 sbapifs;sbapifs; C:\Windows\system32\DRIVERS\sbapifs.sys [2011-11-29 74872]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\lgandadb.sys [2010-08-02 31744]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 sbhips;sbhips; C:\Windows\system32\drivers\sbhips.sys [2011-12-19 60536]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-07-03 44808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DokanMounter;DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-29 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-07-24 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-06-19 529232]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-03 1255736]
S4 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe []

-----------------EOF-----------------

[Gottwy]

Tak jsem vše udělal, správce úloh už mi jde, registry také, čárky také, akorát jsem neukončil ty procesy ,z důvody že tam nebyly.A mám si teda všude změnit hesla?Úplně všude?

[Gottwy]

Takže při kontrole disku mi to vypsalo chybu čtení KBR(Kernel Mode), jinak nic.
A tady je ten log:

13:59:35.0501 3372 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:59:35.0934 3372 ============================================================
13:59:35.0934 3372 \Device\Harddisk0\DR0:
13:59:35.0946 3372 MBR partitions:
13:59:35.0946 3372 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:59:35.0946 3372 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
13:59:35.0946 3372 \Device\Harddisk1\DR1:
13:59:35.0947 3372 MBR partitions:
13:59:35.0947 3372 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x40, BlocksNum 0x1D1C4541
13:59:35.0947 3372 ============================================================
13:59:36.0045 3372 C: <-> \Device\Harddisk0\DR0\Partition1
13:59:36.0088 3372 I: <-> \Device\Harddisk1\DR1\Partition0
13:59:36.0088 3372 ============================================================
13:59:36.0088 3372 Initialize success
13:59:36.0088 3372 ============================================================
13:59:49.0735 3228 ============================================================
13:59:49.0735 3228 Scan started
13:59:49.0735 3228 Mode: Manual; SigCheck; TDLFS;
13:59:49.0735 3228 ============================================================
13:59:50.0342 3228 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
13:59:50.0551 3228 1394ohci - ok
13:59:50.0567 3228 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
13:59:50.0582 3228 ACPI - ok
13:59:50.0600 3228 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
13:59:50.0685 3228 AcpiPmi - ok
13:59:50.0844 3228 Ad-Aware Service (af9658974154c3b6a333d86dc2e0aac8) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
13:59:50.0882 3228 Ad-Aware Service - ok
13:59:51.0010 3228 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:59:51.0019 3228 AdobeARMservice - ok
13:59:51.0161 3228 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:59:51.0176 3228 AdobeFlashPlayerUpdateSvc - ok
13:59:51.0410 3228 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:59:51.0426 3228 adp94xx - ok
13:59:51.0473 3228 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:59:51.0488 3228 adpahci - ok
13:59:51.0488 3228 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:59:51.0504 3228 adpu320 - ok
13:59:51.0535 3228 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:59:51.0660 3228 AeLookupSvc - ok
13:59:51.0707 3228 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
13:59:51.0785 3228 AFD - ok
13:59:51.0832 3228 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
13:59:51.0832 3228 agp440 - ok
13:59:51.0863 3228 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:59:51.0925 3228 ALG - ok
13:59:51.0925 3228 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
13:59:51.0941 3228 aliide - ok
13:59:51.0941 3228 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
13:59:51.0956 3228 amdide - ok
13:59:51.0972 3228 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:59:52.0003 3228 AmdK8 - ok
13:59:52.0003 3228 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:59:52.0034 3228 AmdPPM - ok
13:59:52.0128 3228 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
13:59:52.0128 3228 amdsata - ok
13:59:52.0159 3228 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:59:52.0170 3228 amdsbs - ok
13:59:52.0181 3228 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
13:59:52.0191 3228 amdxata - ok
13:59:52.0230 3228 Andbus (48cd7e6520d47d62eab0e6ce3ec30c65) C:\Windows\system32\DRIVERS\lgandbus64.sys
13:59:52.0274 3228 Andbus - ok
13:59:52.0307 3228 AndDiag (08cbacc00d15dcdbbaae1a7c8f231c61) C:\Windows\system32\DRIVERS\lganddiag64.sys
13:59:52.0341 3228 AndDiag - ok
13:59:52.0374 3228 AndGps (cea9a4cd6b3a83428ce8501240833668) C:\Windows\system32\DRIVERS\lgandgps64.sys
13:59:52.0383 3228 AndGps - ok
13:59:52.0425 3228 ANDModem (e2b5663e547fa5e756b253efa8ec8286) C:\Windows\system32\DRIVERS\lgandmodem64.sys
13:59:52.0459 3228 ANDModem - ok
13:59:52.0529 3228 androidusb (9c1751b2e733471ae07561028b7d2a9b) C:\Windows\system32\Drivers\lgandadb.sys
13:59:52.0577 3228 androidusb - ok
13:59:52.0617 3228 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
13:59:52.0703 3228 AppID - ok
13:59:52.0728 3228 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:59:52.0782 3228 AppIDSvc - ok
13:59:52.0816 3228 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
13:59:52.0875 3228 Appinfo - ok
13:59:52.0922 3228 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
13:59:52.0988 3228 AppMgmt - ok
13:59:53.0018 3228 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:59:53.0029 3228 arc - ok
13:59:53.0034 3228 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:59:53.0044 3228 arcsas - ok
13:59:53.0083 3228 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
13:59:53.0151 3228 aswFsBlk - ok
13:59:53.0214 3228 aswKbd (316271cc32fdfffcdb30677684906d5e) C:\Windows\system32\drivers\aswKbd.sys
13:59:53.0214 3228 aswKbd - ok
13:59:53.0245 3228 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
13:59:53.0260 3228 aswMonFlt - ok
13:59:53.0292 3228 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
13:59:53.0307 3228 aswRdr - ok
13:59:53.0370 3228 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
13:59:53.0401 3228 aswSnx - ok
13:59:53.0448 3228 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
13:59:53.0463 3228 aswSP - ok
13:59:53.0494 3228 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
13:59:53.0510 3228 aswTdi - ok
13:59:53.0526 3228 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:59:53.0588 3228 AsyncMac - ok
13:59:53.0604 3228 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
13:59:53.0619 3228 atapi - ok
13:59:53.0650 3228 AtcL001 (e32f41de9c204f020da5141a03e81601) C:\Windows\system32\DRIVERS\l160x64.sys
13:59:53.0682 3228 AtcL001 - ok
13:59:53.0760 3228 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
13:59:53.0822 3228 AudioEndpointBuilder - ok
13:59:53.0822 3228 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
13:59:53.0853 3228 AudioSrv - ok
13:59:53.0978 3228 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:59:53.0994 3228 avast! Antivirus - ok
13:59:54.0009 3228 avast! Firewall - ok
13:59:54.0040 3228 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
13:59:54.0134 3228 AxInstSV - ok
13:59:54.0181 3228 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:59:54.0243 3228 b06bdrv - ok
13:59:54.0274 3228 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:59:54.0306 3228 b57nd60a - ok
13:59:54.0352 3228 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:59:54.0462 3228 BDESVC - ok
13:59:54.0462 3228 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:59:54.0524 3228 Beep - ok
13:59:54.0586 3228 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
13:59:54.0633 3228 BFE - ok
