Zobrazení lokálního hosta - změny nad vlastníkem PC

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39523
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Zobrazení lokálního hosta - změny nad vlastníkem PC

Příspěvekod jaro3 » 21 bře 2019 22:56

Tam je psáno v obrázku: Please configure network connection..
ten sken je podle velikosti disku pár hodin..
zaškrtla si všechny disky?
Už jsi zpět ve windows?

pokud ano:
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

+
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

asi až zítra zkontroluji..


Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Reklama
Uživatelský avatar
Hastalda
Level 2.5
Level 2.5
Příspěvky: 272
Registrován: květen 12
Bydliště: Český Šternberk
Pohlaví: Žena

Re: Zobrazení lokálního hosta - změny nad vlastníkem PC

Příspěvekod Hastalda » 22 bře 2019 12:17

Ahoj, tak už se mi podařilo vrátit se zpět do Windows, ale byl to pro mě zatracený pech, nebyla jsem schopná zjistit, jak se z té černé obrazovky vrátit zpět do běžného prostředí (Win)...

Tam je psáno v obrázku: Please configure network connection..
Tím, že jsem nevěděla jak přesně postupovat dál v Kaspersky, myslím, co potvrdit a co ne, tak jsem si nebyla jistá, zda mám něco dalšího nad rámec v popisu zaškrtnout/potvrdit. Zřejmě jsem tak tedy ani nezaškrtla všechny disky. Ikdyž si ale vůbec nevzpomínám, že by mi nabídlo... To jsem měla zaškrtnout v Kaspersky, anebo když jsem vyvolala klávesou F10 BIOS, v rámci záložky BOOT?
Mám se s tím BIOSem tedy znovu poprat a spustit Kaspersky znovu???

Uživatelský avatar
Hastalda
Level 2.5
Level 2.5
Příspěvky: 272
Registrován: květen 12
Bydliště: Český Šternberk
Pohlaví: Žena

Re: Zobrazení lokálního hosta - změny nad vlastníkem PC

Příspěvekod Hastalda » 22 bře 2019 12:19

Podle tvého popisu zde vkládám výsledný log z TDSSKiller:

