Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vírus "DSC0634723.scr"

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
jaykiss
Návštěvník
Návštěvník
Příspěvky: 33
Registrován: 15 lis 2012 13:39

Vírus "DSC0634723.scr"

#1 Příspěvek od jaykiss »

Dobrý deň,
mám problém podobný tomuto: http://forum.viry.cz/viewtopic.php?f=13&t=125708

Písal som si s kamarátom, z ničoho nič mi niečo začal posielať, kedže je to kamoš tak prvý môj krok bol prijať súbor, nanešťastie som ho aj otvoril.
Od tohto dňa sledujem v procesoch a aj v programoch divné programy/zložky.
Hľadal som riešenia aj na iných fórach no všade len programy ktoré mi nijak nepomohli, buď vírus len dočasne odstránili a vrátil sa po dni späť alebo to bola verzia ktorú trebalo zakúpiť.
Nakoniec som našiel vás a ako som videl na vyššie uvedenom topicu že sa vám ho podarilo odstrániť tak snáď pomôžete aj mne.
(Ešte sa chcem pýtať, súbory: svchost a trojan .exe/ jeden z nájdených programov mi kázal tieto zložky odstrániť no od tej doby mi systém pri spustení hlási chybu, čierna obrazovka a kopu písmenok :D, ale windows sa normálne spustí , ta sa chcem spýtať či tieto zložky patria ku windowsu a či ich mam vrátiť)

RSIT log:


Logfile of random's system information tool 1.09 (written by random/random)
Run by Robo at 2012-11-15 13:50:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 10 GB (5%) free of 205 GB
Total RAM: 3563 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:50:42, on 15. 11. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
D:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\explorer.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Windows\SysWOW64\explorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Robo\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Robo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=stonicus& ... Terms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll
O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\softonic\1.5.11.5\bh\softonic.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
O3 - Toolbar: Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\softonic\1.5.11.5\softonicTlbr.dll
O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [ExpressFiles] "C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe" -tray
O4 - HKLM\..\Run: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [RocketDock] "D:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Driver Pro] C:\Program Files (x86)\Driver Pro\DPLauncher.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Robo\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [uTorrent] "D:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DrivUpdater] C:\Users\Robo\AppData\Roaming\updater\updat.exe
O4 - HKCU\..\Run: [ICQ] ~"d:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: CNET TechTracker.lnk = Robo\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
O4 - Startup: windows.exe
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - d:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - d:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: ICQ Service - Unknown owner - C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
O23 - Service: WebOptimizer - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18862 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000
uiWatchDog.exe 1672
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
\??\C:\Windows\system32\conhost.exe "-1265293872-737950475-1376532607-4480597631027425789-1775958241218141949-1658446616
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
coreFrameworkHost.exe 1672 1
\??\C:\Windows\system32\conhost.exe "75693237-216877392120673717-14971252151134995484-1418553613-663326134521268379
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
"C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files (x86)\MySQL\MySQL Server 6.0\bin\mysqld-nt" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 6.0\my.ini" MySQL
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Web Assistant\ExtensionUpdaterService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2768
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {83A206ED-80CA-486C-9385-C7585C0930E4}
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files\P4G\BatteryLife.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
taskeng.exe {561F6C9E-1749-4E86-8569-2EBD9350893D}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
ATKOSD.exe
KBFiltr.exe
WDC.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe"
"D:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
explorer.exe
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE" "Microsoft Word 2010 9014006104090000"
"C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe" /start IDLE_APP_EVENT_{90140011-0061-0409-0000-0000000FF1CE}
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
explorer.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/6/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1104.0.950811431\572777865" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1104.2.584274929\1533063044" --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x1002 --gpu-device-id=0x9648 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.860.0.0 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/6/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1104.3.2129360264\1062120476" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1104.4.1102734456\1479067951" --lang=sk --ignored=" --type=renderer " /prefetch:13
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe21_ Global\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/6/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1104.10.802974561\1388473837" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/6/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1104.17.416688426\290744658" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/6/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1104.18.1892887369\1812027582" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/6/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1104.20.1476204358\1305094213" /prefetch:3
"C:\Users\Robo\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/6/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1104.29.1085958243\326714927" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/6/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1104.30.728317361\2137182926" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/6/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1104.32.1868637337\1889147506" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/6/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1104.35.1364061193\882226456" /prefetch:3
"C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe" -unlock-3be2f036c43042cdb03588591c9325c3
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/6/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1104.37.809467616\1516873208" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/6/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1104.43.1534872602\1301482498" /prefetch:3
"C:\Windows\system32\taskmgr.exe" /4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/6/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1104.46.1259479201\646413617" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/6/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1104.47.103571102\1735351089" /prefetch:3
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Robo\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2369425021-3491455874-255983303-1002Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2369425021-3491455874-255983303-1002UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for Robo.job
C:\Windows\tasks\SpeedUpMyPC.job
C:\Windows\tasks\spmonitor.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll [2010-07-20 235344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
Web Assistant - C:\Program Files\Web Assistant\Extension64.dll [2012-09-03 208728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll [2011-03-25 265744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll [2010-07-20 185680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
Web Assistant - C:\Program Files\Web Assistant\Extension32.dll [2012-09-03 167256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll [2011-09-05 265944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}]
Incredibar.com Helper Object - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll [2012-01-21 261632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}]
Funmoods Helper Object - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll [2012-06-10 243664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-09 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll [2011-03-25 235024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-09 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}]
Softonic Helper Object - C:\Program Files (x86)\Softonic\softonic\1.5.11.5\bh\softonic.dll [2012-01-11 241872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2011-08-24 1299248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2011-08-24 1299248]
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll [2011-09-05 220888]
{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - Softonic Toolbar - C:\Program Files (x86)\Softonic\softonic\1.5.11.5\softonicTlbr.dll [2012-01-11 250064]
{F9639E4A-801B-4843-AEE3-03D9DA199E77} - Incredibar Toolbar - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll [2012-01-21 270336]
{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - Funmoods Toolbar - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll [2012-06-10 251856]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2012-03-20 1056320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Trend Micro Titanium"=C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe [2011-10-08 1111568]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-04-18 2209896]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-13 617120]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-13 379552]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-03-21 361984]
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []
"Trend Micro Client Framework"=C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [2011-02-10 197152]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"RocketDock"=D:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Driver Pro"=C:\Program Files (x86)\Driver Pro\DPLauncher.exe [2012-04-03 340472]
"Facebook Update"=C:\Users\Robo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11 138096]
"uTorrent"=D:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED []
"Clownfish"= []
"DrivUpdater"=C:\Users\Robo\AppData\Roaming\updater\updat.exe [2012-11-01 677852]
"ICQ"=~d:\Program Files (x86)\ICQ7M\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-08-31 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-04-22 11831400]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-04-01 2018032]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [2011-02-23 731472]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [2010-07-10 984400]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536]
"RemoteControl10"=C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"UpdatePSTShortCut"=C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2010-11-24 222504]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2011-12-05 114992]
"ExpressFiles"=C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe -tray []
"facemoods"=C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe [2011-09-05 362200]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"SSDMonitor"=C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2011-12-12 103896]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"LogMeIn Hamachi Ui"=D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-08-29 1996200]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-11-10 1564368]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe

C:\Users\Robo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CNET TechTracker.lnk - C:\Users\Robo\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
windows.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 month======