13:59:54.0680 3228 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
13:59:54.0820 3228 BITS - ok
13:59:54.0898 3228 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:59:54.0930 3228 blbdrive - ok
13:59:54.0976 3228 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
13:59:55.0023 3228 bowser - ok
13:59:55.0054 3228 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:59:55.0086 3228 BrFiltLo - ok
13:59:55.0086 3228 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:59:55.0101 3228 BrFiltUp - ok
13:59:55.0132 3228 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
13:59:55.0179 3228 Browser - ok
13:59:55.0210 3228 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:59:55.0273 3228 Brserid - ok
13:59:55.0273 3228 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:59:55.0304 3228 BrSerWdm - ok
13:59:55.0320 3228 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:59:55.0351 3228 BrUsbMdm - ok
13:59:55.0351 3228 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:59:55.0366 3228 BrUsbSer - ok
13:59:55.0366 3228 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:59:55.0382 3228 BTHMODEM - ok
13:59:55.0444 3228 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:59:55.0491 3228 bthserv - ok
13:59:55.0507 3228 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:59:55.0569 3228 cdfs - ok
13:59:55.0616 3228 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
13:59:55.0647 3228 cdrom - ok
13:59:55.0699 3228 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
13:59:55.0753 3228 CertPropSvc - ok
13:59:55.0774 3228 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:59:55.0807 3228 circlass - ok
13:59:55.0847 3228 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:59:55.0865 3228 CLFS - ok
13:59:55.0922 3228 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:59:55.0932 3228 clr_optimization_v2.0.50727_32 - ok
13:59:55.0967 3228 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:59:55.0978 3228 clr_optimization_v2.0.50727_64 - ok
13:59:56.0016 3228 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:59:56.0046 3228 CmBatt - ok
13:59:56.0068 3228 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
13:59:56.0078 3228 cmdide - ok
13:59:56.0118 3228 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
13:59:56.0148 3228 CNG - ok
13:59:56.0151 3228 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:59:56.0161 3228 Compbatt - ok
13:59:56.0180 3228 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
13:59:56.0211 3228 CompositeBus - ok
13:59:56.0230 3228 COMSysApp - ok
13:59:56.0243 3228 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:59:56.0253 3228 crcdisk - ok
13:59:56.0304 3228 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
13:59:56.0363 3228 CryptSvc - ok
13:59:56.0409 3228 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
13:59:56.0476 3228 CSC - ok
13:59:56.0515 3228 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
13:59:56.0569 3228 CscService - ok
13:59:56.0637 3228 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
13:59:56.0682 3228 DcomLaunch - ok
13:59:56.0713 3228 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:59:56.0776 3228 defragsvc - ok
13:59:56.0854 3228 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
13:59:56.0900 3228 DfsC - ok
13:59:56.0947 3228 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
13:59:57.0025 3228 Dhcp - ok
13:59:57.0041 3228 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:59:57.0088 3228 discache - ok
13:59:57.0134 3228 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:59:57.0150 3228 Disk - ok
13:59:57.0181 3228 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
13:59:57.0244 3228 Dnscache - ok
13:59:57.0322 3228 Dokan (fa122bc1451b1b35b7814fbe1acf1924) C:\Windows\system32\drivers\dokan.sys
13:59:57.0337 3228 Dokan - ok
13:59:57.0431 3228 DokanMounter (8c856e531a1170f53ac6844e89cd0b5f) C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
13:59:57.0446 3228 DokanMounter ( UnsignedFile.Multi.Generic ) - warning
13:59:57.0446 3228 DokanMounter - detected UnsignedFile.Multi.Generic (1)
13:59:57.0493 3228 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
13:59:57.0540 3228 dot3svc - ok
13:59:57.0571 3228 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
13:59:57.0634 3228 DPS - ok
13:59:57.0680 3228 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:59:57.0712 3228 drmkaud - ok
13:59:57.0774 3228 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:59:57.0799 3228 dtsoftbus01 - ok
13:59:57.0871 3228 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
13:59:57.0910 3228 DXGKrnl - ok
13:59:57.0948 3228 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:59:57.0996 3228 EapHost - ok
13:59:58.0157 3228 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:59:58.0266 3228 ebdrv - ok
13:59:58.0349 3228 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
13:59:58.0409 3228 EFS - ok
13:59:58.0487 3228 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
13:59:58.0558 3228 ehRecvr - ok
13:59:58.0585 3228 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:59:58.0642 3228 ehSched - ok
13:59:58.0708 3228 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:59:58.0725 3228 elxstor - ok
13:59:58.0740 3228 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
13:59:58.0780 3228 ErrDev - ok
13:59:58.0827 3228 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:59:58.0905 3228 EventSystem - ok
13:59:58.0936 3228 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:59:58.0983 3228 exfat - ok
13:59:59.0014 3228 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:59:59.0046 3228 fastfat - ok
13:59:59.0108 3228 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
13:59:59.0186 3228 Fax - ok
13:59:59.0202 3228 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:59:59.0233 3228 fdc - ok
13:59:59.0264 3228 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:59:59.0295 3228 fdPHost - ok
13:59:59.0311 3228 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:59:59.0358 3228 FDResPub - ok
13:59:59.0373 3228 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:59:59.0389 3228 FileInfo - ok
13:59:59.0404 3228 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:59:59.0436 3228 Filetrace - ok
13:59:59.0436 3228 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:59:59.0467 3228 flpydisk - ok
13:59:59.0498 3228 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
13:59:59.0514 3228 FltMgr - ok
13:59:59.0576 3228 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
13:59:59.0654 3228 FontCache - ok
13:59:59.0701 3228 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:59:59.0701 3228 FontCache3.0.0.0 - ok
13:59:59.0748 3228 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:59:59.0763 3228 FsDepends - ok
13:59:59.0810 3228 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
13:59:59.0826 3228 Fs_Rec - ok
13:59:59.0888 3228 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:59:59.0904 3228 fvevol - ok
13:59:59.0919 3228 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:59:59.0935 3228 gagp30kx - ok
13:59:59.0997 3228 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
14:00:00.0060 3228 gpsvc - ok
14:00:00.0091 3228 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
14:00:00.0106 3228 hamachi - ok
14:00:00.0294 3228 Hamachi2Svc (21d24138b736983f6e23823e092e9428) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
14:00:00.0356 3228 Hamachi2Svc - ok
14:00:00.0465 3228 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:00:00.0512 3228 hcw85cir - ok
14:00:00.0559 3228 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
14:00:00.0621 3228 HdAudAddService - ok
14:00:00.0637 3228 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:00:00.0684 3228 HDAudBus - ok
14:00:00.0684 3228 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:00:00.0699 3228 HidBatt - ok