11:53:13.0630 1648 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:53:14.0394 1648 ============================================================
11:53:14.0394 1648 Current date / time: 2019/03/22 11:53:14.0394
11:53:14.0394 1648 SystemInfo:
11:53:14.0394 1648
11:53:14.0394 1648 OS Version: 6.1.7601 ServicePack: 1.0
11:53:14.0394 1648 Product type: Workstation
11:53:14.0394 1648 ComputerName: ŽERYK-NB
11:53:14.0394 1648 UserName: Žeryk
11:53:14.0394 1648 Windows directory: C:\windows
11:53:14.0394 1648 System windows directory: C:\windows
11:53:14.0394 1648 Processor architecture: Intel x86
11:53:14.0394 1648 Number of processors: 4
11:53:14.0394 1648 Page size: 0x1000
11:53:14.0394 1648 Boot type: Normal boot
11:53:14.0394 1648 ============================================================
11:53:18.0498 1648 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:53:18.0498 1648 ============================================================
11:53:18.0498 1648 \Device\Harddisk0\DR0:
11:53:18.0498 1648 MBR partitions:
11:53:18.0498 1648 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
11:53:18.0498 1648 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x380EF800
11:53:18.0498 1648 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38186000, BlocksNum 0x1E00000
11:53:18.0498 1648 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39F86000, BlocksNum 0x3FF800
11:53:18.0498 1648 ============================================================
11:53:18.0592 1648 C: <-> \Device\Harddisk0\DR0\Partition2
11:53:18.0888 1648 E: <-> \Device\Harddisk0\DR0\Partition4
11:53:18.0888 1648 ============================================================
11:53:18.0888 1648 Initialize success
11:53:18.0888 1648 ============================================================
11:53:29.0839 2028 ============================================================
11:53:29.0839 2028 Scan started
11:53:29.0839 2028 Mode: Manual;
11:53:29.0839 2028 ============================================================
11:53:32.0507 2028 ================ Scan system memory ========================
11:53:32.0507 2028 System memory - ok
11:53:32.0523 2028 ================ Scan services =============================
11:53:32.0991 2028 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
11:53:32.0991 2028 1394ohci - ok
11:53:33.0100 2028 [ 4DF5E6215A102A192B2B6DBB61F2FBA5 ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
11:53:33.0100 2028 Accelerometer - ok
11:53:33.0193 2028 [ 108620696430A4A98D0F7FF1192A5E87 ] ACPI C:\windows\system32\drivers\ACPI.sys
11:53:33.0193 2028 ACPI - ok
11:53:33.0225 2028 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
11:53:33.0225 2028 AcpiPmi - ok
11:53:33.0271 2028 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
11:53:33.0271 2028 adp94xx - ok
11:53:33.0303 2028 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
11:53:33.0303 2028 adpahci - ok
11:53:33.0334 2028 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
11:53:33.0334 2028 adpu320 - ok
11:53:33.0365 2028 [ 39AEAECE9F42407F176FE130D790BFBE ] AeLookupSvc C:\windows\System32\aelupsvc.dll
11:53:33.0381 2028 AeLookupSvc - ok
11:53:33.0630 2028 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9fc8b38ddee9fbba\aestsrv.exe
11:53:33.0630 2028 AESTFilters - ok
11:53:33.0771 2028 [ F582FC7976F1248AC5FBD6875C626B41 ] AFD C:\windows\system32\drivers\afd.sys
11:53:33.0786 2028 AFD - ok
11:53:33.0927 2028 [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem C:\windows\system32\DRIVERS\AGRSM.sys
11:53:33.0927 2028 AgereSoftModem - ok
11:53:34.0005 2028 [ C54F82AC5C4FDAD3930BD8DDDA4618DD ] agp440 C:\windows\system32\drivers\agp440.sys
11:53:34.0005 2028 agp440 - ok
11:53:34.0036 2028 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
11:53:34.0036 2028 aic78xx - ok
11:53:34.0067 2028 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
11:53:34.0067 2028 ALG - ok
11:53:34.0098 2028 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
11:53:34.0098 2028 aliide - ok
11:53:34.0129 2028 [ 56459648C8769B221B4862CE78B684CC ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
11:53:34.0129 2028 AMD External Events Utility - ok
11:53:34.0145 2028 [ 9ACE631D227532F22C1E1899BB409605 ] amdagp C:\windows\system32\drivers\amdagp.sys
11:53:34.0145 2028 amdagp - ok
11:53:34.0176 2028 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
11:53:34.0176 2028 amdide - ok
11:53:34.0207 2028 [ 3D0311FC0D595038801D5138F78B3F07 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
11:53:34.0207 2028 AmdK8 - ok
11:53:34.0207 2028 [ 274842B0E6ACAD27ECA29D2A6C45868C ] AmdPPM C:\windows\system32\drivers\amdppm.sys
11:53:34.0223 2028 AmdPPM - ok
11:53:34.0254 2028 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
11:53:34.0254 2028 amdsata - ok
11:53:34.0285 2028 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
11:53:34.0285 2028 amdsbs - ok
11:53:34.0301 2028 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
11:53:34.0301 2028 amdxata - ok
11:53:34.0332 2028 [ 8E680DBB2C6E128EFBB64DD021756ED7 ] AppID C:\windows\system32\drivers\appid.sys
11:53:34.0332 2028 AppID - ok
11:53:34.0363 2028 [ 8D7F873618A13ECF1CE2620657478609 ] AppIDSvc C:\windows\System32\appidsvc.dll
11:53:34.0363 2028 AppIDSvc - ok
11:53:34.0363 2028 [ 1C40521D028657778E729F501A201B36 ] Appinfo C:\windows\System32\appinfo.dll
11:53:34.0379 2028 Appinfo - ok
11:53:34.0395 2028 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
11:53:34.0395 2028 arc - ok
11:53:34.0410 2028 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
11:53:34.0410 2028 arcsas - ok
11:53:34.0441 2028 [ 74FC764F43E68548B9024773CB94979C ] ARCVCAM C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
11:53:34.0457 2028 ARCVCAM - ok
11:53:34.0597 2028 [ 8FF6F5C8AD48176E010B22A4FF7E6B1F ] aspnet_state C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:53:34.0613 2028 aspnet_state - ok
11:53:34.0644 2028 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
11:53:34.0660 2028 AsyncMac - ok
11:53:34.0691 2028 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
11:53:34.0691 2028 atapi - ok
11:53:34.0722 2028 [ B01751CC563AECAC09BBE36AAA21FBEF ] athr C:\windows\system32\DRIVERS\athr.sys
11:53:34.0738 2028 athr - ok
11:53:34.0800 2028 [ 430449D04B05348879244C9090D405B4 ] AtiHdmiService C:\windows\system32\drivers\AtiHdmi.sys
11:53:34.0800 2028 AtiHdmiService - ok
11:53:34.0956 2028 [ 5057E144D777E0D0EB73E12ADA1D78C9 ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
11:53:35.0019 2028 atikmdag - ok
11:53:35.0065 2028 [ E4C428E0D27D531475EFC50DAB4004D7 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
11:53:35.0065 2028 AudioEndpointBuilder - ok
11:53:35.0065 2028 [ E4C428E0D27D531475EFC50DAB4004D7 ] Audiosrv C:\windows\System32\Audiosrv.dll
11:53:35.0081 2028 Audiosrv - ok
11:53:35.0112 2028 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
11:53:35.0112 2028 AxInstSV - ok
11:53:35.0159 2028 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
11:53:35.0159 2028 b06bdrv - ok
11:53:35.0190 2028 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
11:53:35.0190 2028 b57nd60x - ok
11:53:35.0221 2028 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
11:53:35.0221 2028 BDESVC - ok
11:53:35.0237 2028 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
11:53:35.0237 2028 Beep - ok
11:53:35.0268 2028 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
11:53:35.0268 2028 BFE - ok
11:53:35.0299 2028 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\system32\qmgr.dll
11:53:35.0315 2028 BITS - ok
11:53:35.0315 2028 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
11:53:35.0315 2028 blbdrive - ok
11:53:35.0346 2028 [ 4D030460553B8DCBF9B367C0F605E20F ] bowser C:\windows\system32\DRIVERS\bowser.sys
11:53:35.0346 2028 bowser - ok
11:53:35.0362 2028 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
11:53:35.0362 2028 BrFiltLo - ok
11:53:35.0362 2028 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
11:53:35.0362 2028 BrFiltUp - ok
11:53:35.0409 2028 [ 53C1B526CA82DE7C8A20D94CFBFB12D5 ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
11:53:35.0409 2028 BridgeMP - ok
11:53:35.0440 2028 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
11:53:35.0440 2028 Browser - ok
11:53:35.0471 2028 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
11:53:35.0471 2028 Brserid - ok
11:53:35.0487 2028 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
11:53:35.0487 2028 BrSerWdm - ok
11:53:35.0502 2028 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
11:53:35.0502 2028 BrUsbMdm - ok
11:53:35.0533 2028 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
11:53:35.0533 2028 BrUsbSer - ok
11:53:35.0596 2028 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
11:53:35.0596 2028 BthEnum - ok
11:53:35.0627 2028 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
11:53:35.0627 2028 BTHMODEM - ok
11:53:35.0674 2028 [ F6AA1FE6ECB2C175E9BA14D30C739FD3 ] BthPan C:\windows\system32\drivers\bthpan.sys
11:53:35.0674 2028 BthPan - ok
11:53:35.0767 2028 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys
11:53:35.0767 2028 BTHPORT - ok
11:53:35.0845 2028 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
11:53:35.0845 2028 bthserv - ok
11:53:35.0892 2028 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys
11:53:35.0892 2028 BTHUSB - ok
11:53:35.0970 2028 [ B840B24D3BDBB4ADEF9FA890AE1EDD07 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
11:53:35.0970 2028 cdfs - ok
11:53:36.0095 2028 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\drivers\cdrom.sys
11:53:36.0095 2028 cdrom - ok
11:53:36.0204 2028 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
11:53:36.0204 2028 CertPropSvc - ok
11:53:36.0251 2028 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
11:53:36.0251 2028 circlass - ok
11:53:36.0345 2028 [ 97C2B12B62C18D0BC0E0F39E44A197C7 ] CLFS C:\windows\system32\CLFS.sys
11:53:36.0345 2028 CLFS - ok
11:53:36.0423 2028 [ F13EC8A783E0CB0D6DC26A3CA848B7B8 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:53:36.0423 2028 clr_optimization_v2.0.50727_32 - ok
11:53:36.0610 2028 [ 53076ABBB58EBFFB79177BEF0DB30888 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:53:36.0719 2028 clr_optimization_v4.0.30319_32 - ok
11:53:36.0766 2028 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
11:53:36.0766 2028 CmBatt - ok
11:53:36.0813 2028 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
11:53:36.0813 2028 cmdide - ok
11:53:37.0000 2028 [ 242BBB59D4B69250BE7648681149EAEF ] CNG C:\windows\system32\Drivers\cng.sys
11:53:37.0000 2028 CNG - ok
11:53:37.0031 2028 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
11:53:37.0031 2028 Compbatt - ok
11:53:37.0125 2028 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
11:53:37.0125 2028 CompositeBus - ok
11:53:37.0156 2028 COMSysApp - ok
11:53:37.0187 2028 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
11:53:37.0203 2028 crcdisk - ok
11:53:37.0218 2028 [ 3416FAA2F410343666AE31B7B5A9309D ] CryptSvc C:\windows\system32\cryptsvc.dll
11:53:37.0218 2028 CryptSvc - ok
11:53:37.0265 2028 [ A05433F6218DCB8F0DEC232DE65F8B26 ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv.sys
11:53:37.0265 2028 DAMDrv - ok
11:53:37.0296 2028 [ CE46E22C0C6AE60111AD17BCF1291A55 ] DcomLaunch C:\windows\system32\rpcss.dll
11:53:37.0312 2028 DcomLaunch - ok
11:53:37.0343 2028 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
11:53:37.0343 2028 defragsvc - ok
11:53:37.0374 2028 [ 7A067803AD6DAA139DA74334E1BCEA82 ] DfsC C:\windows\system32\Drivers\dfsc.sys
11:53:37.0374 2028 DfsC - ok
11:53:37.0421 2028 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
11:53:37.0421 2028 Dhcp - ok
11:53:37.0483 2028 [ B0B5E154F90B6F2FCC1BAD0A926170AD ] DiagTrack C:\windows\system32\diagtrack.dll
11:53:37.0499 2028 DiagTrack - ok
11:53:37.0530 2028 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
11:53:37.0530 2028 discache - ok
11:53:37.0577 2028 [ B7B470F163002A0D0E381EE45834BF6B ] Disk C:\windows\system32\drivers\disk.sys
11:53:37.0577 2028 Disk - ok
11:53:37.0655 2028 [ 2B2483A140FFFD86D5E44A08B55B4DB2 ] Dnscache C:\windows\System32\dnsrslvr.dll
11:53:37.0671 2028 Dnscache - ok
11:53:37.0749 2028 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
11:53:37.0749 2028 dot3svc - ok
11:53:37.0889 2028 [ 4441BF92614AD5BACA9CA570ACCC69F2 ] DpHost c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
11:53:37.0889 2028 DpHost - ok
11:53:37.0905 2028 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
11:53:37.0920 2028 DPS - ok
11:53:37.0936 2028 [ A3F684B866A7D89AE396276CE7AFD416 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
11:53:37.0951 2028 drmkaud - ok
11:53:37.0983 2028 [ 1BA81023882E7D498066BE260738DDC8 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
11:53:37.0983 2028 DXGKrnl - ok
11:53:38.0045 2028 [ CE6028C8DADB146357EF96902383A2C4 ] eamonm C:\windows\system32\DRIVERS\eamonm.sys
11:53:38.0061 2028 eamonm - ok
11:53:38.0107 2028 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
11:53:38.0107 2028 EapHost - ok
11:53:38.0217 2028 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
11:53:38.0232 2028 ebdrv - ok
11:53:38.0263 2028 [ B9780FF3FC28ADF46C00A6966B0E9855 ] EFS C:\windows\System32\lsass.exe
11:53:38.0263 2028 EFS - ok
11:53:38.0295 2028 [ CFA3657736C03E344ADDDBCA14D7EA4C ] ehdrv C:\windows\system32\DRIVERS\ehdrv.sys
11:53:38.0295 2028 ehdrv - ok
11:53:38.0326 2028 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
11:53:38.0341 2028 ehRecvr - ok
11:53:38.0357 2028 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
11:53:38.0357 2028 ehSched - ok
11:53:38.0388 2028 [ B11D683569B3DB24EA63174664354849 ] ekbdflt C:\windows\system32\DRIVERS\ekbdflt.sys
11:53:38.0388 2028 ekbdflt - ok
11:53:38.0544 2028 [ 975F2A69157C21219D7DAF00CAC46BCE ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
11:53:38.0560 2028 ekrn - ok
11:53:38.0622 2028 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
11:53:38.0622 2028 elxstor - ok
11:53:38.0669 2028 [ 29E736DF35D0B49D615598577F0529F5 ] epfw C:\windows\system32\DRIVERS\epfw.sys
11:53:38.0685 2028 epfw - ok
11:53:38.0716 2028 [ A584A6BED81011014F02DB7B5FF6F782 ] EpfwLWF C:\windows\system32\DRIVERS\EpfwLWF.sys
