15:17:47.0588 0852 p2pimsvc - ok
15:17:47.0619 0852 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:17:47.0619 0852 p2psvc - ok
15:17:47.0651 0852 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:17:47.0651 0852 Parport - ok
15:17:47.0651 0852 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:17:47.0651 0852 partmgr - ok
15:17:47.0666 0852 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:17:47.0666 0852 PcaSvc - ok
15:17:47.0682 0852 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
15:17:47.0682 0852 pci - ok
15:17:47.0697 0852 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
15:17:47.0697 0852 pciide - ok
15:17:47.0713 0852 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:17:47.0713 0852 pcmcia - ok
15:17:47.0729 0852 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:17:47.0729 0852 pcw - ok
15:17:47.0760 0852 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:17:47.0760 0852 PEAUTH - ok
15:17:47.0822 0852 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:17:47.0853 0852 PeerDistSvc - ok
15:17:47.0947 0852 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:17:47.0947 0852 PerfHost - ok
15:17:48.0009 0852 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
15:17:48.0025 0852 pla - ok
15:17:48.0056 0852 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:17:48.0072 0852 PlugPlay - ok
15:17:48.0103 0852 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:17:48.0103 0852 PNRPAutoReg - ok
15:17:48.0119 0852 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:17:48.0119 0852 PNRPsvc - ok
15:17:48.0150 0852 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:17:48.0150 0852 PolicyAgent - ok
15:17:48.0165 0852 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:17:48.0181 0852 Power - ok
15:17:48.0228 0852 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:17:48.0228 0852 PptpMiniport - ok
15:17:48.0243 0852 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:17:48.0243 0852 Processor - ok
15:17:48.0259 0852 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
15:17:48.0275 0852 ProfSvc - ok
15:17:48.0275 0852 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
15:17:48.0275 0852 ProtectedStorage - ok
15:17:48.0306 0852 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:17:48.0306 0852 Psched - ok
15:17:48.0353 0852 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:17:48.0353 0852 ql2300 - ok
15:17:48.0368 0852 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:17:48.0368 0852 ql40xx - ok
15:17:48.0384 0852 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:17:48.0399 0852 QWAVE - ok
15:17:48.0399 0852 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:17:48.0415 0852 QWAVEdrv - ok
15:17:48.0415 0852 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:17:48.0415 0852 RasAcd - ok
15:17:48.0462 0852 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:17:48.0462 0852 RasAgileVpn - ok
15:17:48.0477 0852 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:17:48.0493 0852 RasAuto - ok
15:17:48.0509 0852 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:17:48.0509 0852 Rasl2tp - ok
15:17:48.0540 0852 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
15:17:48.0555 0852 RasMan - ok
15:17:48.0571 0852 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:17:48.0587 0852 RasPppoe - ok
15:17:48.0602 0852 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:17:48.0602 0852 RasSstp - ok
15:17:48.0633 0852 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:17:48.0633 0852 rdbss - ok
15:17:48.0649 0852 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:17:48.0649 0852 rdpbus - ok
15:17:48.0665 0852 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:17:48.0665 0852 RDPCDD - ok
15:17:48.0696 0852 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:17:48.0711 0852 RDPDR - ok
15:17:48.0727 0852 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:17:48.0727 0852 RDPENCDD - ok
15:17:48.0743 0852 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:17:48.0758 0852 RDPREFMP - ok
15:17:48.0774 0852 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:17:48.0774 0852 RDPWD - ok
15:17:48.0789 0852 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:17:48.0805 0852 rdyboost - ok
15:17:48.0821 0852 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:17:48.0836 0852 RemoteAccess - ok
15:17:48.0867 0852 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:17:48.0867 0852 RemoteRegistry - ok
15:17:48.0883 0852 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:17:48.0883 0852 RpcEptMapper - ok
15:17:48.0914 0852 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:17:48.0914 0852 RpcLocator - ok
15:17:48.0930 0852 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
15:17:48.0945 0852 RpcSs - ok
15:17:48.0961 0852 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:17:48.0961 0852 rspndr - ok
15:17:48.0992 0852 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:17:48.0992 0852 RTL8167 - ok
15:17:49.0023 0852 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
15:17:49.0023 0852 s3cap - ok
15:17:49.0039 0852 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
15:17:49.0039 0852 SamSs - ok
15:17:49.0055 0852 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
15:17:49.0070 0852 sbp2port - ok
15:17:49.0086 0852 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:17:49.0101 0852 SCardSvr - ok
15:17:49.0117 0852 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:17:49.0117 0852 scfilter - ok
15:17:49.0148 0852 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\Windows\system32\schedsvc.dll
15:17:49.0164 0852 Schedule - ok
15:17:49.0195 0852 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:17:49.0195 0852 SCPolicySvc - ok
15:17:49.0226 0852 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:17:49.0226 0852 SDRSVC - ok
15:17:49.0242 0852 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:17:49.0242 0852 secdrv - ok
15:17:49.0273 0852 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
15:17:49.0273 0852 seclogon - ok
15:17:49.0304 0852 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
15:17:49.0304 0852 SENS - ok
15:17:49.0335 0852 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:17:49.0335 0852 SensrSvc - ok
15:17:49.0367 0852 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:17:49.0367 0852 Serenum - ok
15:17:49.0382 0852 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:17:49.0398 0852 Serial - ok
15:17:49.0413 0852 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:17:49.0413 0852 sermouse - ok
15:17:49.0445 0852 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
15:17:49.0445 0852 SessionEnv - ok
15:17:49.0460 0852 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
15:17:49.0460 0852 sffdisk - ok
15:17:49.0476 0852 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:17:49.0476 0852 sffp_mmc - ok
15:17:49.0491 0852 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
15:17:49.0491 0852 sffp_sd - ok
15:17:49.0507 0852 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:17:49.0507 0852 sfloppy - ok
15:17:49.0523 0852 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:17:49.0523 0852 SharedAccess - ok
15:17:49.0554 0852 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:17:49.0554 0852 ShellHWDetection - ok
15:17:49.0569 0852 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:17:49.0569 0852 SiSRaid2 - ok
15:17:49.0585 0852 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:17:49.0585 0852 SiSRaid4 - ok
15:17:49.0601 0852 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:17:49.0601 0852 Smb - ok
15:17:49.0616 0852 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:17:49.0616 0852 SNMPTRAP - ok
15:17:49.0632 0852 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:17:49.0632 0852 spldr - ok
15:17:49.0663 0852 [ 89E8550C5862999FCF482EA562B0E98E ] Spooler C:\Windows\System32\spoolsv.exe
15:17:49.0663 0852 Spooler - ok
15:17:49.0725 0852 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
15:17:49.0772 0852 sppsvc - ok
15:17:49.0788 0852 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:17:49.0788 0852 sppuinotify - ok
15:17:49.0819 0852 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
15:17:49.0819 0852 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
15:17:49.0835 0852 sptd ( LockedFile.Multi.Generic ) - warning
15:17:49.0835 0852 sptd - detected LockedFile.Multi.Generic (1)
15:17:49.0850 0852 [ EC8F67289105BF270498095F14963464 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:17:49.0866 0852 srv - ok
15:17:49.0866 0852 [ F773D2ED090B7BAA1C1A034F3CA476C8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:17:49.0866 0852 srv2 - ok
15:17:49.0881 0852 [ 26E84D3649019C3244622E654DFCD75B ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:17:49.0881 0852 srvnet - ok
15:17:49.0913 0852 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:17:49.0913 0852 SSDPSRV - ok
15:17:49.0928 0852 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:17:49.0928 0852 SstpSvc - ok
15:17:49.0975 0852 [ 81F177C1954453AF407604160BD149CB ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:17:49.0975 0852 Stereo Service - ok
15:17:49.0991 0852 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:17:50.0006 0852 stexstor - ok
15:17:50.0053 0852 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
15:17:50.0069 0852 stisvc - ok
15:17:50.0100 0852 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
15:17:50.0100 0852 storflt - ok
15:17:50.0115 0852 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
15:17:50.0115 0852 storvsc - ok
15:17:50.0131 0852 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:17:50.0131 0852 swenum - ok
15:17:50.0147 0852 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:17:50.0162 0852 swprv - ok
15:17:50.0193 0852 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
15:17:50.0225 0852 SysMain - ok
15:17:50.0240 0852 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:17:50.0256 0852 TabletInputService - ok
15:17:50.0271 0852 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
15:17:50.0271 0852 TapiSrv - ok
15:17:50.0287 0852 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:17:50.0287 0852 TBS - ok
15:17:50.0334 0852 [ 912107716BAB424C7870E8E6AF5E07E1 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:17:50.0349 0852 Tcpip - ok
15:17:50.0381 0852 [ 912107716BAB424C7870E8E6AF5E07E1 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:17:50.0396 0852 TCPIP6 - ok
15:17:50.0412 0852 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:17:50.0412 0852 tcpipreg - ok
15:17:50.0427 0852 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:17:50.0427 0852 TDPIPE - ok
15:17:50.0443 0852 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:17:50.0443 0852 TDTCP - ok
15:17:50.0459 0852 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:17:50.0474 0852 tdx - ok
15:17:50.0474 0852 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:17:50.0474 0852 TermDD - ok
15:17:50.0505 0852 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
15:17:50.0521 0852 TermService - ok
15:17:50.0521 0852 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:17:50.0521 0852 Themes - ok
15:17:50.0537 0852 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:17:50.0552 0852 THREADORDER - ok
15:17:50.0552 0852 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:17:50.0552 0852 TrkWks - ok
15:17:50.0599 0852 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:17:50.0599 0852 TrustedInstaller - ok
15:17:50.0615 0852 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:17:50.0615 0852 tssecsrv - ok
15:17:50.0646 0852 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:17:50.0646 0852 tunnel - ok
15:17:50.0661 0852 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:17:50.0661 0852 uagp35 - ok
15:17:50.0677 0852 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:17:50.0677 0852 udfs - ok
15:17:50.0693 0852 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:17:50.0708 0852 UI0Detect - ok
15:17:50.0724 0852 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
15:17:50.0724 0852 uliagpkx - ok
15:17:50.0755 0852 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:17:50.0755 0852 umbus - ok
15:17:50.0786 0852 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:17:50.0786 0852 UmPass - ok
15:17:50.0817 0852 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
15:17:50.0817 0852 UmRdpService - ok
15:17:50.0849 0852 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:17:50.0864 0852 upnphost - ok
15:17:50.0880 0852 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:17:50.0880 0852 usbccgp - ok
15:17:50.0895 0852 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
15:17:50.0895 0852 usbcir - ok
15:17:50.0911 0852 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:17:50.0911 0852 usbehci - ok
15:17:50.0942 0852 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:17:50.0942 0852 usbhub - ok
15:17:50.0958 0852 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:17:50.0958 0852 usbohci - ok
15:17:50.0973 0852 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:17:50.0973 0852 usbprint - ok
15:17:51.0005 0852 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:17:51.0005 0852 USBSTOR - ok
15:17:51.0020 0852 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:17:51.0020 0852 usbuhci - ok
15:17:51.0036 0852 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:17:51.0051 0852 UxSms - ok
15:17:51.0051 0852 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
15:17:51.0067 0852 VaultSvc - ok
15:17:51.0067 0852 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
15:17:51.0067 0852 vdrvroot - ok
15:17:51.0098 0852 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
15:17:51.0114 0852 vds - ok
15:17:51.0129 0852 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:17:51.0129 0852 vga - ok
15:17:51.0145 0852 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:17:51.0145 0852 VgaSave - ok
15:17:51.0176 0852 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
15:17:51.0176 0852 vhdmp - ok
15:17:51.0192 0852 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
15:17:51.0192 0852 viaide - ok
15:17:51.0239 0852 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
15:17:51.0239 0852 vmbus - ok
15:17:51.0254 0852 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
15:17:51.0254 0852 VMBusHID - ok
15:17:51.0270 0852 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
15:17:51.0270 0852 volmgr - ok
15:17:51.0285 0852 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:17:51.0301 0852 volmgrx - ok
15:17:51.0317 0852 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
15:17:51.0317 0852 volsnap - ok
15:17:51.0332 0852 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:17:51.0332 0852 vsmraid - ok
15:17:51.0363 0852 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
15:17:51.0395 0852 VSS - ok
15:17:51.0395 0852 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:17:51.0395 0852 vwifibus - ok
15:17:51.0410 0852 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:17:51.0410 0852 W32Time - ok
15:17:51.0426 0852 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:17:51.0426 0852 WacomPen - ok
15:17:51.0457 0852 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:17:51.0457 0852 WANARP - ok
15:17:51.0457 0852 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:17:51.0457 0852 Wanarpv6 - ok
15:17:51.0504 0852 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
15:17:51.0535 0852 wbengine - ok
15:17:51.0566 0852 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:17:51.0582 0852 WbioSrvc - ok
15:17:51.0597 0852 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:17:51.0613 0852 wcncsvc - ok
15:17:51.0613 0852 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:17:51.0629 0852 WcsPlugInService - ok
15:17:51.0629 0852 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:17:51.0629 0852 Wd - ok
15:17:51.0660 0852 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:17:51.0660 0852 Wdf01000 - ok
15:17:51.0691 0852 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:17:51.0691 0852 WdiServiceHost - ok
15:17:51.0691 0852 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:17:51.0691 0852 WdiSystemHost - ok
15:17:51.0722 0852 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
15:17:51.0722 0852 WebClient - ok
15:17:51.0753 0852 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:17:51.0753 0852 Wecsvc - ok
15:17:51.0769 0852 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:17:51.0769 0852 wercplsupport - ok
15:17:51.0800 0852 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:17:51.0800 0852 WerSvc - ok
15:17:51.0800 0852 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:17:51.0816 0852 WfpLwf - ok
15:17:51.0831 0852 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:17:51.0831 0852 WIMMount - ok
15:17:51.0847 0852 WinDefend - ok
15:17:51.0847 0852 WinHttpAutoProxySvc - ok
15:17:51.0909 0852 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:17:51.0909 0852 Winmgmt - ok
15:17:51.0972 0852 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
15:17:51.0987 0852 WinRM - ok
15:17:52.0019 0852 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:17:52.0034 0852 Wlansvc - ok
15:17:52.0050 0852 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:17:52.0050 0852 WmiAcpi - ok
15:17:52.0081 0852 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:17:52.0081 0852 wmiApSrv - ok
15:17:52.0112 0852 WMPNetworkSvc - ok
15:17:52.0143 0852 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:17:52.0143 0852 WPCSvc - ok
15:17:52.0159 0852 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:17:52.0175 0852 WPDBusEnum - ok
15:17:52.0206 0852 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:17:52.0206 0852 ws2ifsl - ok
15:17:52.0221 0852 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
15:17:52.0221 0852 wscsvc - ok
15:17:52.0221 0852 WSearch - ok
15:17:52.0299 0852 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:17:52.0331 0852 wuauserv - ok
15:17:52.0346 0852 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:17:52.0346 0852 WudfPf - ok
15:17:52.0362 0852 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:17:52.0362 0852 WUDFRd - ok
15:17:52.0377 0852 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:17:52.0377 0852 wudfsvc - ok
15:17:52.0393 0852 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:17:52.0409 0852 WwanSvc - ok
15:17:52.0424 0852 ================ Scan global ===============================
15:17:52.0440 0852 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:17:52.0471 0852 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
15:17:52.0471 0852 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
15:17:52.0502 0852 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:17:52.0518 0852 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:17:52.0533 0852 [Global] - ok
15:17:52.0533 0852 ================ Scan MBR ==================================
15:17:52.0549 0852 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:17:52.0970 0852 \Device\Harddisk0\DR0 - ok
15:17:52.0986 0852 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:17:53.0157 0852 \Device\Harddisk1\DR1 - ok
15:17:53.0157 0852 ================ Scan VBR ==================================
15:17:53.0157 0852 [ CFB9C02897341FC849EEAF0B7EC7B314 ] \Device\Harddisk0\DR0\Partition1
15:17:53.0157 0852 \Device\Harddisk0\DR0\Partition1 - ok
15:17:53.0173 0852 [ 5E2731EF4CAC5FA55539360462C31C90 ] \Device\Harddisk0\DR0\Partition2
15:17:53.0173 0852 \Device\Harddisk0\DR0\Partition2 - ok
15:17:53.0189 0852 [ E3E22CDB507DCF0A34A611D9FB4CBAC1 ] \Device\Harddisk0\DR0\Partition3
15:17:53.0189 0852 \Device\Harddisk0\DR0\Partition3 - ok
15:17:53.0189 0852 [ 35C3CCBB676CB8D000AAB1470A7283D2 ] \Device\Harddisk1\DR1\Partition1
15:17:53.0189 0852 \Device\Harddisk1\DR1\Partition1 - ok
15:17:53.0189 0852 ============================================================
15:17:53.0189 0852 Scan finished
15:17:53.0189 0852 ============================================================
15:17:53.0204 3428 Detected object count: 1
15:17:53.0204 3428 Actual detected object count: 1
15:18:03.0173 3428 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:18:03.0173 3428 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
15:18:16.0401 1932 Deinitialize success
Prosim o kontrolu logu.Děkuji Vyřešeno
Re: Prosim o kontrolu logu.Děkuji
Hijack Hunter 1.8.4.1
http://www.novirusthanks.org
Log created on 6.6.2013 at 15:21:48
[+] Generic system info
Operating System: Windows 7 Ultimate 64-bit
Build Version: 7600.win7_rtm.090713-1255
Internet Explorer: 8.0.7600.16385
System Folder: C:\Windows\system32
[+] Running processes
[System Process] (0 bytes) (Unknown) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)
System (0 bytes) (Unknown) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)
C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe (952952 bytes) (AVG Technologies CZ, s.r.o.) (30.10.2012 4:59:54) (--A-) (dc83c9f4130f447ead187879708c8035)
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe (531576 bytes) (AVG Technologies CZ, s.r.o.) (22.10.2012 13:03:50) (--A-) (cf433bc29d4089d264f24a1ed371941d)
C:\Windows\System32\nvvsvc.exe (0 bytes) (NVIDIA Corporation) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (383264 bytes) (NVIDIA Corporation) (14.3.2013 22:07:46) (--A-) (81f177c1954453af407604160bd149cb)
audiodg.exe (0 bytes) (Unknown) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1127200 bytes) (NVIDIA Corporation) (2.4.2013 13:42:56) (--A-) (37ecd13f64c5a1f6ef7e28987987e360)
C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (1342024 bytes) (AVG Technologies CZ, s.r.o.) (10.12.2012 11:11:44) (--A-) (d0be22c910e46550c6308d50dda76b94)
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (5814904 bytes) (AVG Technologies CZ, s.r.o.) (15.11.2012 23:34:30) (--A-) (4afc14afa58878faa1d249e7e90ea54b)
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (196664 bytes) (AVG Technologies CZ, s.r.o.) (22.10.2012 13:05:08) (--A-) (6b72e1e329c4e98c6b6fdd2d265e3ba3)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (418376 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (65085456fd9a74d7f1a999520c299ecb)
C:\Program Files (x86)\AVG\AVG2013\avgui.exe (3147384 bytes) (AVG Technologies CZ, s.r.o.) (11.12.2012 3:52:44) (--A-) (9dadf1a809ecec86f04bde35190d59fe)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (2449696 bytes) (NVIDIA Corporation) (2.4.2013 13:42:56) (--A-) (33dd8fde7bb458e2a45eaba10b8d5364)
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (1354360 bytes) (AVG Technologies CZ, s.r.o.) (22.10.2012 13:04:30) (--A-) (2fc6c98a23864b2e50e53b4848939eaf)
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (952440 bytes) (AVG Technologies CZ, s.r.o.) (22.10.2012 13:03:52) (--A-) (ff0602e28d69b977f889d435f902545e)
dllhost.exe (0 bytes) (Microsoft Corporation) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)
C:\Program Files (x86)\NoVirusThanks\Hijack Hunter\HijackHunter.exe (628736 bytes) (NoVirusThanks Company Srl) (6.6.2013 12:12:19) (--A-) (b6ffa83b91d78a0369fe0e15e4dba69c)
[+] Loaded Modules
C:\Windows\system32\MSVCR100.dll (773968 bytes) (Microsoft Corporation) (19.2.2011 0:40:50) (--A-) (bf38660a9125935658cfa3e53fdc7d65)
C:\Windows\system32\MSVCP100.dll (421200 bytes) (Microsoft Corporation) (19.2.2011 23:03:12) (--A-) (e3c817f7fe44cc870ecdbcbc3ea36132)
C:\Windows\SysWOW64\MSVCP100.dll (421200 bytes) (Microsoft Corporation) (19.2.2011 23:03:12) (--A-) (e3c817f7fe44cc870ecdbcbc3ea36132)
C:\Windows\system32\mfc100u.dll (4422992 bytes) (Microsoft Corporation) (19.2.2011 23:03:12) (--A-) (f32077df74efd435a1dcdf415e189df1)
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\COMCTL32.dll (1680896 bytes) (Microsoft Corporation) (14.7.2009 1:40:32) (--A-) (0fa436a553408cbeba070e3182658de3)
C:\Windows\system32\MFC100ENU.DLL (55120 bytes) (Microsoft Corporation) (19.2.2011 23:03:12) (--A-) (f908fe45f8fe9e0d4cbe65f9ff5df6da)
C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (1624576 bytes) (Microsoft Corporation) (14.7.2009 1:26:25) (--A-) (edb57065790b62ef83be117ad3edfde2)
[+] Registry startups
Value: AVG_UI
Data: "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: GrooveMonitor