2012-11-15 13:50:27 ----D---- C:\rsit
2012-11-15 07:29:25 ----A---- C:\Windows\system32\MRT.exe
2012-11-15 07:25:19 ----A---- C:\Windows\SYSWOW64\MRT.exe
2012-11-15 07:11:34 ----A---- C:\Windows\system32\drivers\tmwfp.sys
2012-11-15 07:11:34 ----A---- C:\Windows\system32\drivers\tmlwf.sys
2012-11-15 06:51:05 ----D---- C:\Users\Robo\AppData\Roaming\Uniblue
2012-11-15 06:51:05 ----D---- C:\Program Files (x86)\Uniblue
2012-11-12 22:29:31 ----A---- C:\Windows\SYSWOW64\PARTIZAN.TXT
2012-11-12 22:15:34 ----A---- C:\Windows\system32\Partizan.exe
2012-11-12 21:54:46 ----D---- C:\ProgramData\RegRun
2012-11-12 21:54:43 ----A---- C:\Windows\SYSWOW64\Partizan.exe
2012-11-12 21:54:43 ----A---- C:\Windows\SYSWOW64\drivers\Partizan.sys
2012-11-12 21:54:33 ----RASHOT---- C:\Windows\winstart.bat
2012-11-12 21:54:25 ----A---- C:\Windows\SYSWOW64\drivers\UnHackMeDrv.sys
2012-11-10 12:01:09 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2012-11-10 12:00:41 ----D---- C:\Users\Robo\AppData\Roaming\ICQ Search
2012-11-10 12:00:30 ----D---- C:\Program Files (x86)\Guard-ICQ
2012-11-10 12:00:26 ----D---- C:\ProgramData\ICQ
2012-11-10 11:59:55 ----D---- C:\Users\Robo\AppData\Roaming\ICQ
2012-11-04 16:23:27 ----A---- C:\Users\Robo\AppData\Roaming\MPQEditor.ini
2012-11-03 13:49:36 ----D---- C:\Windows\Sun
2012-11-01 17:59:53 ----RSHD---- C:\Users\Robo\AppData\Roaming\updater
2012-10-21 08:19:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-10-21 08:19:16 ----D---- C:\Windows\system32\Macromed

======List of files/folders modified in the last 1 month======

2012-11-15 13:50:42 ----D---- C:\Program Files\Trend Micro
2012-11-15 13:48:36 ----D---- C:\Users\Robo\AppData\Roaming\Skype
2012-11-15 13:38:15 ----AD---- C:\ProgramData\Temp
2012-11-15 13:38:04 ----D---- C:\Windows\Temp
2012-11-15 07:43:51 ----D---- C:\Windows\System32
2012-11-15 07:29:27 ----D---- C:\Windows\debug
2012-11-15 07:25:19 ----D---- C:\Windows\SysWOW64
2012-11-15 07:11:47 ----D---- C:\Windows\system32\drivers
2012-11-15 07:11:47 ----D---- C:\Windows\inf
2012-11-15 07:11:44 ----D---- C:\Windows\system32\catroot
2012-11-15 07:11:43 ----D---- C:\Windows\system32\DriverStore
2012-11-15 07:02:43 ----D---- C:\Windows\system32\drivers\etc
2012-11-15 06:53:30 ----SHD---- C:\System Volume Information
2012-11-15 06:51:30 ----D---- C:\Windows\system32\Tasks
2012-11-15 06:51:29 ----D---- C:\Windows\Tasks
2012-11-15 06:51:05 ----RD---- C:\Program Files (x86)
2012-11-14 14:02:00 ----D---- C:\Windows\system32\config
2012-11-14 06:58:04 ----HD---- C:\ASUS.DAT
2012-11-14 06:57:30 ----A---- C:\Windows\system32\acovcnt.exe
2012-11-13 15:02:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-12 22:28:31 ----D---- C:\Windows\system32\catroot2
2012-11-12 22:23:44 ----SD---- C:\Users\Robo\AppData\Roaming\Microsoft
2012-11-12 21:54:46 ----HD---- C:\ProgramData
2012-11-12 21:54:43 ----D---- C:\Windows\SYSWOW64\drivers
2012-11-12 21:54:33 ----D---- C:\Windows
2012-11-11 22:28:10 ----A---- C:\Windows\system32\AutoRunFilter.ini
2012-11-11 16:59:21 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-11-10 22:47:14 ----A---- C:\Windows\system32\ServiceFilter.ini
2012-11-10 12:00:30 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-09 19:11:51 ----D---- C:\Users\Robo\AppData\Roaming\SoftGrid Client
2012-11-09 18:46:48 ----SHD---- C:\Windows\Installer
2012-11-08 19:39:47 ----D---- C:\Windows\system32\FxsTmp
2012-10-31 10:29:04 ----D---- C:\Users\Robo\AppData\Roaming\SQLyog
2012-10-21 08:20:46 ----D---- C:\ProgramData\Adobe
2012-10-16 19:22:14 ----D---- C:\ProgramData\YTD Video Downloader

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-08-13 75904]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-08-13 38016]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver; C:\Windows\system32\DRIVERS\tmlwf.sys [2010-09-17 194640]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2010-09-17 105552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [2010-09-17 90704]
R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2010-09-17 144464]
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
R2 tmwfp;Trend Micro WFP Callout Driver; C:\Windows\system32\DRIVERS\tmwfp.sys [2010-09-17 339536]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2011-03-18 87168]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-12 9358336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-12 309760]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2011-03-18 188544]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-07-08 2228736]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-04-26 2852200]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S0 Partizan;Partizan; C:\Windows\system32\drivers\Partizan.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-03-18 74840]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-01-25 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-12 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-05-13 365568]
R2 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-02-16 256336]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-11-10 1564368]
R2 ICQ Service;ICQ Service; C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE [2012-03-20 247872]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 MySQL;MySQL; C:\Program Files (x86)\MySQL\MySQL Server 6.0\bin\mysqld-nt --defaults-file=C:\Program Files (x86)\MySQL\MySQL Server 6.0\my.ini MySQL []
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-12-12 793048]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-05-24 76888]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 Web Assistant Updater;Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-09-03 188760]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-04-17 247152]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
S2 WebOptimizer;WebOptimizer; C:\Windows\system32\dmwu.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-21 250808]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-25 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------




------------------------
Ďakujem.

jaykiss
Návštěvník
Návštěvník
Příspěvky: 33
Registrován: 15 lis 2012 13:39

Re: Vírus "DSC0634723.scr"

#2 Příspěvek od jaykiss »

Ešte chcem dodať že od tej doby sa mi sama od seba zapína webka...(možno aj mikrofón) (zistil som to tak že ak sa zapne program ktorý využíva webku tak sa vedľa nej rozsvieti svetielko(ledka) ktorá mi oznamuje že sa webka spustila.)

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15713
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Vírus "DSC0634723.scr"

#3 Příspěvek od JaRon »

ahoj,
vloz log z TDSSKiller
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

jaykiss
Návštěvník
Návštěvník
Příspěvky: 33
Registrován: 15 lis 2012 13:39

Re: Vírus "DSC0634723.scr"

#4 Příspěvek od jaykiss »

toto ?