11:53:38.0716 2028 EpfwLWF - ok
11:53:38.0747 2028 [ E197538185A5838996398FB36D53F990 ] epfwwfp C:\windows\system32\DRIVERS\epfwwfp.sys
11:53:38.0747 2028 epfwwfp - ok
11:53:38.0825 2028 [ 406B0275A4C0B97E263F5BAAAEF8C993 ] ErrDev C:\windows\system32\drivers\errdev.sys
11:53:38.0825 2028 ErrDev - ok
11:53:38.0872 2028 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
11:53:38.0872 2028 EventSystem - ok
11:53:38.0903 2028 [ A6390E51CC124C252FD8CFBE523727A0 ] exfat C:\windows\system32\drivers\exfat.sys
11:53:38.0903 2028 exfat - ok
11:53:38.0919 2028 [ D80324B481809E94F10011960F635F8D ] fastfat C:\windows\system32\drivers\fastfat.sys
11:53:38.0919 2028 fastfat - ok
11:53:38.0965 2028 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
11:53:38.0981 2028 Fax - ok
11:53:38.0997 2028 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
11:53:38.0997 2028 fdc - ok
11:53:39.0012 2028 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
11:53:39.0012 2028 fdPHost - ok
11:53:39.0028 2028 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
11:53:39.0028 2028 FDResPub - ok
11:53:39.0043 2028 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
11:53:39.0043 2028 FileInfo - ok
11:53:39.0059 2028 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
11:53:39.0059 2028 Filetrace - ok
11:53:39.0090 2028 [ 7E728680AA428506A82351D859C32C95 ] FLCDLOCK c:\Windows\system32\flcdlock.exe
11:53:39.0090 2028 FLCDLOCK - ok
11:53:39.0106 2028 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
11:53:39.0106 2028 flpydisk - ok
11:53:39.0121 2028 [ F07B0E42088848BDC9F2C91780231E9D ] FltMgr C:\windows\system32\drivers\fltmgr.sys
11:53:39.0137 2028 FltMgr - ok
11:53:39.0168 2028 [ B5259B75BFDE00A5CDFD8D70444C8E3C ] FontCache C:\windows\system32\FntCache.dll
11:53:39.0184 2028 FontCache - ok
11:53:39.0215 2028 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:53:39.0215 2028 FontCache3.0.0.0 - ok
11:53:39.0246 2028 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
11:53:39.0246 2028 FsDepends - ok
11:53:39.0262 2028 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
11:53:39.0262 2028 Fs_Rec - ok
11:53:39.0277 2028 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
11:53:39.0293 2028 fvevol - ok
11:53:39.0324 2028 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
11:53:39.0324 2028 gagp30kx - ok
11:53:39.0371 2028 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\windows\system32\giveio.sys
11:53:39.0371 2028 giveio - ok
11:53:39.0402 2028 [ 8DA745095F6B73BB5B8266BF773DA1FA ] gpsvc C:\windows\System32\gpsvc.dll
11:53:39.0402 2028 gpsvc - ok
11:53:39.0418 2028 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
11:53:39.0418 2028 hcw85cir - ok
11:53:39.0465 2028 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:53:39.0465 2028 HdAudAddService - ok
11:53:39.0480 2028 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
11:53:39.0480 2028 HDAudBus - ok
11:53:39.0511 2028 [ A88485DC6A7136C10D9A6C7E38FDFE3C ] HECI C:\windows\system32\DRIVERS\HECI.sys
11:53:39.0511 2028 HECI - ok
11:53:39.0527 2028 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
11:53:39.0527 2028 HidBatt - ok
11:53:39.0543 2028 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
11:53:39.0543 2028 HidBth - ok
11:53:39.0574 2028 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
11:53:39.0574 2028 HidIr - ok
11:53:39.0605 2028 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\System32\hidserv.dll
11:53:39.0605 2028 hidserv - ok
11:53:39.0636 2028 [ 2E9DC803B3963B251406D39A6D1DB750 ] HidUsb C:\windows\system32\drivers\hidusb.sys
11:53:39.0636 2028 HidUsb - ok
11:53:39.0667 2028 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
11:53:39.0667 2028 hkmsvc - ok
11:53:39.0699 2028 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:53:39.0699 2028 HomeGroupListener - ok
11:53:39.0777 2028 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:53:39.0792 2028 HomeGroupProvider - ok
11:53:39.0839 2028 [ C84BCC03858DAEAC4DB1E95EFCCE1934 ] HP Health Check Service C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
11:53:39.0855 2028 HP Health Check Service - ok
11:53:39.0870 2028 [ CF3AE4AEAB7E3AB87122DC4DDD3A6947 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
11:53:39.0870 2028 HP Power Assistant Service - ok
11:53:39.0917 2028 [ AE2A8C80205F06BE5EDC63BE0AE9A756 ] HP ProtectTools Service c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
11:53:39.0917 2028 HP ProtectTools Service - ok
11:53:39.0964 2028 [ A2DE0A67C77EBC6DFAD3D55232790ADD ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
11:53:39.0964 2028 HP Wireless Assistant Service - ok
11:53:40.0011 2028 [ 54A4324365C835B59B76C7F1F42B2070 ] HPDayStarterService c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
11:53:40.0011 2028 HPDayStarterService - ok
11:53:40.0042 2028 [ 50AFB68513014A6894D78014483F0432 ] HPDrvMntSvc.exe c:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
11:53:40.0042 2028 HPDrvMntSvc.exe - ok
11:53:40.0057 2028 [ E1D82F0C8456ABB03B7DF5D623CA47D1 ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
11:53:40.0057 2028 hpdskflt - ok
11:53:40.0120 2028 [ 393383FE7F577B4A111B44445716FCB3 ] HpFkCryptService c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
11:53:40.0120 2028 HpFkCryptService - ok
11:53:40.0151 2028 [ C9D858E20AE696E7A0D9A05B595F850A ] HPFSService C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
11:53:40.0167 2028 HPFSService - ok
11:53:40.0213 2028 [ DF9F96E3B3AA6C6DDB33FA8C5646A632 ] hpHotkeyMonitor C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
11:53:40.0213 2028 hpHotkeyMonitor - ok
11:53:40.0245 2028 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
11:53:40.0245 2028 HpqKbFiltr - ok
11:53:40.0260 2028 [ EF3EA06057132138B4E5895A61601DBE ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
11:53:40.0260 2028 hpqwmiex - ok
11:53:40.0291 2028 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
11:53:40.0291 2028 HpSAMD - ok
11:53:40.0307 2028 [ D1F817E61D52816996B8F1EBA9A38276 ] hpsrv C:\windows\system32\Hpservice.exe
11:53:40.0307 2028 hpsrv - ok
11:53:40.0338 2028 [ E6D40D774076BCD7119CB7FAAA1A6004 ] HTTP C:\windows\system32\drivers\HTTP.sys
11:53:40.0338 2028 HTTP - ok
11:53:40.0354 2028 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
11:53:40.0354 2028 hwpolicy - ok
11:53:40.0385 2028 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
11:53:40.0385 2028 i8042prt - ok
11:53:40.0432 2028 [ F54B3DB096ABD6E9BBBD052FD3878A48 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
11:53:40.0432 2028 IAANTMON - ok
11:53:40.0447 2028 [ 01446278D4563B3013C92830AE6CBB26 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
11:53:40.0463 2028 iaStor - ok
11:53:40.0494 2028 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
11:53:40.0494 2028 iaStorV - ok
11:53:40.0588 2028 [ 3E9213A2A050BF429E91898C90F8B4E3 ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:53:40.0603 2028 idsvc - ok
11:53:40.0603 2028 IEEtwCollectorService - ok
11:53:40.0744 2028 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
11:53:40.0791 2028 igfx - ok
11:53:40.0853 2028 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
11:53:40.0853 2028 iirsp - ok
11:53:40.0900 2028 [ B9C54120F46392100478F58F374E5709 ] IKEEXT C:\windows\System32\ikeext.dll
11:53:40.0915 2028 IKEEXT - ok
11:53:40.0931 2028 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
11:53:40.0931 2028 intelide - ok
11:53:40.0962 2028 [ 2B7586CE22B6634EF2F2100BE757A52E ] intelppm C:\windows\system32\drivers\intelppm.sys
11:53:40.0962 2028 intelppm - ok
11:53:40.0993 2028 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
11:53:40.0993 2028 IPBusEnum - ok
11:53:41.0009 2028 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
11:53:41.0009 2028 IpFilterDriver - ok
11:53:41.0040 2028 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
11:53:41.0056 2028 iphlpsvc - ok
11:53:41.0071 2028 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
11:53:41.0071 2028 IPMIDRV - ok
11:53:41.0087 2028 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
11:53:41.0087 2028 IPNAT - ok
11:53:41.0118 2028 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
11:53:41.0118 2028 IRENUM - ok
11:53:41.0134 2028 [ AF8267DEB9D6D8B05041875DBF278274 ] isapnp C:\windows\system32\drivers\isapnp.sys
11:53:41.0134 2028 isapnp - ok
11:53:41.0165 2028 [ EB34CE31FABD4DC4343FD2AD16D2CAF9 ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
11:53:41.0165 2028 iScsiPrt - ok
11:53:41.0212 2028 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
11:53:41.0212 2028 kbdclass - ok
11:53:41.0227 2028 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
11:53:41.0227 2028 kbdhid - ok
11:53:41.0243 2028 [ B9780FF3FC28ADF46C00A6966B0E9855 ] KeyIso C:\windows\system32\lsass.exe
11:53:41.0243 2028 KeyIso - ok
11:53:41.0274 2028 [ 1A48DEA8FB381CA540C6F53C14A1F311 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
11:53:41.0274 2028 KSecDD - ok
11:53:41.0290 2028 [ F01FD9EDDF94609DD43695689CDF7FE6 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
11:53:41.0290 2028 KSecPkg - ok
11:53:41.0321 2028 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
11:53:41.0321 2028 KtmRm - ok
11:53:41.0352 2028 [ F09A6475CAC145776526A165A94C275A ] LanmanServer C:\windows\System32\srvsvc.dll
11:53:41.0352 2028 LanmanServer - ok
11:53:41.0383 2028 [ 0B6FC91C746AA2B0B9EC994E31B7C9B5 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
11:53:41.0383 2028 LanmanWorkstation - ok
11:53:41.0446 2028 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:53:41.0446 2028 LightScribeService - ok
11:53:41.0493 2028 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
11:53:41.0493 2028 lltdio - ok
11:53:41.0539 2028 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
11:53:41.0555 2028 lltdsvc - ok
11:53:41.0571 2028 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
11:53:41.0586 2028 lmhosts - ok
11:53:41.0680 2028 [ BB4E55778D8DE3885E1CDAC795DE7BCE ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:53:41.0680 2028 LMS - ok
11:53:41.0727 2028 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
11:53:41.0727 2028 LSI_FC - ok
11:53:41.0805 2028 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
11:53:41.0820 2028 LSI_SAS - ok
11:53:41.0836 2028 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
11:53:41.0851 2028 LSI_SAS2 - ok
11:53:41.0883 2028 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
11:53:41.0883 2028 LSI_SCSI - ok
11:53:41.0961 2028 [ 4BA509FEF4DB0B683C46821ACDF20B9E ] luafv C:\windows\system32\drivers\luafv.sys
11:53:41.0976 2028 luafv - ok
11:53:42.0054 2028 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
11:53:42.0054 2028 Mcx2Svc - ok
11:53:42.0132 2028 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
11:53:42.0132 2028 megasas - ok
11:53:42.0163 2028 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
11:53:42.0163 2028 MegaSR - ok
11:53:42.0288 2028 Microsoft SharePoint Workspace Audit Service - ok
11:53:42.0304 2028 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
11:53:42.0304 2028 MMCSS - ok
11:53:42.0319 2028 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
11:53:42.0319 2028 Modem - ok
11:53:42.0351 2028 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
11:53:42.0351 2028 monitor - ok
11:53:42.0366 2028 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\drivers\mouclass.sys
11:53:42.0366 2028 mouclass - ok
11:53:42.0397 2028 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
11:53:42.0397 2028 mouhid - ok
11:53:42.0429 2028 [ 90AC6E11AC92B6A6B97179F0E5347AD8 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
11:53:42.0429 2028 mountmgr - ok
11:53:42.0491 2028 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
11:53:42.0491 2028 mpio - ok
11:53:42.0538 2028 [ 558884111B7AF551FB97E3CF1A7BEB78 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
11:53:42.0538 2028 mpsdrv - ok
11:53:42.0569 2028 [ 0001A299C99790CDE1A320B82DDC4A21 ] MpsSvc C:\windows\system32\mpssvc.dll
11:53:42.0585 2028 MpsSvc - ok
11:53:42.0616 2028 [ 06AC0310138E4B2C35AF7344D18BC686 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
11:53:42.0616 2028 MRxDAV - ok
11:53:42.0631 2028 [ 5F93621998215BDEE3E1D5AB3E215444 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
11:53:42.0647 2028 mrxsmb - ok
11:53:42.0663 2028 [ D046316058513A3C883FC8768490D99C ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
11:53:42.0678 2028 mrxsmb10 - ok
11:53:42.0694 2028 [ 3394D1E7D383B22C65D9A44EE4E25F36 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
11:53:42.0694 2028 mrxsmb20 - ok
11:53:42.0725 2028 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
11:53:42.0725 2028 msahci - ok
11:53:42.0756 2028 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
11:53:42.0756 2028 msdsm - ok
11:53:42.0787 2028 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
11:53:42.0787 2028 MSDTC - ok
11:53:42.0819 2028 [ 6F4C58785F7E1D5F3AB77024456538F5 ] Msfs C:\windows\system32\drivers\Msfs.sys
11:53:42.0819 2028 Msfs - ok
11:53:42.0834 2028 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
11:53:42.0834 2028 mshidkmdf - ok
11:53:42.0865 2028 [ 621E468CD3AB1776F04F229476F3CCAE ] msisadrv C:\windows\system32\drivers\msisadrv.sys
11:53:42.0865 2028 msisadrv - ok
11:53:42.0897 2028 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
11:53:42.0897 2028 MSiSCSI - ok
11:53:42.0897 2028 msiserver - ok
11:53:42.0943 2028 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
11:53:42.0943 2028 MSKSSRV - ok
11:53:42.0990 2028 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
11:53:42.0990 2028 MSPCLOCK - ok
11:53:43.0053 2028 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
11:53:43.0053 2028 MSPQM - ok
11:53:43.0084 2028 [ B664C5E823B9CBD65648ECFF468C5AC6 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
11:53:43.0084 2028 MsRPC - ok
11:53:43.0099 2028 [ 641D3E30B4EB29E33DCEB9508B306A09 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
11:53:43.0099 2028 mssmbios - ok
11:53:43.0099 2028 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
11:53:43.0099 2028 MSTEE - ok
11:53:43.0115 2028 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