14:00:00.0730 3228 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:00:00.0762 3228 HidBth - ok
14:00:00.0762 3228 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:00:00.0777 3228 HidIr - ok
14:00:00.0824 3228 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
14:00:00.0871 3228 hidserv - ok
14:00:00.0886 3228 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
14:00:00.0933 3228 HidUsb - ok
14:00:00.0949 3228 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
14:00:01.0011 3228 hkmsvc - ok
14:00:01.0167 3228 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
14:00:01.0198 3228 HomeGroupListener - ok
14:00:01.0230 3228 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
14:00:01.0276 3228 HomeGroupProvider - ok
14:00:01.0330 3228 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
14:00:01.0341 3228 HpSAMD - ok
14:00:01.0402 3228 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
14:00:01.0459 3228 HTTP - ok
14:00:01.0480 3228 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
14:00:01.0491 3228 hwpolicy - ok
14:00:01.0510 3228 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
14:00:01.0522 3228 i8042prt - ok
14:00:01.0586 3228 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
14:00:01.0600 3228 iaStorV - ok
14:00:01.0699 3228 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:00:01.0731 3228 idsvc - ok
14:00:01.0755 3228 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:00:01.0765 3228 iirsp - ok
14:00:01.0823 3228 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
14:00:01.0891 3228 IKEEXT - ok
14:00:02.0097 3228 IntcAzAudAddService (5f6a3ea5bd7ca861863a3a06cecc115c) C:\Windows\system32\drivers\RTKVHD64.sys
14:00:02.0180 3228 IntcAzAudAddService - ok
14:00:02.0304 3228 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
14:00:02.0314 3228 intelide - ok
14:00:02.0338 3228 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:00:02.0367 3228 intelppm - ok
14:00:02.0413 3228 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:00:02.0460 3228 IPBusEnum - ok
14:00:02.0491 3228 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:00:02.0538 3228 IpFilterDriver - ok
14:00:02.0585 3228 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
14:00:02.0632 3228 iphlpsvc - ok
14:00:02.0647 3228 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:00:02.0663 3228 IPMIDRV - ok
14:00:02.0663 3228 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:00:02.0694 3228 IPNAT - ok
14:00:02.0725 3228 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:00:02.0741 3228 IRENUM - ok
14:00:02.0757 3228 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
14:00:02.0772 3228 isapnp - ok
14:00:02.0866 3228 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
14:00:02.0881 3228 iScsiPrt - ok
14:00:02.0913 3228 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:00:02.0928 3228 kbdclass - ok
14:00:02.0944 3228 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
14:00:02.0975 3228 kbdhid - ok
14:00:03.0006 3228 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:00:03.0022 3228 KeyIso - ok
14:00:03.0037 3228 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
14:00:03.0053 3228 KSecDD - ok
14:00:03.0069 3228 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
14:00:03.0084 3228 KSecPkg - ok
14:00:03.0100 3228 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:00:03.0147 3228 ksthunk - ok
14:00:03.0193 3228 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:00:03.0240 3228 KtmRm - ok
14:00:03.0303 3228 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
14:00:03.0349 3228 LanmanServer - ok
14:00:03.0396 3228 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
14:00:03.0463 3228 LanmanWorkstation - ok
14:00:03.0501 3228 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:00:03.0550 3228 lltdio - ok
14:00:03.0596 3228 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:00:03.0630 3228 lltdsvc - ok
14:00:03.0640 3228 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:00:03.0666 3228 lmhosts - ok
14:00:03.0695 3228 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:00:03.0706 3228 LSI_FC - ok
14:00:03.0712 3228 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:00:03.0723 3228 LSI_SAS - ok
14:00:03.0727 3228 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:00:03.0738 3228 LSI_SAS2 - ok
14:00:03.0745 3228 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:00:03.0756 3228 LSI_SCSI - ok
14:00:03.0771 3228 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:00:03.0818 3228 luafv - ok
14:00:03.0858 3228 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
14:00:03.0917 3228 Mcx2Svc - ok
14:00:03.0920 3228 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:00:03.0931 3228 megasas - ok
14:00:03.0952 3228 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:00:03.0966 3228 MegaSR - ok
14:00:03.0994 3228 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:00:04.0043 3228 MMCSS - ok
14:00:04.0107 3228 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:00:04.0149 3228 Modem - ok
14:00:04.0202 3228 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:00:04.0233 3228 monitor - ok
14:00:04.0283 3228 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:00:04.0294 3228 mouclass - ok
14:00:04.0310 3228 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:00:04.0344 3228 mouhid - ok
14:00:04.0350 3228 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
14:00:04.0361 3228 mountmgr - ok
14:00:04.0386 3228 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
14:00:04.0398 3228 mpio - ok
14:00:04.0403 3228 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:00:04.0431 3228 mpsdrv - ok
14:00:04.0483 3228 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
14:00:04.0561 3228 MpsSvc - ok
14:00:04.0577 3228 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
14:00:04.0624 3228 MRxDAV - ok
14:00:04.0702 3228 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:00:04.0749 3228 mrxsmb - ok
14:00:04.0780 3228 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:00:04.0795 3228 mrxsmb10 - ok
14:00:04.0811 3228 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:00:04.0858 3228 mrxsmb20 - ok
14:00:04.0889 3228 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
14:00:04.0905 3228 msahci - ok
14:00:04.0905 3228 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
14:00:04.0920 3228 msdsm - ok
14:00:04.0936 3228 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:00:04.0967 3228 MSDTC - ok
14:00:04.0983 3228 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:00:05.0014 3228 Msfs - ok
14:00:05.0029 3228 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:00:05.0045 3228 mshidkmdf - ok
14:00:05.0061 3228 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
14:00:05.0076 3228 msisadrv - ok
14:00:05.0107 3228 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:00:05.0170 3228 MSiSCSI - ok
14:00:05.0185 3228 msiserver - ok
14:00:05.0217 3228 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:00:05.0263 3228 MSKSSRV - ok
14:00:05.0263 3228 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:00:05.0326 3228 MSPCLOCK - ok
14:00:05.0326 3228 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:00:05.0357 3228 MSPQM - ok
14:00:05.0404 3228 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
14:00:05.0419 3228 MsRPC - ok
14:00:05.0419 3228 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
14:00:05.0435 3228 mssmbios - ok
14:00:05.0435 3228 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:00:05.0482 3228 MSTEE - ok
14:00:05.0497 3228 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:00:05.0513 3228 MTConfig - ok
14:00:05.0560 3228 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
14:00:05.0607 3228 MTsensor - ok
14:00:05.0622 3228 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:00:05.0638 3228 Mup - ok