15:47:15.0328 6276 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:47:15.0668 6276 ============================================================
15:47:15.0668 6276 Current date / time: 2012/11/15 15:47:15.0668
15:47:15.0668 6276 SystemInfo:
15:47:15.0668 6276
15:47:15.0668 6276 OS Version: 6.1.7601 ServicePack: 1.0
15:47:15.0668 6276 Product type: Workstation
15:47:15.0668 6276 ComputerName: ROBO-PC
15:47:15.0669 6276 UserName: Robo
15:47:15.0669 6276 Windows directory: C:\Windows
15:47:15.0669 6276 System windows directory: C:\Windows
15:47:15.0669 6276 Running under WOW64
15:47:15.0669 6276 Processor architecture: Intel x64
15:47:15.0669 6276 Number of processors: 2
15:47:15.0669 6276 Page size: 0x1000
15:47:15.0669 6276 Boot type: Normal boot
15:47:15.0669 6276 ============================================================
15:47:17.0338 6276 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:47:17.0345 6276 ============================================================
15:47:17.0345 6276 \Device\Harddisk0\DR0:
15:47:17.0345 6276 MBR partitions:
15:47:17.0345 6276 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x3200000
15:47:17.0345 6276 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x19000000
15:47:17.0364 6276 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1C201000, BlocksNum 0x1E185000
15:47:17.0364 6276 ============================================================
15:47:17.0399 6276 C: <-> \Device\Harddisk0\DR0\Partition2
15:47:17.0463 6276 D: <-> \Device\Harddisk0\DR0\Partition3
15:47:17.0494 6276 R: <-> \Device\Harddisk0\DR0\Partition1
15:47:17.0562 6276 ============================================================
15:47:17.0563 6276 Initialize success
15:47:17.0563 6276 ============================================================
15:47:19.0457 7012 ============================================================
15:47:19.0457 7012 Scan started
15:47:19.0457 7012 Mode: Manual;
15:47:19.0457 7012 ============================================================
15:47:21.0780 7012 ================ Scan system memory ========================
15:47:21.0780 7012 System memory - ok
15:47:21.0798 7012 ================ Scan services =============================
15:47:21.0964 7012 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:47:21.0970 7012 1394ohci - ok
15:47:22.0000 7012 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:47:22.0008 7012 ACPI - ok
15:47:22.0036 7012 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:47:22.0040 7012 AcpiPmi - ok
15:47:22.0177 7012 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:47:22.0181 7012 AdobeFlashPlayerUpdateSvc - ok
15:47:22.0215 7012 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:47:22.0225 7012 adp94xx - ok
15:47:22.0258 7012 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:47:22.0266 7012 adpahci - ok
15:47:22.0284 7012 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:47:22.0289 7012 adpu320 - ok
15:47:22.0322 7012 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:47:22.0326 7012 AeLookupSvc - ok
15:47:22.0385 7012 [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent C:\Windows\system32\FBAgent.exe
15:47:22.0394 7012 AFBAgent - ok
15:47:22.0467 7012 [ D5B031C308A409A0A576BFF4CF083D30 ] AFD C:\Windows\system32\drivers\afd.sys
15:47:22.0478 7012 AFD - ok
15:47:22.0510 7012 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:47:22.0515 7012 agp440 - ok
15:47:22.0543 7012 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:47:22.0547 7012 ALG - ok
15:47:22.0563 7012 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:47:22.0566 7012 aliide - ok
15:47:22.0599 7012 [ 23BC2EA87AB7D48756E6198A4E5D3AC0 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:47:22.0604 7012 AMD External Events Utility - ok
15:47:22.0659 7012 AMD FUEL Service - ok
15:47:22.0681 7012 [ 30BFEEE0DFFD5BD79D29157CF080DEED ] amdhub30 C:\Windows\system32\DRIVERS\amdhub30.sys
15:47:22.0685 7012 amdhub30 - ok
15:47:22.0716 7012 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:47:22.0720 7012 amdide - ok
15:47:22.0769 7012 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
15:47:22.0773 7012 amdiox64 - ok
15:47:22.0785 7012 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:47:22.0789 7012 AmdK8 - ok
15:47:23.0071 7012 [ 4837AA524C1AEB34201BA425237FB45B ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:47:23.0302 7012 amdkmdag - ok
15:47:23.0548 7012 [ D7CC3EB2AE5BB29858F254C9AA356601 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:47:23.0556 7012 amdkmdap - ok
15:47:23.0578 7012 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:47:23.0583 7012 AmdPPM - ok
15:47:23.0614 7012 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:47:23.0619 7012 amdsata - ok
15:47:23.0643 7012 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:47:23.0649 7012 amdsbs - ok
15:47:23.0669 7012 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:47:23.0672 7012 amdxata - ok
15:47:23.0718 7012 [ 321533578132C811EC834A1B741C994C ] amdxhc C:\Windows\system32\DRIVERS\amdxhc.sys
15:47:23.0724 7012 amdxhc - ok
15:47:23.0754 7012 [ 8A2B4818215D8A6FF54DC3F0D63CBB2D ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
15:47:23.0756 7012 amd_sata - ok
15:47:23.0795 7012 [ A2D8977623E13591B15F6370C6CC37B0 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
15:47:23.0800 7012 amd_xata - ok
15:47:23.0880 7012 [ 18F64623E76FF58009D6F9CB9DEA5D0A ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
15:47:23.0887 7012 Amsp - ok
15:47:23.0932 7012 [ 92A848F962DA91C631147D566414BB7E ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
15:47:23.0936 7012 AmUStor - ok
15:47:23.0967 7012 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:47:23.0970 7012 AppID - ok
15:47:23.0996 7012 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:47:24.0000 7012 AppIDSvc - ok
15:47:24.0012 7012 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:47:24.0017 7012 Appinfo - ok
15:47:24.0032 7012 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:47:24.0036 7012 arc - ok
15:47:24.0054 7012 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:47:24.0059 7012 arcsas - ok
15:47:24.0124 7012 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:47:24.0128 7012 ASLDRService - ok
15:47:24.0152 7012 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:47:24.0155 7012 ASMMAP64 - ok
15:47:24.0257 7012 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:47:24.0284 7012 aspnet_state - ok
15:47:24.0304 7012 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:47:24.0307 7012 AsyncMac - ok
15:47:24.0336 7012 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:47:24.0339 7012 atapi - ok
15:47:24.0396 7012 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
15:47:24.0399 7012 AthBTPort - ok
15:47:24.0463 7012 [ 4C4A576818EA028257C624AE36FF7A03 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
15:47:24.0487 7012 Atheros Bt&Wlan Coex Agent - ok
15:47:24.0504 7012 [ 21753130331188C4B474E1D3B396E629 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
15:47:24.0523 7012 AtherosSvc - ok
15:47:24.0618 7012 [ DE8B9C3E0E09D918B394207F34AC16DD ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:47:24.0675 7012 athr - ok
15:47:24.0719 7012 [ CBD14F698DEF12EE3557604B726CB8EB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:47:24.0724 7012 AtiHDAudioService - ok
15:47:24.0736 7012 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:47:24.0740 7012 ATKGFNEXSrv - ok
15:47:24.0792 7012 [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
15:47:24.0796 7012 ATKWMIACPIIO - ok
15:47:24.0845 7012 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:47:24.0874 7012 AudioEndpointBuilder - ok
15:47:24.0916 7012 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:47:24.0923 7012 AudioSrv - ok
15:47:24.0945 7012 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:47:24.0951 7012 AxInstSV - ok
15:47:24.0990 7012 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:47:25.0000 7012 b06bdrv - ok
15:47:25.0018 7012 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:47:25.0025 7012 b57nd60a - ok
15:47:25.0068 7012 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:47:25.0072 7012 BDESVC - ok
15:47:25.0092 7012 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:47:25.0095 7012 Beep - ok
15:47:25.0128 7012 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:47:25.0165 7012 BFE - ok
15:47:25.0206 7012 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:47:25.0241 7012 BITS - ok
15:47:25.0294 7012 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:47:25.0297 7012 blbdrive - ok
15:47:25.0335 7012 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:47:25.0339 7012 bowser - ok
15:47:25.0363 7012 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:47:25.0367 7012 BrFiltLo - ok
15:47:25.0383 7012 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:47:25.0387 7012 BrFiltUp - ok
15:47:25.0411 7012 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
15:47:25.0416 7012 Browser - ok
15:47:25.0439 7012 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:47:25.0446 7012 Brserid - ok
15:47:25.0453 7012 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:47:25.0456 7012 BrSerWdm - ok
15:47:25.0465 7012 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:47:25.0469 7012 BrUsbMdm - ok
15:47:25.0475 7012 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:47:25.0478 7012 BrUsbSer - ok
15:47:25.0560 7012 [ FE70889A85C57A9268101B2DB0474509 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
15:47:25.0568 7012 BTATH_A2DP - ok
15:47:25.0609 7012 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
15:47:25.0613 7012 BTATH_BUS - ok
15:47:25.0654 7012 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
15:47:25.0660 7012 BTATH_HCRP - ok
15:47:25.0679 7012 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
15:47:25.0683 7012 BTATH_LWFLT - ok
15:47:25.0698 7012 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
15:47:25.0703 7012 BTATH_RCP - ok
15:47:25.0745 7012 [ AA0F5AFCF077C5246589B32ECEEAE566 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
15:47:25.0752 7012 BtFilter - ok
15:47:25.0796 7012 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:47:25.0800 7012 BthEnum - ok
15:47:25.0837 7012 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:47:25.0840 7012 BTHMODEM - ok