Data: "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: StubPath
Data: "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
Value: {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
Data: C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
Value: {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
Data: C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
Value: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Data: C:\Program Files (x86)\Java\jre7\bin\ssv.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Value: {DBC80044-A445-435b-BC74-9C25C1C588A9}
Data: C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}
[+] Other Startups Methods
Value: Groove GFS Stub Execution Hook
Data: C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
CLSID: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
[+] Startup folders
[+] TCPIP nameservers
[+] Internet Explorer settings
[+] Internet Explorer Trusted Sites
[+] Windows Firewall allowed programs
[+] Windows Firewall allowed ports
[+] System Hijack
Value: ShowSuperHidden
Data: 0
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
Value: EnableDCOM
Data: Y
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
Value: Wallpaper
Data: C:\Users\Yardhik\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
Key: HKEY_CURRENT_USER\Control Panel\Desktop
Value: EnabledV8
Data: 0
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter
[+] Executables in Temp folders
[+] Executables in suspicious folders
[+] Autorun.ini
[+] Unknown .SYS files
[+] Non accessible files
[+] Executables in Internet Explorer Folder
[+] Files created/modified 15 days ago
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (825808 bytes) (Google Inc.) (28.5.2013 13:53:11) (--A-) (2f3390c8e3620b3991d7d82014e26aa7) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\chrome_frame_helper.dll (57296 bytes) (Google Inc.) (5.6.2013 21:48:55) (--A-) (6f2addc4ddc40ec21cfc0afb375d3ec7) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\chrome_frame_helper.exe (82896 bytes) (Google Inc.) (5.6.2013 21:48:56) (--A-) (cea5d930589f7fcd50be1276f24ea396) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\chrome_launcher.exe (87504 bytes) (Google Inc.) (5.6.2013 21:48:56) (--A-) (d3213e0f4df76f42737c3cce11e2ac2e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\d3dcompiler_43.dll (2106216 bytes) (Microsoft Corporation) (5.6.2013 21:48:55) (--A-) (1c9b45e87528b8bb8cfa884ea0099a85) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\delegate_execute.exe (397776 bytes) (Google Inc.) (5.6.2013 21:48:56) (--A-) (a8ff45e7bdeb0d2624ec913652896ae8) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll (1597392 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (6dd4400a918bb4265a94ffc2d1ab0d8d) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libegl.dll (124368 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (7fec7fcfdf09459c0186b64654e96926) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libglesv2.dll (599504 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (ad11026ef9fd8c3b73d0002cba05dd04) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\metro_driver.dll (866256 bytes) (Google Inc.) (5.6.2013 21:48:55) (--A-) (7a381cd74d7b8f9e8f1fe7b10bf3568a) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\nacl64.exe (1037264 bytes) (Google Inc.) (5.6.2013 21:48:56) (--A-) (e7e98e4ac956a47be89a4a755f325dae) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppgooglenaclpluginchrome.dll (393168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (f21509c6df8a350412780d689cf2ab95) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\xinput1_3.dll (81768 bytes) (Microsoft Corporation) (5.6.2013 21:48:56) (--A-) (77f595dee5ffacea72b135b1fce1312e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe (1165776 bytes) (Google Inc.) (5.6.2013 21:48:56) (--A-) (d4e83d9f4a3377b37e7a923199318282) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\setup.exe (1165776 bytes) (Google Inc.) (5.6.2013 21:48:56) (--A-) (d4e83d9f4a3377b37e7a923199318282) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\am.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (de5b57bf56df6ebd7286f6b8b7aea369) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ar.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (059d039321318e553f174deb072760ed) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\bg.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (9d5d1aedf4b27d0e54c8f39825e28c9c) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\bn.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (6abc23a73599d45afb71e1446718eb32) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ca.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (ffc29e394d0fb8fc39a6d11ba6513539) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\cs.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (55bf97aa8707555f4dcf54ddb74e5ce9) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\da.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (105f6ecb9d32976667496fa0d51171a9) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\de.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (24cf66b8f359c278458c9b82e99cfd23) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\el.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (7ee81a7083064e3cfcc8d1c79a81225d) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\en-GB.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (f5516f68876392830eac57990bbf5357) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\en-US.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (727bd141de0883f463b8d0b9b7aa3283) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\es-419.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (86c10006b912ef06bdb33ae0f4cdebf8) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\es.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (e0fd3ac5b3768cbc336e4d7c3fc6582c) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\et.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (fa4467b78f3d7f7034a943e052e7719d) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\fa.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (2ac8ce72da8b364f611987125af4a73b) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\fi.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (4d10fa001e555f8fbb594020f3f138a4) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\fil.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (069b4f950fbe030391763aa8d237ffe1) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\fr.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (cbcef7ceb1e664c1b97d1c44db25c8ec) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\gu.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (14e8eddba9c4e34ea0918b5238d492c1) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\he.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (427582479a672bc11e52156f4e8f5b6c) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\hi.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (89a760d737e91ad1a9f6e77b01caf140) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\hr.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (bdb72161ab5c47b11604ed137941ae0c) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\hu.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (ebda4f104a296502ba8f389e931899b0) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\id.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (0a93a06356b848f37e76347130b7a90b) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\it.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (8fd08e89f31897207aa6b5c83f9ab64a) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ja.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (549780ece4ec92bc3ba014ab150feb46) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\kn.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (2286b3343306a289922f4855a0e5d9a4) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ko.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (4e0a6020e16b3f481251bfd39ed45776) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\lt.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (c54d70cf9c8c713bb0719d9437237639) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\lv.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (20f08eef957aff1a64416d0631c4092a) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ml.dll (9680 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (e84bd82c7ce45ff2ba9cdf985113243f) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\mr.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (52d674cd2293f2c852132d818965fe5a) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ms.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (55ca4aee3704f083f3931151703d54b3) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\nb.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (ea25378eba465b3f1f80b840b9ad1f70) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\nl.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (d5e5c45ad5d0594564ce9c0ca009abc8) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\pl.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (91ff92594cd80c3c0aa165a7fef4bc9c) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\pt-BR.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (f1fb3068126497e46e6eda1fedd9a875) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\pt-PT.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (f542965e85bab82782ed1bbdc438ed96) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ro.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (4ce53b66a0883994a95f8cc0d90facd4) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ru.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (6f5e6716511a1ff81a9d6fefb1b06455) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\sk.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (3b7b53baed9c8cf1ea7af8be33c94991) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\sl.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (d8fb4c4790ed945d9a7945226150c55e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\sr.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (fc813f802827149e1ee7a6e3fbae08d5) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\sv.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (1007be51216ad00fa0c04a8107b223bd) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\sw.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (f5a8f887e2b21b2d277a458f7b309034) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ta.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (0f714ec9ebcae709a53aa3abf8fb9c5e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\te.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (b797ec27aa7800cf008faf8e4c7b7e36) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\th.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (fc6bd24539db1ef80dca8c19c3cefbbf) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\tr.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (7fb2e2d8b32ada156183bea09d2fe10c) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\uk.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (7b58fe90aaef5548d0674f898b294459) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\vi.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (87fca6374879510c74053d27240f6cb5) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\zh-CN.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (b61bdd3825776af6d3d0d1548d6d877e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\zh-TW.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (81f8fdde9831e0824abab88257cb59bd) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\chrome_frame_helper.dll (57296 bytes) (Google Inc.) (28.5.2013 13:53:10) (--A-) (626d0101e335399be08dc660b5f501bd) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\chrome_frame_helper.exe (82896 bytes) (Google Inc.) (28.5.2013 13:53:11) (--A-) (239a6e4d1878c0fabe685f8dd984543d) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\chrome_launcher.exe (87504 bytes) (Google Inc.) (28.5.2013 13:53:11) (--A-) (82dfea899b78f8c082dce0434f567776) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\d3dcompiler_43.dll (2106216 bytes) (Microsoft Corporation) (28.5.2013 13:53:10) (--A-) (1c9b45e87528b8bb8cfa884ea0099a85) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\delegate_execute.exe (397776 bytes) (Google Inc.) (28.5.2013 13:53:11) (--A-) (2add2fa2ee169fb7e6fa4552997eafdd) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll (1597392 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (4763adc41ba4e0ff8740251705ca3f7f) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\libegl.dll (124368 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (480041594be5d6e5c37869edf7fb9570) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\libglesv2.dll (599504 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (160d122d35af73f3c3339c4ae5584b5b) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\metro_driver.dll (866256 bytes) (Google Inc.) (28.5.2013 13:53:11) (--A-) (6c05f279f5ffd1cd5a904a8240b8757b) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\nacl64.exe (1037264 bytes) (Google Inc.) (28.5.2013 13:53:11) (--A-) (6b2c6d2687d9fba80007b3ed413d9990) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppgooglenaclpluginchrome.dll (393168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (d68678e3a6fed6c81b5a2f5ce64a8e8f) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\xinput1_3.dll (81768 bytes) (Microsoft Corporation) (28.5.2013 13:53:11) (--A-) (77f595dee5ffacea72b135b1fce1312e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe (1165776 bytes) (Google Inc.) (28.5.2013 13:53:12) (--A-) (d833e6a05697c0301f15a76ec2bf0fa4) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\setup.exe (1165776 bytes) (Google Inc.) (28.5.2013 13:53:12) (--A-) (d833e6a05697c0301f15a76ec2bf0fa4) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\am.dll (9168 bytes) (Unknown) (28.5.2013 13:53:08) (--A-) (21c9f962517b265c6a672bc6e034c607) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ar.dll (9168 bytes) (Unknown) (28.5.2013 13:53:08) (--A-) (96c007b8292a4d602c17493e3d8af881) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\bg.dll (9168 bytes) (Unknown) (28.5.2013 13:53:08) (--A-) (80d788326445a9d1ce23b67d6d9f1da9) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\bn.dll (9168 bytes) (Unknown) (28.5.2013 13:53:08) (--A-) (4d97f6feb64e8a4a6bf5a05d7b4bc4b3) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ca.dll (9168 bytes) (Unknown) (28.5.2013 13:53:08) (--A-) (4d5b0d4fb8011b18b416ca16efc2ccf2) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\cs.dll (9168 bytes) (Unknown) (28.5.2013 13:53:10) (--A-) (d902e69ad5cbfada653df9842083c1a9) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\da.dll (9168 bytes) (Unknown) (28.5.2013 13:53:10) (--A-) (bb240e97e331e1cd5342b3253f43fd11) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\de.dll (9168 bytes) (Unknown) (28.5.2013 13:53:10) (--A-) (1c6d5e915e882b12e47e67def5b63fcf) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\el.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (d0017d936f75d0fb2124ca0223dc8b53) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\en-GB.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (5c025465d389f364a608cc2377b85bbc) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\en-US.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (d1eded129a600bcf94137f3cf5b435db) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\es-419.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (cb04ed14a5230ee873df31189782f336) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\es.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (ac703eb076eb3507fbc8383982c43760) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\et.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (25bf7cb7f01c92a4038bd6ea4ea6354e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\fa.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (b32ee231556b0f8dabd835b7f8003630) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\fi.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (0e24a2a559147edb3a66e4c20c6636b8) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\fil.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (3a1bacd4b419101d8b8879a5068a89fa) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\fr.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (0199d9bd2f669cc8a1e22e6ac2d395e9) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\gu.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (9a7bf8a47cbc8f9ae6f887603db461ae) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\he.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (bd9bc30afb2a8b0be666e27481c9ccb7) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\hi.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (53620a7a2a10849cea3ee1bca2a67645) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\hr.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (fdf1a6418013816bef24b1a3eb3c08ae) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\hu.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (1719a346d7f4afa384fbc0646c4b9e93) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\id.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (8b16028c089cf68b04457a23844adc02) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\it.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (5e03c98fd4ea34303f56e19a5a4f4708) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ja.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (e9ff600ed37c908d61307252dcecdade) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\kn.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (4c5413e1ddaeb77767bc436a2c5ede94) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ko.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (d7dadc9311dc2b523d3c8922d2b7397c) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\lt.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (c73621566ef382066f72f3ab99c3b795) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\lv.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (0efb6f9bd362159dd29b60808687e40e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ml.dll (9680 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (701862eb08aa57e20d417780b1a22a3b) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\mr.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (84fb1ce191dc5633b437d7c4dd7bd5bd) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ms.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (f58e2bd42399de0536bcec66b4d0f26e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\nb.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (6bac2273f76887d511ae071e7c0ee0a7) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\nl.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (881b862973d72be37c74bb3b4dc6fadc) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\pl.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (46b9e40b48ebf37cffd4f446487014b8) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\pt-BR.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (724b753974307ef9a3fda0a839855565) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\pt-PT.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (e4fa84e9322d96a2f4887fe80dbacc67) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ro.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (022a636e5423a580b0c32ce69a328e9c) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ru.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (853312fcc50aa9037457aef1204bf70b) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\sk.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (ac364e6ce6a12b5913fdad61384e1391) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\sl.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (0003f660e7e3c7d6e803ed4e63b91799) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\sr.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (a3f742dfa1d5296d764caf4b66bbd386) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\sv.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (c0b743f5c11f92ded6e27b96c8dcf3e3) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\sw.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (da5564fcc66fb0a2985823a2a7e0e5cd) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ta.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (c292b030a7f9f922aee06ec6fda77104) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\te.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (6089a681389e9d253c8ab9b253262f10) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\th.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (5178ad9afe70edb3d5fe107d261b5215) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\tr.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (04c6ba6b30e20a5527843b7bd030d3d1) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\uk.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (e2bb998a2a6c834357ae969c808cd0aa) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\vi.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (77394c1ead34831c53293423c9f3a48f) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\zh-CN.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (ac5841c5e777fe0c7d62ca8974d25bae) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\zh-TW.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (fbc3291eb19908212340f061964165ac) (Created)