14:00:05.0685 3228 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
14:00:05.0731 3228 napagent - ok
14:00:05.0778 3228 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:00:05.0825 3228 NativeWifiP - ok
14:00:06.0106 3228 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
14:00:06.0137 3228 NDIS - ok
14:00:06.0153 3228 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:00:06.0199 3228 NdisCap - ok
14:00:06.0246 3228 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:00:06.0277 3228 NdisTapi - ok
14:00:06.0309 3228 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
14:00:06.0324 3228 Ndisuio - ok
14:00:06.0340 3228 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:00:06.0371 3228 NdisWan - ok
14:00:06.0371 3228 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
14:00:06.0418 3228 NDProxy - ok
14:00:06.0418 3228 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:00:06.0449 3228 NetBIOS - ok
14:00:06.0496 3228 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
14:00:06.0543 3228 NetBT - ok
14:00:06.0574 3228 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:00:06.0589 3228 Netlogon - ok
14:00:06.0636 3228 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:00:06.0683 3228 Netman - ok
14:00:06.0730 3228 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:00:06.0792 3228 netprofm - ok
14:00:06.0855 3228 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:00:06.0870 3228 NetTcpPortSharing - ok
14:00:06.0901 3228 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:00:06.0901 3228 nfrd960 - ok
14:00:06.0948 3228 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
14:00:07.0001 3228 NlaSvc - ok
14:00:07.0023 3228 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:00:07.0071 3228 Npfs - ok
14:00:07.0093 3228 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:00:07.0135 3228 nsi - ok
14:00:07.0138 3228 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:00:07.0181 3228 nsiproxy - ok
14:00:07.0281 3228 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
14:00:07.0323 3228 Ntfs - ok
14:00:07.0417 3228 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:00:07.0464 3228 Null - ok
14:00:08.0232 3228 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:00:08.0497 3228 nvlddmkm - ok
14:00:08.0622 3228 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
14:00:08.0637 3228 nvraid - ok
14:00:08.0653 3228 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
14:00:08.0669 3228 nvstor - ok
14:00:08.0747 3228 nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
14:00:08.0778 3228 nvsvc - ok
14:00:08.0965 3228 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:00:09.0012 3228 nvUpdatusService - ok
14:00:09.0132 3228 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
14:00:09.0143 3228 nv_agp - ok
14:00:09.0148 3228 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
14:00:09.0202 3228 ohci1394 - ok
14:00:09.0234 3228 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:00:09.0289 3228 p2pimsvc - ok
14:00:09.0320 3228 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:00:09.0362 3228 p2psvc - ok
14:00:09.0390 3228 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:00:09.0401 3228 Parport - ok
14:00:09.0452 3228 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
14:00:09.0464 3228 partmgr - ok
14:00:09.0473 3228 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:00:09.0534 3228 PcaSvc - ok
14:00:09.0553 3228 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
14:00:09.0574 3228 pci - ok
14:00:09.0580 3228 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
14:00:09.0590 3228 pciide - ok
14:00:09.0612 3228 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:00:09.0624 3228 pcmcia - ok
14:00:09.0628 3228 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:00:09.0639 3228 pcw - ok
14:00:09.0672 3228 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:00:09.0732 3228 PEAUTH - ok
14:00:09.0817 3228 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
14:00:09.0891 3228 PeerDistSvc - ok
14:00:09.0956 3228 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:00:10.0010 3228 PerfHost - ok
14:00:10.0166 3228 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
14:00:10.0229 3228 pla - ok
14:00:10.0276 3228 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
14:00:10.0354 3228 PlugPlay - ok
14:00:10.0369 3228 PnkBstrA - ok
14:00:10.0385 3228 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:00:10.0416 3228 PNRPAutoReg - ok
14:00:10.0463 3228 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:00:10.0478 3228 PNRPsvc - ok
14:00:10.0510 3228 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
14:00:10.0572 3228 PolicyAgent - ok
14:00:10.0603 3228 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:00:10.0650 3228 Power - ok
14:00:10.0712 3228 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
14:00:10.0759 3228 PptpMiniport - ok
14:00:10.0790 3228 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:00:10.0822 3228 Processor - ok
14:00:10.0884 3228 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
14:00:10.0931 3228 ProfSvc - ok
14:00:10.0962 3228 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:00:10.0978 3228 ProtectedStorage - ok
14:00:10.0993 3228 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
14:00:11.0040 3228 Psched - ok
14:00:11.0118 3228 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:00:11.0165 3228 ql2300 - ok
14:00:11.0243 3228 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:00:11.0243 3228 ql40xx - ok
14:00:11.0290 3228 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:00:11.0305 3228 QWAVE - ok
14:00:11.0321 3228 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:00:11.0352 3228 QWAVEdrv - ok
14:00:11.0352 3228 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:00:11.0399 3228 RasAcd - ok
14:00:11.0446 3228 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:00:11.0461 3228 RasAgileVpn - ok
14:00:11.0492 3228 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:00:11.0539 3228 RasAuto - ok
14:00:11.0570 3228 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:00:11.0617 3228 Rasl2tp - ok
14:00:11.0648 3228 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
14:00:11.0711 3228 RasMan - ok
14:00:11.0742 3228 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:00:11.0789 3228 RasPppoe - ok
14:00:11.0820 3228 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:00:11.0851 3228 RasSstp - ok
14:00:11.0867 3228 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
14:00:11.0914 3228 rdbss - ok
14:00:11.0929 3228 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:00:11.0976 3228 rdpbus - ok
14:00:11.0992 3228 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:00:12.0023 3228 RDPCDD - ok
14:00:12.0054 3228 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
14:00:12.0116 3228 RDPDR - ok
14:00:12.0148 3228 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:00:12.0163 3228 RDPENCDD - ok
14:00:12.0210 3228 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:00:12.0257 3228 RDPREFMP - ok
14:00:12.0304 3228 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
14:00:12.0335 3228 RDPWD - ok
14:00:12.0382 3228 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
14:00:12.0413 3228 rdyboost - ok
14:00:12.0428 3228 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:00:12.0475 3228 RemoteAccess - ok
14:00:12.0522 3228 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:00:12.0589 3228 RemoteRegistry - ok
14:00:12.0627 3228 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:00:12.0674 3228 RpcEptMapper - ok
14:00:12.0706 3228 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:00:12.0719 3228 RpcLocator - ok
14:00:12.0738 3228 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