11:53:43.0115 2028 MTConfig - ok
11:53:43.0115 2028 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
11:53:43.0115 2028 Mup - ok
11:53:43.0146 2028 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
11:53:43.0146 2028 napagent - ok
11:53:43.0177 2028 [ 5F2B9CD280C48A8015AD70FCF4DFB758 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
11:53:43.0193 2028 NativeWifiP - ok
11:53:43.0224 2028 [ 807A9A947B033D65903A870360522748 ] NDIS C:\windows\system32\drivers\ndis.sys
11:53:43.0240 2028 NDIS - ok
11:53:43.0255 2028 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
11:53:43.0255 2028 NdisCap - ok
11:53:43.0287 2028 [ BE37B67BF2EF10B5AC9CD46118C68B1B ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
11:53:43.0287 2028 NdisTapi - ok
11:53:43.0318 2028 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
11:53:43.0318 2028 Ndisuio - ok
11:53:43.0333 2028 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
11:53:43.0333 2028 NdisWan - ok
11:53:43.0349 2028 [ BFF8583CD860101D781F0DA8C9BD7944 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
11:53:43.0349 2028 NDProxy - ok
11:53:43.0380 2028 [ EB806AED1697ABD9A0D21BB00888233C ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
11:53:43.0380 2028 NetBIOS - ok
11:53:43.0396 2028 [ 2E226E666C6E11DC8C850071A90BE2DC ] NetBT C:\windows\system32\DRIVERS\netbt.sys
11:53:43.0411 2028 NetBT - ok
11:53:43.0411 2028 [ B9780FF3FC28ADF46C00A6966B0E9855 ] Netlogon C:\windows\system32\lsass.exe
11:53:43.0411 2028 Netlogon - ok
11:53:43.0443 2028 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
11:53:43.0443 2028 Netman - ok
11:53:43.0505 2028 [ C986B84B68DDA3EECB65F4C330175522 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:53:43.0521 2028 NetMsmqActivator - ok
11:53:43.0536 2028 [ C986B84B68DDA3EECB65F4C330175522 ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:53:43.0536 2028 NetPipeActivator - ok
11:53:43.0552 2028 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
11:53:43.0552 2028 netprofm - ok
11:53:43.0567 2028 [ C986B84B68DDA3EECB65F4C330175522 ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:53:43.0567 2028 NetTcpActivator - ok
11:53:43.0567 2028 [ C986B84B68DDA3EECB65F4C330175522 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:53:43.0567 2028 NetTcpPortSharing - ok
11:53:43.0599 2028 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
11:53:43.0599 2028 nfrd960 - ok
11:53:43.0614 2028 [ F115C5CD29E512F18BD7138A094B77E5 ] NlaSvc C:\windows\System32\nlasvc.dll
11:53:43.0614 2028 NlaSvc - ok
11:53:43.0645 2028 [ 5BD7F614CCCD01D215360D905BF8C63A ] Npfs C:\windows\system32\drivers\Npfs.sys
11:53:43.0645 2028 Npfs - ok
11:53:43.0708 2028 [ 6937652377C07F86EF195F1BF5423143 ] nsi C:\windows\system32\nsisvc.dll
11:53:43.0708 2028 nsi - ok
11:53:43.0739 2028 [ C68AA651F93450ECA51A60D45A8E266C ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
11:53:43.0739 2028 nsiproxy - ok
11:53:43.0770 2028 [ 39377913AC77BA47D9FF5421636073BD ] Ntfs C:\windows\system32\drivers\Ntfs.sys
11:53:43.0786 2028 Ntfs - ok
11:53:43.0817 2028 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
11:53:43.0817 2028 Null - ok
11:53:43.0848 2028 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
11:53:43.0848 2028 nvraid - ok
11:53:43.0895 2028 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
11:53:43.0895 2028 nvstor - ok
11:53:43.0973 2028 [ 2F29F8F9BC3E16CDABFF52063FE18313 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
11:53:43.0973 2028 nv_agp - ok
11:53:44.0020 2028 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
11:53:44.0020 2028 ohci1394 - ok
11:53:44.0207 2028 [ D21AC5BC8098D309FF47132451390679 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:53:44.0207 2028 ose - ok
11:53:44.0535 2028 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:53:44.0581 2028 osppsvc - ok
11:53:44.0628 2028 [ 13AE66AAABC48BEC5C2A7149BE7649EA ] p2pimsvc C:\windows\system32\pnrpsvc.dll
11:53:44.0628 2028 p2pimsvc - ok
11:53:44.0753 2028 [ 3160E4D1773C4B7CFFE6A40F75B37AC3 ] p2psvc C:\windows\system32\p2psvc.dll
11:53:44.0753 2028 p2psvc - ok
11:53:44.0784 2028 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
11:53:44.0784 2028 Parport - ok
11:53:44.0815 2028 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
11:53:44.0815 2028 partmgr - ok
11:53:44.0831 2028 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
11:53:44.0831 2028 Parvdm - ok
11:53:44.0862 2028 [ 3B0F199839734F85FB6A9F5643FDA736 ] PcaSvc C:\windows\System32\pcasvc.dll
11:53:44.0862 2028 PcaSvc - ok
11:53:44.0878 2028 [ 38B70674B96E69B5AFA4A6B13834E894 ] pci C:\windows\system32\drivers\pci.sys
11:53:44.0878 2028 pci - ok
11:53:44.0909 2028 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
11:53:44.0909 2028 pciide - ok
11:53:44.0925 2028 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
11:53:44.0925 2028 pcmcia - ok
11:53:44.0956 2028 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
11:53:44.0956 2028 pcw - ok
11:53:44.0987 2028 pdfcDispatcher - ok
11:53:45.0096 2028 [ CEFBE4F0A011027A978F491815AA6849 ] PEAUTH C:\windows\system32\drivers\peauth.sys
11:53:45.0096 2028 PEAUTH - ok
11:53:45.0174 2028 [ 09B61B4894B05723BACE59F46EF892D4 ] pla C:\windows\system32\pla.dll
11:53:45.0190 2028 pla - ok
11:53:45.0221 2028 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
11:53:45.0237 2028 PlugPlay - ok
11:53:45.0252 2028 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
11:53:45.0252 2028 PNRPAutoReg - ok
11:53:45.0268 2028 [ 13AE66AAABC48BEC5C2A7149BE7649EA ] PNRPsvc C:\windows\system32\pnrpsvc.dll
11:53:45.0268 2028 PNRPsvc - ok
11:53:45.0299 2028 [ A2FEA7E16D8D056D2FF1EE93F9C73FB1 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
11:53:45.0299 2028 PolicyAgent - ok
11:53:45.0377 2028 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
11:53:45.0377 2028 Power - ok
11:53:45.0455 2028 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
11:53:45.0455 2028 PptpMiniport - ok
11:53:45.0502 2028 [ 77BC23FBC0419C5EA606A59CD27F63C2 ] Processor C:\windows\system32\drivers\processr.sys
11:53:45.0502 2028 Processor - ok
11:53:45.0533 2028 [ FD9692A3D31E021207D3C2A9DDDC2BE3 ] ProfSvc C:\windows\system32\profsvc.dll
11:53:45.0549 2028 ProfSvc - ok
11:53:45.0580 2028 [ B9780FF3FC28ADF46C00A6966B0E9855 ] ProtectedStorage C:\windows\system32\lsass.exe
11:53:45.0580 2028 ProtectedStorage - ok
11:53:45.0642 2028 [ DC0453903820086F9043C513FFC4E4AA ] Psched C:\windows\system32\DRIVERS\pacer.sys
11:53:45.0642 2028 Psched - ok
11:53:45.0673 2028 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
11:53:45.0673 2028 PSI_SVC_2 - ok
11:53:45.0720 2028 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
11:53:45.0736 2028 ql2300 - ok
11:53:45.0767 2028 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
11:53:45.0767 2028 ql40xx - ok
11:53:45.0829 2028 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
11:53:45.0829 2028 QWAVE - ok
11:53:45.0861 2028 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
11:53:45.0861 2028 QWAVEdrv - ok
11:53:45.0939 2028 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
11:53:45.0939 2028 RasAcd - ok
11:53:46.0001 2028 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
11:53:46.0001 2028 RasAgileVpn - ok
11:53:46.0032 2028 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
11:53:46.0032 2028 RasAuto - ok
11:53:46.0079 2028 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
11:53:46.0079 2028 Rasl2tp - ok
11:53:46.0126 2028 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
11:53:46.0126 2028 RasMan - ok
11:53:46.0173 2028 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
11:53:46.0173 2028 RasPppoe - ok
11:53:46.0219 2028 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
11:53:46.0219 2028 RasSstp - ok
11:53:46.0266 2028 [ 856D4FDA0F2FACEDD68ED8B6C52BCA14 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
11:53:46.0266 2028 rdbss - ok
11:53:46.0297 2028 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
11:53:46.0297 2028 rdpbus - ok
11:53:46.0344 2028 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
11:53:46.0344 2028 RDPCDD - ok
11:53:46.0375 2028 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
11:53:46.0375 2028 RDPENCDD - ok
11:53:46.0375 2028 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
11:53:46.0375 2028 RDPREFMP - ok
11:53:46.0438 2028 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
11:53:46.0438 2028 RdpVideoMiniport - ok
11:53:46.0500 2028 [ CD9214A6AE17D188D17C3CF8CB9CC693 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
11:53:46.0516 2028 RDPWD - ok
11:53:46.0594 2028 [ 2AA7FB156B876CAC20FC1FDEB2D1E95C ] rdyboost C:\windows\system32\drivers\rdyboost.sys
11:53:46.0594 2028 rdyboost - ok
11:53:46.0609 2028 [ 149FE64A2BD27129CB731D09AF4ACDDE ] RemoteAccess C:\windows\System32\mprdim.dll
11:53:46.0625 2028 RemoteAccess - ok
11:53:46.0672 2028 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
11:53:46.0687 2028 RemoteRegistry - ok
11:53:46.0781 2028 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
11:53:46.0781 2028 RFCOMM - ok
11:53:46.0812 2028 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
11:53:46.0828 2028 RpcEptMapper - ok
11:53:46.0890 2028 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
11:53:46.0890 2028 RpcLocator - ok
11:53:46.0968 2028 [ CE46E22C0C6AE60111AD17BCF1291A55 ] RpcSs C:\windows\system32\rpcss.dll
11:53:46.0984 2028 RpcSs - ok
11:53:47.0046 2028 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
11:53:47.0046 2028 rspndr - ok
11:53:47.0124 2028 [ 6B065C88A4C05CF44793AC2BFC331AC5 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
11:53:47.0124 2028 RSUSBSTOR - ok
11:53:47.0155 2028 [ 92787F633F2724772AA03CFFC2CCFFE0 ] RsvLock C:\windows\system32\drivers\RsvLock.sys
11:53:47.0155 2028 RsvLock - ok
11:53:47.0187 2028 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
11:53:47.0187 2028 RTL8167 - ok
11:53:47.0202 2028 [ FBF042E3750ACBF512E599B37B75BB53 ] SafeBoot C:\windows\system32\drivers\SafeBoot.sys
11:53:47.0202 2028 Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: FBF042E3750ACBF512E599B37B75BB53
11:53:47.0202 2028 SafeBoot ( LockedFile.Multi.Generic ) - warning
11:53:47.0202 2028 SafeBoot - detected LockedFile.Multi.Generic (1)
11:53:47.0233 2028 [ B9780FF3FC28ADF46C00A6966B0E9855 ] SamSs C:\windows\system32\lsass.exe
11:53:47.0233 2028 SamSs - ok
11:53:47.0249 2028 [ 7ADBB5D76FC0452A413DC01F453112A0 ] SbAlg C:\windows\system32\drivers\SbAlg.sys
11:53:47.0249 2028 SbAlg - ok
11:53:47.0265 2028 [ 0B722E0E599E9DC6C3763DAAD1B2BBE3 ] SbFsLock C:\windows\system32\drivers\SbFsLock.sys
11:53:47.0265 2028 SbFsLock - ok
11:53:47.0296 2028 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
11:53:47.0296 2028 sbp2port - ok
11:53:47.0327 2028 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
11:53:47.0327 2028 SCardSvr - ok
11:53:47.0358 2028 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
11:53:47.0358 2028 scfilter - ok
11:53:47.0405 2028 [ 6EDC06056F9D5A22789F4774E1BA3C2D ] Schedule C:\windows\system32\schedsvc.dll
11:53:47.0421 2028 Schedule - ok
11:53:47.0452 2028 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
11:53:47.0452 2028 SCPolicySvc - ok
11:53:47.0467 2028 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
11:53:47.0483 2028 SDRSVC - ok
11:53:47.0514 2028 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
11:53:47.0514 2028 secdrv - ok
11:53:47.0561 2028 [ 38CBFFED5FC39CDFE6B4014401ED2629 ] seclogon C:\windows\system32\seclogon.dll
11:53:47.0577 2028 seclogon - ok
11:53:47.0608 2028 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\system32\sens.dll
11:53:47.0608 2028 SENS - ok
11:53:47.0686 2028 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
11:53:47.0686 2028 SensrSvc - ok
11:53:47.0701 2028 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
11:53:47.0701 2028 Serenum - ok
11:53:47.0717 2028 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
11:53:47.0717 2028 Serial - ok
11:53:47.0748 2028 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
11:53:47.0748 2028 sermouse - ok
11:53:47.0826 2028 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
11:53:47.0826 2028 SessionEnv - ok
11:53:47.0904 2028 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
11:53:47.0904 2028 sffdisk - ok
11:53:47.0935 2028 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
11:53:47.0935 2028 sffp_mmc - ok
11:53:47.0967 2028 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
11:53:47.0967 2028 sffp_sd - ok
11:53:48.0013 2028 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
11:53:48.0013 2028 sfloppy - ok
11:53:48.0045 2028 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
11:53:48.0060 2028 SharedAccess - ok
11:53:48.0091 2028 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:53:48.0091 2028 ShellHWDetection - ok
11:53:48.0123 2028 [ F6431A68115477694CC8E772051119C4 ] sisagp C:\windows\system32\drivers\sisagp.sys
11:53:48.0138 2028 sisagp - ok
11:53:48.0169 2028 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
11:53:48.0169 2028 SiSRaid2 - ok
11:53:48.0185 2028 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
11:53:48.0185 2028 SiSRaid4 - ok
11:53:48.0201 2028 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
11:53:48.0201 2028 Smb - ok
11:53:48.0247 2028 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
11:53:48.0247 2028 SNMPTRAP - ok
11:53:48.0294 2028 [ 1FDD4915FD7E49D320AA8EEC9827EB09 ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys
11:53:48.0294 2028 SNP2UVC - ok
11:53:48.0388 2028 [ DC8D2952FB6FFBAEC67BD1B93A34DF11 ] speedfan C:\windows\system32\speedfan.sys
11:53:48.0403 2028 speedfan - ok
11:53:48.0435 2028 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
11:53:48.0435 2028 spldr - ok
11:53:48.0591 2028 [ E3A9C44EB94D3821AD752CD7C7A8AE8F ] Spooler C:\windows\System32\spoolsv.exe
11:53:48.0606 2028 Spooler - ok
11:53:48.0809 2028 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
11:53:48.0840 2028 sppsvc - ok
11:53:48.0903 2028 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
11:53:48.0903 2028 sppuinotify - ok
11:53:48.0949 2028 [ 6413A55A7335063AA4B1198B4C27A039 ] srv C:\windows\system32\DRIVERS\srv.sys
11:53:48.0949 2028 srv - ok