15:47:25.0874 7012 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:47:25.0879 7012 BthPan - ok
15:47:25.0907 7012 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:47:25.0919 7012 BTHPORT - ok
15:47:25.0942 7012 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:47:25.0946 7012 bthserv - ok
15:47:25.0972 7012 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:47:25.0977 7012 BTHUSB - ok
15:47:26.0013 7012 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:47:26.0018 7012 cdfs - ok
15:47:26.0038 7012 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:47:26.0044 7012 cdrom - ok
15:47:26.0072 7012 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:47:26.0077 7012 CertPropSvc - ok
15:47:26.0089 7012 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:47:26.0093 7012 circlass - ok
15:47:26.0120 7012 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:47:26.0128 7012 CLFS - ok
15:47:26.0188 7012 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:47:26.0197 7012 clr_optimization_v2.0.50727_32 - ok
15:47:26.0247 7012 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:47:26.0254 7012 clr_optimization_v2.0.50727_64 - ok
15:47:26.0328 7012 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:47:26.0505 7012 clr_optimization_v4.0.30319_32 - ok
15:47:26.0516 7012 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:47:26.0538 7012 clr_optimization_v4.0.30319_64 - ok
15:47:26.0557 7012 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:47:26.0561 7012 CmBatt - ok
15:47:26.0588 7012 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:47:26.0591 7012 cmdide - ok
15:47:26.0630 7012 [ D5FEA92400F12412B3922087C09DA6A5 ] CNG C:\Windows\system32\Drivers\cng.sys
15:47:26.0639 7012 CNG - ok
15:47:26.0663 7012 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:47:26.0667 7012 Compbatt - ok
15:47:26.0677 7012 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:47:26.0681 7012 CompositeBus - ok
15:47:26.0688 7012 COMSysApp - ok
15:47:26.0706 7012 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:47:26.0710 7012 crcdisk - ok
15:47:26.0749 7012 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:47:26.0756 7012 CryptSvc - ok
15:47:26.0908 7012 [ 61A86809B62769643892BC0812B204AA ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:47:26.0943 7012 cvhsvc - ok
15:47:26.0990 7012 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:47:27.0001 7012 DcomLaunch - ok
15:47:27.0031 7012 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:47:27.0039 7012 defragsvc - ok
15:47:27.0072 7012 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:47:27.0076 7012 DfsC - ok
15:47:27.0097 7012 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:47:27.0106 7012 Dhcp - ok
15:47:27.0115 7012 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:47:27.0119 7012 discache - ok
15:47:27.0131 7012 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:47:27.0135 7012 Disk - ok
15:47:27.0166 7012 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:47:27.0172 7012 Dnscache - ok
15:47:27.0204 7012 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:47:27.0212 7012 dot3svc - ok
15:47:27.0232 7012 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:47:27.0239 7012 DPS - ok
15:47:27.0275 7012 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:47:27.0278 7012 drmkaud - ok
15:47:27.0324 7012 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:47:27.0358 7012 DXGKrnl - ok
15:47:27.0384 7012 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:47:27.0389 7012 EapHost - ok
15:47:27.0476 7012 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:47:27.0569 7012 ebdrv - ok
15:47:27.0620 7012 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
15:47:27.0625 7012 EFS - ok
15:47:27.0680 7012 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:47:27.0704 7012 ehRecvr - ok
15:47:27.0735 7012 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:47:27.0740 7012 ehSched - ok
15:47:27.0775 7012 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:47:27.0785 7012 elxstor - ok
15:47:27.0796 7012 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:47:27.0799 7012 ErrDev - ok
15:47:27.0842 7012 [ 05B0DCDA418E297A1B4CD8D7B8ADE403 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
15:47:27.0847 7012 ETD - ok
15:47:27.0896 7012 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:47:27.0916 7012 EventSystem - ok
15:47:27.0947 7012 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:47:27.0954 7012 exfat - ok
15:47:28.0006 7012 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:47:28.0013 7012 fastfat - ok
15:47:28.0042 7012 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:47:28.0066 7012 Fax - ok
15:47:28.0086 7012 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:47:28.0090 7012 fdc - ok
15:47:28.0109 7012 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:47:28.0112 7012 fdPHost - ok
15:47:28.0125 7012 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:47:28.0129 7012 FDResPub - ok
15:47:28.0166 7012 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:47:28.0171 7012 FileInfo - ok
15:47:28.0186 7012 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:47:28.0190 7012 Filetrace - ok
15:47:28.0208 7012 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:47:28.0211 7012 flpydisk - ok
15:47:28.0243 7012 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:47:28.0250 7012 FltMgr - ok
15:47:28.0299 7012 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:47:28.0335 7012 FontCache - ok
15:47:28.0369 7012 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:47:28.0385 7012 FontCache3.0.0.0 - ok
15:47:28.0410 7012 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:47:28.0414 7012 FsDepends - ok
15:47:28.0447 7012 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
15:47:28.0451 7012 fssfltr - ok
15:47:28.0535 7012 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:47:28.0589 7012 fsssvc - ok
15:47:28.0622 7012 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:47:28.0627 7012 Fs_Rec - ok
15:47:28.0643 7012 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:47:28.0649 7012 fvevol - ok
15:47:28.0669 7012 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:47:28.0674 7012 gagp30kx - ok
15:47:28.0731 7012 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:47:28.0787 7012 gpsvc - ok
15:47:28.0872 7012 [ E859CA020ED61899F3C74A8D0032D05C ] Guard.Mail.ru C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
15:47:29.0026 7012 Guard.Mail.ru - ok
15:47:29.0109 7012 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:47:29.0114 7012 gupdate - ok
15:47:29.0123 7012 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:47:29.0126 7012 gupdatem - ok
15:47:29.0171 7012 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
15:47:29.0176 7012 hamachi - ok
15:47:29.0371 7012 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
15:47:29.0454 7012 Hamachi2Svc - ok
15:47:29.0503 7012 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:47:29.0506 7012 hcw85cir - ok
15:47:29.0537 7012 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:47:29.0547 7012 HdAudAddService - ok
15:47:29.0582 7012 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:47:29.0588 7012 HDAudBus - ok
15:47:29.0597 7012 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:47:29.0602 7012 HidBatt - ok
15:47:29.0610 7012 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:47:29.0614 7012 HidBth - ok
15:47:29.0630 7012 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:47:29.0634 7012 HidIr - ok
15:47:29.0654 7012 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:47:29.0659 7012 hidserv - ok
15:47:29.0669 7012 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:47:29.0672 7012 HidUsb - ok
15:47:29.0712 7012 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:47:29.0717 7012 hkmsvc - ok
15:47:29.0732 7012 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:47:29.0739 7012 HomeGroupListener - ok
15:47:29.0768 7012 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:47:29.0779 7012 HomeGroupProvider - ok
15:47:29.0820 7012 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:47:29.0828 7012 HpSAMD - ok
15:47:29.0860 7012 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:47:29.0884 7012 HTTP - ok
15:47:29.0905 7012 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:47:29.0909 7012 hwpolicy - ok
15:47:29.0940 7012 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:47:29.0945 7012 i8042prt - ok
15:47:29.0987 7012 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:47:29.0996 7012 iaStorV - ok
15:47:30.0145 7012 [ 9AC1E19D77BA038F24E2FAB5D95F70D3 ] ICQ Service C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
15:47:30.0185 7012 ICQ Service - ok
15:47:30.0253 7012 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:47:30.0283 7012 idsvc - ok
15:47:30.0318 7012 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:47:30.0322 7012 iirsp - ok
15:47:30.0371 7012 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:47:30.0404 7012 IKEEXT - ok
15:47:30.0516 7012 [ F164A1D46A3848A18A44F8ACB12961BD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:47:30.0588 7012 IntcAzAudAddService - ok
15:47:30.0618 7012 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:47:30.0622 7012 intelide - ok
15:47:30.0644 7012 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
15:47:30.0649 7012 intelppm - ok
15:47:30.0672 7012 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:47:30.0677 7012 IPBusEnum - ok
15:47:30.0694 7012 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:47:30.0699 7012 IpFilterDriver - ok
15:47:30.0725 7012 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:47:30.0749 7012 iphlpsvc - ok
15:47:30.0763 7012 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:47:30.0767 7012 IPMIDRV - ok
15:47:30.0779 7012 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:47:30.0783 7012 IPNAT - ok
15:47:30.0794 7012 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:47:30.0798 7012 IRENUM - ok
15:47:30.0814 7012 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:47:30.0818 7012 isapnp - ok
15:47:30.0843 7012 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:47:30.0849 7012 iScsiPrt - ok