14:00:12.0769 3228 RpcSs - ok
14:00:12.0805 3228 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:00:12.0854 3228 rspndr - ok
14:00:12.0888 3228 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
14:00:12.0942 3228 s3cap - ok
14:00:12.0964 3228 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:00:12.0976 3228 SamSs - ok
14:00:13.0222 3228 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
14:00:13.0302 3228 SBAMSvc - ok
14:00:13.0445 3228 sbapifs (6e342316e72f4b6fa39c99e06373a1a3) C:\Windows\system32\DRIVERS\sbapifs.sys
14:00:13.0454 3228 sbapifs - ok
14:00:13.0528 3228 sbhips (b671eef468d13016b9286f5835a06ae1) C:\Windows\system32\drivers\sbhips.sys
14:00:13.0536 3228 sbhips - ok
14:00:13.0569 3228 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
14:00:13.0579 3228 sbp2port - ok
14:00:13.0649 3228 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\Windows\system32\drivers\SBREdrv.sys
14:00:13.0651 3228 SBRE - ok
14:00:13.0683 3228 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:00:13.0729 3228 SCardSvr - ok
14:00:13.0745 3228 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
14:00:13.0792 3228 scfilter - ok
14:00:13.0870 3228 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
14:00:13.0932 3228 Schedule - ok
14:00:13.0963 3228 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
14:00:13.0979 3228 SCPolicySvc - ok
14:00:14.0010 3228 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
14:00:14.0073 3228 SDRSVC - ok
14:00:14.0135 3228 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:00:14.0166 3228 secdrv - ok
14:00:14.0197 3228 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
14:00:14.0244 3228 seclogon - ok
14:00:14.0275 3228 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
14:00:14.0322 3228 SENS - ok
14:00:14.0338 3228 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:00:14.0400 3228 SensrSvc - ok
14:00:14.0416 3228 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:00:14.0431 3228 Serenum - ok
14:00:14.0447 3228 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:00:14.0478 3228 Serial - ok
14:00:14.0494 3228 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:00:14.0525 3228 sermouse - ok
14:00:14.0572 3228 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
14:00:14.0619 3228 SessionEnv - ok
14:00:14.0619 3228 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
14:00:14.0650 3228 sffdisk - ok
14:00:14.0650 3228 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:00:14.0665 3228 sffp_mmc - ok
14:00:14.0665 3228 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
14:00:14.0681 3228 sffp_sd - ok
14:00:14.0681 3228 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:00:14.0712 3228 sfloppy - ok
14:00:14.0764 3228 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
14:00:14.0796 3228 SharedAccess - ok
14:00:14.0824 3228 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
14:00:14.0891 3228 ShellHWDetection - ok
14:00:14.0902 3228 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:00:14.0912 3228 SiSRaid2 - ok
14:00:14.0917 3228 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:00:14.0928 3228 SiSRaid4 - ok
14:00:14.0988 3228 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
14:00:15.0000 3228 SkypeUpdate - ok
14:00:15.0027 3228 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:00:15.0055 3228 Smb - ok
14:00:15.0083 3228 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:00:15.0096 3228 SNMPTRAP - ok
14:00:15.0105 3228 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:00:15.0116 3228 spldr - ok
14:00:15.0162 3228 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
14:00:15.0222 3228 Spooler - ok
14:00:15.0375 3228 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
14:00:15.0467 3228 sppsvc - ok
14:00:15.0573 3228 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:00:15.0620 3228 sppuinotify - ok
14:00:15.0684 3228 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
14:00:15.0746 3228 srv - ok
14:00:15.0767 3228 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
14:00:15.0798 3228 srv2 - ok
14:00:15.0845 3228 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
14:00:15.0876 3228 srvnet - ok
14:00:15.0954 3228 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:00:16.0016 3228 SSDPSRV - ok
14:00:16.0048 3228 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:00:16.0094 3228 SstpSvc - ok
14:00:16.0141 3228 Steam Client Service - ok
14:00:16.0235 3228 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:00:16.0250 3228 Stereo Service - ok
14:00:16.0282 3228 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:00:16.0282 3228 stexstor - ok
14:00:16.0328 3228 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
14:00:16.0360 3228 stisvc - ok
14:00:16.0422 3228 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
14:00:16.0422 3228 storflt - ok
14:00:16.0438 3228 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
14:00:16.0453 3228 storvsc - ok
14:00:16.0469 3228 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
14:00:16.0469 3228 swenum - ok
14:00:16.0609 3228 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:00:16.0640 3228 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
14:00:16.0640 3228 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
14:00:16.0687 3228 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:00:16.0765 3228 swprv - ok
14:00:16.0874 3228 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
14:00:16.0984 3228 SysMain - ok
14:00:17.0124 3228 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
14:00:17.0155 3228 TabletInputService - ok
14:00:17.0202 3228 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
14:00:17.0233 3228 TapiSrv - ok
14:00:17.0233 3228 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:00:17.0264 3228 TBS - ok
14:00:17.0545 3228 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
14:00:17.0592 3228 Tcpip - ok
14:00:17.0764 3228 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
14:00:17.0779 3228 TCPIP6 - ok
14:00:17.0857 3228 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
14:00:17.0904 3228 tcpipreg - ok
14:00:17.0920 3228 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:00:17.0982 3228 TDPIPE - ok
14:00:17.0998 3228 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
14:00:18.0029 3228 TDTCP - ok
14:00:18.0060 3228 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
14:00:18.0107 3228 tdx - ok
14:00:18.0107 3228 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
14:00:18.0122 3228 TermDD - ok
14:00:18.0185 3228 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
14:00:18.0247 3228 TermService - ok
14:00:18.0283 3228 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:00:18.0299 3228 Themes - ok
14:00:18.0327 3228 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:00:18.0354 3228 THREADORDER - ok
14:00:18.0369 3228 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:00:18.0426 3228 TrkWks - ok
14:00:18.0494 3228 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
14:00:18.0538 3228 TrustedInstaller - ok
14:00:18.0560 3228 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:00:18.0606 3228 tssecsrv - ok
14:00:18.0669 3228 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
14:00:18.0699 3228 tunnel - ok
14:00:18.0704 3228 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:00:18.0715 3228 uagp35 - ok
14:00:18.0739 3228 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
14:00:18.0795 3228 udfs - ok
14:00:18.0828 3228 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:00:18.0842 3228 UI0Detect - ok
14:00:18.0855 3228 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
14:00:18.0865 3228 uliagpkx - ok
14:00:18.0881 3228 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
14:00:18.0893 3228 umbus - ok
14:00:18.0896 3228 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:00:18.0931 3228 UmPass - ok