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (116648 bytes) (Google Inc.) (28.5.2013 13:52:26) (--A-) (506708142bc63daba64f2d3ad1dcd5bf) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe (216968 bytes) (Google Inc.) (28.5.2013 15:40:18) (--A-) (76b35cb0f3a4e69d6dff27f542b9f856) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe (287624 bytes) (Google Inc.) (28.5.2013 15:40:19) (--A-) (4e252e85e5dc31bd645e809222afaf27) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleUpdate.exe (116648 bytes) (Google Inc.) (28.5.2013 15:40:18) (--A-) (506708142bc63daba64f2d3ad1dcd5bf) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleUpdateBroker.exe (59784 bytes) (Google Inc.) (28.5.2013 15:40:35) (--A-) (8f11f0321ed84b1533fc1384ac71ac8d) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleUpdateOnDemand.exe (59784 bytes) (Google Inc.) (28.5.2013 15:40:35) (--A-) (00f714ca28a01facb709486d6da306a8) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleUpdateSetup.exe (781592 bytes) (Google Inc.) (28.5.2013 15:40:34) (--A-) (c26bb2535c1b20deafaeb12634bf4dc9) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdate.dll (848776 bytes) (Google Inc.) (28.5.2013 15:40:18) (--A-) (758d99511fd82b6c55e70494039e9f1a) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_am.dll (25480 bytes) (Google Inc.) (28.5.2013 15:40:19) (--A-) (37b382c540fe385cc80750fe094d2436) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ar.dll (27016 bytes) (Google Inc.) (28.5.2013 15:40:19) (--A-) (0168e7384921b019c7b79ee5a3bbc161) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_bg.dll (30600 bytes) (Google Inc.) (28.5.2013 15:40:20) (--A-) (93ff8dfef26bd30afa6e3db15e8acb5e) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_bn.dll (29064 bytes) (Google Inc.) (28.5.2013 15:40:20) (--A-) (d314cd6d571d43c984ffee5f0f6e4b3d) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ca.dll (30088 bytes) (Google Inc.) (28.5.2013 15:40:20) (--A-) (97873a0ae52a3fbc4a3aa940b249b05c) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_cs.dll (29064 bytes) (Google Inc.) (28.5.2013 15:40:20) (--A-) (7a5fe62191a8e2a0e2f010aaf6f03629) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_da.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:20) (--A-) (1c7426eaa7bdae77cc7e3bb0f9e3a14f) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_de.dll (31624 bytes) (Google Inc.) (28.5.2013 15:40:20) (--A-) (b148b6313c497e8bd3b9dd6fdb39ac10) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_el.dll (31112 bytes) (Google Inc.) (28.5.2013 15:40:20) (--A-) (67fd8c305a738e7ea9ab3e155c964c40) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_en-GB.dll (28552 bytes) (Google Inc.) (28.5.2013 15:40:21) (--A-) (8c602d444d5643f551ce9ad65ebb605a) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_en.dll (28040 bytes) (Google Inc.) (28.5.2013 15:40:21) (--A-) (11afb3767663997e0ce911cd015599c9) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_es-419.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:21) (--A-) (c483cb78d29d233181c4d598f875a1bf) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_es.dll (31624 bytes) (Google Inc.) (28.5.2013 15:40:21) (--A-) (ba42ffe1cb12080a92824ed55d3eafa9) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_et.dll (28552 bytes) (Google Inc.) (28.5.2013 15:40:21) (--A-) (a07e4c0a3a05d44190ac25fb3c6cb65b) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_fa.dll (28040 bytes) (Google Inc.) (28.5.2013 15:40:22) (--A-) (1f3b47d4ee99fafebcfdf0ef99bf0840) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_fi.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:22) (--A-) (e1e4dedfdbec1fde219424c91dcd4d46) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_fil.dll (30600 bytes) (Google Inc.) (28.5.2013 15:40:22) (--A-) (f2b1d1fb1103977494f6d19aae8cc69d) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_fr.dll (31112 bytes) (Google Inc.) (28.5.2013 15:40:22) (--A-) (116e277ec09acf213d62445ae7a50eda) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_gu.dll (29064 bytes) (Google Inc.) (28.5.2013 15:40:23) (--A-) (72f76a295d076c68ebbff32474bfe7f2) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_hi.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:23) (--A-) (46173ecb5b9f6c84767a3e8d447225d6) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_hr.dll (30088 bytes) (Google Inc.) (28.5.2013 15:40:23) (--A-) (9db4eaacb9855199e4a73d0fac778524) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_hu.dll (30088 bytes) (Google Inc.) (28.5.2013 15:40:23) (--A-) (b19d72c2644e0eb177eaa80862b154ca) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_id.dll (28552 bytes) (Google Inc.) (28.5.2013 15:40:24) (--A-) (5d1416589d40580e1d17a59945f4f6ff) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_is.dll (29064 bytes) (Google Inc.) (28.5.2013 15:40:24) (--A-) (aa589e901eae7d61b2168b0cb79af7f0) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_it.dll (31112 bytes) (Google Inc.) (28.5.2013 15:40:24) (--A-) (a3f144453082103df53c4f8c63356198) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_iw.dll (26504 bytes) (Google Inc.) (28.5.2013 15:40:24) (--A-) (726837c8c731c852432e0131a36d6b03) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ja.dll (24968 bytes) (Google Inc.) (28.5.2013 15:40:25) (--A-) (bf60dcccfea46a98d31ed6de9a278e41) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_kn.dll (30088 bytes) (Google Inc.) (28.5.2013 15:40:25) (--A-) (ad5d7302a3f97fe7c96bf95c6e09e995) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ko.dll (23944 bytes) (Google Inc) (28.5.2013 15:40:25) (--A-) (a56762f5482e9dd69741fb2bbbbeb532) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_lt.dll (28552 bytes) („Google Inc.“) (28.5.2013 15:40:25) (--A-) (3a76c8eb41b49c819f30214168a50b6b) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_lv.dll (30600 bytes) (Google Inc.) (28.5.2013 15:40:26) (--A-) (bd964b57c8996236b66a64152267c138) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ml.dll (32136 bytes) (Google Inc.) (28.5.2013 15:40:26) (--A-) (39f8448738bf139a6b1b12615ba5ca79) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_mr.dll (29064 bytes) (Google Inc.) (28.5.2013 15:40:26) (--A-) (b6a13d656eae36368f7c9f3858891882) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ms.dll (28552 bytes) (Google Inc.) (28.5.2013 15:40:26) (--A-) (c9138b8521772d67eba4f92f458aa0f7) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_nl.dll (30600 bytes) (Google Inc.) (28.5.2013 15:40:27) (--A-) (c1539a3ca66e6f634130bda66a6af5de) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_no.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:27) (--A-) (a31bf7569a8ae5d7d82d11f672c83f53) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_pl.dll (30600 bytes) (Google Inc.) (28.5.2013 15:40:27) (--A-) (2950a0129c80705cd04b3c9557e0d4f0) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_pt-BR.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:27) (--A-) (ecfd7fdcc6f000bb55cb4effdc8cfcd5) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_pt-PT.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:27) (--A-) (6238a2e2d9f3d83e549265b2042b85ee) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ro.dll (30088 bytes) (Google Inc.) (28.5.2013 15:40:28) (--A-) (247158b3f04e23798f54709408ee3275) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ru.dll (29064 bytes) (Google Inc.) (28.5.2013 15:40:28) (--A-) (40722a0ae166f1dc5d1e2567c5cab149) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_sk.dll (30088 bytes) (Google Inc.) (28.5.2013 15:40:28) (--A-) (501890359f79d519b6d31aed5be8c124) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_sl.dll (30088 bytes) (Google Inc.) (28.5.2013 15:40:28) (--A-) (fbd461f7b26cbff59a9f8d173520976b) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_sr.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:28) (--A-) (710daea8e54cd0bbe9d466231deee41f) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_sv.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:29) (--A-) (4399d8b85219739b784142a59a42e018) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_sw.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:29) (--A-) (ac4c794732e5b274562cc76e6d40e9b6) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ta.dll (30600 bytes) (Google Inc.) (28.5.2013 15:40:29) (--A-) (7c1910c467b6f3273362996ef04ff373) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_te.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:29) (--A-) (1fac9d1f79c2654375ba1194b42c6aa0) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_th.dll (28040 bytes) (Google Inc.) (28.5.2013 15:40:30) (--A-) (7a743f451a8cfc16fdcc11c9391906af) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_tr.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:30) (--A-) (da83d2dfc2c57a6586419fe07cddfb5c) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_uk.dll (29064 bytes) (Google Inc.) (28.5.2013 15:40:30) (--A-) (7d090eabd9baf82ac53e094b60775b1a) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ur.dll (29064 bytes) (Google Inc.) (28.5.2013 15:40:31) (--A-) (100fbe92cfaa09385b92e68636e3c2d4) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_vi.dll (28552 bytes) (Google Inc.) (28.5.2013 15:40:31) (--A-) (ebbe535da49a609686a18e2e03993b41) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_zh-CN.dll (22408 bytes) (Google Inc.) (28.5.2013 15:40:31) (--A-) (c59006dc63a35412a4187a03f1904770) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_zh-TW.dll (22408 bytes) (Google Inc.) (28.5.2013 15:40:32) (--A-) (b3c4b4d4ea6fbc21dc5a737f54b7fea6) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (585608 bytes) (Google Inc.) (28.5.2013 15:40:35) (--A-) (3d928b3fe97c403a33f803b3d1a260c9) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\psmachine.dll (162184 bytes) (Google Inc.) (28.5.2013 15:40:34) (--A-) (4d5cc66e982273cf1029933fd5251697) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\psuser.dll (162184 bytes) (Google Inc.) (28.5.2013 15:40:33) (--A-) (7b73b1a488615c4619ad89d339cffd67) (Created)
C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.145\GoogleUpdateSetup.exe (781592 bytes) (Google Inc.) (28.5.2013 15:40:15) (--A-) (c26bb2535c1b20deafaeb12634bf4dc9) (Created)
C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\27.0.1453.110\27.0.1453.110_27.0.1453.94_chrome_updater.exe (746848 bytes) (Unknown) (5.6.2013 21:45:15) (--A-) (1ea998de136184740b292fb9dcdd49ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\7z.dll (914432 bytes) (Igor Pavlov) (6.6.2013 13:31:56) (--A-) (04ad4b80880b32c94be8d0886482c774) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll (527944 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (ef39cccc9ad927a25334ae0b41a8a343) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (887432 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (534a3cb0847ba114f0d8a5f2bb2ef6d0) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll (1127496 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (80d8679bf84a9383bff33e07d5d9fc35) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll (95304 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (d713fbececd754fb7110cc5c4e0948f5) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (532040 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (d1d5dab39dcb4be0359943738d87409b) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll (2191944 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (9275f02bea644f43a459e316a932658f) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbampt.exe (40008 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (3aa429543931cf75d2fa9a4befd1e7f8) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (418376 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (65085456fd9a74d7f1a999520c299ecb) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (701512 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (e0d7732f2d2e24b2db3f67b6750295b8) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll (46416 bytes) (vbAccelerator) (6.6.2013 13:31:56) (--A-) (91ea28804ec3a71126841554199e28bc) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe (712264 bytes) (Unknown) (6.6.2013 13:31:56) (--A-) (cd18e303b47e126eaacdefad26b006b2) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx (496976 bytes) (vbAccelerator) (6.6.2013 13:31:56) (--A-) (baa4de42156350754976dd563d02cde4) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\firefox.com (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\firefox.exe (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\firefox.pif (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\firefox.scr (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.com (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe (218184 bytes) (Unknown) (6.6.2013 13:31:56) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.pif (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.scr (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-killer.exe (896072 bytes) (Unknown) (6.6.2013 13:31:56) (--A-) (b4b98ebca650953253fdaa78ab1276a7) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\rundll32.exe (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\NoVirusThanks\Hijack Hunter\HijackHunter.exe (628736 bytes) (NoVirusThanks Company Srl) (6.6.2013 12:12:19) (--A-) (b6ffa83b91d78a0369fe0e15e4dba69c) (Created)
C:\Program Files (x86)\NoVirusThanks\Hijack Hunter\nhdrv.sys (4608 bytes) (NoVirusThanks Company Srl) (6.6.2013 12:12:20) (--A-) (8f40312ac7b0f3d0246fe52105e4f1d7) (Created)
C:\Program Files (x86)\NoVirusThanks\Hijack Hunter\unins000.exe (709176 bytes) (Unknown) (6.6.2013 12:12:19) (--A-) (626b4f1832765b3280e2a4e7ceba87e9) (Created)
C:\Windows\grep.exe (80412 bytes) (Unknown) (6.6.2013 14:49:45) (--A-) (9e05a9c264c8a908a8e79450fcbff047) (Created)
C:\Windows\MBR.exe (208896 bytes) (Unknown) (6.6.2013 14:49:45) (--A-) (0277c027a26428db64ef4f64f52bb4fd) (Created)
C:\Windows\NIRCMD.exe (60416 bytes) (NirSoft) (6.6.2013 14:49:45) (--A-) (753bc16326fee4a421acb636ccd602f4) (Created)
C:\Windows\PEV.exe (256000 bytes) (Unknown) (6.6.2013 14:49:45) (--A-) (f042ee4c8d66248d9b86dcf52abae416) (Created)
C:\Windows\sed.exe (98816 bytes) (Unknown) (6.6.2013 14:49:45) (--A-) (2b657a67aebb84aea5632c53e61e23bf) (Created)
C:\Windows\SWREG.exe (518144 bytes) (SteelWerX) (6.6.2013 14:49:45) (--A-) (a46842c9b0c567a5a9584e83a163560c) (Created)
C:\Windows\SWSC.exe (406528 bytes) (SteelWerX) (6.6.2013 14:49:45) (--A-) (0297c72529807322b152f517fdb0a9fc) (Created)
C:\Windows\zip.exe (68096 bytes) (Unknown) (6.6.2013 14:49:45) (--A-) (5e832f4faf5f481f2eaf3b3a48f603b8) (Created)
C:\Users\Yardhik\AppData\Local\Temp\Rar$EX00.354\TDSSKiller.exe (2237968 bytes) (Kaspersky Lab ZAO) (6.6.2013 15:17:16) (--A-) (178a34e5554dce485e1262ddf027960c) (Created)
[+] Hidden files in suspicious folders
[+] Suspicious Registry Keys
[+] Suspicious folders
[+] Drivers
C:\Windows\system32\drivers\amdxata.sys (amdxata) (amdxata) (Advanced Micro Devices) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\avgfwd6a.sys (Avgfwfd) (AVG network filter service) (AVG Technologies CZ, s.r.o.) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\avgidsdrivera.sys (AVGIDSDriver) (AVGIDSDriver) (AVG Technologies CZ, s.r.o.) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\avgidsha.sys (AVGIDSHA) (AVGIDSHA) (AVG Technologies CZ, s.r.o.) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\avgldx64.sys (Avgldx64) (AVG AVI Loader Driver) (AVG Technologies CZ, s.r.o.) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\avgloga.sys (Avgloga) (AVG Logging Driver) (AVG Technologies CZ, s.r.o.) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\avgmfx64.sys (Avgmfx64) (AVG Mini-Filter Resident Anti-Virus Shield) (AVG Technologies CZ, s.r.o.) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\avgrkx64.sys (Avgrkx64) (AVG Anti-Rootkit Driver) (AVG Technologies CZ, s.r.o.) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\avgtdia.sys (Avgtdia) (AVG TDI Driver) (AVG Technologies CZ, s.r.o.) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\blbdrive.sys (blbdrive) (blbdrive) (Microsoft Corporation) (d41d8cd98f00b204e9800998ecf8427e)
c:\windows\system32\drivers\mbam.sys (MBAMProtector) (MBAMProtector) (Malwarebytes Corporation) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\nvlddmkm.sys (nvlddmkm) (nvlddmkm) (NVIDIA Corporation) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\rt64win7.sys (RTL8167) (Ovladač Realtek 8167 NT) (Realtek Corporation) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\sptd.sys (sptd) (sptd) (Unknown) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\vmstorfl.sys (storflt) (Diskový ovladač filtru akcelerace sběrnice virtuálního počítače) (Microsoft Corporation) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\swenum.sys (swenum) (Softwarový ovladač sběrnice) (Microsoft Corporation) (d41d8cd98f00b204e9800998ecf8427e)
[+] Drivers -> FSFilter Anti-Virus
Driver Name: MBAMProtector
Driver File: \??\C:\Windows\system32\drivers\mbam.sys
Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
[+] Services
c:\program files (x86)\avg\avg2013\avgfws.exe (avgfws) (AVG Firewall) (AVG Technologies CZ, s.r.o.) (d0be22c910e46550c6308d50dda76b94)
c:\program files (x86)\avg\avg2013\avgidsagent.exe (AVGIDSAgent) (AVGIDSAgent) (AVG Technologies CZ, s.r.o.) (4afc14afa58878faa1d249e7e90ea54b)
c:\program files (x86)\avg\avg2013\avgwdsvc.exe (avgwd) (AVG WatchDog) (AVG Technologies CZ, s.r.o.) (6b72e1e329c4e98c6b6fdd2d265e3ba3)
c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe (MBAMScheduler) (MBAMScheduler) (Malwarebytes Corporation) (65085456fd9a74d7f1a999520c299ecb)
c:\windows\system32\nvvsvc.exe (nvsvc) (NVIDIA Display Driver Service) (NVIDIA Corporation) (d41d8cd98f00b204e9800998ecf8427e)
c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe (nvUpdatusService) (NVIDIA Update Service Daemon) (NVIDIA Corporation) (b7c53da1c73ff39f4a6248643efd979a)
c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe (Stereo Service) (NVIDIA Stereoscopic 3D Driver Service) (NVIDIA Corporation) (81f177c1954453af407604160bd149cb)
[+] ServiceDll
[+] Unknown files in Winsock LSP
[+] Unknown files in CLSID
C:\Windows\SysWoW64\nvcuvenc.dll (1995552 bytes) (NVIDIA Corporation) (2.4.2013 13:41:47) (--A-) (ebdf7c55db22b28a48aab5d97de4b5e4)
C:\Windows\SysWOW64\deployJava1.dll (782240 bytes) (Oracle Corporation) (2.4.2013 12:40:58) (--A-) (477d36327b9687846bedca9d3cc52ac5)
[+] TCP Connections
N/A -> 0.0.0.0:135 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:445 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:554 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:2869 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:5357 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:10243 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:49152 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:49153 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:49154 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:49155 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:49159 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:49161 -> 0.0.0.0:0 -> LISTENING
N/A -> 89.102.65.124:139 -> 0.0.0.0:0 -> LISTENING
N/A -> 89.102.65.124:49288 -> 91.203.99.45:80 -> TIME_WAIT
N/A -> 89.102.65.124:49290 -> 91.203.99.45:80 -> TIME_WAIT
N/A -> 89.102.65.124:49298 -> 173.194.44.232:443 -> TIME_WAIT
N/A -> 89.102.65.124:49301 -> 173.194.44.229:80 -> TIME_WAIT
N/A -> 89.102.65.124:49302 -> 173.194.35.90:80 -> TIME_WAIT
N/A -> 89.102.65.124:49303 -> 91.203.99.45:443 -> TIME_WAIT
N/A -> 89.102.65.124:49305 -> 91.190.216.7:80 -> TIME_WAIT
N/A -> 89.102.65.124:49306 -> 173.194.44.232:443 -> TIME_WAIT
N/A -> 89.102.65.124:49307 -> 173.194.35.79:443 -> TIME_WAIT
N/A -> 89.102.65.124:49308 -> 91.190.216.41:443 -> TIME_WAIT
N/A -> 89.102.65.124:49317 -> 173.194.35.90:80 -> TIME_WAIT
N/A -> 89.102.65.124:49318 -> 173.194.35.90:80 -> TIME_WAIT
daemonu.exe -> 127.0.0.1:2559 -> 0.0.0.0:0 -> LISTENING
[+] UDP Connections
N/A -> 0.0.0.0:500 -> *.*
N/A -> 0.0.0.0:3702 -> *.*
N/A -> 0.0.0.0:3702 -> *.*
N/A -> 0.0.0.0:3702 -> *.*
N/A -> 0.0.0.0:3702 -> *.*
N/A -> 0.0.0.0:4500 -> *.*
N/A -> 0.0.0.0:5004 -> *.*
N/A -> 0.0.0.0:5005 -> *.*
N/A -> 0.0.0.0:5355 -> *.*
N/A -> 0.0.0.0:52318 -> *.*
N/A -> 0.0.0.0:55176 -> *.*
N/A -> 0.0.0.0:55178 -> *.*
N/A -> 89.102.65.124:137 -> *.*
N/A -> 89.102.65.124:138 -> *.*
N/A -> 89.102.65.124:1900 -> *.*
N/A -> 89.102.65.124:55174 -> *.*
N/A -> 127.0.0.1:1900 -> *.*
daemonu.exe -> 127.0.0.1:48000 -> *.*
N/A -> 127.0.0.1:48001 -> *.*
N/A -> 127.0.0.1:55175 -> *.*
[+] Hosts file
[+] Ring3 API Hooks
x64 OS not supported!
[+] Kernel Mode Info
x64 OS not supported!
---
Finish [ 0:5:18 ]
http://www.novirusthanks.org
Log created on 6.6.2013 at 15:21:48
[+] Generic system info
Operating System: Windows 7 Ultimate 64-bit
Build Version: 7600.win7_rtm.090713-1255
Internet Explorer: 8.0.7600.16385
System Folder: C:\Windows\system32
[+] Running processes
[System Process] (0 bytes) (Unknown) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)
System (0 bytes) (Unknown) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)
C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe (952952 bytes) (AVG Technologies CZ, s.r.o.) (30.10.2012 4:59:54) (--A-) (dc83c9f4130f447ead187879708c8035)
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe (531576 bytes) (AVG Technologies CZ, s.r.o.) (22.10.2012 13:03:50) (--A-) (cf433bc29d4089d264f24a1ed371941d)
C:\Windows\System32\nvvsvc.exe (0 bytes) (NVIDIA Corporation) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (383264 bytes) (NVIDIA Corporation) (14.3.2013 22:07:46) (--A-) (81f177c1954453af407604160bd149cb)
audiodg.exe (0 bytes) (Unknown) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1127200 bytes) (NVIDIA Corporation) (2.4.2013 13:42:56) (--A-) (37ecd13f64c5a1f6ef7e28987987e360)
C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (1342024 bytes) (AVG Technologies CZ, s.r.o.) (10.12.2012 11:11:44) (--A-) (d0be22c910e46550c6308d50dda76b94)
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (5814904 bytes) (AVG Technologies CZ, s.r.o.) (15.11.2012 23:34:30) (--A-) (4afc14afa58878faa1d249e7e90ea54b)
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (196664 bytes) (AVG Technologies CZ, s.r.o.) (22.10.2012 13:05:08) (--A-) (6b72e1e329c4e98c6b6fdd2d265e3ba3)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (418376 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (65085456fd9a74d7f1a999520c299ecb)
C:\Program Files (x86)\AVG\AVG2013\avgui.exe (3147384 bytes) (AVG Technologies CZ, s.r.o.) (11.12.2012 3:52:44) (--A-) (9dadf1a809ecec86f04bde35190d59fe)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (2449696 bytes) (NVIDIA Corporation) (2.4.2013 13:42:56) (--A-) (33dd8fde7bb458e2a45eaba10b8d5364)
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (1354360 bytes) (AVG Technologies CZ, s.r.o.) (22.10.2012 13:04:30) (--A-) (2fc6c98a23864b2e50e53b4848939eaf)
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (952440 bytes) (AVG Technologies CZ, s.r.o.) (22.10.2012 13:03:52) (--A-) (ff0602e28d69b977f889d435f902545e)
dllhost.exe (0 bytes) (Microsoft Corporation) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)
C:\Program Files (x86)\NoVirusThanks\Hijack Hunter\HijackHunter.exe (628736 bytes) (NoVirusThanks Company Srl) (6.6.2013 12:12:19) (--A-) (b6ffa83b91d78a0369fe0e15e4dba69c)
[+] Loaded Modules
C:\Windows\system32\MSVCR100.dll (773968 bytes) (Microsoft Corporation) (19.2.2011 0:40:50) (--A-) (bf38660a9125935658cfa3e53fdc7d65)
C:\Windows\system32\MSVCP100.dll (421200 bytes) (Microsoft Corporation) (19.2.2011 23:03:12) (--A-) (e3c817f7fe44cc870ecdbcbc3ea36132)
C:\Windows\SysWOW64\MSVCP100.dll (421200 bytes) (Microsoft Corporation) (19.2.2011 23:03:12) (--A-) (e3c817f7fe44cc870ecdbcbc3ea36132)
C:\Windows\system32\mfc100u.dll (4422992 bytes) (Microsoft Corporation) (19.2.2011 23:03:12) (--A-) (f32077df74efd435a1dcdf415e189df1)
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\COMCTL32.dll (1680896 bytes) (Microsoft Corporation) (14.7.2009 1:40:32) (--A-) (0fa436a553408cbeba070e3182658de3)
C:\Windows\system32\MFC100ENU.DLL (55120 bytes) (Microsoft Corporation) (19.2.2011 23:03:12) (--A-) (f908fe45f8fe9e0d4cbe65f9ff5df6da)
C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (1624576 bytes) (Microsoft Corporation) (14.7.2009 1:26:25) (--A-) (edb57065790b62ef83be117ad3edfde2)
[+] Registry startups
Value: AVG_UI
Data: "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: GrooveMonitor
Data: "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: StubPath
Data: "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
Value: {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
Data: C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
Value: {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
Data: C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
Value: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Data: C:\Program Files (x86)\Java\jre7\bin\ssv.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Value: {DBC80044-A445-435b-BC74-9C25C1C588A9}
Data: C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}
[+] Other Startups Methods
Value: Groove GFS Stub Execution Hook
Data: C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
CLSID: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
[+] Startup folders
[+] TCPIP nameservers
[+] Internet Explorer settings
[+] Internet Explorer Trusted Sites
[+] Windows Firewall allowed programs
[+] Windows Firewall allowed ports
[+] System Hijack
Value: ShowSuperHidden
Data: 0
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
Value: EnableDCOM
Data: Y
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
Value: Wallpaper
Data: C:\Users\Yardhik\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
Key: HKEY_CURRENT_USER\Control Panel\Desktop
Value: EnabledV8
Data: 0
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter
[+] Executables in Temp folders
[+] Executables in suspicious folders
[+] Autorun.ini
[+] Unknown .SYS files
[+] Non accessible files
[+] Executables in Internet Explorer Folder
[+] Files created/modified 15 days ago