15:47:30.0890 7012 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:47:30.0895 7012 kbdclass - ok
15:47:30.0913 7012 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:47:30.0917 7012 kbdhid - ok
15:47:30.0961 7012 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
15:47:30.0967 7012 kbfiltr - ok
15:47:30.0988 7012 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
15:47:30.0991 7012 KeyIso - ok
15:47:31.0008 7012 [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:47:31.0013 7012 KSecDD - ok
15:47:31.0021 7012 [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:47:31.0025 7012 KSecPkg - ok
15:47:31.0061 7012 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:47:31.0065 7012 ksthunk - ok
15:47:31.0089 7012 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:47:31.0098 7012 KtmRm - ok
15:47:31.0154 7012 [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
15:47:31.0158 7012 L1C - ok
15:47:31.0203 7012 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:47:31.0211 7012 LanmanServer - ok
15:47:31.0243 7012 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:47:31.0249 7012 LanmanWorkstation - ok
15:47:31.0291 7012 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:47:31.0295 7012 lltdio - ok
15:47:31.0329 7012 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:47:31.0338 7012 lltdsvc - ok
15:47:31.0352 7012 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:47:31.0356 7012 lmhosts - ok
15:47:31.0385 7012 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:47:31.0390 7012 LSI_FC - ok
15:47:31.0415 7012 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:47:31.0421 7012 LSI_SAS - ok
15:47:31.0444 7012 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:47:31.0453 7012 LSI_SAS2 - ok
15:47:31.0476 7012 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:47:31.0485 7012 LSI_SCSI - ok
15:47:31.0530 7012 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:47:31.0541 7012 luafv - ok
15:47:31.0590 7012 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:47:31.0598 7012 Mcx2Svc - ok
15:47:31.0622 7012 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:47:31.0630 7012 megasas - ok
15:47:31.0649 7012 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:47:31.0657 7012 MegaSR - ok
15:47:31.0680 7012 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:47:31.0688 7012 MMCSS - ok
15:47:31.0700 7012 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:47:31.0705 7012 Modem - ok
15:47:31.0746 7012 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:47:31.0752 7012 monitor - ok
15:47:31.0775 7012 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:47:31.0782 7012 mouclass - ok
15:47:31.0808 7012 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:47:31.0873 7012 mouhid - ok
15:47:31.0917 7012 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:47:31.0929 7012 mountmgr - ok
15:47:31.0983 7012 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:47:32.0029 7012 mpio - ok
15:47:32.0083 7012 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:47:32.0089 7012 mpsdrv - ok
15:47:32.0140 7012 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:47:32.0178 7012 MpsSvc - ok
15:47:32.0187 7012 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:47:32.0192 7012 MRxDAV - ok
15:47:32.0261 7012 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:47:32.0276 7012 mrxsmb - ok
15:47:32.0312 7012 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:47:32.0321 7012 mrxsmb10 - ok
15:47:32.0343 7012 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:47:32.0349 7012 mrxsmb20 - ok
15:47:32.0379 7012 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:47:32.0387 7012 msahci - ok
15:47:32.0420 7012 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:47:32.0425 7012 msdsm - ok
15:47:32.0451 7012 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:47:32.0459 7012 MSDTC - ok
15:47:32.0522 7012 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:47:32.0527 7012 Msfs - ok
15:47:32.0549 7012 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:47:32.0552 7012 mshidkmdf - ok
15:47:32.0569 7012 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:47:32.0573 7012 msisadrv - ok
15:47:32.0597 7012 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:47:32.0604 7012 MSiSCSI - ok
15:47:32.0613 7012 msiserver - ok
15:47:32.0634 7012 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:47:32.0637 7012 MSKSSRV - ok
15:47:32.0656 7012 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:47:32.0659 7012 MSPCLOCK - ok
15:47:32.0665 7012 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:47:32.0668 7012 MSPQM - ok
15:47:32.0695 7012 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:47:32.0704 7012 MsRPC - ok
15:47:32.0726 7012 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:47:32.0731 7012 mssmbios - ok
15:47:32.0822 7012 MSSQL$SQLEXPRESS - ok
15:47:32.0928 7012 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
15:47:32.0935 7012 MSSQLServerADHelper100 - ok
15:47:32.0954 7012 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:47:32.0977 7012 MSTEE - ok
15:47:33.0007 7012 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:47:33.0033 7012 MTConfig - ok
15:47:33.0057 7012 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:47:33.0060 7012 Mup - ok
15:47:33.0147 7012 MySQL - ok
15:47:33.0192 7012 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:47:33.0202 7012 napagent - ok
15:47:33.0251 7012 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:47:33.0258 7012 NativeWifiP - ok
15:47:33.0294 7012 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
15:47:33.0332 7012 NDIS - ok
15:47:33.0349 7012 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:47:33.0353 7012 NdisCap - ok
15:47:33.0384 7012 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:47:33.0388 7012 NdisTapi - ok
15:47:33.0402 7012 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:47:33.0406 7012 Ndisuio - ok
15:47:33.0416 7012 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:47:33.0427 7012 NdisWan - ok
15:47:33.0458 7012 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:47:33.0462 7012 NDProxy - ok
15:47:33.0486 7012 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:47:33.0489 7012 NetBIOS - ok
15:47:33.0513 7012 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:47:33.0522 7012 NetBT - ok
15:47:33.0540 7012 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
15:47:33.0543 7012 Netlogon - ok
15:47:33.0585 7012 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:47:33.0672 7012 Netman - ok
15:47:33.0792 7012 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:47:33.0902 7012 NetMsmqActivator - ok
15:47:33.0965 7012 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:47:33.0988 7012 NetPipeActivator - ok
15:47:34.0020 7012 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:47:34.0041 7012 netprofm - ok
15:47:34.0047 7012 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:47:34.0052 7012 NetTcpActivator - ok
15:47:34.0059 7012 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:47:34.0062 7012 NetTcpPortSharing - ok
15:47:34.0082 7012 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:47:34.0086 7012 nfrd960 - ok
15:47:34.0114 7012 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:47:34.0122 7012 NlaSvc - ok
15:47:34.0148 7012 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:47:34.0152 7012 Npfs - ok
15:47:34.0164 7012 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:47:34.0169 7012 nsi - ok
15:47:34.0183 7012 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:47:34.0187 7012 nsiproxy - ok
15:47:34.0253 7012 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:47:34.0299 7012 Ntfs - ok
15:47:34.0320 7012 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:47:34.0324 7012 Null - ok
15:47:34.0347 7012 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:47:34.0353 7012 nvraid - ok
15:47:34.0371 7012 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:47:34.0376 7012 nvstor - ok
15:47:34.0392 7012 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:47:34.0405 7012 nv_agp - ok
15:47:34.0511 7012 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:47:34.0521 7012 odserv - ok
15:47:34.0547 7012 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:47:34.0551 7012 ohci1394 - ok
15:47:34.0587 7012 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:47:34.0593 7012 ose - ok
15:47:34.0769 7012 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:47:34.0912 7012 osppsvc - ok
15:47:35.0045 7012 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:47:35.0053 7012 p2pimsvc - ok
15:47:35.0099 7012 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:47:35.0108 7012 p2psvc - ok
15:47:35.0127 7012 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:47:35.0131 7012 Parport - ok
15:47:35.0161 7012 Partizan - ok
15:47:35.0183 7012 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:47:35.0187 7012 partmgr - ok
15:47:35.0196 7012 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:47:35.0202 7012 PcaSvc - ok
15:47:35.0224 7012 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:47:35.0229 7012 pci - ok
15:47:35.0246 7012 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:47:35.0249 7012 pciide - ok
15:47:35.0276 7012 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:47:35.0281 7012 pcmcia - ok
15:47:35.0396 7012 [ A0937771070BF59468B4939DD0AE59FD ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
15:47:35.0419 7012 PCToolsSSDMonitorSvc - ok
15:47:35.0474 7012 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:47:35.0478 7012 pcw - ok
15:47:35.0511 7012 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:47:35.0534 7012 PEAUTH - ok
15:47:35.0617 7012 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:47:35.0621 7012 PerfHost - ok
15:47:35.0681 7012 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:47:35.0716 7012 pla - ok
15:47:35.0743 7012 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:47:35.0754 7012 PlugPlay - ok
15:47:35.0766 7012 PnkBstrA - ok
15:47:35.0786 7012 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:47:35.0791 7012 PNRPAutoReg - ok
15:47:35.0815 7012 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:47:35.0820 7012 PNRPsvc - ok
15:47:35.0853 7012 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:47:35.0875 7012 PolicyAgent - ok