14:00:18.0970 3228 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
14:00:18.0991 3228 UmRdpService - ok
14:00:19.0017 3228 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:00:19.0078 3228 upnphost - ok
14:00:19.0114 3228 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
14:00:19.0157 3228 usbccgp - ok
14:00:19.0181 3228 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
14:00:19.0213 3228 usbcir - ok
14:00:19.0251 3228 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
14:00:19.0266 3228 usbehci - ok
14:00:19.0282 3228 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
14:00:19.0298 3228 usbhub - ok
14:00:19.0313 3228 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
14:00:19.0344 3228 usbohci - ok
14:00:19.0376 3228 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:00:19.0422 3228 usbprint - ok
14:00:19.0454 3228 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
14:00:19.0485 3228 usbscan - ok
14:00:19.0532 3228 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:00:19.0563 3228 USBSTOR - ok
14:00:19.0594 3228 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
14:00:19.0625 3228 usbuhci - ok
14:00:19.0672 3228 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:00:19.0719 3228 UxSms - ok
14:00:19.0750 3228 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:00:19.0766 3228 VaultSvc - ok
14:00:19.0812 3228 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
14:00:19.0828 3228 vdrvroot - ok
14:00:19.0859 3228 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
14:00:19.0890 3228 vds - ok
14:00:19.0906 3228 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:00:19.0922 3228 vga - ok
14:00:19.0922 3228 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:00:19.0968 3228 VgaSave - ok
14:00:19.0984 3228 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
14:00:20.0000 3228 vhdmp - ok
14:00:20.0015 3228 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
14:00:20.0031 3228 viaide - ok
14:00:20.0062 3228 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
14:00:20.0078 3228 vmbus - ok
14:00:20.0078 3228 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
14:00:20.0109 3228 VMBusHID - ok
14:00:20.0109 3228 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
14:00:20.0124 3228 volmgr - ok
14:00:20.0171 3228 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
14:00:20.0187 3228 volmgrx - ok
14:00:20.0218 3228 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
14:00:20.0234 3228 volsnap - ok
14:00:20.0249 3228 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:00:20.0265 3228 vsmraid - ok
14:00:20.0358 3228 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
14:00:20.0424 3228 VSS - ok
14:00:20.0516 3228 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
14:00:20.0545 3228 vwifibus - ok
14:00:20.0593 3228 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:00:20.0658 3228 W32Time - ok
14:00:20.0663 3228 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:00:20.0678 3228 WacomPen - ok
14:00:20.0722 3228 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:00:20.0749 3228 WANARP - ok
14:00:20.0762 3228 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:00:20.0789 3228 Wanarpv6 - ok
14:00:20.0880 3228 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
14:00:20.0902 3228 WatAdminSvc - ok
14:00:20.0981 3228 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
14:00:21.0070 3228 wbengine - ok
14:00:21.0143 3228 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:00:21.0161 3228 WbioSrvc - ok
14:00:21.0216 3228 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
14:00:21.0260 3228 wcncsvc - ok
14:00:21.0277 3228 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:00:21.0335 3228 WcsPlugInService - ok
14:00:21.0373 3228 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:00:21.0383 3228 Wd - ok
14:00:21.0417 3228 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:00:21.0438 3228 Wdf01000 - ok
14:00:21.0451 3228 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:00:21.0466 3228 WdiServiceHost - ok
14:00:21.0466 3228 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:00:21.0482 3228 WdiSystemHost - ok
14:00:21.0529 3228 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
14:00:21.0575 3228 WebClient - ok
14:00:21.0591 3228 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:00:21.0653 3228 Wecsvc - ok
14:00:21.0685 3228 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:00:21.0731 3228 wercplsupport - ok
14:00:21.0763 3228 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:00:21.0794 3228 WerSvc - ok
14:00:21.0872 3228 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:00:21.0887 3228 WfpLwf - ok
14:00:21.0903 3228 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:00:21.0919 3228 WIMMount - ok
14:00:21.0950 3228 WinDefend - ok
14:00:21.0950 3228 WinHttpAutoProxySvc - ok
14:00:21.0997 3228 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:00:22.0059 3228 Winmgmt - ok
14:00:22.0168 3228 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
14:00:22.0262 3228 WinRM - ok
14:00:22.0402 3228 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:00:22.0433 3228 Wlansvc - ok
14:00:22.0621 3228 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:00:22.0683 3228 wlidsvc - ok
14:00:22.0777 3228 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:00:22.0808 3228 WmiAcpi - ok
14:00:22.0870 3228 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:00:22.0917 3228 wmiApSrv - ok
14:00:22.0979 3228 WMPNetworkSvc - ok
14:00:22.0995 3228 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:00:23.0011 3228 WPCSvc - ok
14:00:23.0042 3228 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
14:00:23.0104 3228 WPDBusEnum - ok
14:00:23.0120 3228 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:00:23.0151 3228 ws2ifsl - ok
14:00:23.0182 3228 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
14:00:23.0229 3228 wscsvc - ok
14:00:23.0229 3228 WSearch - ok
14:00:23.0338 3228 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
14:00:23.0432 3228 wuauserv - ok
14:00:23.0541 3228 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
14:00:23.0572 3228 WudfPf - ok
14:00:23.0588 3228 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:00:23.0619 3228 WUDFRd - ok
14:00:23.0650 3228 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
14:00:23.0697 3228 wudfsvc - ok
14:00:23.0728 3228 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:00:23.0791 3228 WwanSvc - ok
14:00:23.0822 3228 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:00:24.0064 3228 \Device\Harddisk0\DR0 - ok
14:00:24.0068 3228 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
14:00:24.0500 3228 \Device\Harddisk1\DR1 - ok
14:00:24.0502 3228 Boot (0x1200) (db0048cacad6af84baf4218f14ef0334) \Device\Harddisk0\DR0\Partition0
14:00:24.0503 3228 \Device\Harddisk0\DR0\Partition0 - ok
14:00:24.0529 3228 Boot (0x1200) (39d16703c73681ff43a7f47de9651a76) \Device\Harddisk0\DR0\Partition1
14:00:24.0530 3228 \Device\Harddisk0\DR0\Partition1 - ok
14:00:24.0532 3228 Boot (0x1200) (9fdf9b8e89ee05e21d308bb6fe3da719) \Device\Harddisk1\DR1\Partition0
14:00:24.0534 3228 \Device\Harddisk1\DR1\Partition0 - ok
14:00:24.0535 3228 ============================================================
14:00:24.0535 3228 Scan finished
14:00:24.0535 3228 ============================================================
14:00:24.0541 4684 Detected object count: 2
14:00:24.0541 4684 Actual detected object count: 2
14:00:44.0917 4684 DokanMounter ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:44.0917 4684 DokanMounter ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:44.0917 4684 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:44.0917 4684 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