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (825808 bytes) (Google Inc.) (28.5.2013 13:53:11) (--A-) (2f3390c8e3620b3991d7d82014e26aa7) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\chrome_frame_helper.dll (57296 bytes) (Google Inc.) (5.6.2013 21:48:55) (--A-) (6f2addc4ddc40ec21cfc0afb375d3ec7) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\chrome_frame_helper.exe (82896 bytes) (Google Inc.) (5.6.2013 21:48:56) (--A-) (cea5d930589f7fcd50be1276f24ea396) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\chrome_launcher.exe (87504 bytes) (Google Inc.) (5.6.2013 21:48:56) (--A-) (d3213e0f4df76f42737c3cce11e2ac2e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\d3dcompiler_43.dll (2106216 bytes) (Microsoft Corporation) (5.6.2013 21:48:55) (--A-) (1c9b45e87528b8bb8cfa884ea0099a85) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\delegate_execute.exe (397776 bytes) (Google Inc.) (5.6.2013 21:48:56) (--A-) (a8ff45e7bdeb0d2624ec913652896ae8) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll (1597392 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (6dd4400a918bb4265a94ffc2d1ab0d8d) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libegl.dll (124368 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (7fec7fcfdf09459c0186b64654e96926) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libglesv2.dll (599504 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (ad11026ef9fd8c3b73d0002cba05dd04) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\metro_driver.dll (866256 bytes) (Google Inc.) (5.6.2013 21:48:55) (--A-) (7a381cd74d7b8f9e8f1fe7b10bf3568a) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\nacl64.exe (1037264 bytes) (Google Inc.) (5.6.2013 21:48:56) (--A-) (e7e98e4ac956a47be89a4a755f325dae) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppgooglenaclpluginchrome.dll (393168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (f21509c6df8a350412780d689cf2ab95) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\xinput1_3.dll (81768 bytes) (Microsoft Corporation) (5.6.2013 21:48:56) (--A-) (77f595dee5ffacea72b135b1fce1312e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe (1165776 bytes) (Google Inc.) (5.6.2013 21:48:56) (--A-) (d4e83d9f4a3377b37e7a923199318282) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\setup.exe (1165776 bytes) (Google Inc.) (5.6.2013 21:48:56) (--A-) (d4e83d9f4a3377b37e7a923199318282) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\am.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (de5b57bf56df6ebd7286f6b8b7aea369) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ar.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (059d039321318e553f174deb072760ed) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\bg.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (9d5d1aedf4b27d0e54c8f39825e28c9c) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\bn.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (6abc23a73599d45afb71e1446718eb32) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ca.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (ffc29e394d0fb8fc39a6d11ba6513539) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\cs.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (55bf97aa8707555f4dcf54ddb74e5ce9) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\da.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (105f6ecb9d32976667496fa0d51171a9) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\de.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (24cf66b8f359c278458c9b82e99cfd23) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\el.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (7ee81a7083064e3cfcc8d1c79a81225d) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\en-GB.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (f5516f68876392830eac57990bbf5357) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\en-US.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (727bd141de0883f463b8d0b9b7aa3283) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\es-419.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (86c10006b912ef06bdb33ae0f4cdebf8) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\es.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (e0fd3ac5b3768cbc336e4d7c3fc6582c) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\et.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (fa4467b78f3d7f7034a943e052e7719d) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\fa.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (2ac8ce72da8b364f611987125af4a73b) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\fi.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (4d10fa001e555f8fbb594020f3f138a4) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\fil.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (069b4f950fbe030391763aa8d237ffe1) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\fr.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (cbcef7ceb1e664c1b97d1c44db25c8ec) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\gu.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (14e8eddba9c4e34ea0918b5238d492c1) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\he.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (427582479a672bc11e52156f4e8f5b6c) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\hi.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (89a760d737e91ad1a9f6e77b01caf140) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\hr.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (bdb72161ab5c47b11604ed137941ae0c) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\hu.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (ebda4f104a296502ba8f389e931899b0) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\id.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (0a93a06356b848f37e76347130b7a90b) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\it.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (8fd08e89f31897207aa6b5c83f9ab64a) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ja.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (549780ece4ec92bc3ba014ab150feb46) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\kn.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (2286b3343306a289922f4855a0e5d9a4) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ko.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (4e0a6020e16b3f481251bfd39ed45776) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\lt.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (c54d70cf9c8c713bb0719d9437237639) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\lv.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (20f08eef957aff1a64416d0631c4092a) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ml.dll (9680 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (e84bd82c7ce45ff2ba9cdf985113243f) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\mr.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (52d674cd2293f2c852132d818965fe5a) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ms.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (55ca4aee3704f083f3931151703d54b3) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\nb.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (ea25378eba465b3f1f80b840b9ad1f70) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\nl.dll (9168 bytes) (Unknown) (5.6.2013 21:48:55) (--A-) (d5e5c45ad5d0594564ce9c0ca009abc8) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\pl.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (91ff92594cd80c3c0aa165a7fef4bc9c) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\pt-BR.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (f1fb3068126497e46e6eda1fedd9a875) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\pt-PT.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (f542965e85bab82782ed1bbdc438ed96) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ro.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (4ce53b66a0883994a95f8cc0d90facd4) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ru.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (6f5e6716511a1ff81a9d6fefb1b06455) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\sk.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (3b7b53baed9c8cf1ea7af8be33c94991) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\sl.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (d8fb4c4790ed945d9a7945226150c55e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\sr.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (fc813f802827149e1ee7a6e3fbae08d5) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\sv.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (1007be51216ad00fa0c04a8107b223bd) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\sw.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (f5a8f887e2b21b2d277a458f7b309034) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\ta.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (0f714ec9ebcae709a53aa3abf8fb9c5e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\te.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (b797ec27aa7800cf008faf8e4c7b7e36) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\th.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (fc6bd24539db1ef80dca8c19c3cefbbf) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\tr.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (7fb2e2d8b32ada156183bea09d2fe10c) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\uk.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (7b58fe90aaef5548d0674f898b294459) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\vi.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (87fca6374879510c74053d27240f6cb5) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\zh-CN.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (b61bdd3825776af6d3d0d1548d6d877e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Locales\zh-TW.dll (9168 bytes) (Unknown) (5.6.2013 21:48:56) (--A-) (81f8fdde9831e0824abab88257cb59bd) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\chrome_frame_helper.dll (57296 bytes) (Google Inc.) (28.5.2013 13:53:10) (--A-) (626d0101e335399be08dc660b5f501bd) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\chrome_frame_helper.exe (82896 bytes) (Google Inc.) (28.5.2013 13:53:11) (--A-) (239a6e4d1878c0fabe685f8dd984543d) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\chrome_launcher.exe (87504 bytes) (Google Inc.) (28.5.2013 13:53:11) (--A-) (82dfea899b78f8c082dce0434f567776) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\d3dcompiler_43.dll (2106216 bytes) (Microsoft Corporation) (28.5.2013 13:53:10) (--A-) (1c9b45e87528b8bb8cfa884ea0099a85) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\delegate_execute.exe (397776 bytes) (Google Inc.) (28.5.2013 13:53:11) (--A-) (2add2fa2ee169fb7e6fa4552997eafdd) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll (1597392 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (4763adc41ba4e0ff8740251705ca3f7f) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\libegl.dll (124368 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (480041594be5d6e5c37869edf7fb9570) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\libglesv2.dll (599504 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (160d122d35af73f3c3339c4ae5584b5b) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\metro_driver.dll (866256 bytes) (Google Inc.) (28.5.2013 13:53:11) (--A-) (6c05f279f5ffd1cd5a904a8240b8757b) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\nacl64.exe (1037264 bytes) (Google Inc.) (28.5.2013 13:53:11) (--A-) (6b2c6d2687d9fba80007b3ed413d9990) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppgooglenaclpluginchrome.dll (393168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (d68678e3a6fed6c81b5a2f5ce64a8e8f) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\xinput1_3.dll (81768 bytes) (Microsoft Corporation) (28.5.2013 13:53:11) (--A-) (77f595dee5ffacea72b135b1fce1312e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe (1165776 bytes) (Google Inc.) (28.5.2013 13:53:12) (--A-) (d833e6a05697c0301f15a76ec2bf0fa4) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\setup.exe (1165776 bytes) (Google Inc.) (28.5.2013 13:53:12) (--A-) (d833e6a05697c0301f15a76ec2bf0fa4) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\am.dll (9168 bytes) (Unknown) (28.5.2013 13:53:08) (--A-) (21c9f962517b265c6a672bc6e034c607) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ar.dll (9168 bytes) (Unknown) (28.5.2013 13:53:08) (--A-) (96c007b8292a4d602c17493e3d8af881) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\bg.dll (9168 bytes) (Unknown) (28.5.2013 13:53:08) (--A-) (80d788326445a9d1ce23b67d6d9f1da9) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\bn.dll (9168 bytes) (Unknown) (28.5.2013 13:53:08) (--A-) (4d97f6feb64e8a4a6bf5a05d7b4bc4b3) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ca.dll (9168 bytes) (Unknown) (28.5.2013 13:53:08) (--A-) (4d5b0d4fb8011b18b416ca16efc2ccf2) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\cs.dll (9168 bytes) (Unknown) (28.5.2013 13:53:10) (--A-) (d902e69ad5cbfada653df9842083c1a9) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\da.dll (9168 bytes) (Unknown) (28.5.2013 13:53:10) (--A-) (bb240e97e331e1cd5342b3253f43fd11) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\de.dll (9168 bytes) (Unknown) (28.5.2013 13:53:10) (--A-) (1c6d5e915e882b12e47e67def5b63fcf) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\el.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (d0017d936f75d0fb2124ca0223dc8b53) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\en-GB.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (5c025465d389f364a608cc2377b85bbc) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\en-US.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (d1eded129a600bcf94137f3cf5b435db) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\es-419.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (cb04ed14a5230ee873df31189782f336) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\es.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (ac703eb076eb3507fbc8383982c43760) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\et.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (25bf7cb7f01c92a4038bd6ea4ea6354e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\fa.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (b32ee231556b0f8dabd835b7f8003630) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\fi.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (0e24a2a559147edb3a66e4c20c6636b8) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\fil.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (3a1bacd4b419101d8b8879a5068a89fa) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\fr.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (0199d9bd2f669cc8a1e22e6ac2d395e9) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\gu.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (9a7bf8a47cbc8f9ae6f887603db461ae) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\he.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (bd9bc30afb2a8b0be666e27481c9ccb7) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\hi.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (53620a7a2a10849cea3ee1bca2a67645) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\hr.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (fdf1a6418013816bef24b1a3eb3c08ae) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\hu.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (1719a346d7f4afa384fbc0646c4b9e93) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\id.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (8b16028c089cf68b04457a23844adc02) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\it.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (5e03c98fd4ea34303f56e19a5a4f4708) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ja.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (e9ff600ed37c908d61307252dcecdade) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\kn.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (4c5413e1ddaeb77767bc436a2c5ede94) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ko.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (d7dadc9311dc2b523d3c8922d2b7397c) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\lt.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (c73621566ef382066f72f3ab99c3b795) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\lv.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (0efb6f9bd362159dd29b60808687e40e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ml.dll (9680 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (701862eb08aa57e20d417780b1a22a3b) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\mr.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (84fb1ce191dc5633b437d7c4dd7bd5bd) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ms.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (f58e2bd42399de0536bcec66b4d0f26e) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\nb.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (6bac2273f76887d511ae071e7c0ee0a7) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\nl.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (881b862973d72be37c74bb3b4dc6fadc) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\pl.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (46b9e40b48ebf37cffd4f446487014b8) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\pt-BR.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (724b753974307ef9a3fda0a839855565) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\pt-PT.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (e4fa84e9322d96a2f4887fe80dbacc67) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ro.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (022a636e5423a580b0c32ce69a328e9c) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ru.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (853312fcc50aa9037457aef1204bf70b) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\sk.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (ac364e6ce6a12b5913fdad61384e1391) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\sl.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (0003f660e7e3c7d6e803ed4e63b91799) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\sr.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (a3f742dfa1d5296d764caf4b66bbd386) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\sv.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (c0b743f5c11f92ded6e27b96c8dcf3e3) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\sw.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (da5564fcc66fb0a2985823a2a7e0e5cd) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\ta.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (c292b030a7f9f922aee06ec6fda77104) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\te.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (6089a681389e9d253c8ab9b253262f10) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\th.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (5178ad9afe70edb3d5fe107d261b5215) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\tr.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (04c6ba6b30e20a5527843b7bd030d3d1) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\uk.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (e2bb998a2a6c834357ae969c808cd0aa) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\vi.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (77394c1ead34831c53293423c9f3a48f) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\zh-CN.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (ac5841c5e777fe0c7d62ca8974d25bae) (Created)
C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Locales\zh-TW.dll (9168 bytes) (Unknown) (28.5.2013 13:53:11) (--A-) (fbc3291eb19908212340f061964165ac) (Created)
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (116648 bytes) (Google Inc.) (28.5.2013 13:52:26) (--A-) (506708142bc63daba64f2d3ad1dcd5bf) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe (216968 bytes) (Google Inc.) (28.5.2013 15:40:18) (--A-) (76b35cb0f3a4e69d6dff27f542b9f856) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe (287624 bytes) (Google Inc.) (28.5.2013 15:40:19) (--A-) (4e252e85e5dc31bd645e809222afaf27) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleUpdate.exe (116648 bytes) (Google Inc.) (28.5.2013 15:40:18) (--A-) (506708142bc63daba64f2d3ad1dcd5bf) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleUpdateBroker.exe (59784 bytes) (Google Inc.) (28.5.2013 15:40:35) (--A-) (8f11f0321ed84b1533fc1384ac71ac8d) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleUpdateOnDemand.exe (59784 bytes) (Google Inc.) (28.5.2013 15:40:35) (--A-) (00f714ca28a01facb709486d6da306a8) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleUpdateSetup.exe (781592 bytes) (Google Inc.) (28.5.2013 15:40:34) (--A-) (c26bb2535c1b20deafaeb12634bf4dc9) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdate.dll (848776 bytes) (Google Inc.) (28.5.2013 15:40:18) (--A-) (758d99511fd82b6c55e70494039e9f1a) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_am.dll (25480 bytes) (Google Inc.) (28.5.2013 15:40:19) (--A-) (37b382c540fe385cc80750fe094d2436) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ar.dll (27016 bytes) (Google Inc.) (28.5.2013 15:40:19) (--A-) (0168e7384921b019c7b79ee5a3bbc161) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_bg.dll (30600 bytes) (Google Inc.) (28.5.2013 15:40:20) (--A-) (93ff8dfef26bd30afa6e3db15e8acb5e) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_bn.dll (29064 bytes) (Google Inc.) (28.5.2013 15:40:20) (--A-) (d314cd6d571d43c984ffee5f0f6e4b3d) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ca.dll (30088 bytes) (Google Inc.) (28.5.2013 15:40:20) (--A-) (97873a0ae52a3fbc4a3aa940b249b05c) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_cs.dll (29064 bytes) (Google Inc.) (28.5.2013 15:40:20) (--A-) (7a5fe62191a8e2a0e2f010aaf6f03629) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_da.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:20) (--A-) (1c7426eaa7bdae77cc7e3bb0f9e3a14f) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_de.dll (31624 bytes) (Google Inc.) (28.5.2013 15:40:20) (--A-) (b148b6313c497e8bd3b9dd6fdb39ac10) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_el.dll (31112 bytes) (Google Inc.) (28.5.2013 15:40:20) (--A-) (67fd8c305a738e7ea9ab3e155c964c40) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_en-GB.dll (28552 bytes) (Google Inc.) (28.5.2013 15:40:21) (--A-) (8c602d444d5643f551ce9ad65ebb605a) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_en.dll (28040 bytes) (Google Inc.) (28.5.2013 15:40:21) (--A-) (11afb3767663997e0ce911cd015599c9) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_es-419.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:21) (--A-) (c483cb78d29d233181c4d598f875a1bf) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_es.dll (31624 bytes) (Google Inc.) (28.5.2013 15:40:21) (--A-) (ba42ffe1cb12080a92824ed55d3eafa9) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_et.dll (28552 bytes) (Google Inc.) (28.5.2013 15:40:21) (--A-) (a07e4c0a3a05d44190ac25fb3c6cb65b) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_fa.dll (28040 bytes) (Google Inc.) (28.5.2013 15:40:22) (--A-) (1f3b47d4ee99fafebcfdf0ef99bf0840) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_fi.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:22) (--A-) (e1e4dedfdbec1fde219424c91dcd4d46) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_fil.dll (30600 bytes) (Google Inc.) (28.5.2013 15:40:22) (--A-) (f2b1d1fb1103977494f6d19aae8cc69d) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_fr.dll (31112 bytes) (Google Inc.) (28.5.2013 15:40:22) (--A-) (116e277ec09acf213d62445ae7a50eda) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_gu.dll (29064 bytes) (Google Inc.) (28.5.2013 15:40:23) (--A-) (72f76a295d076c68ebbff32474bfe7f2) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_hi.