15:47:35.0913 7012 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:47:35.0920 7012 Power - ok
15:47:35.0943 7012 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:47:35.0948 7012 PptpMiniport - ok
15:47:35.0966 7012 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:47:35.0970 7012 Processor - ok
15:47:35.0992 7012 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
15:47:36.0019 7012 ProfSvc - ok
15:47:36.0049 7012 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
15:47:36.0052 7012 ProtectedStorage - ok
15:47:36.0080 7012 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:47:36.0085 7012 Psched - ok
15:47:36.0142 7012 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:47:36.0189 7012 ql2300 - ok
15:47:36.0209 7012 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:47:36.0214 7012 ql40xx - ok
15:47:36.0247 7012 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:47:36.0255 7012 QWAVE - ok
15:47:36.0266 7012 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:47:36.0269 7012 QWAVEdrv - ok
15:47:36.0289 7012 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:47:36.0293 7012 RasAcd - ok
15:47:36.0310 7012 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:47:36.0313 7012 RasAgileVpn - ok
15:47:36.0331 7012 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:47:36.0337 7012 RasAuto - ok
15:47:36.0356 7012 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:47:36.0361 7012 Rasl2tp - ok
15:47:36.0377 7012 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:47:36.0386 7012 RasMan - ok
15:47:36.0406 7012 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:47:36.0411 7012 RasPppoe - ok
15:47:36.0425 7012 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:47:36.0429 7012 RasSstp - ok
15:47:36.0447 7012 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:47:36.0454 7012 rdbss - ok
15:47:36.0466 7012 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:47:36.0470 7012 rdpbus - ok
15:47:36.0484 7012 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:47:36.0487 7012 RDPCDD - ok
15:47:36.0498 7012 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:47:36.0501 7012 RDPENCDD - ok
15:47:36.0515 7012 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:47:36.0520 7012 RDPREFMP - ok
15:47:36.0536 7012 [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:47:36.0548 7012 RDPWD - ok
15:47:36.0556 7012 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:47:36.0562 7012 rdyboost - ok
15:47:36.0588 7012 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:47:36.0593 7012 RemoteAccess - ok
15:47:36.0614 7012 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:47:36.0622 7012 RemoteRegistry - ok
15:47:36.0670 7012 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:47:36.0676 7012 RFCOMM - ok
15:47:36.0790 7012 [ 616F6E52CAE254727A886BA8EDA1BEEA ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
15:47:36.0797 7012 RichVideo - ok
15:47:36.0830 7012 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:47:36.0835 7012 RpcEptMapper - ok
15:47:36.0861 7012 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:47:36.0866 7012 RpcLocator - ok
15:47:36.0893 7012 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:47:36.0901 7012 RpcSs - ok
15:47:36.0955 7012 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
15:47:36.0963 7012 RsFx0103 - ok
15:47:37.0002 7012 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:47:37.0011 7012 rspndr - ok
15:47:37.0029 7012 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
15:47:37.0033 7012 SamSs - ok
15:47:37.0057 7012 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:47:37.0062 7012 sbp2port - ok
15:47:37.0095 7012 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:47:37.0102 7012 SCardSvr - ok
15:47:37.0119 7012 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:47:37.0123 7012 scfilter - ok
15:47:37.0159 7012 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:47:37.0197 7012 Schedule - ok
15:47:37.0219 7012 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:47:37.0222 7012 SCPolicySvc - ok
15:47:37.0244 7012 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:47:37.0252 7012 SDRSVC - ok
15:47:37.0277 7012 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:47:37.0281 7012 secdrv - ok
15:47:37.0292 7012 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:47:37.0297 7012 seclogon - ok
15:47:37.0309 7012 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:47:37.0314 7012 SENS - ok
15:47:37.0327 7012 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:47:37.0333 7012 SensrSvc - ok
15:47:37.0350 7012 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:47:37.0355 7012 Serenum - ok
15:47:37.0373 7012 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:47:37.0377 7012 Serial - ok
15:47:37.0383 7012 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:47:37.0387 7012 sermouse - ok
15:47:37.0497 7012 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:47:37.0502 7012 SessionEnv - ok
15:47:37.0519 7012 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:47:37.0524 7012 sffdisk - ok
15:47:37.0534 7012 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:47:37.0538 7012 sffp_mmc - ok
15:47:37.0545 7012 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:47:37.0548 7012 sffp_sd - ok
15:47:37.0555 7012 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:47:37.0559 7012 sfloppy - ok
15:47:37.0602 7012 [ D5183ED285D2795491DC15BDDCBEE5AD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
15:47:37.0626 7012 Sftfs - ok
15:47:37.0693 7012 [ BFDB58616FF5EA540A5F58301D50641E ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:47:37.0702 7012 sftlist - ok
15:47:37.0719 7012 [ 00F118B68C50D2206DD51634F9142B83 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:47:37.0727 7012 Sftplay - ok
15:47:37.0738 7012 [ 76A827DF5640BFE16A0CDBB4108ADECA ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:47:37.0743 7012 Sftredir - ok
15:47:37.0766 7012 [ 1B4C9701645086BAB8CAFFFCE30ED284 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
15:47:37.0770 7012 Sftvol - ok
15:47:37.0785 7012 [ B94C3C4DCA2093243C76CA218EDE2A97 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:47:37.0791 7012 sftvsa - ok
15:47:37.0830 7012 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:47:37.0839 7012 SharedAccess - ok
15:47:37.0877 7012 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:47:37.0886 7012 ShellHWDetection - ok
15:47:37.0929 7012 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
15:47:37.0934 7012 SiSGbeLH - ok
15:47:37.0942 7012 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:47:37.0946 7012 SiSRaid2 - ok
15:47:37.0977 7012 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:47:37.0981 7012 SiSRaid4 - ok
15:47:38.0038 7012 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:47:38.0050 7012 SkypeUpdate - ok
15:47:38.0058 7012 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:47:38.0075 7012 Smb - ok
15:47:38.0123 7012 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:47:38.0131 7012 SNMPTRAP - ok
15:47:38.0297 7012 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:47:38.0320 7012 spldr - ok
15:47:38.0364 7012 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
15:47:38.0393 7012 Spooler - ok
15:47:38.0588 7012 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:47:38.0671 7012 sppsvc - ok
15:47:38.0768 7012 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:47:38.0774 7012 sppuinotify - ok
15:47:38.0809 7012 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
15:47:38.0828 7012 SQLAgent$SQLEXPRESS - ok
15:47:38.0912 7012 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:47:38.0920 7012 SQLBrowser - ok
15:47:38.0969 7012 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:47:38.0999 7012 SQLWriter - ok
15:47:39.0053 7012 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:47:39.0088 7012 srv - ok
15:47:39.0135 7012 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:47:39.0143 7012 srv2 - ok
15:47:39.0161 7012 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:47:39.0166 7012 srvnet - ok
15:47:39.0195 7012 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:47:39.0202 7012 SSDPSRV - ok
15:47:39.0219 7012 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:47:39.0225 7012 SstpSvc - ok
15:47:39.0246 7012 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:47:39.0250 7012 stexstor - ok
15:47:39.0285 7012 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:47:39.0312 7012 stisvc - ok
15:47:39.0329 7012 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:47:39.0333 7012 swenum - ok
15:47:39.0418 7012 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:47:39.0491 7012 SwitchBoard - ok
15:47:39.0523 7012 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:47:39.0547 7012 swprv - ok
15:47:39.0618 7012 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:47:39.0667 7012 SysMain - ok
15:47:39.0697 7012 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:47:39.0703 7012 TabletInputService - ok
15:47:39.0724 7012 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:47:39.0737 7012 TapiSrv - ok
15:47:39.0756 7012 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:47:39.0765 7012 TBS - ok
15:47:39.0845 7012 [ FC62769E7BFF2896035AEED399108162 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:47:39.0903 7012 Tcpip - ok
15:47:39.0971 7012 [ FC62769E7BFF2896035AEED399108162 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:47:39.0992 7012 TCPIP6 - ok
15:47:40.0055 7012 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:47:40.0062 7012 tcpipreg - ok
15:47:40.0100 7012 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:47:40.0111 7012 TDPIPE - ok
15:47:40.0124 7012 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:47:40.0130 7012 TDTCP - ok
15:47:40.0179 7012 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:47:40.0189 7012 tdx - ok
15:47:40.0222 7012 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:47:40.0227 7012 TermDD - ok
15:47:40.0268 7012 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:47:40.0343 7012 TermService - ok
15:47:40.0357 7012 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:47:40.0364 7012 Themes - ok
15:47:40.0398 7012 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:47:40.0402 7012 THREADORDER - ok