Uživatelský avatar
Hastalda
Level 2.5
Level 2.5
Příspěvky: 272
Registrován: květen 12
Bydliště: Český Šternberk
Pohlaví: Žena

Re: Zobrazení lokálního hosta - změny nad vlastníkem PC

Příspěvekod Hastalda » 22 bře 2019 12:19

11:53:49.0027 2028 [ E28C27B03A1D00579A253889D3C724EF ] srv2 C:\windows\system32\DRIVERS\srv2.sys
11:53:49.0027 2028 srv2 - ok
11:53:49.0059 2028 [ F43D0D94E1E74799EE1F0D27DC231680 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
11:53:49.0059 2028 srvnet - ok
11:53:49.0090 2028 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
11:53:49.0105 2028 SSDPSRV - ok
11:53:49.0105 2028 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
11:53:49.0121 2028 SstpSvc - ok
11:53:49.0339 2028 [ 90F4AB6DEDE1D075FC9656675D95C03B ] STacSV C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9fc8b38ddee9fbba\STacSV.exe
11:53:49.0339 2028 STacSV - ok
11:53:49.0355 2028 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
11:53:49.0371 2028 stexstor - ok
11:53:49.0402 2028 [ 4E5C74BD3244139ECAA73CC2C0F8B86B ] STHDA C:\windows\system32\DRIVERS\stwrt.sys
11:53:49.0402 2028 STHDA - ok
11:53:49.0433 2028 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
11:53:49.0449 2028 StiSvc - ok
11:53:49.0464 2028 [ 09CC36B58A2F308DC7BBA5E32C2D610A ] swenum C:\windows\system32\drivers\swenum.sys
11:53:49.0464 2028 swenum - ok
11:53:49.0495 2028 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
11:53:49.0495 2028 swprv - ok
11:53:49.0527 2028 [ 07FDB043F69EB95E1DAD7CE16B95BDD3 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
11:53:49.0527 2028 SynTP - ok
11:53:49.0558 2028 [ 63B01C516B6F79678CBBD1F192A7C689 ] SysMain C:\windows\system32\sysmain.dll
11:53:49.0573 2028 SysMain - ok
11:53:49.0589 2028 [ A5243B41F0FAAC2DA7410A6D2CF6FED8 ] TabletInputService C:\windows\System32\TabSvc.dll
11:53:49.0589 2028 TabletInputService - ok
11:53:49.0620 2028 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
11:53:49.0620 2028 TapiSrv - ok
11:53:49.0776 2028 [ 7E7E7C88F84BD285F6C04E9B81985172 ] Tcpip C:\windows\system32\drivers\tcpip.sys
11:53:49.0792 2028 Tcpip - ok
11:53:49.0885 2028 [ 7E7E7C88F84BD285F6C04E9B81985172 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
11:53:49.0901 2028 TCPIP6 - ok
11:53:49.0932 2028 [ A4BF8BE9D1F7D563C7868AC7B2561545 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
11:53:49.0932 2028 tcpipreg - ok
11:53:49.0979 2028 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
11:53:49.0979 2028 TDPIPE - ok
11:53:50.0026 2028 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
11:53:50.0026 2028 TDTCP - ok
11:53:50.0073 2028 [ 8F143F86FDD8CF4F7BD25973C5983F9D ] tdx C:\windows\system32\DRIVERS\tdx.sys
11:53:50.0073 2028 tdx - ok
11:53:50.0135 2028 [ A195C59AB3A95D0ABB2A830DEE18BA5A ] TermDD C:\windows\system32\drivers\termdd.sys
11:53:50.0135 2028 TermDD - ok
11:53:50.0197 2028 [ 7B16A8166DA48B580FCC951F02391CE0 ] TermService C:\windows\System32\termsrv.dll
11:53:50.0197 2028 TermService - ok
11:53:50.0229 2028 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
11:53:50.0229 2028 Themes - ok
11:53:50.0244 2028 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
11:53:50.0244 2028 THREADORDER - ok
11:53:50.0275 2028 [ F0E99E1982E78251A564159EB1D22CBE ] TPM C:\windows\system32\drivers\tpm.sys
11:53:50.0275 2028 TPM - ok
11:53:50.0291 2028 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
11:53:50.0291 2028 TrkWks - ok
11:53:50.0322 2028 [ 0C997B061E3C66BD9E927C1288EB1CC7 ] TrueSight C:\Windows\System32\drivers\truesight.sys
11:53:50.0322 2028 TrueSight - ok
11:53:50.0369 2028 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:53:50.0369 2028 TrustedInstaller - ok
11:53:50.0400 2028 [ 6841C85446F906E4584D43A70484E318 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
11:53:50.0400 2028 tssecsrv - ok
11:53:50.0447 2028 [ C6A5FBD4977305E1FA23E02C042DB463 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
11:53:50.0447 2028 TsUsbFlt - ok
11:53:50.0556 2028 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
11:53:50.0556 2028 tunnel - ok
11:53:50.0587 2028 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
11:53:50.0587 2028 uagp35 - ok
11:53:50.0665 2028 [ C92E13E0DB1548455CFFC4AAF80FDFE7 ] uArcCapture C:\windows\system32\uArcCapture.exe
11:53:50.0681 2028 uArcCapture - ok
11:53:50.0697 2028 [ 45EB4490AF612757F2946124BFEBA201 ] udfs C:\windows\system32\DRIVERS\udfs.sys
11:53:50.0697 2028 udfs - ok
11:53:50.0728 2028 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
11:53:50.0728 2028 UI0Detect - ok
11:53:50.0806 2028 [ B67EC49FF15FE5E894B0A8A1A9472200 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
11:53:50.0806 2028 uliagpkx - ok
11:53:50.0884 2028 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\DRIVERS\umbus.sys
11:53:50.0884 2028 umbus - ok
11:53:50.0931 2028 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
11:53:50.0931 2028 UmPass - ok
11:53:51.0445 2028 [ 44AA8D5D3B3B5610FEF46CA8A9C52D8C ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:53:51.0508 2028 UNS - ok
11:53:51.0539 2028 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
11:53:51.0555 2028 upnphost - ok
11:53:51.0601 2028 [ 764A30ED4308B23DA0FCA5A470B482C8 ] usbccgp C:\windows\system32\drivers\usbccgp.sys
11:53:51.0601 2028 usbccgp - ok
11:53:51.0633 2028 [ 2352AB5F9F8F097BF9D41D5A4718A041 ] usbcir C:\windows\system32\drivers\usbcir.sys
11:53:51.0633 2028 usbcir - ok
11:53:51.0726 2028 [ 4BE9DD318A53D54F5FC11A15335E119E ] usbehci C:\windows\system32\drivers\usbehci.sys
11:53:51.0726 2028 usbehci - ok
11:53:51.0742 2028 [ 312EDEAFD38D0AF9CA8BB9453E6F908E ] usbhub C:\windows\system32\drivers\usbhub.sys
11:53:51.0757 2028 usbhub - ok
11:53:51.0773 2028 [ 836EC4896FA1A65334EC814709AE16CD ] usbohci C:\windows\system32\drivers\usbohci.sys
11:53:51.0773 2028 usbohci - ok
11:53:51.0789 2028 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
11:53:51.0789 2028 usbprint - ok
11:53:51.0820 2028 [ FC6B21DB4B5B398AB93DBE59CBF11036 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
11:53:51.0820 2028 usbscan - ok
11:53:51.0851 2028 [ 144DA53294922A84FFAA3D90B1453745 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
11:53:51.0851 2028 USBSTOR - ok
11:53:51.0867 2028 [ 23F648DA0FC7FD40B7A002FC612CB5EC ] usbuhci C:\windows\system32\drivers\usbuhci.sys
11:53:51.0867 2028 usbuhci - ok
11:53:51.0898 2028 [ DE014425522610BEDCA3821BB8C0F1D5 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
11:53:51.0913 2028 usbvideo - ok
11:53:51.0929 2028 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
11:53:51.0929 2028 UxSms - ok
11:53:51.0945 2028 [ B9780FF3FC28ADF46C00A6966B0E9855 ] VaultSvc C:\windows\system32\lsass.exe
11:53:51.0945 2028 VaultSvc - ok
11:53:51.0991 2028 [ FC6F12C84F7194B77EC9AF9F46F68ADC ] vcsFPService C:\windows\system32\vcsFPService.exe
11:53:52.0007 2028 vcsFPService - ok
11:53:52.0038 2028 [ 85DA3F86D58E4A3F041C41D951C53EDA ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
11:53:52.0038 2028 vdrvroot - ok
11:53:52.0069 2028 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
11:53:52.0085 2028 vds - ok
11:53:52.0101 2028 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
11:53:52.0116 2028 vga - ok
11:53:52.0116 2028 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
11:53:52.0116 2028 VgaSave - ok
11:53:52.0147 2028 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
11:53:52.0147 2028 vhdmp - ok
11:53:52.0179 2028 [ B085CD21FE6E9C51E6AC1C2B7DF7EC2F ] viaagp C:\windows\system32\drivers\viaagp.sys
11:53:52.0194 2028 viaagp - ok
11:53:52.0210 2028 [ C0DCB807A791D3CC631817A25F636884 ] ViaC7 C:\windows\system32\drivers\viac7.sys
11:53:52.0210 2028 ViaC7 - ok
11:53:52.0241 2028 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
11:53:52.0241 2028 viaide - ok
11:53:52.0257 2028 [ DC114DF0E9C458A8A65C1DC616689CBB ] volmgr C:\windows\system32\drivers\volmgr.sys
11:53:52.0257 2028 volmgr - ok
11:53:52.0288 2028 [ 21D83DD717E8D681364A5E44A5459717 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
11:53:52.0288 2028 volmgrx - ok
11:53:52.0303 2028 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
11:53:52.0303 2028 volsnap - ok
11:53:52.0319 2028 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
11:53:52.0319 2028 vsmraid - ok
11:53:52.0350 2028 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
11:53:52.0366 2028 VSS - ok
11:53:52.0381 2028 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
11:53:52.0381 2028 vwifibus - ok
11:53:52.0397 2028 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
11:53:52.0397 2028 vwififlt - ok
11:53:52.0428 2028 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
11:53:52.0428 2028 vwifimp - ok
11:53:52.0522 2028 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
11:53:52.0522 2028 W32Time - ok
11:53:52.0537 2028 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
11:53:52.0553 2028 WacomPen - ok
11:53:52.0569 2028 [ 5BE7B849F10B49FE0CF6DA5195329FC3 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
11:53:52.0569 2028 WANARP - ok
11:53:52.0584 2028 [ 5BE7B849F10B49FE0CF6DA5195329FC3 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
11:53:52.0584 2028 Wanarpv6 - ok
11:53:52.0631 2028 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
11:53:52.0647 2028 wbengine - ok
11:53:52.0678 2028 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
11:53:52.0678 2028 WbioSrvc - ok
11:53:52.0709 2028 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
11:53:52.0725 2028 wcncsvc - ok
11:53:52.0756 2028 [ 2AF284D0737FE5BCB3581DA8C536CDF7 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:53:52.0756 2028 WcsPlugInService - ok
11:53:52.0834 2028 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
11:53:52.0834 2028 Wd - ok
11:53:52.0881 2028 [ 5A833408ACFEADB92C7BEB2E7DB6B9BF ] WDC_SAM C:\windows\system32\DRIVERS\wdcsam.sys
11:53:52.0881 2028 WDC_SAM - ok
11:53:52.0990 2028 [ 25944D2CC49E0A6C581D02A74B7D6645 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
11:53:53.0005 2028 Wdf01000 - ok
11:53:53.0052 2028 [ DDE994E9159497D0D5AB2CDF66D1EAD6 ] WdiServiceHost C:\windows\system32\wdi.dll
11:53:53.0052 2028 WdiServiceHost - ok
11:53:53.0052 2028 [ DDE994E9159497D0D5AB2CDF66D1EAD6 ] WdiSystemHost C:\windows\system32\wdi.dll
11:53:53.0052 2028 WdiSystemHost - ok
11:53:53.0099 2028 [ DC54D7A40B6E18E5C7F592F836D163FF ] WebClient C:\windows\System32\webclnt.dll
11:53:53.0115 2028 WebClient - ok
11:53:53.0177 2028 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
11:53:53.0177 2028 Wecsvc - ok
11:53:53.0208 2028 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
11:53:53.0208 2028 wercplsupport - ok
11:53:53.0286 2028 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
11:53:53.0286 2028 WerSvc - ok
11:53:53.0364 2028 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
11:53:53.0364 2028 WfpLwf - ok
11:53:53.0380 2028 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
11:53:53.0380 2028 WIMMount - ok
11:53:53.0442 2028 [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:53:53.0442 2028 WinDefend - ok
11:53:53.0458 2028 WinHttpAutoProxySvc - ok
11:53:53.0489 2028 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
11:53:53.0489 2028 Winmgmt - ok
11:53:53.0520 2028 [ 8949A93520F7008C3B7AD320A0EEA267 ] WinRM C:\windows\system32\WsmSvc.dll
11:53:53.0536 2028 WinRM - ok
11:53:53.0583 2028 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
11:53:53.0583 2028 WinUsb - ok
11:53:53.0629 2028 [ BB5D5249C49DB0D9B08AFB220019E1CF ] Wlansvc C:\windows\System32\wlansvc.dll
11:53:53.0629 2028 Wlansvc - ok
11:53:53.0661 2028 [ 5FBD0275F0517F8A1E04FDDE749B3AF5 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
11:53:53.0661 2028 WmiAcpi - ok
11:53:53.0723 2028 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
11:53:53.0723 2028 wmiApSrv - ok
11:53:53.0817 2028 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:53:53.0848 2028 WMPNetworkSvc - ok
11:53:53.0879 2028 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
11:53:53.0879 2028 WPCSvc - ok
11:53:53.0926 2028 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
11:53:53.0926 2028 WPDBusEnum - ok
11:53:54.0004 2028 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
11:53:54.0004 2028 ws2ifsl - ok
11:53:54.0051 2028 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\system32\wscsvc.dll
11:53:54.0051 2028 wscsvc - ok
11:53:54.0066 2028 WSearch - ok
11:53:54.0129 2028 [ C4F960408339FBBBE7871D1173EF50CD ] wuauserv C:\windows\system32\wuaueng.dll
11:53:54.0144 2028 wuauserv - ok
11:53:54.0175 2028 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
11:53:54.0175 2028 WudfPf - ok
11:53:54.0207 2028 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
11:53:54.0207 2028 WUDFRd - ok
11:53:54.0238 2028 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
11:53:54.0238 2028 wudfsvc - ok
11:53:54.0269 2028 [ 7CC38741B8F68F1E0D5D79DA6123666A ] WwanSvc C:\windows\System32\wwansvc.dll
11:53:54.0269 2028 WwanSvc - ok
11:53:54.0300 2028 [ 06897B431C07886454E0681723DD53E6 ] ZAM C:\windows\System32\drivers\zam32.sys
11:53:54.0300 2028 ZAM - ok
11:53:55.0127 2028 [ 864FA7B8856FE853D381045771DB30E9 ] ZAMSvc C:\Program Files\Zemana AntiMalware\ZAM.exe
11:53:55.0221 2028 ZAMSvc - ok
11:53:55.0299 2028 [ 06897B431C07886454E0681723DD53E6 ] ZAM_Guard C:\windows\System32\drivers\zamguard32.sys
11:53:55.0299 2028 ZAM_Guard - ok
11:53:55.0361 2028 ================ Scan global ===============================
11:53:55.0377 2028 [ 5E7C5DE85AF978495C3A9A0B720B9811 ] C:\windows\system32\basesrv.dll
11:53:55.0455 2028 [ F3030FF6EFAC833472658A946EB6DE45 ] C:\windows\system32\winsrv.dll
11:53:55.0470 2028 [ F3030FF6EFAC833472658A946EB6DE45 ] C:\windows\system32\winsrv.dll
11:53:55.0501 2028 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
11:53:55.0611 2028 [ 0780A42DBD7D9969F9BF4A19AA4285B5 ] C:\windows\system32\services.exe
11:53:55.0626 2028 [Global] - ok
11:53:55.0626 2028 ================ Scan MBR ==================================
11:53:55.0642 2028 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:53:55.0891 2028 \Device\Harddisk0\DR0 - ok
11:53:55.0891 2028 ================ Scan VBR ==================================
11:53:55.0907 2028 [ 1BE9EC0C18449F5805D7C803F95B748D ] \Device\Harddisk0\DR0\Partition1
11:53:55.0907 2028 \Device\Harddisk0\DR0\Partition1 - ok
11:53:55.0954 2028 [ 7CCDBDF408C512004EE521F29770747D ] \Device\Harddisk0\DR0\Partition2
11:53:55.0954 2028 \Device\Harddisk0\DR0\Partition2 - ok
11:53:55.0969 2028 [ 392E71D268AA8CF0F1A1186182C5F590 ] \Device\Harddisk0\DR0\Partition3
11:53:55.0985 2028 \Device\Harddisk0\DR0\Partition3 - ok
11:53:56.0001 2028 [ 50515C2574D62C696A90F6EFDE566752 ] \Device\Harddisk0\DR0\Partition4
11:53:56.0001 2028 \Device\Harddisk0\DR0\Partition4 - ok
11:53:56.0001 2028 ============================================================
11:53:56.0001 2028 Scan finished
11:53:56.0001 2028 ============================================================
11:53:56.0172 2820 Detected object count: 1
11:53:56.0172 2820 Actual detected object count: 1
11:54:18.0480 2820 SafeBoot ( LockedFile.Multi.Generic ) - skipped by user
11:54:18.0480 2820 SafeBoot ( LockedFile.Multi.Generic ) - User select action: Skip

Uživatelský avatar
Hastalda
Level 2.5
Level 2.5
Příspěvky: 272
Registrován: květen 12
Bydliště: Český Šternberk
Pohlaví: Žena