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:23) (--A-) (46173ecb5b9f6c84767a3e8d447225d6) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_hr.dll (30088 bytes) (Google Inc.) (28.5.2013 15:40:23) (--A-) (9db4eaacb9855199e4a73d0fac778524) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_hu.dll (30088 bytes) (Google Inc.) (28.5.2013 15:40:23) (--A-) (b19d72c2644e0eb177eaa80862b154ca) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_id.dll (28552 bytes) (Google Inc.) (28.5.2013 15:40:24) (--A-) (5d1416589d40580e1d17a59945f4f6ff) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_is.dll (29064 bytes) (Google Inc.) (28.5.2013 15:40:24) (--A-) (aa589e901eae7d61b2168b0cb79af7f0) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_it.dll (31112 bytes) (Google Inc.) (28.5.2013 15:40:24) (--A-) (a3f144453082103df53c4f8c63356198) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_iw.dll (26504 bytes) (Google Inc.) (28.5.2013 15:40:24) (--A-) (726837c8c731c852432e0131a36d6b03) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ja.dll (24968 bytes) (Google Inc.) (28.5.2013 15:40:25) (--A-) (bf60dcccfea46a98d31ed6de9a278e41) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_kn.dll (30088 bytes) (Google Inc.) (28.5.2013 15:40:25) (--A-) (ad5d7302a3f97fe7c96bf95c6e09e995) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ko.dll (23944 bytes) (Google Inc) (28.5.2013 15:40:25) (--A-) (a56762f5482e9dd69741fb2bbbbeb532) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_lt.dll (28552 bytes) („Google Inc.“) (28.5.2013 15:40:25) (--A-) (3a76c8eb41b49c819f30214168a50b6b) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_lv.dll (30600 bytes) (Google Inc.) (28.5.2013 15:40:26) (--A-) (bd964b57c8996236b66a64152267c138) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ml.dll (32136 bytes) (Google Inc.) (28.5.2013 15:40:26) (--A-) (39f8448738bf139a6b1b12615ba5ca79) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_mr.dll (29064 bytes) (Google Inc.) (28.5.2013 15:40:26) (--A-) (b6a13d656eae36368f7c9f3858891882) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ms.dll (28552 bytes) (Google Inc.) (28.5.2013 15:40:26) (--A-) (c9138b8521772d67eba4f92f458aa0f7) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_nl.dll (30600 bytes) (Google Inc.) (28.5.2013 15:40:27) (--A-) (c1539a3ca66e6f634130bda66a6af5de) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_no.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:27) (--A-) (a31bf7569a8ae5d7d82d11f672c83f53) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_pl.dll (30600 bytes) (Google Inc.) (28.5.2013 15:40:27) (--A-) (2950a0129c80705cd04b3c9557e0d4f0) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_pt-BR.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:27) (--A-) (ecfd7fdcc6f000bb55cb4effdc8cfcd5) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_pt-PT.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:27) (--A-) (6238a2e2d9f3d83e549265b2042b85ee) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ro.dll (30088 bytes) (Google Inc.) (28.5.2013 15:40:28) (--A-) (247158b3f04e23798f54709408ee3275) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ru.dll (29064 bytes) (Google Inc.) (28.5.2013 15:40:28) (--A-) (40722a0ae166f1dc5d1e2567c5cab149) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_sk.dll (30088 bytes) (Google Inc.) (28.5.2013 15:40:28) (--A-) (501890359f79d519b6d31aed5be8c124) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_sl.dll (30088 bytes) (Google Inc.) (28.5.2013 15:40:28) (--A-) (fbd461f7b26cbff59a9f8d173520976b) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_sr.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:28) (--A-) (710daea8e54cd0bbe9d466231deee41f) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_sv.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:29) (--A-) (4399d8b85219739b784142a59a42e018) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_sw.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:29) (--A-) (ac4c794732e5b274562cc76e6d40e9b6) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ta.dll (30600 bytes) (Google Inc.) (28.5.2013 15:40:29) (--A-) (7c1910c467b6f3273362996ef04ff373) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_te.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:29) (--A-) (1fac9d1f79c2654375ba1194b42c6aa0) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_th.dll (28040 bytes) (Google Inc.) (28.5.2013 15:40:30) (--A-) (7a743f451a8cfc16fdcc11c9391906af) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_tr.dll (29576 bytes) (Google Inc.) (28.5.2013 15:40:30) (--A-) (da83d2dfc2c57a6586419fe07cddfb5c) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_uk.dll (29064 bytes) (Google Inc.) (28.5.2013 15:40:30) (--A-) (7d090eabd9baf82ac53e094b60775b1a) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_ur.dll (29064 bytes) (Google Inc.) (28.5.2013 15:40:31) (--A-) (100fbe92cfaa09385b92e68636e3c2d4) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_vi.dll (28552 bytes) (Google Inc.) (28.5.2013 15:40:31) (--A-) (ebbe535da49a609686a18e2e03993b41) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_zh-CN.dll (22408 bytes) (Google Inc.) (28.5.2013 15:40:31) (--A-) (c59006dc63a35412a4187a03f1904770) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_zh-TW.dll (22408 bytes) (Google Inc.) (28.5.2013 15:40:32) (--A-) (b3c4b4d4ea6fbc21dc5a737f54b7fea6) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (585608 bytes) (Google Inc.) (28.5.2013 15:40:35) (--A-) (3d928b3fe97c403a33f803b3d1a260c9) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\psmachine.dll (162184 bytes) (Google Inc.) (28.5.2013 15:40:34) (--A-) (4d5cc66e982273cf1029933fd5251697) (Created)
C:\Program Files (x86)\Google\Update\1.3.21.145\psuser.dll (162184 bytes) (Google Inc.) (28.5.2013 15:40:33) (--A-) (7b73b1a488615c4619ad89d339cffd67) (Created)
C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.145\GoogleUpdateSetup.exe (781592 bytes) (Google Inc.) (28.5.2013 15:40:15) (--A-) (c26bb2535c1b20deafaeb12634bf4dc9) (Created)
C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\27.0.1453.110\27.0.1453.110_27.0.1453.94_chrome_updater.exe (746848 bytes) (Unknown) (5.6.2013 21:45:15) (--A-) (1ea998de136184740b292fb9dcdd49ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\7z.dll (914432 bytes) (Igor Pavlov) (6.6.2013 13:31:56) (--A-) (04ad4b80880b32c94be8d0886482c774) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll (527944 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (ef39cccc9ad927a25334ae0b41a8a343) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (887432 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (534a3cb0847ba114f0d8a5f2bb2ef6d0) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll (1127496 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (80d8679bf84a9383bff33e07d5d9fc35) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll (95304 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (d713fbececd754fb7110cc5c4e0948f5) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (532040 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (d1d5dab39dcb4be0359943738d87409b) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll (2191944 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (9275f02bea644f43a459e316a932658f) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbampt.exe (40008 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (3aa429543931cf75d2fa9a4befd1e7f8) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (418376 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (65085456fd9a74d7f1a999520c299ecb) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (701512 bytes) (Malwarebytes Corporation) (6.6.2013 13:31:56) (--A-) (e0d7732f2d2e24b2db3f67b6750295b8) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll (46416 bytes) (vbAccelerator) (6.6.2013 13:31:56) (--A-) (91ea28804ec3a71126841554199e28bc) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe (712264 bytes) (Unknown) (6.6.2013 13:31:56) (--A-) (cd18e303b47e126eaacdefad26b006b2) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx (496976 bytes) (vbAccelerator) (6.6.2013 13:31:56) (--A-) (baa4de42156350754976dd563d02cde4) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\firefox.com (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\firefox.exe (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\firefox.pif (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\firefox.scr (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.com (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe (218184 bytes) (Unknown) (6.6.2013 13:31:56) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.pif (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.scr (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-killer.exe (896072 bytes) (Unknown) (6.6.2013 13:31:56) (--A-) (b4b98ebca650953253fdaa78ab1276a7) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\rundll32.exe (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe (218184 bytes) (Unknown) (6.6.2013 13:31:57) (--A-) (b4c6e3889bb310ca7e974a04ec6e46ac) (Created)
C:\Program Files (x86)\NoVirusThanks\Hijack Hunter\HijackHunter.exe (628736 bytes) (NoVirusThanks Company Srl) (6.6.2013 12:12:19) (--A-) (b6ffa83b91d78a0369fe0e15e4dba69c) (Created)
C:\Program Files (x86)\NoVirusThanks\Hijack Hunter\nhdrv.sys (4608 bytes) (NoVirusThanks Company Srl) (6.6.2013 12:12:20) (--A-) (8f40312ac7b0f3d0246fe52105e4f1d7) (Created)
C:\Program Files (x86)\NoVirusThanks\Hijack Hunter\unins000.exe (709176 bytes) (Unknown) (6.6.2013 12:12:19) (--A-) (626b4f1832765b3280e2a4e7ceba87e9) (Created)
C:\Windows\grep.exe (80412 bytes) (Unknown) (6.6.2013 14:49:45) (--A-) (9e05a9c264c8a908a8e79450fcbff047) (Created)
C:\Windows\MBR.exe (208896 bytes) (Unknown) (6.6.2013 14:49:45) (--A-) (0277c027a26428db64ef4f64f52bb4fd) (Created)
C:\Windows\NIRCMD.exe (60416 bytes) (NirSoft) (6.6.2013 14:49:45) (--A-) (753bc16326fee4a421acb636ccd602f4) (Created)
C:\Windows\PEV.exe (256000 bytes) (Unknown) (6.6.2013 14:49:45) (--A-) (f042ee4c8d66248d9b86dcf52abae416) (Created)
C:\Windows\sed.exe (98816 bytes) (Unknown) (6.6.2013 14:49:45) (--A-) (2b657a67aebb84aea5632c53e61e23bf) (Created)
C:\Windows\SWREG.exe (518144 bytes) (SteelWerX) (6.6.2013 14:49:45) (--A-) (a46842c9b0c567a5a9584e83a163560c) (Created)
C:\Windows\SWSC.exe (406528 bytes) (SteelWerX) (6.6.2013 14:49:45) (--A-) (0297c72529807322b152f517fdb0a9fc) (Created)
C:\Windows\zip.exe (68096 bytes) (Unknown) (6.6.2013 14:49:45) (--A-) (5e832f4faf5f481f2eaf3b3a48f603b8) (Created)
C:\Users\Yardhik\AppData\Local\Temp\Rar$EX00.354\TDSSKiller.exe (2237968 bytes) (Kaspersky Lab ZAO) (6.6.2013 15:17:16) (--A-) (178a34e5554dce485e1262ddf027960c) (Created)
[+] Hidden files in suspicious folders
[+] Suspicious Registry Keys
[+] Suspicious folders
[+] Drivers
C:\Windows\system32\drivers\amdxata.sys (amdxata) (amdxata) (Advanced Micro Devices) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\avgfwd6a.sys (Avgfwfd) (AVG network filter service) (AVG Technologies CZ, s.r.o.) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\avgidsdrivera.sys (AVGIDSDriver) (AVGIDSDriver) (AVG Technologies CZ, s.r.o.) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\avgidsha.sys (AVGIDSHA) (AVGIDSHA) (AVG Technologies CZ, s.r.o.) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\avgldx64.sys (Avgldx64) (AVG AVI Loader Driver) (AVG Technologies CZ, s.r.o.) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\avgloga.sys (Avgloga) (AVG Logging Driver) (AVG Technologies CZ, s.r.o.) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\avgmfx64.sys (Avgmfx64) (AVG Mini-Filter Resident Anti-Virus Shield) (AVG Technologies CZ, s.r.o.) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\avgrkx64.sys (Avgrkx64) (AVG Anti-Rootkit Driver) (AVG Technologies CZ, s.r.o.) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\avgtdia.sys (Avgtdia) (AVG TDI Driver) (AVG Technologies CZ, s.r.o.) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\blbdrive.sys (blbdrive) (blbdrive) (Microsoft Corporation) (d41d8cd98f00b204e9800998ecf8427e)
c:\windows\system32\drivers\mbam.sys (MBAMProtector) (MBAMProtector) (Malwarebytes Corporation) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\nvlddmkm.sys (nvlddmkm) (nvlddmkm) (NVIDIA Corporation) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\rt64win7.sys (RTL8167) (Ovladač Realtek 8167 NT) (Realtek Corporation) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\sptd.sys (sptd) (sptd) (Unknown) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\vmstorfl.sys (storflt) (Diskový ovladač filtru akcelerace sběrnice virtuálního počítače) (Microsoft Corporation) (d41d8cd98f00b204e9800998ecf8427e)
C:\Windows\system32\drivers\swenum.sys (swenum) (Softwarový ovladač sběrnice) (Microsoft Corporation) (d41d8cd98f00b204e9800998ecf8427e)
[+] Drivers -> FSFilter Anti-Virus
Driver Name: MBAMProtector
Driver File: \??\C:\Windows\system32\drivers\mbam.sys
Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
[+] Services
c:\program files (x86)\avg\avg2013\avgfws.exe (avgfws) (AVG Firewall) (AVG Technologies CZ, s.r.o.) (d0be22c910e46550c6308d50dda76b94)
c:\program files (x86)\avg\avg2013\avgidsagent.exe (AVGIDSAgent) (AVGIDSAgent) (AVG Technologies CZ, s.r.o.) (4afc14afa58878faa1d249e7e90ea54b)
c:\program files (x86)\avg\avg2013\avgwdsvc.exe (avgwd) (AVG WatchDog) (AVG Technologies CZ, s.r.o.) (6b72e1e329c4e98c6b6fdd2d265e3ba3)
c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe (MBAMScheduler) (MBAMScheduler) (Malwarebytes Corporation) (65085456fd9a74d7f1a999520c299ecb)
c:\windows\system32\nvvsvc.exe (nvsvc) (NVIDIA Display Driver Service) (NVIDIA Corporation) (d41d8cd98f00b204e9800998ecf8427e)
c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe (nvUpdatusService) (NVIDIA Update Service Daemon) (NVIDIA Corporation) (b7c53da1c73ff39f4a6248643efd979a)
c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe (Stereo Service) (NVIDIA Stereoscopic 3D Driver Service) (NVIDIA Corporation) (81f177c1954453af407604160bd149cb)
[+] ServiceDll
[+] Unknown files in Winsock LSP
[+] Unknown files in CLSID
C:\Windows\SysWoW64\nvcuvenc.dll (1995552 bytes) (NVIDIA Corporation) (2.4.2013 13:41:47) (--A-) (ebdf7c55db22b28a48aab5d97de4b5e4)
C:\Windows\SysWOW64\deployJava1.dll (782240 bytes) (Oracle Corporation) (2.4.2013 12:40:58) (--A-) (477d36327b9687846bedca9d3cc52ac5)
[+] TCP Connections
N/A -> 0.0.0.0:135 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:445 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:554 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:2869 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:5357 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:10243 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:49152 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:49153 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:49154 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:49155 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:49159 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:49161 -> 0.0.0.0:0 -> LISTENING
N/A -> 89.102.65.124:139 -> 0.0.0.0:0 -> LISTENING
N/A -> 89.102.65.124:49288 -> 91.203.99.45:80 -> TIME_WAIT
N/A -> 89.102.65.124:49290 -> 91.203.99.45:80 -> TIME_WAIT
N/A -> 89.102.65.124:49298 -> 173.194.44.232:443 -> TIME_WAIT
N/A -> 89.102.65.124:49301 -> 173.194.44.229:80 -> TIME_WAIT
N/A -> 89.102.65.124:49302 -> 173.194.35.90:80 -> TIME_WAIT
N/A -> 89.102.65.124:49303 -> 91.203.99.45:443 -> TIME_WAIT
N/A -> 89.102.65.124:49305 -> 91.190.216.7:80 -> TIME_WAIT
N/A -> 89.102.65.124:49306 -> 173.194.44.232:443 -> TIME_WAIT
N/A -> 89.102.65.124:49307 -> 173.194.35.79:443 -> TIME_WAIT
N/A -> 89.102.65.124:49308 -> 91.190.216.41:443 -> TIME_WAIT
N/A -> 89.102.65.124:49317 -> 173.194.35.90:80 -> TIME_WAIT
N/A -> 89.102.65.124:49318 -> 173.194.35.90:80 -> TIME_WAIT
daemonu.exe -> 127.0.0.1:2559 -> 0.0.0.0:0 -> LISTENING
[+] UDP Connections
N/A -> 0.0.0.0:500 -> *.*
N/A -> 0.0.0.0:3702 -> *.*
N/A -> 0.0.0.0:3702 -> *.*
N/A -> 0.0.0.0:3702 -> *.*
N/A -> 0.0.0.0:3702 -> *.*
N/A -> 0.0.0.0:4500 -> *.*
N/A -> 0.0.0.0:5004 -> *.*
N/A -> 0.0.0.0:5005 -> *.*
N/A -> 0.0.0.0:5355 -> *.*
N/A -> 0.0.0.0:52318 -> *.*
N/A -> 0.0.0.0:55176 -> *.*
N/A -> 0.0.0.0:55178 -> *.*
N/A -> 89.102.65.124:137 -> *.*
N/A -> 89.102.65.124:138 -> *.*
N/A -> 89.102.65.124:1900 -> *.*
N/A -> 89.102.65.124:55174 -> *.*
N/A -> 127.0.0.1:1900 -> *.*
daemonu.exe -> 127.0.0.1:48000 -> *.*
N/A -> 127.0.0.1:48001 -> *.*
N/A -> 127.0.0.1:55175 -> *.*
[+] Hosts file
[+] Ring3 API Hooks
x64 OS not supported!
[+] Kernel Mode Info
x64 OS not supported!
---
Finish [ 0:5:18 ]
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu.Děkuji
Dej sem HijackThis a ne HijackHunter
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Prosim o kontrolu logu.Děkuji
Pardon jsem už z toho janek 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:01:10, on 6.6.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6590 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:01:10, on 6.6.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6590 bytes
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43072
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu.Děkuji
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Návod
Kód: Vybrat vše
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllOtevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
File::
c:\programdata\odf92.reg
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Folder::
c:\program files (x86)\Google\Update
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosim o kontrolu logu.Děkuji
ComboFix 13-06-05.05 - Yardhik 06.06.2013 19:37:17.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4094.2690 [GMT 2:00]
Spuštěný z: c:\users\Yardhik\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Yardhik\Desktop\CFScript.txt
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\odf92.reg"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.145\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.145\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.145\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.145\psuser.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.145\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\27.0.1453.110\27.0.1453.110_27.0.1453.94_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\programdata\odf92.reg
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-05-06 do 2013-06-06 )))))))))))))))))))))))))))))))
.
.
2013-06-06 17:47 . 2013-06-06 17:47 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-06-06 17:47 . 2013-06-06 17:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-06 17:24 . 2013-06-06 17:24 -------- d-----w- c:\users\Yardhik\AppData\Local\ElevatedDiagnostics
2013-06-06 13:44 . 2013-06-06 13:44 388096 ----a-r- c:\users\Yardhik\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-06-06 13:44 . 2013-06-06 13:44 -------- d-----w- c:\program files (x86)\Trend Micro
2013-06-06 11:31 . 2013-06-06 11:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-06 11:31 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-06 10:12 . 2013-06-06 10:12 -------- d-----w- c:\program files (x86)\NoVirusThanks
2013-06-06 10:03 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-06-06 10:03 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-06-06 10:03 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-06-06 10:03 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-06-06 10:03 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-06-06 10:03 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-06-06 10:03 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-06-06 10:03 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-06-06 10:03 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-06-05 20:26 . 2013-06-06 09:52 -------- d-----w- c:\users\Yardhik\AppData\Local\Diagnostics
2013-06-05 19:52 . 2008-10-15 04:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2013-06-05 19:52 . 2008-10-15 04:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2013-06-05 19:52 . 2008-10-15 04:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2013-06-05 19:52 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2013-06-05 19:52 . 2008-10-15 04:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2013-06-05 19:52 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2013-05-28 12:22 . 2013-05-28 12:24 -------- d-----w- c:\users\Miruška
2013-05-28 11:52 . 2013-05-28 11:53 -------- d-----w- c:\users\Yardhik\AppData\Local\Google
2013-05-28 11:52 . 2013-06-06 17:44 -------- d-----w- c:\program files (x86)\Google
2013-05-28 11:10 . 2013-05-28 11:10 -------- d-----w- c:\users\Yardhik\AppData\Roaming\Malwarebytes
2013-05-28 11:10 . 2013-05-28 11:10 -------- d-----w- c:\programdata\Malwarebytes
2013-05-28 10:01 . 2013-06-05 19:56 -------- d-----w- c:\program files (x86)\GridinSoft Trojan Killer
2013-05-20 14:18 . 2013-05-20 14:18 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-20 14:18 . 2013-05-20 14:18 311200 ----a-w- c:\windows\system32\javaws.exe
2013-05-20 14:18 . 2013-05-20 14:18 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-05-20 14:18 . 2013-05-20 14:18 188832 ----a-w- c:\windows\system32\javaw.exe
2013-05-20 14:18 . 2013-05-20 14:18 188320 ----a-w- c:\windows\system32\java.exe
2013-05-20 14:18 . 2013-05-20 14:18 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-05-20 14:18 . 2013-05-20 14:18 -------- d-----w- c:\program files\Java
2013-05-15 21:12 . 2013-05-15 21:12 -------- d-----w- c:\programdata\RELOADED
2013-05-15 20:55 . 2013-05-15 20:55 -------- d-----w- c:\users\Yardhik\AppData\Local\Programs
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 19:07 . 2013-04-02 10:13 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 19:07 . 2013-04-02 10:13 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-02 10:40 . 2013-04-02 10:40 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-04-02 10:40 . 2013-04-02 10:40 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-04-02 10:40 . 2013-04-02 10:40 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-15 05:53 . 2013-04-02 11:42 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-03-15 05:53 . 2013-04-02 11:42 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-03-15 05:53 . 2013-04-02 11:41 9414456 ----a-w- c:\windows\system32\nvcuda.dll
2013-03-15 05:53 . 2013-04-02 11:41 7959000 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-03-15 05:53 . 2013-04-02 11:41 7573816 ----a-w- c:\windows\system32\nvopencl.dll
2013-03-15 05:53 . 2013-04-02 11:41 6271872 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-03-15 05:53 . 2013-04-02 11:41 2913056 ----a-w- c:\windows\system32\nvcuvid.dll
2013-03-15 05:53 . 2013-04-02 11:41 2728736 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-03-15 05:53 . 2013-04-02 11:41 26956576 ----a-w- c:\windows\system32\nvoglv64.dll
2013-03-15 05:53 . 2013-04-02 11:41 2355488 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-03-15 05:53 . 2013-04-02 11:41 20542752 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-03-15 05:53 . 2013-04-02 11:41 1995552 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-03-15 05:53 . 2013-04-02 11:41 1807136 ----a-w- c:\windows\system32\nvdispco6431422.dll
2013-03-15 05:53 . 2013-04-02 11:41 17990800 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-03-15 05:53 . 2013-04-02 11:41 1510176 ----a-w- c:\windows\system32\nvdispgenco6431422.dll
2013-03-15 05:53 . 2013-04-02 11:41 13088000 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-03-15 05:53 . 2013-04-02 11:41 11048736 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-03-15 05:53 . 2013-04-02 11:41 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2013-04-02 11:41 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2013-04-02 11:41 25256736 ----a-w- c:\windows\system32\nvcompiler.dll
2013-03-15 05:53 . 2013-04-02 11:41 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-03-15 05:53 . 2009-07-13 21:59 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-03-15 05:53 . 2009-06-10 20:37 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 04:16 . 2013-04-02 11:42 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2013-04-02 11:42 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2013-04-02 11:42 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2013-04-02 11:42 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 04:16 . 2013-04-02 11:42 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-03-15 04:16 . 2013-04-02 11:42 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-14 20:07 . 2013-03-14 20:07 559904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe;c:\program files (x86)\AVG\AVG2013\avgfws.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-05 19:45 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-02 19:07]
.
.
--------- X64 Entries -----------
.