15:47:40.0435 7012 [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys
15:47:40.0440 7012 tmactmon - ok
15:47:40.0476 7012 [ 360E61217D4E1E333583D0C721057F70 ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys
15:47:40.0483 7012 tmcomm - ok
15:47:40.0520 7012 [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys
15:47:40.0525 7012 tmevtmgr - ok
15:47:40.0587 7012 [ 5922B1F5741BBDBAF7F7B4CBD2B7C4A5 ] tmlwf C:\Windows\system32\DRIVERS\tmlwf.sys
15:47:40.0608 7012 tmlwf - ok
15:47:40.0636 7012 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
15:47:40.0640 7012 tmtdi - ok
15:47:40.0687 7012 [ 0A2E3899CC72AD4CC85EA3D50A5331CC ] tmwfp C:\Windows\system32\DRIVERS\tmwfp.sys
15:47:40.0717 7012 tmwfp - ok
15:47:40.0774 7012 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:47:40.0782 7012 TrkWks - ok
15:47:40.0834 7012 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:47:40.0842 7012 TrustedInstaller - ok
15:47:40.0862 7012 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:47:40.0869 7012 tssecsrv - ok
15:47:40.0920 7012 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:47:40.0925 7012 TsUsbFlt - ok
15:47:40.0933 7012 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:47:40.0937 7012 TsUsbGD - ok
15:47:40.0961 7012 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:47:40.0970 7012 tunnel - ok
15:47:40.0983 7012 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:47:40.0989 7012 uagp35 - ok
15:47:41.0025 7012 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:47:41.0038 7012 udfs - ok
15:47:41.0067 7012 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:47:41.0087 7012 UI0Detect - ok
15:47:41.0114 7012 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:47:41.0123 7012 uliagpkx - ok
15:47:41.0170 7012 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:47:41.0175 7012 umbus - ok
15:47:41.0185 7012 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:47:41.0190 7012 UmPass - ok
15:47:41.0243 7012 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:47:41.0258 7012 upnphost - ok
15:47:41.0303 7012 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:47:41.0308 7012 usbccgp - ok
15:47:41.0320 7012 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:47:41.0324 7012 usbcir - ok
15:47:41.0341 7012 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:47:41.0345 7012 usbehci - ok
15:47:41.0384 7012 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
15:47:41.0390 7012 usbfilter - ok
15:47:41.0421 7012 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:47:41.0429 7012 usbhub - ok
15:47:41.0443 7012 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:47:41.0450 7012 usbohci - ok
15:47:41.0484 7012 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:47:41.0490 7012 usbprint - ok
15:47:41.0525 7012 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:47:41.0529 7012 usbscan - ok
15:47:41.0570 7012 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:47:41.0576 7012 USBSTOR - ok
15:47:41.0588 7012 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:47:41.0592 7012 usbuhci - ok
15:47:41.0618 7012 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:47:41.0627 7012 usbvideo - ok
15:47:41.0653 7012 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:47:41.0659 7012 UxSms - ok
15:47:41.0672 7012 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
15:47:41.0676 7012 VaultSvc - ok
15:47:41.0704 7012 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:47:41.0708 7012 vdrvroot - ok
15:47:41.0741 7012 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:47:41.0764 7012 vds - ok
15:47:41.0796 7012 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:47:41.0802 7012 vga - ok
15:47:41.0825 7012 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:47:41.0829 7012 VgaSave - ok
15:47:41.0848 7012 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:47:41.0857 7012 vhdmp - ok
15:47:41.0863 7012 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:47:41.0870 7012 viaide - ok
15:47:41.0911 7012 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:47:41.0917 7012 volmgr - ok
15:47:41.0946 7012 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:47:41.0956 7012 volmgrx - ok
15:47:41.0967 7012 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:47:41.0976 7012 volsnap - ok
15:47:42.0007 7012 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:47:42.0013 7012 vsmraid - ok
15:47:42.0074 7012 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:47:42.0146 7012 VSS - ok
15:47:42.0177 7012 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:47:42.0180 7012 vwifibus - ok
15:47:42.0204 7012 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:47:42.0210 7012 vwififlt - ok
15:47:42.0240 7012 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:47:42.0252 7012 W32Time - ok
15:47:42.0294 7012 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:47:42.0301 7012 WacomPen - ok
15:47:42.0316 7012 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:47:42.0325 7012 WANARP - ok
15:47:42.0330 7012 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:47:42.0335 7012 Wanarpv6 - ok
15:47:42.0417 7012 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:47:42.0457 7012 WatAdminSvc - ok
15:47:42.0527 7012 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:47:42.0575 7012 wbengine - ok
15:47:42.0620 7012 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:47:42.0630 7012 WbioSrvc - ok
15:47:42.0652 7012 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:47:42.0674 7012 wcncsvc - ok
15:47:42.0688 7012 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:47:42.0694 7012 WcsPlugInService - ok
15:47:42.0730 7012 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:47:42.0734 7012 Wd - ok
15:47:42.0778 7012 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:47:42.0808 7012 Wdf01000 - ok
15:47:42.0905 7012 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:47:42.0939 7012 WdiServiceHost - ok
15:47:42.0949 7012 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:47:42.0958 7012 WdiSystemHost - ok
15:47:43.0086 7012 [ 5941B8AA229C6E5D7924919D3EDE0843 ] Web Assistant Updater C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
15:47:43.0141 7012 Web Assistant Updater - ok
15:47:43.0182 7012 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:47:43.0192 7012 WebClient - ok
15:47:43.0303 7012 WebOptimizer - ok
15:47:43.0331 7012 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:47:43.0341 7012 Wecsvc - ok
15:47:43.0360 7012 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:47:43.0366 7012 wercplsupport - ok
15:47:43.0382 7012 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:47:43.0391 7012 WerSvc - ok
15:47:43.0430 7012 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:47:43.0434 7012 WfpLwf - ok
15:47:43.0515 7012 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
15:47:43.0522 7012 WimFltr - ok
15:47:43.0696 7012 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:47:43.0701 7012 WIMMount - ok
15:47:43.0751 7012 WinDefend - ok
15:47:43.0766 7012 WinHttpAutoProxySvc - ok
15:47:43.0829 7012 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:47:43.0835 7012 Winmgmt - ok
15:47:43.0915 7012 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:47:43.0978 7012 WinRM - ok
15:47:44.0034 7012 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:47:44.0083 7012 Wlansvc - ok
15:47:44.0147 7012 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:47:44.0161 7012 wlcrasvc - ok
15:47:44.0307 7012 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:47:44.0372 7012 wlidsvc - ok
15:47:44.0391 7012 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:47:44.0396 7012 WmiAcpi - ok
15:47:44.0471 7012 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:47:44.0481 7012 wmiApSrv - ok
15:47:44.0512 7012 WMPNetworkSvc - ok
15:47:44.0540 7012 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:47:44.0547 7012 WPCSvc - ok
15:47:44.0573 7012 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:47:44.0581 7012 WPDBusEnum - ok
15:47:44.0611 7012 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:47:44.0615 7012 ws2ifsl - ok
15:47:44.0632 7012 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:47:44.0640 7012 wscsvc - ok
15:47:44.0648 7012 WSearch - ok
15:47:44.0735 7012 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:47:44.0806 7012 wuauserv - ok
15:47:44.0824 7012 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:47:44.0834 7012 WudfPf - ok
15:47:44.0859 7012 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:47:44.0866 7012 WUDFRd - ok
15:47:44.0902 7012 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:47:44.0913 7012 wudfsvc - ok
15:47:44.0946 7012 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:47:44.0954 7012 WwanSvc - ok
15:47:44.0991 7012 ================ Scan global ===============================
15:47:45.0056 7012 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:47:45.0094 7012 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:47:45.0113 7012 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:47:45.0175 7012 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:47:45.0231 7012 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:47:45.0241 7012 [Global] - ok
15:47:45.0245 7012 ================ Scan MBR ==================================
15:47:45.0257 7012 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:47:45.0495 7012 \Device\Harddisk0\DR0 - ok
15:47:45.0496 7012 ================ Scan VBR ==================================
15:47:45.0513 7012 [ 96247A35FF3B6473A99092B85820E8A9 ] \Device\Harddisk0\DR0\Partition1
15:47:45.0514 7012 \Device\Harddisk0\DR0\Partition1 - ok
15:47:45.0519 7012 [ 3C69959D5A26B8D8C27FF4FBF38DBABD ] \Device\Harddisk0\DR0\Partition2
15:47:45.0525 7012 \Device\Harddisk0\DR0\Partition2 - ok
15:47:45.0551 7012 [ 48DDD3C76F0109B7B0578F0EA137244B ] \Device\Harddisk0\DR0\Partition3
15:47:45.0555 7012 \Device\Harddisk0\DR0\Partition3 - ok
15:47:45.0557 7012 ============================================================
15:47:45.0557 7012 Scan finished
15:47:45.0557 7012 ============================================================
15:47:45.0573 1600 Detected object count: 0
15:47:45.0573 1600 Actual detected object count: 0