Re: Zobrazení lokálního hosta - změny nad vlastníkem PC

Příspěvekod Hastalda » 22 bře 2019 12:20

Vkládám výsledný log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-03-2019
Ran by Žeryk (administrator) on ŽERYK-NB (22-03-2019 11:59:00)
Running from C:\Users\Žeryk\Desktop
Loaded Profiles: Žeryk (Available Profiles: Žeryk)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
(MCAFEE INTERNATIONAL LTD. -> McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9fc8b38ddee9fbba\stacsv.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Windows\System32\hpservice.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9fc8b38ddee9fbba\AEstSrv.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(PDF Complete -> PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Protexis Inc. -> Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(ArcSoft, Inc. -> ArcSoft, Inc.) C:\Windows\System32\uArcCapture.exe
(Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.) C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [254520 2010-01-05] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-25] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [563736 2009-10-23] (PDF Complete -> PDF Complete Inc)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1690680 2009-12-16] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2009-12-16] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [File Sanitizer] => C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11265536 2009-12-12] (Hewlett-Packard) [File not signed]
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-12-09] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [ZAM] => C:\Program Files\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.)
HKU\S-1-5-21-758666899-2211297156-3181642844-1002\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company) [File not signed]
HKU\S-1-5-21-758666899-2211297156-3181642844-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\System32\scrnsave.scr [10240 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{10880D85-AAD9-4558-ABDC-2AB1552D831F}] -> C:\Program Files\Common Files\LightScribe\LSRunOnce.exe [2009-06-17] (Hewlett-Packard Company -> Hewlett-Packard Company)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Žeryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3540 series.lnk [2019-03-22]
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 3540 series.lnk -> C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPStatusBL.dll (Hewlett Packard -> Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2CEC74FE-6A34-4E3C-B0E1-0B37EB3855C7}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-758666899-2211297156-3181642844-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
HKU\S-1-5-21-758666899-2211297156-3181642844-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-12-12] (Hewlett-Packard) [File not signed]
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2009-12-03] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-10-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-10-02] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2010-02-02] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-10-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-10-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9fc8b38ddee9fbba\aestsrv.exe [81920 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AMD External Events Utility; C:\windows\system32\atiesrxx.exe [172032 2009-12-08] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300808 2009-11-25] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2185272 2018-05-25] (ESET, spol. s r.o. -> ESET)
S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [362040 2009-11-17] (Hewlett-Packard Company -> Hewlett-Packard Ltd)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [120832 2009-10-15] (Hewlett-Packard) [File not signed]
R2 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [102968 2009-12-16] (Hewlett-Packard Company -> Hewlett-Packard)
S2 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2009-11-19] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [102968 2009-12-16] (Hewlett-Packard Company -> Hewlett-Packard)
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [81920 2010-01-07] (Hewlett-Packard Company) [File not signed]
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2009-12-16] (MCAFEE INTERNATIONAL LTD. -> McAfee, Inc.)
R2 HPFSService; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2009-12-12] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-01-05] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-10-23] (PDF Complete -> PDF Complete Inc)
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9fc8b38ddee9fbba\STacSV.exe [229461 2009-12-03] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 uArcCapture; C:\windows\system32\uArcCapture.exe [506472 2009-12-04] (ArcSoft, Inc. -> ArcSoft, Inc.)
S2 vcsFPService; C:\windows\system32\vcsFPService.exe [1639728 2009-12-14] (Validity Sensors, Inc -> Validity Sensors, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [33848 2009-07-08] (Hewlett-Packard Company -> Hewlett-Packard)
S3 AgereSoftModem; C:\windows\System32\DRIVERS\AGRSM.sys [1035776 2009-07-13] (Microsoft Windows -> LSI Corp)
R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [29824 2009-12-04] (ArcSoft, Inc. -> ArcSoft, Inc.)
R3 athr; C:\windows\System32\DRIVERS\athr.sys [1221632 2009-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 AtiHdmiService; C:\windows\System32\drivers\AtiHdmi.sys [100352 2009-11-18] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies, Inc.)
R3 atikmdag; C:\windows\System32\DRIVERS\atikmdag.sys [5092864 2009-12-08] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv.sys [32312 2009-10-21] (Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.)
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [209576 2018-04-18] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [158616 2018-04-18] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\windows\System32\DRIVERS\ekbdflt.sys [123808 2018-07-20] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\windows\System32\DRIVERS\epfw.sys [165336 2018-04-18] (ESET, spol. s r.o. -> ESET)
R1 EpfwLWF; C:\windows\System32\DRIVERS\EpfwLWF.sys [53752 2018-04-18] (ESET, spol. s r.o. -> ESET)
R0 epfwwfp; C:\windows\System32\DRIVERS\epfwwfp.sys [72424 2018-04-18] (ESET, spol. s r.o. -> ESET)
R2 giveio; C:\windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 HECI; C:\windows\System32\DRIVERS\HECI.sys [41088 2009-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R0 hpdskflt; C:\windows\System32\DRIVERS\hpdskflt.sys [25656 2009-07-08] (Hewlett-Packard Company -> Hewlett-Packard)
R3 HpqKbFiltr; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [15872 2009-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Development Company, L.P.)
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [40088 2009-12-16] (MCAFEE INTERNATIONAL LTD. -> McAfee, Inc.)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [110520 2009-12-16] () [File not signed]
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [51800 2009-12-16] (MCAFEE INTERNATIONAL LTD. -> McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [13256 2009-12-16] (MCAFEE INTERNATIONAL LTD. -> McAfee, Inc.)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1763968 2009-12-18] (SONIX TECHNOLOGY CO. , LTD -> )
R2 speedfan; C:\windows\system32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 STHDA; C:\windows\System32\DRIVERS\stwrt.sys [423424 2009-12-03] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [24688 2019-02-13] (Adlice -> )
S3 WDC_SAM; C:\windows\System32\DRIVERS\wdcsam.sys [20256 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R1 ZAM; C:\windows\System32\drivers\zam32.sys [181496 2019-02-13] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard32.sys [181496 2019-02-13] (Zemana Ltd. -> Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-22 11:59 - 2019-03-22 11:59 - 000018275 _____ C:\Users\Žeryk\Desktop\FRST.txt
2019-03-22 11:58 - 2019-03-22 11:59 - 000000000 ____D C:\FRST
2019-03-22 11:53 - 2019-03-22 11:58 - 000141254 _____ C:\TDSSKiller.2.8.16.0_22.03.2019_11.53.13_log.txt
2019-03-22 11:52 - 2013-02-11 18:51 - 002237968 _____ (Kaspersky Lab ZAO) C:\Users\Žeryk\Desktop\TDSSKiller.exe
2019-03-22 11:52 - 2011-01-01 01:14 - 000002254 ____R C:\Users\Žeryk\Desktop\eula.txt
2019-03-22 11:51 - 2019-03-22 11:52 - 001793024 _____ (Farbar) C:\Users\Žeryk\Desktop\FRST.exe
2019-03-22 11:50 - 2019-03-22 11:50 - 002218636 _____ C:\Users\Žeryk\Desktop\tdsskiller.zip
2019-03-22 11:47 - 2019-03-22 11:47 - 000000000 ____D C:\Users\Žeryk\AppData\Local\ATI
2019-03-21 21:47 - 2019-03-15 15:49 - 000321024 _____ (Microsoft Corporation) C:\windows\system32\sipnotify.exe
2019-03-21 20:53 - 2019-03-21 20:53 - 000000000 ____D C:\Users\Žeryk\AppData\Roaming\Jpeg Resampler
2019-03-21 20:48 - 2019-03-21 20:48 - 000000000 ____D C:\Users\Žeryk\AppData\Roaming\Zoner
2019-03-21 20:48 - 2019-03-21 20:48 - 000000000 ____D C:\Users\Žeryk\AppData\Local\Zoner
2019-03-21 20:24 - 2019-03-21 20:36 - 000000000 ____D C:\KRD2018_Data
2019-03-20 19:07 - 2019-03-20 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2019-03-13 08:10 - 2019-03-06 04:04 - 004055784 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2019-03-13 08:10 - 2019-03-06 04:04 - 003960552 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2019-03-13 08:10 - 2019-03-06 04:04 - 000189672 _____ (Microsoft Corporation) C:\windows\system32\halmacpi.dll
2019-03-13 08:10 - 2019-03-06 04:04 - 000189672 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2019-03-13 08:10 - 2019-03-06 04:04 - 000137960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2019-03-13 08:10 - 2019-03-06 04:04 - 000136424 _____ (Microsoft Corporation) C:\windows\system32\halacpi.dll
2019-03-13 08:10 - 2019-03-06 04:04 - 000067304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2019-03-13 08:10 - 2019-03-06 04:02 - 001310520 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 001072640 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000872448 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000556032 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000294400 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000261120 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000254464 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000223232 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000171008 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000167936 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000141312 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000070144 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2019-03-13 08:10 - 2019-03-06 04:01 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000644096 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000082432 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 03:41 - 000097792 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2019-03-13 08:10 - 2019-03-06 03:41 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2019-03-13 08:10 - 2019-03-06 03:41 - 000029696 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2019-03-13 08:10 - 2019-03-06 03:41 - 000016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2019-03-13 08:10 - 2019-03-06 03:41 - 000009728 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2019-03-13 08:10 - 2019-03-06 03:40 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2019-03-13 08:10 - 2019-03-06 03:39 - 002405376 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2019-03-13 08:10 - 2019-03-06 03:39 - 000271360 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2019-03-13 08:10 - 2019-03-06 03:39 - 000262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2019-03-13 08:10 - 2019-03-06 03:39 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2019-03-13 08:10 - 2019-03-06 03:37 - 000317440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2019-03-13 08:10 - 2019-03-06 03:37 - 000314880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2019-03-13 08:10 - 2019-03-06 03:37 - 000226304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2019-03-13 08:10 - 2019-03-06 03:37 - 000126464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2019-03-13 08:10 - 2019-03-06 03:37 - 000117248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2019-03-13 08:10 - 2019-03-06 03:37 - 000098816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2019-03-13 08:10 - 2019-03-06 03:36 - 000069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2019-03-13 08:10 - 2019-03-06 03:36 - 000055296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2019-03-13 08:10 - 2019-03-06 03:36 - 000053760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2019-03-13 08:10 - 2019-03-06 03:36 - 000053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\viac7.sys
2019-03-13 08:10 - 2019-03-06 03:36 - 000052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2019-03-13 08:10 - 2019-03-06 03:36 - 000052224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2019-03-13 08:10 - 2019-03-06 03:36 - 000036352 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2019-03-13 08:10 - 2019-03-06 03:36 - 000035328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys
2019-03-13 08:10 - 2019-03-06 03:36 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2019-03-13 08:10 - 2019-03-06 03:36 - 000015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2019-03-13 08:10 - 2019-03-06 03:36 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 03:36 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 03:36 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-03-13 08:10 - 2019-03-06 03:36 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-03-13 08:10 - 2019-03-05 03:40 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2019-03-13 08:10 - 2019-03-05 03:40 - 000026368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2019-03-13 08:10 - 2019-03-05 03:40 - 000024064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys
2019-03-13 08:10 - 2019-02-26 22:47 - 000348984 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2019-03-13 08:10 - 2019-02-26 08:25 - 020281856 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2019-03-13 08:10 - 2019-02-26 08:19 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2019-03-13 08:10 - 2019-02-26 08:19 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2019-03-13 08:10 - 2019-02-26 08:07 - 000498176 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2019-03-13 08:10 - 2019-02-26 08:07 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2019-03-13 08:10 - 2019-02-26 08:06 - 000341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2019-03-13 08:10 - 2019-02-26 08:06 - 000047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2019-03-13 08:10 - 2019-02-26 08:05 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2019-03-13 08:10 - 2019-02-26 08:04 - 002295808 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2019-03-13 08:10 - 2019-02-26 08:01 - 000047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2019-03-13 08:10 - 2019-02-26 08:00 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2019-03-13 08:10 - 2019-02-26 07:58 - 000476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2019-03-13 08:10 - 2019-02-26 07:57 - 000663040 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2019-03-13 08:10 - 2019-02-26 07:57 - 000620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2019-03-13 08:10 - 2019-02-26 07:57 - 000115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2019-03-13 08:10 - 2019-02-26 07:57 - 000104960 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2019-03-13 08:10 - 2019-02-26 07:51 - 000668160 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2019-03-13 08:10 - 2019-02-26 07:49 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2019-03-13 08:10 - 2019-02-26 07:44 - 000073216 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2019-03-13 08:10 - 2019-02-26 07:44 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2019-03-13 08:10 - 2019-02-26 07:43 - 000091136 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2019-03-13 08:10 - 2019-02-26 07:41 - 000168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2019-03-13 08:10 - 2019-02-26 07:41 - 000076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2019-03-13 08:10 - 2019-02-26 07:39 - 000279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2019-03-13 08:10 - 2019-02-26 07:38 - 000130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2019-03-13 08:10 - 2019-02-26 07:35 - 004494848 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2019-03-13 08:10 - 2019-02-26 07:33 - 000230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2019-03-13 08:10 - 2019-02-26 07:31 - 002059776 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2019-03-13 08:10 - 2019-02-26 07:31 - 000696320 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2019-03-13 08:10 - 2019-02-26 07:31 - 000692224 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2019-03-13 08:10 - 2019-02-26 07:30 - 001155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2019-03-13 08:10 - 2019-02-26 07:29 - 013681664 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2019-03-13 08:10 - 2019-02-26 07:12 - 004386304 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2019-03-13 08:10 - 2019-02-26 07:09 - 001332224 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2019-03-13 08:10 - 2019-02-26 07:07 - 000710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2019-03-13 08:10 - 2019-02-22 03:56 - 000004608 _____ (Microsoft Corporation) C:\windows\system32\msimg32.dll
2019-03-13 08:10 - 2019-02-22 03:55 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2019-03-13 08:10 - 2019-02-22 03:35 - 000313344 _____ (Microsoft Corporation) C:\windows\system32\msrd2x40.dll
2019-03-13 08:10 - 2019-02-16 06:50 - 001425920 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2019-03-13 08:10 - 2019-02-16 06:50 - 000781824 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2019-03-13 08:10 - 2019-02-16 06:50 - 000583680 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2019-03-13 08:10 - 2019-02-16 06:50 - 000380928 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2019-03-13 08:10 - 2019-02-16 06:50 - 000321536 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2019-03-13 08:10 - 2019-02-16 06:50 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2019-03-13 08:10 - 2019-02-16 06:33 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2019-03-13 08:10 - 2019-02-15 16:58 - 000382976 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2019-03-13 08:10 - 2019-02-15 16:58 - 000320512 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2019-03-13 08:10 - 2019-02-15 16:38 - 000360960 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2019-03-13 08:10 - 2019-02-15 16:38 - 000053760 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2019-03-13 08:10 - 2019-02-15 16:38 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
2019-03-13 08:10 - 2019-02-15 16:38 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll
2019-03-13 08:10 - 2019-02-10 17:43 - 001214176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2019-03-13 08:10 - 2019-02-10 17:18 - 000247296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2019-03-13 08:10 - 2019-02-10 17:18 - 000148992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fastfat.sys
2019-03-13 08:10 - 2019-02-10 17:18 - 000142336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\exfat.sys
2019-03-13 08:10 - 2019-02-10 17:18 - 000070656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cdfs.sys
2019-03-13 08:10 - 2019-02-08 16:59 - 001391104 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2019-03-13 08:10 - 2019-02-08 16:59 - 001241088 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2019-03-13 08:10 - 2019-02-08 16:59 - 000805376 _____ (Microsoft Corporation) C:\windows\system32\cdosys.dll
2019-03-13 08:10 - 2019-02-08 16:59 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2019-03-13 08:10 - 2019-02-08 16:59 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2019-03-13 08:10 - 2019-02-07 16:57 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\bridgeres.dll
2019-03-13 08:10 - 2019-02-07 16:53 - 000078336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bridge.sys
2019-03-13 08:10 - 2019-02-07 16:42 - 000024576 _____ (Microsoft Corporation) C:\windows\system32\brdgcfg.dll
2019-03-13 08:10 - 2019-02-07 16:42 - 000015872 _____ (Microsoft Corporation) C:\windows\system32\bridgeunattend.exe
2019-03-13 08:10 - 2019-02-03 16:34 - 000022528 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msfs.sys
2019-03-13 08:10 - 2019-01-04 17:00 - 000122600 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2019-03-13 08:10 - 2019-01-04 16:56 - 000593408 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2019-03-13 08:10 - 2019-01-04 15:04 - 002703872 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2019-03-13 08:10 - 2019-01-04 15:04 - 001387520 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2019-03-13 08:10 - 2019-01-04 15:04 - 000617984 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2019-03-13 08:10 - 2019-01-04 15:04 - 000524800 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2019-03-13 08:10 - 2019-01-04 15:04 - 000377856 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2019-03-13 08:10 - 2019-01-04 15:04 - 000361472 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2019-03-13 08:10 - 2019-01-04 15:04 - 000254464 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2019-03-13 08:10 - 2019-01-04 15:04 - 000205312 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2019-03-13 08:10 - 2019-01-03 16:55 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2019-03-13 08:08 - 2019-02-16 06:30 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2019-03-13 08:08 - 2019-02-10 17:43 - 000078560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2019-03-13 08:08 - 2019-02-10 17:41 - 012574208 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2019-03-13 08:08 - 2019-02-10 17:41 - 011411968 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 003207168 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 001329664 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 001177088 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 001005056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000988160 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000744960 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000617984 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000519680 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000504320 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000474624 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000442368 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000406016 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000373248 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000354816 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000276480 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000265216 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000195072 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000179712 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000157184 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000106496 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000103424 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000080896 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000046592 _____ (Microsoft Corporation) C:\windows\system32\mssign32.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2019-03-13 08:08 - 2019-02-10 17:41 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2019-03-13 08:08 - 2019-02-10 17:37 - 000593920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2019-03-13 08:08 - 2019-02-10 17:29 - 000008192 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2019-03-13 08:08 - 2019-02-10 17:29 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2019-03-13 08:08 - 2019-02-10 17:29 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2019-03-13 08:08 - 2019-02-10 17:28 - 000100352 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2019-03-13 08:08 - 2019-02-10 17:28 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2019-03-13 08:08 - 2019-02-10 17:28 - 000023040 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2019-03-13 08:08 - 2019-02-10 17:24 - 000010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2019-03-13 08:08 - 2019-02-10 17:19 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2019-03-13 08:08 - 2019-02-10 17:19 - 000009728 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2019-03-13 08:08 - 2019-02-10 17:19 - 000008192 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2019-03-04 12:20 - 2019-03-04 12:20 - 000000000 ____D C:\windows\system32\%LOCALAPPDATA%
2019-02-28 21:12 - 2019-02-28 21:12 - 000000846 _____ C:\Users\Žeryk\Documents\cc_20190228_211217.reg