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Data]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET Data Provider for Oracle]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET Data Provider for SqlServer]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NETFramework]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\1394ohci]
"ImagePath"="system32\DRIVERS\1394ohci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ACPI]
"ImagePath"="system32\DRIVERS\ACPI.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AcpiPmi]
"ImagePath"="\SystemRoot\system32\DRIVERS\acpipmi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AdobeFlashPlayerUpdateSvc]
"ImagePath"="c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\adp94xx]
"ImagePath"="\SystemRoot\system32\DRIVERS\adp94xx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\adpahci]
"ImagePath"="\SystemRoot\system32\DRIVERS\adpahci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\adpu320]
"ImagePath"="\SystemRoot\system32\DRIVERS\adpu320.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\adsi]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc]
"ServiceDll"="%SystemRoot%\System32\aelupsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AFD]
"ImagePath"="\SystemRoot\system32\drivers\afd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\agp440]
"ImagePath"="\SystemRoot\system32\DRIVERS\agp440.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\aliide]
"ImagePath"="\SystemRoot\system32\DRIVERS\aliide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\amdide]
"ImagePath"="\SystemRoot\system32\DRIVERS\amdide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AmdK8]
"ImagePath"="system32\DRIVERS\amdk8.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AmdPPM]
"ImagePath"="\SystemRoot\system32\DRIVERS\amdppm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\amdsata]
"ImagePath"="\SystemRoot\system32\DRIVERS\amdsata.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\amdsbs]
"ImagePath"="\SystemRoot\system32\DRIVERS\amdsbs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\amdxata]
"ImagePath"="system32\DRIVERS\amdxata.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppID]
"ImagePath"="\SystemRoot\system32\drivers\appid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppIDSvc]
"ServiceDll"="%SystemRoot%\System32\appidsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Appinfo]
"ServiceDll"="%SystemRoot%\System32\appinfo.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\arc]
"ImagePath"="\SystemRoot\system32\DRIVERS\arc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\arcsas]
"ImagePath"="\SystemRoot\system32\DRIVERS\arcsas.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\atapi]
"ImagePath"="system32\DRIVERS\atapi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AudioEndpointBuilder]
"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AudioSrv]
"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avg]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgfwfd]
"ImagePath"="system32\DRIVERS\avgfwd6a.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\avgfws]
"ImagePath"="\"c:\program files (x86)\AVG\AVG2013\avgfws.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AVGIDSAgent]
"ImagePath"="\"c:\program files (x86)\AVG\AVG2013\avgidsagent.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AVGIDSDriver]
"ImagePath"="system32\DRIVERS\avgidsdrivera.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AVGIDSHA]
"ImagePath"="system32\DRIVERS\avgidsha.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgldx64]
"ImagePath"="system32\DRIVERS\avgldx64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgloga]
"ImagePath"="system32\DRIVERS\avgloga.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgmfx64]
"ImagePath"="system32\DRIVERS\avgmfx64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgrkx64]
"ImagePath"="system32\DRIVERS\avgrkx64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgtdia]
"ImagePath"="system32\DRIVERS\avgtdia.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\avgwd]
"ImagePath"="\"c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AxInstSV]
"ServiceDll"="%SystemRoot%\System32\AxInstSV.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\b06bdrv]
"ImagePath"="\SystemRoot\system32\DRIVERS\bxvbda.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\b57nd60a]
"ImagePath"="system32\DRIVERS\b57nd60a.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BattC]
"MofImagePath"="system32\drivers\battc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BDESVC]
"ServiceDll"="%SystemRoot%\System32\bdesvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Beep]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BFE]
"ServiceDll"="%SystemRoot%\System32\bfe.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS]
"ServiceDll"="%SystemRoot%\System32\qmgr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\blbdrive]
"ImagePath"="system32\DRIVERS\blbdrive.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bowser]
"ImagePath"="system32\DRIVERS\bowser.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrFiltLo]
"ImagePath"="\SystemRoot\system32\DRIVERS\BrFiltLo.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrFiltUp]
"ImagePath"="\SystemRoot\system32\DRIVERS\BrFiltUp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BridgeMP]
"ImagePath"="system32\DRIVERS\bridge.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Brserid]
"ImagePath"="\SystemRoot\System32\Drivers\Brserid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrSerWdm]
"ImagePath"="\SystemRoot\System32\Drivers\BrSerWdm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrUsbMdm]
"ImagePath"="\SystemRoot\System32\Drivers\BrUsbMdm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrUsbSer]
"ImagePath"="\SystemRoot\System32\Drivers\BrUsbSer.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BTHMODEM]
"ImagePath"="\SystemRoot\system32\DRIVERS\bthmodem.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BTHPORT]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bthserv]
"ServiceDll"="%SystemRoot%\system32\bthserv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\catchme]
"ImagePath"="\??\c:\combofix\catchme.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cdfs]
"ImagePath"="system32\DRIVERS\cdfs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cdrom]
"ImagePath"="system32\DRIVERS\cdrom.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CertPropSvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\circlass]
"ImagePath"="\SystemRoot\system32\DRIVERS\circlass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CLFS]
"ImagePath"="System32\CLFS.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\clr_optimization_v2.0.50727_32]
"ImagePath"="%systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\clr_optimization_v2.0.50727_64]
"ImagePath"="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmBatt]
"ImagePath"="\SystemRoot\system32\DRIVERS\CmBatt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cmdide]
"ImagePath"="\SystemRoot\system32\DRIVERS\cmdide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CNG]
"ImagePath"="System32\Drivers\cng.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Compbatt]
"ImagePath"="\SystemRoot\system32\DRIVERS\compbatt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CompositeBus]
"ImagePath"="system32\DRIVERS\CompositeBus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\COMSysApp]
"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crcdisk]
"ImagePath"="\SystemRoot\system32\DRIVERS\crcdisk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CryptSvc]
"ServiceDll"="%SystemRoot%\system32\cryptsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CSC]
"ImagePath"="system32\drivers\csc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CscService]
"ServiceDll"="%SystemRoot%\System32\cscsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DCLocator]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\defragsvc]
"ServiceDll"="%Systemroot%\System32\defragsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DfsC]
"ImagePath"="System32\Drivers\dfsc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dhcp]
"ServiceDll"="%SystemRoot%\system32\dhcpcore.dll"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\discache]
"ImagePath"="System32\drivers\discache.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Disk]
"ImagePath"="system32\DRIVERS\disk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DPS]
"ServiceDll"="%SystemRoot%\system32\dps.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DXGKrnl]
"ImagePath"="\SystemRoot\System32\drivers\dxgkrnl.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EapHost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ebdrv]
"ImagePath"="\SystemRoot\system32\DRIVERS\evbda.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EFS]
"ImagePath"="%SystemRoot%\System32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ehRecvr]
"ImagePath"="%systemroot%\ehome\ehRecvr.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ehSched]
"ImagePath"="%systemroot%\ehome\ehsched.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\elxstor]
"ImagePath"="\SystemRoot\system32\DRIVERS\elxstor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ErrDev]
"ImagePath"="\SystemRoot\system32\DRIVERS\errdev.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ESENT]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog]
"ServiceDll"="%SystemRoot%\System32\wevtsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EventSystem]
"ServiceDll"="%systemroot%\system32\es.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\exfat]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fastfat]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fax]
"ImagePath"="%systemroot%\system32\fxssvc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fdc]
"ImagePath"="system32\DRIVERS\fdc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fdPHost]
"ServiceDll"="%SystemRoot%\system32\fdPHost.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FDResPub]
"ServiceDll"="%SystemRoot%\system32\fdrespub.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FileInfo]
"ImagePath"="system32\drivers\fileinfo.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Filetrace]
"ImagePath"="system32\drivers\filetrace.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\flpydisk]
"ImagePath"="system32\DRIVERS\flpydisk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FltMgr]
"ImagePath"="system32\drivers\fltmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache]
"ServiceDll"="%SystemRoot%\system32\FntCache.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache3.0.0.0]
"ImagePath"="%systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FsDepends]
"ImagePath"="System32\drivers\FsDepends.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fs_Rec]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fvevol]
"ImagePath"="System32\DRIVERS\fvevol.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gagp30kx]
"ImagePath"="\SystemRoot\system32\DRIVERS\gagp30kx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gpsvc]
"ServiceDll"="%SystemRoot%\System32\gpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hcw85cir]
"ImagePath"="\SystemRoot\system32\drivers\hcw85cir.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HdAudAddService]
"ImagePath"="system32\drivers\HdAudio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HDAudBus]
"ImagePath"="system32\DRIVERS\HDAudBus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HidBatt]
"ImagePath"="\SystemRoot\system32\DRIVERS\HidBatt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HidBth]
"ImagePath"="\SystemRoot\system32\DRIVERS\hidbth.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HidIr]
"ImagePath"="\SystemRoot\system32\DRIVERS\hidir.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hidserv]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HidUsb]
"ImagePath"="system32\DRIVERS\hidusb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hkmsvc]
"ServiceDLL"="%SystemRoot%\system32\kmsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupListener]
"ServiceDll"="%SystemRoot%\system32\ListSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupProvider]
"ServiceDll"="%SystemRoot%\system32\provsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HpSAMD]
"ImagePath"="\SystemRoot\system32\DRIVERS\HpSAMD.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HTTP]
"ImagePath"="system32\drivers\HTTP.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hwpolicy]
"ImagePath"="System32\drivers\hwpolicy.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\i8042prt]
"ImagePath"="system32\DRIVERS\i8042prt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iaStorV]
"ImagePath"="\SystemRoot\system32\DRIVERS\iaStorV.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\idsvc]
"ImagePath"="\"%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iirsp]
"ImagePath"="\SystemRoot\system32\DRIVERS\iirsp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IKEEXT]
"ServiceDll"="%SystemRoot%\System32\ikeext.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\inetaccs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\intelide]
"ImagePath"="\SystemRoot\system32\DRIVERS\intelide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\intelppm]
"ImagePath"="\SystemRoot\system32\DRIVERS\intelppm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPBusEnum]
"ServiceDll"="%SystemRoot%\system32\ipbusenum.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iphlpsvc]
"ServiceDll"="%SystemRoot%\System32\iphlpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPMIDRV]
"ImagePath"="\SystemRoot\system32\DRIVERS\IPMIDrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPNAT]
"ImagePath"="System32\drivers\ipnat.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IRENUM]
"ImagePath"="system32\drivers\irenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\isapnp]
"ImagePath"="\SystemRoot\system32\DRIVERS\isapnp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iScsiPrt]
"ImagePath"="\SystemRoot\system32\DRIVERS\msiscsi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\kbdclass]
"ImagePath"="system32\DRIVERS\kbdclass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\kbdhid]
"ImagePath"="system32\DRIVERS\kbdhid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KeyIso]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KSecDD]
"ImagePath"="System32\Drivers\ksecdd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KSecPkg]
"ImagePath"="System32\Drivers\ksecpkg.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ksthunk]
"ImagePath"="\SystemRoot\system32\drivers\ksthunk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KtmRm]
"ServiceDll"="%systemroot%\system32\msdtckrm.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanWorkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ldap]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lltdio]
"ImagePath"="system32\DRIVERS\lltdio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lltdsvc]
"ServiceDll"="%SystemRoot%\System32\lltdsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lmhosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Lsa]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LSI_FC]
"ImagePath"="\SystemRoot\system32\DRIVERS\lsi_fc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LSI_SAS]
"ImagePath"="\SystemRoot\system32\DRIVERS\lsi_sas.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LSI_SAS2]
"ImagePath"="\SystemRoot\system32\DRIVERS\lsi_sas2.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LSI_SCSI]
"ImagePath"="\SystemRoot\system32\DRIVERS\lsi_scsi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\luafv]
"ImagePath"="\SystemRoot\system32\drivers\luafv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MBAMProtector]
"ImagePath"="\??\c:\windows\system32\drivers\mbam.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MBAMScheduler]
"ImagePath"="\"c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MBAMService]
"ImagePath"="\"c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mcx2Svc]
"ServiceDll"="%SystemRoot%\system32\Mcx2Svc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\megasas]
"ImagePath"="\SystemRoot\system32\DRIVERS\megasas.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MegaSR]
"ImagePath"="\SystemRoot\system32\DRIVERS\MegaSR.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Microsoft Office Groove Audit Service]
"ImagePath"="\"c:\program files (x86)\Microsoft Office\Office12\GrooveAuditService.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MMCSS]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Modem]
"ImagePath"="system32\drivers\modem.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\monitor]
"ImagePath"="system32\DRIVERS\monitor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mouclass]
"ImagePath"="system32\DRIVERS\mouclass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mouhid]
"ImagePath"="system32\DRIVERS\mouhid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mountmgr]
"ImagePath"="System32\drivers\mountmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mpio]
"ImagePath"="\SystemRoot\system32\DRIVERS\mpio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mpsdrv]
"ImagePath"="System32\drivers\mpsdrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MpsSvc]
"ServiceDll"="%SystemRoot%\system32\mpssvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MRxDAV]
"ImagePath"="\SystemRoot\system32\drivers\mrxdav.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mrxsmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mrxsmb10]
"ImagePath"="system32\DRIVERS\mrxsmb10.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mrxsmb20]
"ImagePath"="system32\DRIVERS\mrxsmb20.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msahci]
"ImagePath"="\SystemRoot\system32\DRIVERS\msahci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msdsm]
"ImagePath"="\SystemRoot\system32\DRIVERS\msdsm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSDTC]
"ImagePath"="%SystemRoot%\System32\msdtc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSDTC Bridge 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Msfs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mshidkmdf]
"ImagePath"="\SystemRoot\System32\drivers\mshidkmdf.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msisadrv]
"ImagePath"="system32\DRIVERS\msisadrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSiSCSI]
"ServiceDll"="%systemroot%\system32\iscsiexe.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msiserver]
"ImagePath"="%systemroot%\system32\msiexec.exe /V"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MsRPC]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSSCNTRS]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mssmbios]
"ImagePath"="system32\DRIVERS\mssmbios.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MTConfig]
"ImagePath"="\SystemRoot\system32\DRIVERS\MTConfig.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mup]
"ImagePath"="System32\Drivers\mup.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\napagent]
"ServiceDLL"="%SystemRoot%\system32\qagentRT.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NativeWifiP]
"ImagePath"="system32\DRIVERS\nwifi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NDIS]
"ImagePath"="system32\drivers\ndis.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NdisCap]
"ImagePath"="system32\DRIVERS\ndiscap.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NdisTapi]
"ImagePath"="system32\DRIVERS\ndistapi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Ndisuio]
"ImagePath"="system32\DRIVERS\ndisuio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NdisWan]
"ImagePath"="system32\DRIVERS\ndiswan.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NDProxy]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT]
"ImagePath"="System32\DRIVERS\netbt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Netlogon]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\netprofm]
"ServiceDll"="%SystemRoot%\System32\netprofm.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpPortSharing]
"ImagePath"="\"%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nfrd960]
"ImagePath"="\SystemRoot\system32\DRIVERS\nfrd960.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NlaSvc]
"ServiceDll"="%SystemRoot%\System32\nlasvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Npfs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nsi]
"ServiceDll"="%systemroot%\system32\nsisvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nsiproxy]
"ImagePath"="system32\drivers\nsiproxy.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NTDS]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Ntfs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Null]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nvlddmkm]
"ImagePath"="system32\DRIVERS\nvlddmkm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nvraid]
"ImagePath"="\SystemRoot\system32\DRIVERS\nvraid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nvstor]
"ImagePath"="\SystemRoot\system32\DRIVERS\nvstor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nvsvc]
"ImagePath"="\"c:\windows\system32\nvvsvc.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nvUpdatusService]
"ImagePath"="\"c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nv_agp]
"ImagePath"="\SystemRoot\system32\DRIVERS\nv_agp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\odserv]
"ImagePath"="\"c:\program files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ohci1394]
"ImagePath"="\SystemRoot\system32\DRIVERS\ohci1394.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ose]
"ImagePath"="\"c:\program files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Outlook]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2pimsvc]
"ServiceDll"="%SystemRoot%\system32\pnrpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2psvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Parport]
"ImagePath"="system32\DRIVERS\parport.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\partmgr]
"ImagePath"="System32\drivers\partmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PcaSvc]
"ServiceDll"="%SystemRoot%\System32\pcasvc.dll"
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4094.2690 [GMT 2:00]
Spuštěný z: c:\users\Yardhik\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Yardhik\Desktop\CFScript.txt
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\odf92.reg"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.145\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.145\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.145\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.145\psuser.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.145\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\27.0.1453.110\27.0.1453.110_27.0.1453.94_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\programdata\odf92.reg
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-05-06 do 2013-06-06 )))))))))))))))))))))))))))))))
.
.
2013-06-06 17:47 . 2013-06-06 17:47 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-06-06 17:47 . 2013-06-06 17:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-06 17:24 . 2013-06-06 17:24 -------- d-----w- c:\users\Yardhik\AppData\Local\ElevatedDiagnostics
2013-06-06 13:44 . 2013-06-06 13:44 388096 ----a-r- c:\users\Yardhik\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-06-06 13:44 . 2013-06-06 13:44 -------- d-----w- c:\program files (x86)\Trend Micro
2013-06-06 11:31 . 2013-06-06 11:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-06 11:31 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-06 10:12 . 2013-06-06 10:12 -------- d-----w- c:\program files (x86)\NoVirusThanks
2013-06-06 10:03 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-06-06 10:03 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-06-06 10:03 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-06-06 10:03 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-06-06 10:03 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-06-06 10:03 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-06-06 10:03 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-06-06 10:03 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-06-06 10:03 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-06-05 20:26 . 2013-06-06 09:52 -------- d-----w- c:\users\Yardhik\AppData\Local\Diagnostics
2013-06-05 19:52 . 2008-10-15 04:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2013-06-05 19:52 . 2008-10-15 04:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2013-06-05 19:52 . 2008-10-15 04:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2013-06-05 19:52 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2013-06-05 19:52 . 2008-10-15 04:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2013-06-05 19:52 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2013-05-28 12:22 . 2013-05-28 12:24 -------- d-----w- c:\users\Miruška
2013-05-28 11:52 . 2013-05-28 11:53 -------- d-----w- c:\users\Yardhik\AppData\Local\Google
2013-05-28 11:52 . 2013-06-06 17:44 -------- d-----w- c:\program files (x86)\Google
2013-05-28 11:10 . 2013-05-28 11:10 -------- d-----w- c:\users\Yardhik\AppData\Roaming\Malwarebytes
2013-05-28 11:10 . 2013-05-28 11:10 -------- d-----w- c:\programdata\Malwarebytes
2013-05-28 10:01 . 2013-06-05 19:56 -------- d-----w- c:\program files (x86)\GridinSoft Trojan Killer
2013-05-20 14:18 . 2013-05-20 14:18 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-20 14:18 . 2013-05-20 14:18 311200 ----a-w- c:\windows\system32\javaws.exe
2013-05-20 14:18 . 2013-05-20 14:18 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-05-20 14:18 . 2013-05-20 14:18 188832 ----a-w- c:\windows\system32\javaw.exe
2013-05-20 14:18 . 2013-05-20 14:18 188320 ----a-w- c:\windows\system32\java.exe
2013-05-20 14:18 . 2013-05-20 14:18 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-05-20 14:18 . 2013-05-20 14:18 -------- d-----w- c:\program files\Java
2013-05-15 21:12 . 2013-05-15 21:12 -------- d-----w- c:\programdata\RELOADED
2013-05-15 20:55 . 2013-05-15 20:55 -------- d-----w- c:\users\Yardhik\AppData\Local\Programs
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 19:07 . 2013-04-02 10:13 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 19:07 . 2013-04-02 10:13 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-02 10:40 . 2013-04-02 10:40 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-04-02 10:40 . 2013-04-02 10:40 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-04-02 10:40 . 2013-04-02 10:40 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-15 05:53 . 2013-04-02 11:42 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-03-15 05:53 . 2013-04-02 11:42 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-03-15 05:53 . 2013-04-02 11:41 9414456 ----a-w- c:\windows\system32\nvcuda.dll
2013-03-15 05:53 . 2013-04-02 11:41 7959000 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-03-15 05:53 . 2013-04-02 11:41 7573816 ----a-w- c:\windows\system32\nvopencl.dll
2013-03-15 05:53 . 2013-04-02 11:41 6271872 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-03-15 05:53 . 2013-04-02 11:41 2913056 ----a-w- c:\windows\system32\nvcuvid.dll
2013-03-15 05:53 . 2013-04-02 11:41 2728736 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-03-15 05:53 . 2013-04-02 11:41 26956576 ----a-w- c:\windows\system32\nvoglv64.dll
2013-03-15 05:53 . 2013-04-02 11:41 2355488 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-03-15 05:53 . 2013-04-02 11:41 20542752 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-03-15 05:53 . 2013-04-02 11:41 1995552 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-03-15 05:53 . 2013-04-02 11:41 1807136 ----a-w- c:\windows\system32\nvdispco6431422.dll
2013-03-15 05:53 . 2013-04-02 11:41 17990800 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-03-15 05:53 . 2013-04-02 11:41 1510176 ----a-w- c:\windows\system32\nvdispgenco6431422.dll
2013-03-15 05:53 . 2013-04-02 11:41 13088000 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-03-15 05:53 . 2013-04-02 11:41 11048736 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-03-15 05:53 . 2013-04-02 11:41 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2013-04-02 11:41 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2013-04-02 11:41 25256736 ----a-w- c:\windows\system32\nvcompiler.dll
2013-03-15 05:53 . 2013-04-02 11:41 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-03-15 05:53 . 2009-07-13 21:59 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-03-15 05:53 . 2009-06-10 20:37 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 04:16 . 2013-04-02 11:42 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2013-04-02 11:42 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2013-04-02 11:42 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2013-04-02 11:42 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 04:16 . 2013-04-02 11:42 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-03-15 04:16 . 2013-04-02 11:42 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-14 20:07 . 2013-03-14 20:07 559904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe;c:\program files (x86)\AVG\AVG2013\avgfws.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-05 19:45 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-02 19:07]
.
.
--------- X64 Entries -----------
.