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15713
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Vírus "DSC0634723.scr"

#5 Příspěvek od JaRon »

vycisti PC s ADWCleanerom a nasledne prescanuj s MBAM - uplna kontrola
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

jaykiss
Návštěvník
Návštěvník
Příspěvky: 33
Registrován: 15 lis 2012 13:39

Re: Vírus "DSC0634723.scr"

#6 Příspěvek od jaykiss »

treba mi spraviť nejakú dôležitú zálohu ?

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15713
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Vírus "DSC0634723.scr"

#7 Příspěvek od JaRon »

urcite nie :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

jaykiss
Návštěvník
Návštěvník
Příspěvky: 33
Registrován: 15 lis 2012 13:39

Re: Vírus "DSC0634723.scr"

#8 Příspěvek od jaykiss »

Kontrola prebieha už dve a pol hodiny :D (je to tým že len veci na mojej ploche berú 130 GB "bordelu"(čo mi pripomenulo že mi treba pretriediť pc).
zatiaľ nájdene 49 detegovaných objektov . Kontrolovaných 171 000.

jaykiss
Návštěvník
Návštěvník
Příspěvky: 33
Registrován: 15 lis 2012 13:39

Re: Vírus "DSC0634723.scr"

#9 Příspěvek od jaykiss »

konečne doskenované ... hurááááá

Malwarebytes Anti-Malware (Skúšobná verzia) 1.65.1.1000
www.malwarebytes.org

Verzia databázy: v2012.11.15.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Robo :: ROBO-PC [administrátor]

Ochrana: Zapnuté

15. 11. 2012 19:00:29
vypis antimalware.txt

Typ kontroly: Úplná kontrola (C:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 446411
Uplynutý čas: 3 hod, 54 min, 30 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 38
HKCR\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\facemoods.facemoodsHlpr.1 (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\facemoods.facemoodsHlpr (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486B-A045-B233BD0DA8FC} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\funmoods.funmoodsHlpr.1 (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\funmoods.funmoodsHlpr (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\esrv.funmoodsESrvc (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\funmoods.dskBnd.1 (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\funmoods.dskBnd (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\funmoodsApp.appCore.1 (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\funmoodsApp.appCore (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\facemoods.xtrnl.1 (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\facemoods.xtrnl (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\f (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\Typelib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCR\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} (PUP.Funmoods) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods Web Search (PUP.FunMoods) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Žiadna úloha nevykonaná.

Detegované registračné hodnoty: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Dáta: Funmoods Toolbar -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Dáta: -> Žiadna úloha nevykonaná.

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 3
C:\Program Files (x86)\Funmoods (PUP.FunMoods) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Funmoods\1.5.23.22 (PUP.FunMoods) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Funmoods\1.5.23.22\bh (PUP.FunMoods) -> Žiadna úloha nevykonaná.

Detegované súbory: 18
C:\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll (PUP.Funmoods) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (PUP.Funmoods) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Funmoods\1.5.23.22\funmoodssrv.exe (PUP.Funmoods) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Funmoods\1.5.23.22\escorTlbr.dll (PUP.Funmoods) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Funmoods\1.5.23.22\escortApp.dll (PUP.Funmoods) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Funmoods\1.5.23.22\escortEng.dll (PUP.Funmoods) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsEng.dll (PUP.Funmoods) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Funmoods\1.5.23.22\uninstall.exe (PUP.FunMoods) -> Žiadna úloha nevykonaná.
C:\Users\Robo\Desktop\Priečinky\Nový priečinok\SoftonicDownloader_for_world-of-warcraft-gatherer.exe (PUP.OfferBundler.ST) -> Žiadna úloha nevykonaná.
C:\Users\Robo\Desktop\Priečinky\Programy\DownloadSetup.exe (Affiliate.Downloader) -> Žiadna úloha nevykonaná.
C:\Users\Robo\AppData\Local\funmoods.crx (PUP.Funmoods) -> Žiadna úloha nevykonaná.
C:\Users\Robo\AppData\Roaming\logs.dat (Bifrose.Trace) -> Žiadna úloha nevykonaná.
C:\Users\Robo\AppData\Local\Temp\UuU.uUu (Malware.Trace) -> Žiadna úloha nevykonaná.
C:\Users\Robo\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> Žiadna úloha nevykonaná.
C:\Users\Robo\AppData\Local\Temp\teste.vbs (Trojan.VBS) -> Žiadna úloha nevykonaná.
C:\Users\Robo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\windows.exe (Trojan.Agent) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Funmoods\1.5.23.22\escortShld.dll (PUP.FunMoods) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Funmoods\1.5.23.22\FavIcon.ico (PUP.FunMoods) -> Žiadna úloha nevykonaná.

(koniec)
.........................
čo ďalej ?

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15713
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Vírus "DSC0634723.scr"

#10 Příspěvek od JaRon »

vsetko nechaj odstranit - restart a napis ci su este problemy :???:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

jaykiss
Návštěvník
Návštěvník
Příspěvky: 33
Registrován: 15 lis 2012 13:39

Re: Vírus "DSC0634723.scr"

#11 Příspěvek od jaykiss »

mam zaškrtnut uplne vsetko co tam je ?

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15713
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Vírus "DSC0634723.scr"

#12 Příspěvek od JaRon »

C:\Users\Robo\Desktop\Priečinky\Nový priečinok\SoftonicDownloader_for_world-of-warcraft-gatherer.exe
toto necham na Tvojom zvazeni, ostatne urcite ano :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

jaykiss
Návštěvník
Návštěvník
Příspěvky: 33
Registrován: 15 lis 2012 13:39

Re: Vírus "DSC0634723.scr"

#13 Příspěvek od jaykiss »

Vyčistené, reštartované. Ďalší krok ? (Ak som dobre pochopil po tomto očistení už mam PC v poriadku ? zdá sa mi že je počítač trosku rýchlejší)

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15713
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Vírus "DSC0634723.scr"

#14 Příspěvek od JaRon »

ak nie su problemy, tak hotovo :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

jaykiss
Návštěvník
Návštěvník
Příspěvky: 33
Registrován: 15 lis 2012 13:39

Re: Vírus "DSC0634723.scr"

#15 Příspěvek od jaykiss »

Ok, veľmi pekne ďakujem za pomoc :) :happy:

Zamčeno