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-22 11:59 - 2019-02-13 20:05 - 000051361 _____ C:\windows\ZAM.krnl.trace
2019-03-22 11:59 - 2019-02-13 20:05 - 000021446 _____ C:\windows\ZAM_Guard.krnl.trace
2019-03-22 11:48 - 2009-07-14 05:34 - 000019536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-03-22 11:48 - 2009-07-14 05:34 - 000019536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-03-22 11:46 - 2009-07-14 05:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-03-21 23:53 - 2016-07-27 19:26 - 000000000 ___RD C:\Users\Žeryk\Desktop\Žeryk
2019-03-21 22:23 - 2010-02-02 06:01 - 000681402 _____ C:\windows\system32\perfh005.dat
2019-03-21 22:23 - 2010-02-02 06:01 - 000145816 _____ C:\windows\system32\perfc005.dat
2019-03-21 22:23 - 2010-02-02 05:26 - 001609684 _____ C:\windows\system32\PerfStringBackup.INI
2019-03-21 22:23 - 2009-07-14 03:37 - 000000000 ____D C:\windows\inf
2019-03-20 08:46 - 2016-12-10 09:53 - 000000000 ____D C:\Users\Žeryk\AppData\Roaming\uTorrent
2019-03-19 15:26 - 2016-07-27 09:18 - 000000000 ____D C:\Users\Žeryk
2019-03-16 16:02 - 2016-08-18 17:54 - 000842240 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2019-03-16 16:02 - 2016-08-18 17:54 - 000175104 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2019-03-16 16:02 - 2010-02-02 05:43 - 000000000 ____D C:\windows\system32\Macromed
2019-03-16 00:50 - 2010-02-02 05:41 - 000000000 ____D C:\ProgramData\PDFC
2019-03-14 08:44 - 2018-04-18 17:53 - 000000000 ____D C:\windows\rescache
2019-03-14 03:28 - 2009-07-14 05:33 - 000413968 _____ C:\windows\system32\FNTCACHE.DAT
2019-03-14 03:25 - 2016-08-01 08:27 - 000000000 ___SD C:\windows\system32\CompatTel
2019-03-14 03:25 - 2016-08-01 08:27 - 000000000 ____D C:\windows\system32\appraiser
2019-03-14 03:25 - 2009-07-14 03:37 - 000000000 ____D C:\windows\system32\Dism
2019-03-14 03:10 - 2016-08-02 22:06 - 000000000 ____D C:\windows\system32\MRT
2019-03-14 03:05 - 2016-08-02 22:06 - 124382624 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2019-03-08 22:44 - 2016-07-28 21:25 - 000000000 ____D C:\Users\Žeryk\AppData\Local\Google
2019-03-08 22:44 - 2016-07-28 21:25 - 000000000 ____D C:\Program Files\Google
2019-03-08 21:11 - 2018-09-24 22:08 - 000000000 ____D C:\Users\Žeryk\AppData\Local\Deployment
2019-03-07 22:52 - 2016-08-23 19:56 - 000000000 ____D C:\Users\Žeryk\AppData\Roaming\HpUpdate
2019-03-07 22:50 - 2016-07-30 15:06 - 000000000 ____D C:\windows\Minidump
2019-03-07 22:50 - 2016-07-27 18:44 - 000147222 ____N C:\windows\Minidump\030719-16536-01.dmp
2019-03-07 19:24 - 2016-07-27 18:44 - 000146838 ____N C:\windows\Minidump\030719-27378-01.dmp
2019-03-04 23:56 - 2016-07-27 18:44 - 000146966 ____N C:\windows\Minidump\030419-23992-01.dmp
2019-02-28 21:18 - 2016-07-28 21:14 - 000000000 ____D C:\Users\Žeryk\AppData\Roaming\MPC-HC
2019-02-27 22:54 - 2010-02-02 05:40 - 000000000 ____D C:\ProgramData\HPQLOG

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\dllhost.exe => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-14 00:57

==================== End of FRST.txt ============================

Uživatelský avatar
Hastalda
Level 2.5
Level 2.5
Příspěvky: 272
Registrován: květen 12
Bydliště: Český Šternberk
Pohlaví: Žena

Re: Zobrazení lokálního hosta - změny nad vlastníkem PC

Příspěvekod Hastalda » 22 bře 2019 12:22

a ještě výsledný log Addition:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-03-2019
Ran by Žeryk (22-03-2019 12:00:11)
Running from C:\Users\Žeryk\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2016-07-27 08:18:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-758666899-2211297156-3181642844-500 - Administrator - Disabled)
Guest (S-1-5-21-758666899-2211297156-3181642844-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-758666899-2211297156-3181642844-1004 - Limited - Enabled)
Žeryk (S-1-5-21-758666899-2211297156-3181642844-1002 - Administrator - Enabled) => C:\Users\Žeryk