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Data]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET Data Provider for Oracle]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET Data Provider for SqlServer]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NETFramework]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\1394ohci]
"ImagePath"="system32\DRIVERS\1394ohci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ACPI]
"ImagePath"="system32\DRIVERS\ACPI.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AcpiPmi]
"ImagePath"="\SystemRoot\system32\DRIVERS\acpipmi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AdobeFlashPlayerUpdateSvc]
"ImagePath"="c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\adp94xx]
"ImagePath"="\SystemRoot\system32\DRIVERS\adp94xx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\adpahci]
"ImagePath"="\SystemRoot\system32\DRIVERS\adpahci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\adpu320]
"ImagePath"="\SystemRoot\system32\DRIVERS\adpu320.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\adsi]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc]
"ServiceDll"="%SystemRoot%\System32\aelupsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AFD]
"ImagePath"="\SystemRoot\system32\drivers\afd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\agp440]
"ImagePath"="\SystemRoot\system32\DRIVERS\agp440.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\aliide]
"ImagePath"="\SystemRoot\system32\DRIVERS\aliide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\amdide]
"ImagePath"="\SystemRoot\system32\DRIVERS\amdide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AmdK8]
"ImagePath"="system32\DRIVERS\amdk8.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AmdPPM]
"ImagePath"="\SystemRoot\system32\DRIVERS\amdppm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\amdsata]
"ImagePath"="\SystemRoot\system32\DRIVERS\amdsata.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\amdsbs]
"ImagePath"="\SystemRoot\system32\DRIVERS\amdsbs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\amdxata]
"ImagePath"="system32\DRIVERS\amdxata.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppID]
"ImagePath"="\SystemRoot\system32\drivers\appid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppIDSvc]
"ServiceDll"="%SystemRoot%\System32\appidsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Appinfo]
"ServiceDll"="%SystemRoot%\System32\appinfo.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\arc]
"ImagePath"="\SystemRoot\system32\DRIVERS\arc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\arcsas]
"ImagePath"="\SystemRoot\system32\DRIVERS\arcsas.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\atapi]
"ImagePath"="system32\DRIVERS\atapi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AudioEndpointBuilder]
"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AudioSrv]
"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avg]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgfwfd]
"ImagePath"="system32\DRIVERS\avgfwd6a.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\avgfws]
"ImagePath"="\"c:\program files (x86)\AVG\AVG2013\avgfws.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AVGIDSAgent]
"ImagePath"="\"c:\program files (x86)\AVG\AVG2013\avgidsagent.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AVGIDSDriver]
"ImagePath"="system32\DRIVERS\avgidsdrivera.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AVGIDSHA]
"ImagePath"="system32\DRIVERS\avgidsha.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgldx64]
"ImagePath"="system32\DRIVERS\avgldx64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgloga]
"ImagePath"="system32\DRIVERS\avgloga.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgmfx64]
"ImagePath"="system32\DRIVERS\avgmfx64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgrkx64]
"ImagePath"="system32\DRIVERS\avgrkx64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgtdia]
"ImagePath"="system32\DRIVERS\avgtdia.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\avgwd]
"ImagePath"="\"c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AxInstSV]
"ServiceDll"="%SystemRoot%\System32\AxInstSV.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\b06bdrv]
"ImagePath"="\SystemRoot\system32\DRIVERS\bxvbda.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\b57nd60a]
"ImagePath"="system32\DRIVERS\b57nd60a.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BattC]
"MofImagePath"="system32\drivers\battc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BDESVC]
"ServiceDll"="%SystemRoot%\System32\bdesvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Beep]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BFE]
"ServiceDll"="%SystemRoot%\System32\bfe.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS]
"ServiceDll"="%SystemRoot%\System32\qmgr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\blbdrive]
"ImagePath"="system32\DRIVERS\blbdrive.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bowser]
"ImagePath"="system32\DRIVERS\bowser.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrFiltLo]
"ImagePath"="\SystemRoot\system32\DRIVERS\BrFiltLo.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrFiltUp]
"ImagePath"="\SystemRoot\system32\DRIVERS\BrFiltUp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BridgeMP]
"ImagePath"="system32\DRIVERS\bridge.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Brserid]
"ImagePath"="\SystemRoot\System32\Drivers\Brserid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrSerWdm]
"ImagePath"="\SystemRoot\System32\Drivers\BrSerWdm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrUsbMdm]
"ImagePath"="\SystemRoot\System32\Drivers\BrUsbMdm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrUsbSer]
"ImagePath"="\SystemRoot\System32\Drivers\BrUsbSer.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BTHMODEM]
"ImagePath"="\SystemRoot\system32\DRIVERS\bthmodem.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BTHPORT]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bthserv]
"ServiceDll"="%SystemRoot%\system32\bthserv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\catchme]
"ImagePath"="\??\c:\combofix\catchme.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cdfs]
"ImagePath"="system32\DRIVERS\cdfs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cdrom]
"ImagePath"="system32\DRIVERS\cdrom.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CertPropSvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\circlass]
"ImagePath"="\SystemRoot\system32\DRIVERS\circlass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CLFS]
"ImagePath"="System32\CLFS.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\clr_optimization_v2.0.50727_32]
"ImagePath"="%systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\clr_optimization_v2.0.50727_64]
"ImagePath"="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmBatt]
"ImagePath"="\SystemRoot\system32\DRIVERS\CmBatt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cmdide]
"ImagePath"="\SystemRoot\system32\DRIVERS\cmdide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CNG]
"ImagePath"="System32\Drivers\cng.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Compbatt]
"ImagePath"="\SystemRoot\system32\DRIVERS\compbatt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CompositeBus]
"ImagePath"="system32\DRIVERS\CompositeBus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\COMSysApp]
"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crcdisk]
"ImagePath"="\SystemRoot\system32\DRIVERS\crcdisk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CryptSvc]
"ServiceDll"="%SystemRoot%\system32\cryptsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CSC]
"ImagePath"="system32\drivers\csc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CscService]
"ServiceDll"="%SystemRoot%\System32\cscsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DCLocator]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\defragsvc]
"ServiceDll"="%Systemroot%\System32\defragsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DfsC]
"ImagePath"="System32\Drivers\dfsc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dhcp]
"ServiceDll"="%SystemRoot%\system32\dhcpcore.dll"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\discache]
"ImagePath"="System32\drivers\discache.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Disk]
"ImagePath"="system32\DRIVERS\disk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DPS]
"ServiceDll"="%SystemRoot%\system32\dps.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DXGKrnl]
"ImagePath"="\SystemRoot\System32\drivers\dxgkrnl.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EapHost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ebdrv]
"ImagePath"="\SystemRoot\system32\DRIVERS\evbda.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EFS]
"ImagePath"="%SystemRoot%\System32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ehRecvr]
"ImagePath"="%systemroot%\ehome\ehRecvr.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ehSched]
"ImagePath"="%systemroot%\ehome\ehsched.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\elxstor]
"ImagePath"="\SystemRoot\system32\DRIVERS\elxstor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ErrDev]
"ImagePath"="\SystemRoot\system32\DRIVERS\errdev.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ESENT]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog]
"ServiceDll"="%SystemRoot%\System32\wevtsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EventSystem]
"ServiceDll"="%systemroot%\system32\es.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\exfat]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fastfat]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fax]
"ImagePath"="%systemroot%\system32\fxssvc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fdc]
"ImagePath"="system32\DRIVERS\fdc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fdPHost]
"ServiceDll"="%SystemRoot%\system32\fdPHost.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FDResPub]
"ServiceDll"="%SystemRoot%\system32\fdrespub.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FileInfo]
"ImagePath"="system32\drivers\fileinfo.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Filetrace]
"ImagePath"="system32\drivers\filetrace.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\flpydisk]
"ImagePath"="system32\DRIVERS\flpydisk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FltMgr]
"ImagePath"="system32\drivers\fltmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache]
"ServiceDll"="%SystemRoot%\system32\FntCache.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache3.0.0.0]
"ImagePath"="%systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FsDepends]
"ImagePath"="System32\drivers\FsDepends.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fs_Rec]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fvevol]
"ImagePath"="System32\DRIVERS\fvevol.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gagp30kx]
"ImagePath"="\SystemRoot\system32\DRIVERS\gagp30kx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gpsvc]
"ServiceDll"="%SystemRoot%\System32\gpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hcw85cir]
"ImagePath"="\SystemRoot\system32\drivers\hcw85cir.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HdAudAddService]
"ImagePath"="system32\drivers\HdAudio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HDAudBus]
"ImagePath"="system32\DRIVERS\HDAudBus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HidBatt]
"ImagePath"="\SystemRoot\system32\DRIVERS\HidBatt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HidBth]
"ImagePath"="\SystemRoot\system32\DRIVERS\hidbth.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HidIr]
"ImagePath"="\SystemRoot\system32\DRIVERS\hidir.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hidserv]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HidUsb]
"ImagePath"="system32\DRIVERS\hidusb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hkmsvc]
"ServiceDLL"="%SystemRoot%\system32\kmsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupListener]
"ServiceDll"="%SystemRoot%\system32\ListSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupProvider]
"ServiceDll"="%SystemRoot%\system32\provsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HpSAMD]
"ImagePath"="\SystemRoot\system32\DRIVERS\HpSAMD.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HTTP]
"ImagePath"="system32\drivers\HTTP.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hwpolicy]
"ImagePath"="System32\drivers\hwpolicy.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\i8042prt]
"ImagePath"="system32\DRIVERS\i8042prt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iaStorV]
"ImagePath"="\SystemRoot\system32\DRIVERS\iaStorV.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\idsvc]
"ImagePath"="\"%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iirsp]
"ImagePath"="\SystemRoot\system32\DRIVERS\iirsp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IKEEXT]
"ServiceDll"="%SystemRoot%\System32\ikeext.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\inetaccs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\intelide]
"ImagePath"="\SystemRoot\system32\DRIVERS\intelide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\intelppm]
"ImagePath"="\SystemRoot\system32\DRIVERS\intelppm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPBusEnum]
"ServiceDll"="%SystemRoot%\system32\ipbusenum.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iphlpsvc]
"ServiceDll"="%SystemRoot%\System32\iphlpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPMIDRV]
"ImagePath"="\SystemRoot\system32\DRIVERS\IPMIDrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPNAT]
"ImagePath"="System32\drivers\ipnat.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IRENUM]
"ImagePath"="system32\drivers\irenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\isapnp]
"ImagePath"="\SystemRoot\system32\DRIVERS\isapnp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iScsiPrt]
"ImagePath"="\SystemRoot\system32\DRIVERS\msiscsi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\kbdclass]
"ImagePath"="system32\DRIVERS\kbdclass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\kbdhid]
"ImagePath"="system32\DRIVERS\kbdhid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KeyIso]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KSecDD]
"ImagePath"="System32\Drivers\ksecdd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KSecPkg]
"ImagePath"="System32\Drivers\ksecpkg.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ksthunk]
"ImagePath"="\SystemRoot\system32\drivers\ksthunk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KtmRm]
"ServiceDll"="%systemroot%\system32\msdtckrm.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanWorkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ldap]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lltdio]
"ImagePath"="system32\DRIVERS\lltdio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lltdsvc]
"ServiceDll"="%SystemRoot%\System32\lltdsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lmhosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Lsa]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LSI_FC]
"ImagePath"="\SystemRoot\system32\DRIVERS\lsi_fc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LSI_SAS]
"ImagePath"="\SystemRoot\system32\DRIVERS\lsi_sas.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LSI_SAS2]
"ImagePath"="\SystemRoot\system32\DRIVERS\lsi_sas2.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LSI_SCSI]
"ImagePath"="\SystemRoot\system32\DRIVERS\lsi_scsi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\luafv]
"ImagePath"="\SystemRoot\system32\drivers\luafv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MBAMProtector]
"ImagePath"="\??\c:\windows\system32\drivers\mbam.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MBAMScheduler]
"ImagePath"="\"c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MBAMService]
"ImagePath"="\"c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mcx2Svc]
"ServiceDll"="%SystemRoot%\system32\Mcx2Svc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\megasas]
"ImagePath"="\SystemRoot\system32\DRIVERS\megasas.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MegaSR]
"ImagePath"="\SystemRoot\system32\DRIVERS\MegaSR.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Microsoft Office Groove Audit Service]
"ImagePath"="\"c:\program files (x86)\Microsoft Office\Office12\GrooveAuditService.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MMCSS]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Modem]
"ImagePath"="system32\drivers\modem.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\monitor]
"ImagePath"="system32\DRIVERS\monitor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mouclass]
"ImagePath"="system32\DRIVERS\mouclass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mouhid]
"ImagePath"="system32\DRIVERS\mouhid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mountmgr]
"ImagePath"="System32\drivers\mountmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mpio]
"ImagePath"="\SystemRoot\system32\DRIVERS\mpio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mpsdrv]
"ImagePath"="System32\drivers\mpsdrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MpsSvc]
"ServiceDll"="%SystemRoot%\system32\mpssvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MRxDAV]
"ImagePath"="\SystemRoot\system32\drivers\mrxdav.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mrxsmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mrxsmb10]
"ImagePath"="system32\DRIVERS\mrxsmb10.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mrxsmb20]
"ImagePath"="system32\DRIVERS\mrxsmb20.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msahci]
"ImagePath"="\SystemRoot\system32\DRIVERS\msahci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msdsm]
"ImagePath"="\SystemRoot\system32\DRIVERS\msdsm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSDTC]
"ImagePath"="%SystemRoot%\System32\msdtc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSDTC Bridge 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Msfs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mshidkmdf]
"ImagePath"="\SystemRoot\System32\drivers\mshidkmdf.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msisadrv]
"ImagePath"="system32\DRIVERS\msisadrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSiSCSI]
"ServiceDll"="%systemroot%\system32\iscsiexe.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msiserver]
"ImagePath"="%systemroot%\system32\msiexec.exe /V"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MsRPC]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSSCNTRS]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mssmbios]
"ImagePath"="system32\DRIVERS\mssmbios.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MTConfig]
"ImagePath"="\SystemRoot\system32\DRIVERS\MTConfig.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mup]
"ImagePath"="System32\Drivers\mup.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\napagent]
"ServiceDLL"="%SystemRoot%\system32\qagentRT.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NativeWifiP]
"ImagePath"="system32\DRIVERS\nwifi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NDIS]
"ImagePath"="system32\drivers\ndis.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NdisCap]
"ImagePath"="system32\DRIVERS\ndiscap.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NdisTapi]
"ImagePath"="system32\DRIVERS\ndistapi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Ndisuio]
"ImagePath"="system32\DRIVERS\ndisuio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NdisWan]
"ImagePath"="system32\DRIVERS\ndiswan.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NDProxy]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT]
"ImagePath"="System32\DRIVERS\netbt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Netlogon]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\netprofm]
"ServiceDll"="%SystemRoot%\System32\netprofm.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpPortSharing]
"ImagePath"="\"%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nfrd960]
"ImagePath"="\SystemRoot\system32\DRIVERS\nfrd960.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NlaSvc]
"ServiceDll"="%SystemRoot%\System32\nlasvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Npfs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nsi]
"ServiceDll"="%systemroot%\system32\nsisvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nsiproxy]
"ImagePath"="system32\drivers\nsiproxy.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NTDS]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Ntfs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Null]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nvlddmkm]
"ImagePath"="system32\DRIVERS\nvlddmkm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nvraid]
"ImagePath"="\SystemRoot\system32\DRIVERS\nvraid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nvstor]
"ImagePath"="\SystemRoot\system32\DRIVERS\nvstor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nvsvc]
"ImagePath"="\"c:\windows\system32\nvvsvc.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nvUpdatusService]
"ImagePath"="\"c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nv_agp]
"ImagePath"="\SystemRoot\system32\DRIVERS\nv_agp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\odserv]
"ImagePath"="\"c:\program files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ohci1394]
"ImagePath"="\SystemRoot\system32\DRIVERS\ohci1394.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ose]
"ImagePath"="\"c:\program files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Outlook]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2pimsvc]
"ServiceDll"="%SystemRoot%\system32\pnrpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2psvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Parport]
"ImagePath"="system32\DRIVERS\parport.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\partmgr]
"ImagePath"="System32\drivers\partmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PcaSvc]
"ServiceDll"="%SystemRoot%\System32\pcasvc.dll"
Re: Prosim o kontrolu logu.Děkuji
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pci]
"ImagePath"="system32\DRIVERS\pci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pciide]
"ImagePath"="system32\DRIVERS\pciide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pcmcia]
"ImagePath"="\SystemRoot\system32\DRIVERS\pcmcia.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pcw]
"ImagePath"="System32\drivers\pcw.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PEAUTH]
"ImagePath"="system32\drivers\peauth.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PeerDistSvc]
"ServiceDll"="%SystemRoot%\system32\peerdistsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PerfDisk]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PerfHost]
"ImagePath"="%SystemRoot%\SysWow64\perfhost.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PerfNet]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PerfOS]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PerfProc]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pla]
"ServiceDll"="%systemroot%\system32\pla.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PlugPlay]
"ServiceDll"="%SystemRoot%\system32\umpnpmgr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPAutoReg]
"ServiceDll"="%SystemRoot%\system32\pnrpauto.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPsvc]
"ServiceDll"="%SystemRoot%\system32\pnrpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PolicyAgent]
"ServiceDll"="%SystemRoot%\System32\ipsecsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PortProxy]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Power]
"ServiceDll"="%SystemRoot%\system32\umpo.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Processor]
"ImagePath"="\SystemRoot\system32\DRIVERS\processr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ProfSvc]
"ServiceDll"="%systemroot%\system32\profsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Psched]
"ImagePath"="system32\DRIVERS\pacer.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ql2300]
"ImagePath"="\SystemRoot\system32\DRIVERS\ql2300.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ql40xx]
"ImagePath"="\SystemRoot\system32\DRIVERS\ql40xx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVE]
"ServiceDll"="%windir%\system32\qwave.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVEdrv]
"ImagePath"="\SystemRoot\system32\drivers\qwavedrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAcd]
"ImagePath"="System32\DRIVERS\rasacd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAgileVpn]
"ImagePath"="system32\DRIVERS\AgileVpn.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasSstp]
"ImagePath"="system32\DRIVERS\rassstp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\rdpbus]
"ImagePath"="system32\DRIVERS\rdpbus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPDD]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPDR]
"ImagePath"="System32\drivers\rdpdr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPENCDD]
"ImagePath"="system32\drivers\rdpencdd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPNP]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPREFMP]
"ImagePath"="system32\drivers\rdprefmp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPWD]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\rdyboost]
"ImagePath"="System32\drivers\rdyboost.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteAccess]
"ServiceDLL"="%SystemRoot%\System32\mprdim.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteRegistry]
"ServiceDll"="%SystemRoot%\system32\regsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcEptMapper]
"ServiceDll"="%SystemRoot%\System32\RpcEpMap.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcSs]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\rspndr]
"ImagePath"="system32\DRIVERS\rspndr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RTL8167]
"ImagePath"="system32\DRIVERS\Rt64win7.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\s3cap]
"ImagePath"="\SystemRoot\system32\DRIVERS\vms3cap.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SASKUTIL]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sbp2port]
"ImagePath"="\SystemRoot\system32\DRIVERS\sbp2port.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCardSvr]
"ServiceDll"="%SystemRoot%\System32\SCardSvr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\scfilter]
"ImagePath"="System32\DRIVERS\scfilter.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule]
"ServiceDll"="%systemroot%\system32\schedsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCPolicySvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SDRSVC]
"ServiceDll"="%Systemroot%\System32\SDRSVC.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\secdrv]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\seclogon]
"ServiceDll"="%windir%\system32\seclogon.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SensrSvc]
"ServiceDll"="%SystemRoot%\system32\sensrsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Serenum]
"ImagePath"="system32\DRIVERS\serenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Serial]
"ImagePath"="system32\DRIVERS\serial.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sermouse]
"ImagePath"="\SystemRoot\system32\DRIVERS\sermouse.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ServiceModelEndpoint 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ServiceModelOperation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ServiceModelService 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SessionEnv]
"ServiceDLL"="%SystemRoot%\system32\sessenv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sffdisk]
"ImagePath"="\SystemRoot\system32\DRIVERS\sffdisk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sffp_mmc]
"ImagePath"="\SystemRoot\system32\DRIVERS\sffp_mmc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sffp_sd]
"ImagePath"="\SystemRoot\system32\DRIVERS\sffp_sd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sfloppy]
"ImagePath"="\SystemRoot\system32\DRIVERS\sfloppy.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SiSRaid2]
"ImagePath"="\SystemRoot\system32\DRIVERS\SiSRaid2.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SiSRaid4]
"ImagePath"="\SystemRoot\system32\DRIVERS\sisraid4.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Smb]
"ImagePath"="system32\DRIVERS\smb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SMSvcHost 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SNMPTRAP]
"ImagePath"="%SystemRoot%\System32\snmptrap.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\spldr]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Spooler]
"ImagePath"="%SystemRoot%\System32\spoolsv.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sppsvc]
"ImagePath"="%SystemRoot%\system32\sppsvc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sppuinotify]
"ServiceDll"="%SystemRoot%\system32\sppuinotify.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sptd]
"ImagePath"="System32\Drivers\sptd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srv]
"ImagePath"="System32\DRIVERS\srv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srv2]
"ImagePath"="System32\DRIVERS\srv2.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srvnet]
"ImagePath"="System32\DRIVERS\srvnet.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SstpSvc]
"ServiceDll"="%SystemRoot%\system32\sstpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Stereo Service]
"ImagePath"="\"c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\stexstor]
"ImagePath"="\SystemRoot\system32\DRIVERS\stexstor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\stisvc]
"ServiceDll"="%SystemRoot%\System32\wiaservc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\storflt]
"ImagePath"="system32\DRIVERS\vmstorfl.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\storvsc]
"ImagePath"="\SystemRoot\system32\DRIVERS\storvsc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\swenum]
"ImagePath"="system32\DRIVERS\swenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\swprv]
"ServiceDll"="%Systemroot%\System32\swprv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SysMain]
"ServiceDll"="%systemroot%\system32\sysmain.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TabletInputService]
"ServiceDll"="%SystemRoot%\System32\TabSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TBS]
"ServiceDll"="%SystemRoot%\System32\tbssvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip]
"ImagePath"="System32\drivers\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6]
"ImagePath"="system32\DRIVERS\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6TUNNEL]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\tcpipreg]
"ImagePath"="System32\drivers\tcpipreg.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIPTUNNEL]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TDPIPE]
"ImagePath"="system32\drivers\tdpipe.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TDTCP]
"ImagePath"="system32\drivers\tdtcp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\tdx]
"ImagePath"="system32\DRIVERS\tdx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TermDD]
"ImagePath"="system32\DRIVERS\termdd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes]
"ServiceDll"="%SystemRoot%\system32\themeservice.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\THREADORDER]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TrkWks]
"ServiceDll"="%SystemRoot%\System32\trkwks.dll"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TrustedInstaller]
"ImagePath"="%SystemRoot%\servicing\TrustedInstaller.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TSDDD]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\tssecsrv]
"ImagePath"="System32\DRIVERS\tssecsrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\tunnel]
"ImagePath"="system32\DRIVERS\tunnel.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\uagp35]
"ImagePath"="\SystemRoot\system32\DRIVERS\uagp35.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\udfs]
"ImagePath"="system32\DRIVERS\udfs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UGatherer]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UGTHRSVC]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UI0Detect]
"ImagePath"="%SystemRoot%\system32\UI0Detect.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\uliagpkx]
"ImagePath"="\SystemRoot\system32\DRIVERS\uliagpkx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\umbus]
"ImagePath"="system32\DRIVERS\umbus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UmPass]
"ImagePath"="\SystemRoot\system32\DRIVERS\umpass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UmRdpService]
"ServiceDll"="%SystemRoot%\System32\umrdp.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbccgp]
"ImagePath"="system32\DRIVERS\usbccgp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbcir]
"ImagePath"="\SystemRoot\system32\DRIVERS\usbcir.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbhub]
"ImagePath"="system32\DRIVERS\usbhub.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbohci]
"ImagePath"="system32\DRIVERS\usbohci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbprint]
"ImagePath"="system32\DRIVERS\usbprint.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbscan]
"ImagePath"="system32\DRIVERS\usbscan.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\USBSTOR]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbuhci]
"ImagePath"="\SystemRoot\system32\DRIVERS\usbuhci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UxSms]
"ServiceDll"="%SystemRoot%\System32\uxsms.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vdrvroot]
"ImagePath"="system32\DRIVERS\vdrvroot.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vds]
"ImagePath"="%SystemRoot%\System32\vds.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vga]
"ImagePath"="system32\DRIVERS\vgapnp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vhdmp]
"ImagePath"="\SystemRoot\system32\DRIVERS\vhdmp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\viaide]
"ImagePath"="\SystemRoot\system32\DRIVERS\viaide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vmbus]
"ImagePath"="\SystemRoot\system32\DRIVERS\vmbus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VMBusHID]
"ImagePath"="\SystemRoot\system32\DRIVERS\VMBusHID.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\volmgr]
"ImagePath"="system32\DRIVERS\volmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\volmgrx]
"ImagePath"="System32\drivers\volmgrx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\volsnap]
"ImagePath"="system32\DRIVERS\volsnap.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vsmraid]
"ImagePath"="\SystemRoot\system32\DRIVERS\vsmraid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS]
"ImagePath"="%systemroot%\system32\vssvc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vwifibus]
"ImagePath"="\SystemRoot\System32\drivers\vwifibus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\W3SVC]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WacomPen]
"ImagePath"="\SystemRoot\system32\DRIVERS\wacompen.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WANARP]
"ImagePath"="system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wanarpv6]
"ImagePath"="system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wbengine]
"ImagePath"="\"%systemroot%\system32\wbengine.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WbioSrvc]
"ServiceDll"="%SystemRoot%\System32\wbiosrvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc]
"ServiceDll"="%SystemRoot%\System32\wcncsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WcsPlugInService]
"ServiceDll"="%SystemRoot%\System32\WcsPlugInService.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wd]
"ImagePath"="\SystemRoot\system32\DRIVERS\wd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wdf01000]
"ImagePath"="system32\drivers\Wdf01000.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WdiServiceHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WdiSystemHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wecsvc]
"ServiceDll"="%SystemRoot%\system32\wecsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wercplsupport]
"ServiceDll"="%SystemRoot%\System32\wercplsupport.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc]
"ServiceDll"="%SystemRoot%\System32\WerSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WfpLwf]
"ImagePath"="system32\DRIVERS\wfplwf.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WIMMount]
"ImagePath"="system32\drivers\wimmount.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinDefend]
"ServiceDll"="%ProgramFiles%\Windows Defender\mpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Windows Workflow Foundation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinHttpAutoProxySvc]
"ServiceDll"="winhttp.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRM]
"ServiceDll"="%SystemRoot%\system32\WsmSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winsock]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wlansvc]
"ServiceDll"="%SystemRoot%\System32\wlansvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WmiAcpi]
"ImagePath"="system32\DRIVERS\wmiacpi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WmiApRpl]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wmiApSrv]
"ImagePath"="%systemroot%\system32\wbem\WmiApSrv.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WMPNetworkSvc]
"ImagePath"="\"%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPCSvc]
"ServiceDll"="%SystemRoot%\System32\wpcsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPDBusEnum]
"ServiceDll"="%SystemRoot%\system32\wpdbusenum.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ws2ifsl]
"ImagePath"="\SystemRoot\system32\drivers\ws2ifsl.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WSearch]
"ImagePath"="%systemroot%\system32\SearchIndexer.exe /Embedding"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WSearchIdxPi]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv]
"ServiceDll"="%systemroot%\system32\wuaueng.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WudfPf]
"ImagePath"="system32\drivers\WudfPf.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WUDFRd]
"ImagePath"="system32\DRIVERS\WUDFRd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wudfsvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WwanSvc]
"ServiceDll"="%SystemRoot%\System32\wwansvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\xmlprov]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{07171AC2-0D2A-427d-BCE5-B6C2D6C7058B}]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{D63B0ADD-2F02-446A-AC58-DE9C0C1B0799}]
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\AVG\AVG2013\avgui.exe
.