[Gottwy]

A ještě se chci zeptat, jestli to umí ukrást již uložená heslo v počítači?

[Gottwy]

https://www.virustotal.com/file/4e27b5e ... 343305610/
https://www.virustotal.com/file/64202d7 ... 343305828/
https://www.virustotal.com/file/36f5147 ... 343306011/
Vypadá to, že je to čistý.

[Gottwy]

no to bohužel není, teď jsem zjistil, že mi to dokonce zakázalo příkazový řádek!

[Gottwy]

Tady to je, trvalo to snad hodinu a nemohlo to zkontrolovat registry kvůli nepřístupu k příkazovému řádku.

[Gottwy]

Log z toho prvního:
ComboFix 12-07-27.01 - Gottwy 26.07.2012 16:56:45.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1033.18.2047.960 [GMT 2:00]
Spuštěný z: c:\users\Gottwy\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Lavasoft Ad-Aware *Disabled/Outdated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Lavasoft Ad-Aware *Disabled/Outdated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
I:\AUTORUN.INF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-26 do 2012-07-26 )))))))))))))))))))))))))))))))
.
.
2012-07-26 15:05 . 2012-07-26 15:05 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-26 15:05 . 2012-07-26 15:05 -------- d-----w- c:\users\UpdatusUser.Gottwy-Pc\AppData\Local\temp
2012-07-26 15:05 . 2012-07-26 15:05 -------- d-----w- c:\users\Táta\AppData\Local\temp
2012-07-26 15:05 . 2012-07-26 15:05 -------- d-----w- c:\users\Táta.Gottwy-Pc\AppData\Local\temp
2012-07-26 15:05 . 2012-07-26 15:05 -------- d-----w- c:\users\Mamka.Gottwy-Pc\AppData\Local\temp
2012-07-26 13:06 . 2012-07-26 13:27 512 ----a-w- C:\PhysicalMBR.bin
2012-07-26 11:57 . 2012-07-26 11:57 139152 ----a-w- c:\windows\SysWow64\kEvP64.sys
2012-07-26 09:21 . 2012-07-26 09:21 -------- d-----w- c:\users\Gottwy\AppData\Local\adaware
2012-07-26 09:20 . 2012-07-26 15:10 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2012-07-26 09:17 . 2012-07-26 09:17 -------- d-----w- c:\program files\trend micro
2012-07-26 09:16 . 2012-07-26 09:18 -------- d-----w- C:\rsit
2012-07-26 09:16 . 2011-12-19 10:44 60536 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-07-26 09:16 . 2011-12-19 11:21 45936 ----a-w- c:\windows\system32\sbbd.exe
2012-07-26 09:16 . 2011-10-26 12:23 57976 ----a-w- c:\windows\system32\drivers\sbredrv.sys
2012-07-26 09:16 . 2012-07-26 09:16 -------- d-----w- c:\programdata\Lavasoft
2012-07-26 09:16 . 2012-07-26 11:27 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus
2012-07-26 09:14 . 2012-07-26 09:14 -------- d-----w- c:\users\Gottwy\AppData\Local\Downloaded Installations
2012-07-26 09:13 . 2012-07-26 09:14 -------- d-----w- c:\users\Gottwy\AppData\Roaming\Ad-Aware Antivirus
2012-07-25 13:07 . 2012-07-26 06:52 -------- d-----w- c:\users\Gottwy\AppData\Roaming\dclogs
2012-07-24 12:47 . 2012-07-24 12:47 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-07-24 12:47 . 2012-07-24 12:47 -------- d-----w- c:\users\Gottwy\AppData\Local\PunkBuster
2012-07-24 12:45 . 2012-07-24 12:45 -------- d-----w- c:\program files (x86)\Microsoft Chart Controls
2012-07-24 12:44 . 2012-07-24 12:44 -------- d-----w- c:\users\Gottwy\AppData\Local\CrashRpt
2012-07-24 12:41 . 2012-07-24 12:47 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-07-24 12:41 . 2012-07-24 12:41 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-07-24 12:40 . 2012-07-24 12:40 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-07-24 07:19 . 2012-07-24 07:19 -------- d-----w- c:\program files (x86)\Dokan
2012-07-23 07:10 . 2012-07-23 08:12 -------- d-----w- c:\users\Gottwy\AppData\Local\dxhr
2012-07-23 07:09 . 2012-07-23 07:09 -------- d-----w- c:\users\Gottwy\AppData\Local\28050
2012-07-21 07:11 . 2012-07-21 07:11 71680 ----a-w- c:\windows\system32\frapsv64.dll
2012-07-21 07:11 . 2012-07-21 07:11 65536 ----a-w- c:\windows\SysWow64\frapsvid.dll
2012-07-18 12:45 . 2012-07-18 12:51 -------- d-----w- c:\users\Gottwy\AppData\Roaming\AtomZombieData
2012-07-18 08:55 . 2012-07-18 09:23 -------- d-----w- c:\users\Gottwy\AppData\Roaming\Bioshock
2012-07-17 11:52 . 2012-07-17 11:52 -------- d-sh--w- c:\programdata\SecuROM
2012-07-17 11:48 . 2012-07-17 11:49 -------- d-----w- c:\users\Gottwy\AppData\Local\Rockstar Games
2012-07-17 11:48 . 2012-07-17 11:48 -------- d--h--r- c:\users\Gottwy\AppData\Roaming\SecuROM
2012-07-17 11:48 . 2012-07-17 11:48 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-07-17 10:35 . 2012-07-17 10:35 -------- d-----w- c:\users\Gottwy\AppData\Roaming\AtomZombieDemoData
2012-07-17 06:30 . 2012-07-17 06:30 -------- d-----w- c:\program files (x86)\Oracle
2012-07-10 08:26 . 2012-07-10 08:26 -------- d-----w- c:\users\Gottwy\AppData\Local\Origin
2012-07-10 08:26 . 2012-07-10 08:26 -------- d-----w- c:\program files (x86)\Origin Games
2012-07-10 08:26 . 2012-07-10 08:28 -------- d-----w- c:\programdata\Origin
2012-07-10 08:23 . 2012-07-10 08:26 -------- d-----w- c:\users\Gottwy\AppData\Roaming\Origin
2012-07-10 08:23 . 2012-07-10 08:23 -------- d-----w- c:\programdata\Electronic Arts
2012-07-10 08:22 . 2012-07-10 08:26 -------- d-----w- c:\program files (x86)\Origin
2012-07-09 17:59 . 2012-07-09 18:00 -------- d-----w- c:\users\Mamka.Gottwy-Pc\AppData\Roaming\vlc
2012-07-03 12:49 . 2012-07-03 12:49 -------- d-----w- c:\users\Táta.Gottwy-Pc\AppData\Roaming\WinRAR
2012-07-03 08:32 . 2012-07-03 08:57 -------- d-----w- c:\users\Gottwy\AppData\Roaming\Vessel