**************************************************************************
.
Celkový čas: 2013-06-06 20:02:54 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-06-06 18:02
ComboFix2.txt 2013-06-06 13:08
.
Před spuštěním: Volných bajtů: 17 855 143 936
Po spuštění: Volných bajtů: 17 677 733 888
.
- - End Of File - - 5BB2788629C3BF976B9D10262C14CF6E
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pci]
"ImagePath"="system32\DRIVERS\pci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pciide]
"ImagePath"="system32\DRIVERS\pciide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pcmcia]
"ImagePath"="\SystemRoot\system32\DRIVERS\pcmcia.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pcw]
"ImagePath"="System32\drivers\pcw.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PEAUTH]
"ImagePath"="system32\drivers\peauth.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PeerDistSvc]
"ServiceDll"="%SystemRoot%\system32\peerdistsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PerfDisk]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PerfHost]
"ImagePath"="%SystemRoot%\SysWow64\perfhost.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PerfNet]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PerfOS]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PerfProc]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pla]
"ServiceDll"="%systemroot%\system32\pla.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PlugPlay]
"ServiceDll"="%SystemRoot%\system32\umpnpmgr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPAutoReg]
"ServiceDll"="%SystemRoot%\system32\pnrpauto.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPsvc]
"ServiceDll"="%SystemRoot%\system32\pnrpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PolicyAgent]
"ServiceDll"="%SystemRoot%\System32\ipsecsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PortProxy]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Power]
"ServiceDll"="%SystemRoot%\system32\umpo.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Processor]
"ImagePath"="\SystemRoot\system32\DRIVERS\processr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ProfSvc]
"ServiceDll"="%systemroot%\system32\profsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Psched]
"ImagePath"="system32\DRIVERS\pacer.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ql2300]
"ImagePath"="\SystemRoot\system32\DRIVERS\ql2300.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ql40xx]
"ImagePath"="\SystemRoot\system32\DRIVERS\ql40xx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVE]
"ServiceDll"="%windir%\system32\qwave.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVEdrv]
"ImagePath"="\SystemRoot\system32\drivers\qwavedrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAcd]
"ImagePath"="System32\DRIVERS\rasacd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAgileVpn]
"ImagePath"="system32\DRIVERS\AgileVpn.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasSstp]
"ImagePath"="system32\DRIVERS\rassstp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\rdpbus]
"ImagePath"="system32\DRIVERS\rdpbus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPDD]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPDR]
"ImagePath"="System32\drivers\rdpdr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPENCDD]
"ImagePath"="system32\drivers\rdpencdd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPNP]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPREFMP]
"ImagePath"="system32\drivers\rdprefmp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPWD]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\rdyboost]
"ImagePath"="System32\drivers\rdyboost.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteAccess]
"ServiceDLL"="%SystemRoot%\System32\mprdim.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteRegistry]
"ServiceDll"="%SystemRoot%\system32\regsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcEptMapper]
"ServiceDll"="%SystemRoot%\System32\RpcEpMap.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcSs]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\rspndr]
"ImagePath"="system32\DRIVERS\rspndr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RTL8167]
"ImagePath"="system32\DRIVERS\Rt64win7.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\s3cap]
"ImagePath"="\SystemRoot\system32\DRIVERS\vms3cap.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SASKUTIL]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sbp2port]
"ImagePath"="\SystemRoot\system32\DRIVERS\sbp2port.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCardSvr]
"ServiceDll"="%SystemRoot%\System32\SCardSvr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\scfilter]
"ImagePath"="System32\DRIVERS\scfilter.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule]
"ServiceDll"="%systemroot%\system32\schedsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCPolicySvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SDRSVC]
"ServiceDll"="%Systemroot%\System32\SDRSVC.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\secdrv]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\seclogon]
"ServiceDll"="%windir%\system32\seclogon.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SensrSvc]
"ServiceDll"="%SystemRoot%\system32\sensrsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Serenum]
"ImagePath"="system32\DRIVERS\serenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Serial]
"ImagePath"="system32\DRIVERS\serial.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sermouse]
"ImagePath"="\SystemRoot\system32\DRIVERS\sermouse.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ServiceModelEndpoint 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ServiceModelOperation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ServiceModelService 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SessionEnv]
"ServiceDLL"="%SystemRoot%\system32\sessenv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sffdisk]
"ImagePath"="\SystemRoot\system32\DRIVERS\sffdisk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sffp_mmc]
"ImagePath"="\SystemRoot\system32\DRIVERS\sffp_mmc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sffp_sd]
"ImagePath"="\SystemRoot\system32\DRIVERS\sffp_sd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sfloppy]
"ImagePath"="\SystemRoot\system32\DRIVERS\sfloppy.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SiSRaid2]
"ImagePath"="\SystemRoot\system32\DRIVERS\SiSRaid2.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SiSRaid4]
"ImagePath"="\SystemRoot\system32\DRIVERS\sisraid4.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Smb]
"ImagePath"="system32\DRIVERS\smb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SMSvcHost 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SNMPTRAP]
"ImagePath"="%SystemRoot%\System32\snmptrap.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\spldr]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Spooler]
"ImagePath"="%SystemRoot%\System32\spoolsv.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sppsvc]
"ImagePath"="%SystemRoot%\system32\sppsvc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sppuinotify]
"ServiceDll"="%SystemRoot%\system32\sppuinotify.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sptd]
"ImagePath"="System32\Drivers\sptd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srv]
"ImagePath"="System32\DRIVERS\srv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srv2]
"ImagePath"="System32\DRIVERS\srv2.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srvnet]
"ImagePath"="System32\DRIVERS\srvnet.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SstpSvc]
"ServiceDll"="%SystemRoot%\system32\sstpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Stereo Service]
"ImagePath"="\"c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\stexstor]
"ImagePath"="\SystemRoot\system32\DRIVERS\stexstor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\stisvc]
"ServiceDll"="%SystemRoot%\System32\wiaservc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\storflt]
"ImagePath"="system32\DRIVERS\vmstorfl.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\storvsc]
"ImagePath"="\SystemRoot\system32\DRIVERS\storvsc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\swenum]
"ImagePath"="system32\DRIVERS\swenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\swprv]
"ServiceDll"="%Systemroot%\System32\swprv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SysMain]
"ServiceDll"="%systemroot%\system32\sysmain.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TabletInputService]
"ServiceDll"="%SystemRoot%\System32\TabSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TBS]
"ServiceDll"="%SystemRoot%\System32\tbssvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip]
"ImagePath"="System32\drivers\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6]
"ImagePath"="system32\DRIVERS\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6TUNNEL]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\tcpipreg]
"ImagePath"="System32\drivers\tcpipreg.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIPTUNNEL]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TDPIPE]
"ImagePath"="system32\drivers\tdpipe.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TDTCP]
"ImagePath"="system32\drivers\tdtcp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\tdx]
"ImagePath"="system32\DRIVERS\tdx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TermDD]
"ImagePath"="system32\DRIVERS\termdd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes]
"ServiceDll"="%SystemRoot%\system32\themeservice.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\THREADORDER]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TrkWks]
"ServiceDll"="%SystemRoot%\System32\trkwks.dll"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TrustedInstaller]
"ImagePath"="%SystemRoot%\servicing\TrustedInstaller.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TSDDD]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\tssecsrv]
"ImagePath"="System32\DRIVERS\tssecsrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\tunnel]
"ImagePath"="system32\DRIVERS\tunnel.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\uagp35]
"ImagePath"="\SystemRoot\system32\DRIVERS\uagp35.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\udfs]
"ImagePath"="system32\DRIVERS\udfs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UGatherer]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UGTHRSVC]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UI0Detect]
"ImagePath"="%SystemRoot%\system32\UI0Detect.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\uliagpkx]
"ImagePath"="\SystemRoot\system32\DRIVERS\uliagpkx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\umbus]
"ImagePath"="system32\DRIVERS\umbus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UmPass]
"ImagePath"="\SystemRoot\system32\DRIVERS\umpass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UmRdpService]
"ServiceDll"="%SystemRoot%\System32\umrdp.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbccgp]
"ImagePath"="system32\DRIVERS\usbccgp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbcir]
"ImagePath"="\SystemRoot\system32\DRIVERS\usbcir.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbhub]
"ImagePath"="system32\DRIVERS\usbhub.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbohci]
"ImagePath"="system32\DRIVERS\usbohci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbprint]
"ImagePath"="system32\DRIVERS\usbprint.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbscan]
"ImagePath"="system32\DRIVERS\usbscan.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\USBSTOR]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbuhci]
"ImagePath"="\SystemRoot\system32\DRIVERS\usbuhci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UxSms]
"ServiceDll"="%SystemRoot%\System32\uxsms.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vdrvroot]
"ImagePath"="system32\DRIVERS\vdrvroot.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vds]
"ImagePath"="%SystemRoot%\System32\vds.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vga]
"ImagePath"="system32\DRIVERS\vgapnp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vhdmp]
"ImagePath"="\SystemRoot\system32\DRIVERS\vhdmp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\viaide]
"ImagePath"="\SystemRoot\system32\DRIVERS\viaide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vmbus]
"ImagePath"="\SystemRoot\system32\DRIVERS\vmbus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VMBusHID]
"ImagePath"="\SystemRoot\system32\DRIVERS\VMBusHID.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\volmgr]
"ImagePath"="system32\DRIVERS\volmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\volmgrx]
"ImagePath"="System32\drivers\volmgrx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\volsnap]
"ImagePath"="system32\DRIVERS\volsnap.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vsmraid]
"ImagePath"="\SystemRoot\system32\DRIVERS\vsmraid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS]
"ImagePath"="%systemroot%\system32\vssvc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vwifibus]
"ImagePath"="\SystemRoot\System32\drivers\vwifibus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\W3SVC]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WacomPen]
"ImagePath"="\SystemRoot\system32\DRIVERS\wacompen.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WANARP]
"ImagePath"="system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wanarpv6]
"ImagePath"="system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wbengine]
"ImagePath"="\"%systemroot%\system32\wbengine.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WbioSrvc]
"ServiceDll"="%SystemRoot%\System32\wbiosrvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc]
"ServiceDll"="%SystemRoot%\System32\wcncsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WcsPlugInService]
"ServiceDll"="%SystemRoot%\System32\WcsPlugInService.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wd]
"ImagePath"="\SystemRoot\system32\DRIVERS\wd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wdf01000]
"ImagePath"="system32\drivers\Wdf01000.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WdiServiceHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WdiSystemHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wecsvc]
"ServiceDll"="%SystemRoot%\system32\wecsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wercplsupport]
"ServiceDll"="%SystemRoot%\System32\wercplsupport.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc]
"ServiceDll"="%SystemRoot%\System32\WerSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WfpLwf]
"ImagePath"="system32\DRIVERS\wfplwf.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WIMMount]
"ImagePath"="system32\drivers\wimmount.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinDefend]
"ServiceDll"="%ProgramFiles%\Windows Defender\mpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Windows Workflow Foundation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinHttpAutoProxySvc]
"ServiceDll"="winhttp.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRM]
"ServiceDll"="%SystemRoot%\system32\WsmSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winsock]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wlansvc]
"ServiceDll"="%SystemRoot%\System32\wlansvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WmiAcpi]
"ImagePath"="system32\DRIVERS\wmiacpi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WmiApRpl]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wmiApSrv]
"ImagePath"="%systemroot%\system32\wbem\WmiApSrv.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WMPNetworkSvc]
"ImagePath"="\"%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPCSvc]
"ServiceDll"="%SystemRoot%\System32\wpcsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPDBusEnum]
"ServiceDll"="%SystemRoot%\system32\wpdbusenum.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ws2ifsl]
"ImagePath"="\SystemRoot\system32\drivers\ws2ifsl.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WSearch]
"ImagePath"="%systemroot%\system32\SearchIndexer.exe /Embedding"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WSearchIdxPi]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv]
"ServiceDll"="%systemroot%\system32\wuaueng.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WudfPf]
"ImagePath"="system32\drivers\WudfPf.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WUDFRd]
"ImagePath"="system32\DRIVERS\WUDFRd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wudfsvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WwanSvc]
"ServiceDll"="%SystemRoot%\System32\wwansvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\xmlprov]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{07171AC2-0D2A-427d-BCE5-B6C2D6C7058B}]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{D63B0ADD-2F02-446A-AC58-DE9C0C1B0799}]
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\AVG\AVG2013\avgui.exe
.
**************************************************************************
.
Celkový čas: 2013-06-06 20:02:54 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-06-06 18:02
ComboFix2.txt 2013-06-06 13:08
.
Před spuštěním: Volných bajtů: 17 855 143 936
Po spuštění: Volných bajtů: 17 677 733 888
.
- - End Of File - - 5BB2788629C3BF976B9D10262C14CF6E
Re: Prosim o kontrolu logu.Děkuji
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:08:34, on 6.6.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6130 bytes
Scan saved at 20:08:34, on 6.6.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6130 bytes
Re: Prosim o kontrolu logu.Děkuji
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-06 20:13:38
-----------------------------
20:13:38.094 OS Version: Windows x64 6.1.7600
20:13:38.094 Number of processors: 2 586 0x6B02
20:13:38.094 ComputerName: YARDHIK-PC UserName: Yardhik
20:13:38.530 Initialize success
20:13:43.331 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
20:13:43.331 Disk 0 Vendor: SAMSUNG_HD502IJ 1AA01113 Size: 476938MB BusType: 3
20:13:43.331 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T1L0-6
20:13:43.331 Disk 1 Vendor: ST320011A 3.19 Size: 19091MB BusType: 3
20:13:43.331 Disk 0 MBR read successfully
20:13:43.331 Disk 0 MBR scan
20:13:43.347 Disk 0 Windows 7 default MBR code
20:13:43.347 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 60000 MB offset 63
20:13:43.347 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 199996 MB offset 122881185
20:13:43.378 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 216940 MB offset 532474425
20:13:43.378 Disk 0 scanning C:\Windows\system32\drivers
20:13:47.418 Service scanning
20:13:54.719 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
20:13:57.153 Modules scanning
20:13:57.168 Disk 0 trace - called modules:
20:13:57.184
20:13:57.184 Scan finished successfully
20:14:08.057 Disk 0 MBR has been saved successfully to "C:\Users\Yardhik\Desktop\MBR.dat"
20:14:08.057 The log file has been saved successfully to "C:\Users\Yardhik\Desktop\aswMBR.txt"
Run date: 2013-06-06 20:13:38
-----------------------------
20:13:38.094 OS Version: Windows x64 6.1.7600
20:13:38.094 Number of processors: 2 586 0x6B02
20:13:38.094 ComputerName: YARDHIK-PC UserName: Yardhik
20:13:38.530 Initialize success
20:13:43.331 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
20:13:43.331 Disk 0 Vendor: SAMSUNG_HD502IJ 1AA01113 Size: 476938MB BusType: 3
20:13:43.331 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T1L0-6
20:13:43.331 Disk 1 Vendor: ST320011A 3.19 Size: 19091MB BusType: 3
20:13:43.331 Disk 0 MBR read successfully
20:13:43.331 Disk 0 MBR scan
20:13:43.347 Disk 0 Windows 7 default MBR code
20:13:43.347 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 60000 MB offset 63
20:13:43.347 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 199996 MB offset 122881185
20:13:43.378 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 216940 MB offset 532474425
20:13:43.378 Disk 0 scanning C:\Windows\system32\drivers
20:13:47.418 Service scanning
20:13:54.719 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
20:13:57.153 Modules scanning
20:13:57.168 Disk 0 trace - called modules:
20:13:57.184
20:13:57.184 Scan finished successfully
20:14:08.057 Disk 0 MBR has been saved successfully to "C:\Users\Yardhik\Desktop\MBR.dat"
20:14:08.057 The log file has been saved successfully to "C:\Users\Yardhik\Desktop\aswMBR.txt"
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43072
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu.Děkuji
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu .
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
FixCSet::
Reboot::Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu .
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosim o kontrolu logu.Děkuji
Oukej jdu na to
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43072
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu.Děkuji
To nemusíš hlásit 
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 12 hostů