2012-07-02 05:55 . 2012-07-02 05:55 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-06-30 06:48 . 2009-03-18 15:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2012-06-30 06:48 . 2012-06-30 06:48 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 12:43 . 2012-04-05 14:04 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-12 12:43 . 2012-04-05 14:04 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-05 20:06 . 2012-06-01 14:36 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-05 20:06 . 2012-04-04 07:51 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-07-03 16:21 . 2012-04-06 11:10 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2012-04-06 11:10 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 16:21 . 2012-04-06 11:10 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2012-04-06 11:10 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2012-04-06 11:10 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2012-04-06 11:10 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2012-04-06 11:08 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2012-04-06 11:08 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-07-03 16:21 . 2012-04-06 11:10 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-10 10:40 . 2012-06-10 10:40 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-06-10 10:40 . 2012-06-10 10:40 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-05-29 12:13 . 2012-05-29 12:13 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-05-08 08:40 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2012-05-08 08:40 . 2009-08-18 09:24 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-05-03 16:31 . 2009-07-13 23:56 419840 ----a-w- c:\windows\system32\systemcpl.dll
2012-05-03 16:31 . 2009-07-13 23:38 1008640 ----a-w- c:\windows\system32\user32.dll
2012-05-03 16:31 . 2009-07-13 23:24 833024 ----a-w- c:\windows\SysWow64\user32.dll
2012-05-03 02:54 . 2012-05-03 02:54 42392 ----a-w- c:\windows\SysWow64\xfcodec.dll
2012-05-03 02:54 . 2012-05-03 02:54 28056 ----a-w- c:\windows\system32\xfcodec64.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2012-05-03 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
[-] 2012-05-03 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Gottwy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Gottwy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Gottwy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Gottwy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-03 17417392]
"Steam"="c:\steam\steam.exe" [2012-04-05 1242448]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Ad-Aware Antivirus"="c:\program files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
"SoundVolumeHotkeys.{9547D1C7-4F18-4104-8674-046DCD12BDF9}"="c:\program files (x86)\Sound Volume Hotkeys\SoundVolumeHotkeys.exe" [2010-09-19 126976]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
.
c:\users\Gottwy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Gottwy\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
Xfire.lnk - c:\program files (x86)\Xfire\Xfire.exe [2012-5-3 3553176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
@="Ad-Aware Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2011-10-26 57976]
R2 SBAMSvc;Ad-Aware;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [2010-08-02 31744]
R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2011-12-19 60536]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-03 1255736]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-29 283200]
S2 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-07-12 1239952]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys [2011-01-10 120408]
S2 DokanMounter;DokanMounter;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [2011-11-29 74872]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x64.sys [2009-06-25 58368]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55b9846e-a984-11e1-affa-001e8cca0a86}]
\shell\AutoRun\command - J:\setup.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 12:44]
.
2012-07-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-813073150-566962921-3886102698-1001Core.job
- c:\users\Gottwy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-03 15:15]
.
2012-07-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-813073150-566962921-3886102698-1001UA.job
- c:\users\Gottwy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-03 15:15]
.
2012-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-813073150-566962921-3886102698-1004Core.job
- c:\users\Mamka.Gottwy-Pc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-03 19:04]
.
2012-07-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-813073150-566962921-3886102698-1004UA.job
- c:\users\Mamka.Gottwy-Pc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-03 19:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Gottwy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Gottwy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Gottwy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Gottwy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-03-27 12459112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-813073150-566962921-3886102698-1001\Software\SecuROM\License information*]
"datasecu"=hex:03,86,93,c3,d0,bb,4f,64,90,13,66,ce,56,14,ee,92,1d,70,cd,1c,db,
c1,a9,d6,58,27,19,34,d4,13,5e,a1,c8,3c,a2,75,e4,9c,fa,69,72,65,b3,05,ac,41,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2012-07-26 17:18:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-26 15:18
.
Před spuštěním: Volných bajtů: 57 122 439 168
Po spuštění: Volných bajtů: 56 422 522 880
.
- - End Of File - - 39E97CCADFD64EDAAACA354BFC12BC56