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security (Enabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security (Enabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personální firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
ActiveCheck component for HP Active Support Library (HKLM\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Aimersoft Helper Compact 2.5.2 (HKLM\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
ArcSoft Webcam Sharing Manager (HKLM\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 1.0.0.26 - ArcSoft)
Asistent pro přihlášení ke službě Windows Live (HKLM\...\{3E62B27C-342F-4B44-9331-CA4BC59A586F}) (Version: 5.000.818.5 - Microsoft Corporation)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{A788EAC0-E8F6-C07E-DD10-2E86CF8229A1}) (Version: 3.0.750.0 - ATI Technologies, Inc.)
ccc-core-static (HKLM\...\{D22F766A-47E0-62E3-0B85-40E1BC2C8D69}) (Version: 2009.1208.2236.40549 - ATI) Hidden
Corel Home Office - CS Templates (HKLM\...\{1A1E33D2-9824-454A-B8CB-50072118635A}) (Version: 5.4.5 - 公司名称) Hidden
Corel Home Office - CT Templates (HKLM\...\{26D19512-874B-4EDA-B7F1-779850B2AD5A}) (Version: 5.4.5 - 您的公司名稱) Hidden
Corel Home Office - IPM (HKLM\...\{39FE455F-9478-451B-9420-73C15143DF8E}) (Version: 5.5 - Corel Corporation) Hidden
Corel Home Office - JP Templates (HKLM\...\{1D11E96F-0405-4B99-8356-5750B1D9FAE9}) (Version: 5.4.5 - 会社名) Hidden
Corel Home Office - KR Templates (HKLM\...\{5746E4F9-77C6-47E8-A737-A5975A57B4AA}) (Version: 5.4.5 - 회사명) Hidden
Corel Home Office - Launcher (HKLM\...\{E74EA3B1-7192-489D-9A57-0AE918FEC001}) (Version: 5.5 - Corel Corporation) Hidden
Corel Home Office - Templates RU (HKLM\...\{F45048A1-12C4-4B08-A3EB-32D88033368A}) (Version: 5.4.5 - Название организации) Hidden
Corel Home Office - Templates1 (HKLM\...\{5017D60D-C0A5-4CC8-8D2F-0BDA1ADF39D0}) (Version: 5.4.5 - Your Company Name) Hidden
Corel Home Office (HKLM\...\_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}) (Version: 5.0.69.462 - Corel Corporation)
Corel Home Office (HKLM\...\{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}) (Version: 5.5 - Corel Corporation) Hidden
Corel Home Office (HKLM\...\{670234D0-42BE-493E-B3EB-6B5275530461}) (Version: 5.5 - Corel Corporation) Hidden
CrystalDiskInfo 8.0.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 5.0.1.5 - Hewlett-Packard)
Drive Encryption for HP ProtectTools (HKLM\...\{89D7DD37-5A15-46E0-9C3C-A0004C4F1A38}) (Version: 5.0.4.0 - Hewlett-Packard) Hidden
Drive Encryption for HP ProtectTools (HKLM\...\Drive Encryption) (Version: 5.0.4.0 - Hewlett-Packard)
ESET Smart Security (HKLM\...\{1365F53E-4615-4252-AE38-B33CF5DE3664}) (Version: 9.0.385.1 - ESET, spol. s r.o.)
Face Recognition for HP ProtectTools (HKLM\...\{CB65A1C3-533D-4EA6-82B5-FBA926F19079}) (Version: 2.01.651 - Hewlett-Packard) Hidden
Face Recognition for HP ProtectTools (HKLM\...\InstallShield_{CB65A1C3-533D-4EA6-82B5-FBA926F19079}) (Version: 2.01.651 - Hewlett-Packard)
File Sanitizer For HP ProtectTools (HKLM\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 5.0.1.2 - Hewlett-Packard)
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{67C090D6-109A-47D7-8DED-4160C4D96F32}) (Version: 4.0.4.1 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM\...\{871732B3-1EE5-4C54-8462-8BFF516880B7}) (Version: 1.0.5.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{0497B553-0E3F-4CCD-BE13-E28F1A54B318}) (Version: 3.5.13.1 - Hewlett-Packard Company)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Power Assistant (HKLM\...\{EEB023B5-8EBE-4BEB-90C8-BDA16ABEDBB4}) (Version: 1.0.3.2 - Hewlett-Packard)
HP Power Data (HKLM\...\{E366F338-BF6E-4165-BDDB-3DCCB3388F9F}) (Version: 1.0.7.77 - Hewlett-Packard)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 5.03.637 - Hewlett-Packard)
HP QuickLook (HKLM\...\{472FFCD7-A6B3-49ED-998F-6B8333D22390}) (Version: 3.2.0.14 - Hewlett-Packard)
HP QuickWeb (HKLM\...\{7861911B-4270-498A-8F7A-FCF0570F485D}) (Version: 1.0.1.53 - DeviceVM, Inc.)
HP Setup (HKLM\...\{1E6219D4-027E-47EE-AB83-DD2F26E31A32}) (Version: 1.2.3557.3169 - Hewlett-Packard)
HP SoftPaq Download Manager (HKLM\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{2712DAD6-C1F7-4295-B06E-17D6DC62EC20}) (Version: 3.5.13.1 - Hewlett-Packard Company)
HP Software Setup (HKLM\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.5 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{495A8A3C-8FD0-4C46-9979-95C26181A1AB}) (Version: 4.3.1.2 - Hewlett-Packard)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP User Guides 0189 (HKLM\...\{3BDB9B89-56B5-4953-B052-AEB75FCBFC93}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wallpaper (HKLM\...\{F173C2B3-296F-458C-98FF-1676A42EBA02}) (Version: 1.0.1.3 - Hewlett-Packard Company)
HP Webcam Driver (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50012.0 - Sonix)
HP Wireless Assistant (HKLM\...\{0279C882-B150-44B6-A769-A7C8A2F31CE3}) (Version: 4.0.3.2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.2.2 - Hewlett-Packard) Hidden
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6261.0 - IDT)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 8 Update 181 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
LightScribe System Software (HKLM\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.7 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MPC-HC 1.7.10 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
MSGViewer version 1.8 (HKLM\...\{72F0165E-E966-4748-A3F9-8F3765D3345A}_is1) (Version: 1.8 - Redeye Labs)
Nástroj pro odesílání služby Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 3.5.112 - PDF Complete, Inc)
Pre-Boot Security for HP ProtectTools (HKLM\...\{3513DD3C-7680-4C7C-BF18-BA375D5F4132}) (Version: 5.0.7.1 - Hewlett-Packard) Hidden
Privacy Manager for HP ProtectTools (HKLM\...\{142D2DFA-1FB7-41B9-8509-DAB5F3978CE4}) (Version: 5.01.734 - Hewlett-Packard)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0007 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30109 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype verze 8.15 (HKLM\...\Skype_is1) (Version: 8.15 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.1 - Synaptics Incorporated)
Theft Recovery (HKLM\...\{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}) (Version: 5.1.0.18 - Hewlett-Packard) Hidden
Theft Recovery (HKLM\...\InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}) (Version: 5.1.0.18 - Hewlett-Packard)
Validity Fingerprint Driver (HKLM\...\{5DCBD841-3768-4D3A-8517-65BFB87E05D3}) (Version: 4.0.10.0 - Validity Sensors, Inc.)
Windows 7 Default Setting (HKLM\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.4 - Hewlett-Packard Company)
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (HKLM\...\B7541EC5F72AA713F557569278EB6273725F5607) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
CENZURA HD v. 2.9.9.42 (HKLM\...\CENZURA HD_is1) (Version: - YoutubeDownloaderHD.com)
Základní software zařízení HP Deskjet 3540 series (HKLM\...\{F7CDA8AA-403B-4520-84C4-224C7438D66C}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Zemana AntiMalware (HKLM\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-758666899-2211297156-3181642844-1002_Classes\CLSID\{CF4458EA-BFEC-4AD8-8E60-2679D8A01BAE}\InprocServer32 -> C:\windows\system32\kernel32.dll (Microsoft Windows -> Microsoft Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll [2019-02-13] (Zemana Ltd. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-05-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-05-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2009-12-09] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll [2019-02-13] (Zemana Ltd. -> )
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-05-25] (ESET, spol. s r.o. -> ESET)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01AC2339-7AD3-4960-A777-C5D58FF57CCD} - System32\Tasks\{05036262-C7FA-4E70-97A5-E9307F833EAA} => C:\windows\system32\pcalua.exe -a C:\Users\Žeryk\Desktop\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.exe -d C:\Users\Žeryk\Desktop\FreeRapid-0.9u4\FreeRapid-0.9u4
Task: {2A3F473E-1809-4CB2-BB71-355BFDCC4CE3} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\windows\system32\sipnotify.exe (Microsoft Windows -> Microsoft Corporation)
Task: {2C8F8D5F-52A8-4CF3-A1BB-8814123D079B} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {57E2BC85-2EC5-4F06-8BAA-1FC34A7ECCFC} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle America, Inc. -> Oracle Corporation)
Task: {5D227A70-78A3-495C-9E24-312DF38E63CE} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard -> Hewlett-Packard)
Task: {6220564E-ADEC-4E83-B111-3F23CB302EB6} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard -> Hewlett-Packard)
Task: {7898852F-8A8C-4092-A26B-2CEFFFE3F97E} - System32\Tasks\{9B99619D-38C3-4423-8EEE-B19267AAF893} => C:\windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller"
Task: {7D9C50F9-27B9-4E2F-921E-D06141F6159F} - System32\Tasks\{58B097F4-0353-40B2-956D-277677E57409} => C:\Program Files\HP\HP Deskjet 3540 series\Bin\HP Deskjet 3540 series.exe (Hewlett Packard -> Hewlett-Packard Co.)
Task: {913D5A8D-4CCE-4680-B58B-3AFE8027A3F2} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\windows\system32\sipnotify.exe (Microsoft Windows -> Microsoft Corporation)
Task: {B981B699-452B-4878-8F51-C502CD4F4ED3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe (Hewlett-Packard Company -> Microsoft)
Task: {F081655A-65B0-49D0-8C72-52BC4D5C2C05} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe (Hewlett-Packard Company -> Microsoft)
Task: {F242E3A1-08A8-499C-AB16-F106F50317C5} - System32\Tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade => C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2009-12-12 02:57 - 2009-12-12 02:57 - 000297984 _____ () C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
2009-05-16 00:33 - 2009-05-16 00:33 - 000045056 ____R () C:\windows\system32\intl.dll
2009-05-16 00:33 - 2009-05-16 00:33 - 000640512 ____R () C:\windows\system32\iconv.dll
2016-08-09 02:02 - 2016-08-09 02:02 - 001093120 _____ () C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2009-06-09 19:44 - 2009-06-09 19:44 - 001028096 ____R () C:\windows\system32\LIBEAY32.dll
2009-05-22 02:16 - 2009-05-22 02:16 - 002260992 ____R () C:\windows\system32\xerces-c_3_0.dll
2016-08-09 02:02 - 2016-08-09 02:02 - 000097280 _____ () C:\windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2009-10-29 02:57 - 2009-10-29 02:57 - 000079360 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2009-12-09 19:40 - 2009-12-09 19:40 - 000741376 _____ () c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticator.dll
2009-10-02 18:07 - 2009-10-02 18:07 - 000483388 _____ () c:\Program Files\Hewlett-Packard\Drive Encryption\SbUILib.dll
2009-10-29 02:57 - 2009-10-29 02:57 - 001093632 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\PTHostServices.dll
2009-10-29 02:57 - 2009-10-29 02:57 - 000086016 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\PTStrings.dll
2009-10-29 02:56 - 2009-10-29 02:56 - 000155648 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomain.dll
2009-10-29 02:54 - 2009-10-29 02:54 - 000006144 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\Interop.HPQWMIEXLib.dll
2010-01-07 16:14 - 2010-01-07 16:14 - 000081920 _____ () c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
2009-06-17 21:21 - 2009-06-17 21:21 - 000073728 _____ () C:\Program Files\Common Files\LightScribe\LSSrvc.exe
2009-06-17 21:21 - 2009-06-17 21:21 - 000110592 _____ () C:\Program Files\Common Files\LightScribe\LSSProxy.dll
2009-06-17 21:21 - 2009-06-17 21:21 - 000033792 _____ () C:\Program Files\Common Files\LightScribe\LSLog.dll
2010-02-02 05:19 - 2009-08-07 13:24 - 000208896 _____ () C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
2010-02-02 05:19 - 2009-08-07 13:30 - 000118784 _____ () C:\Program Files\Intel\Intel Matrix Storage Manager\CSY\PlugInRAID_CSY.dll
2018-09-24 19:04 - 2016-10-04 16:12 - 000049664 _____ () C:\Program Files\7-Zip\7-zip.dll
2010-02-02 05:19 - 2009-08-07 13:31 - 000073728 _____ () C:\Program Files\Intel\Intel Matrix Storage Manager\CSY\IAAMon_CSY.dll
2009-12-12 02:57 - 2009-12-12 02:57 - 011265536 _____ () C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
2009-06-17 21:13 - 2009-06-17 21:13 - 002363392 _____ () C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
2009-06-17 20:40 - 2009-06-17 20:40 - 002121728 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2009-06-17 20:40 - 2009-06-17 20:40 - 007745536 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2009-06-17 20:40 - 2009-06-17 20:40 - 000135168 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2009-04-23 01:38 - 2009-04-23 01:38 - 000065536 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2016-07-27 19:02 - 2016-07-27 19:02 - 000106496 _____ () C:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3629.40618__90ba9c70f846762e\MOM.Implementation.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000032768 _____ () C:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3586.20597__90ba9c70f846762e\LOG.Foundation.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000036864 _____ () C:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3586.20605__90ba9c70f846762e\LOG.Foundation.Private.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000065536 _____ () C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3629.40617__90ba9c70f846762e\LOG.Foundation.Implementation.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000016384 _____ () C:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3586.20623__90ba9c70f846762e\MOM.Foundation.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000020480 _____ () C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3586.20620__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000019456 _____ () C:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3629.40618__90ba9c70f846762e\CCC.Implementation.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000028672 _____ () C:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3586.20598__90ba9c70f846762e\NEWAEM.Foundation.dll
2009-04-23 01:37 - 2009-04-23 01:37 - 000065536 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
2016-07-27 19:02 - 2016-07-27 19:02 - 000098304 _____ () C:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3586.20602__90ba9c70f846762e\CLI.Foundation.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000057344 _____ () C:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3629.40534__90ba9c70f846762e\CLI.Component.SkinFactory.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000028672 _____ () C:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3586.20661__90ba9c70f846762e\CLI.Foundation.XManifest.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000057344 _____ () C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3629.40533__90ba9c70f846762e\CLI.Component.Runtime.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000045056 _____ () C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3586.20627__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000040960 _____ () C:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3586.20612__90ba9c70f846762e\CLI.Foundation.Private.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000016384 _____ () C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3586.20616__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000032768 _____ () C:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
2009-09-16 23:29 - 2009-09-16 23:29 - 000069632 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
2016-07-27 19:01 - 2016-07-27 19:01 - 000045056 _____ () C:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3629.40532__90ba9c70f846762e\AEM.Server.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000016384 _____ () C:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3586.20615__90ba9c70f846762e\AEM.Server.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000045056 _____ () C:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3629.40629__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000016384 _____ () C:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3586.20643__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000020480 _____ () C:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3586.20615__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000016384 _____ () C:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3586.20627__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000045056 _____ () C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000016384 _____ () C:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000016384 _____ () C:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3586.20631__90ba9c70f846762e\DEM.Graphics.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000368640 _____ () C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3629.40535__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000147456 _____ () C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3586.20608__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
2009-06-17 13:27 - 2009-06-17 13:27 - 000016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000016384 _____ () C:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3586.20643__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000020480 _____ () C:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3586.20610__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000020480 _____ () C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3586.20614__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
2008-04-04 00:29 - 2008-04-04 00:29 - 000020480 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000065536 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3629.40586__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000020480 _____ () C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3586.20635__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000040960 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3586.20621__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000028672 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3586.20614__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000077824 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3629.40604__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
2009-04-22 20:13 - 2009-04-22 20:13 - 000016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000065536 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3586.20634__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000016384 _____ () C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000020480 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3629.40544__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000040960 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3586.20619__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000020480 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3586.20625__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000040960 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3629.40559__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000028672 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3586.20632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000040960 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3629.40584__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000024576 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3586.20633__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000040960 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3629.40579__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000053248 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3586.20633__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000036864 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3629.40585__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000028672 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3586.20631__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000061440 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3629.40578__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000049152 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3586.20623__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000036864 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Runtime\2.0.3629.40639__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Runtime.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000024576 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Shared\2.0.3586.20640__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000065536 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3629.40591__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000045056 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3629.40577__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000057344 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3586.20634__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000094208 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3629.40579__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000061440 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3586.20621__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
2009-06-17 18:24 - 2009-06-17 18:24 - 000016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000045056 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3629.40622__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000028672 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3586.20640__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000073728 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.FramelockGenlock.Graphics.Runtime\2.0.3629.40645__90ba9c70f846762e\CLI.Aspect.FramelockGenlock.Graphics.Runtime.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000069632 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.FramelockGenlock.Graphics.Shared\2.0.3586.20634__90ba9c70f846762e\CLI.Aspect.FramelockGenlock.Graphics.Shared.dll
2009-06-17 18:24 - 2009-06-17 18:24 - 000016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2008-12-30 19:04 - 2008-12-30 19:04 - 000016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000061440 _____ () C:\windows\assembly\GAC_MSIL\APM.Server\2.0.3629.40531__90ba9c70f846762e\APM.Server.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000020480 _____ () C:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3586.20624__90ba9c70f846762e\APM.Foundation.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000007168 _____ () C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3629.40533__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000016384 _____ () C:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3586.20645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000405504 _____ () C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3629.40549__90ba9c70f846762e\CLI.Component.Wizard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000016384 _____ () C:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3586.20625__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000040960 _____ () C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3586.20618__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000020480 _____ () C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3586.20609__90ba9c70f846762e\CLI.Component.Client.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000020480 _____ () C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3586.20619__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000024576 _____ () C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3586.20622__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000040960 _____ () C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3629.40549__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000016384 _____ () C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3586.20632__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000491520 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3629.40623__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000094208 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3629.40592__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000040960 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3586.20641__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000409600 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3629.40599__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000007168 _____ () C:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000307200 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3629.40560__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 001695744 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3629.40653__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000204800 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3629.40555__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 001220608 _____ () C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3629.40540__90ba9c70f846762e\CLI.Component.Dashboard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000024576 _____ () C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3586.20620__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000020480 _____ () C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3586.20623__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
2009-06-11 00:30 - 2009-06-11 00:30 - 000098304 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000073728 _____ () C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3629.40544__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000016384 _____ () C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3586.20621__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000045056 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3629.40624__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000196608 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3629.40555__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 001142784 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3629.40649__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000270336 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000094208 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3629.40584__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000393216 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3629.40578__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000323584 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3629.40585__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000368640 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3629.40574__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000356352 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3629.40591__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000573440 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3629.40556__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000823296 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3629.40580__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000118784 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3629.40623__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
2009-10-15 19:11 - 2009-10-15 19:11 - 000120832 ____N () C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
2010-02-02 05:49 - 2010-02-02 05:49 - 000101376 _____ () C:\windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
2016-07-27 09:23 - 2009-11-04 21:30 - 000069632 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2016-07-27 09:23 - 2009-11-04 21:37 - 001892352 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2016-07-27 09:23 - 2009-11-04 21:37 - 000077824 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\DTMessageLib.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2019-02-13 22:19 - 000000813 _____ C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;c:\Program Files\Hewlett-Packard\Drive Encryption;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-758666899-2211297156-3181642844-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Žeryk\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F967DF88-1F39-4923-9412-114CC9AACDA0}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2285ED65-9D92-4FA7-A149-0719B63611EB}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{CEEF2485-60D8-44DE-BAE8-7C4D6F87D79D}] => (Allow) LPort=5357
FirewallRules: [{EE3DCE2C-E94A-4F38-A23C-A9672BDE5E90}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{6AE90EF6-C050-492C-8118-E6E17831C5E8}C:\users\žeryk\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\žeryk\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{0ED9E340-B36D-449E-8EC4-48D5A3D83220}C:\users\žeryk\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\žeryk\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{E84E9874-320F-4576-ADC1-BE332E95BC5D}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{62B6E7E7-0264-43CC-93B3-C8EB27DFE98B}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FD8408BE-5D63-44D3-B8BA-6B10D61F3336}] => (Allow) C:\Users\Žeryk\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{07BAB726-39B9-4D2D-9DFB-EB8C85E677B5}] => (Allow) C:\Users\Žeryk\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]

==================== Restore Points =========================

21-03-2019 15:10:17 Naplánovaný kontrolní bod
21-03-2019 23:54:01 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/21/2019 10:16:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\CrystalDiskInfo\DiskInfo64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (03/19/2019 07:26:19 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {fa878251-2825-4c71-b484-1c88bf43ee97}

Error: (03/17/2019 09:22:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program iexplore.exe verze 11.0.9600.19301 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1860

Čas spuštění: 01d4dc9a7d30543c

Čas ukončení: 30

Cesta k aplikaci: C:\Program Files\Internet Explorer\iexplore.exe

ID hlášení:

Error: (03/16/2019 04:36:12 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {efa41235-0a6d-4ea0-852e-b36ba9973b0e}

Error: (03/16/2019 04:28:28 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: Došlo k selhání kritického systémového procesu C:\windows\system32\lsm.exe se stavovým kódem 255. Počítač je nyní nutné restartovat.

Error: (03/16/2019 04:28:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: lsm.exe, verze: 6.1.7601.17514, časové razítko: 0x4ce7a1ba
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24387, časové razítko: 0x5c7f386b
Kód výjimky: 0xc0000005
Posun chyby: 0x0003024d
ID chybujícího procesu: 0x260
Čas spuštění chybující aplikace: 0x01d4dc0cac0b51ea
Cesta k chybující aplikaci: C:\windows\system32\lsm.exe
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\ntdll.dll
ID zprávy: 240c10d9-4800-11e9-a2d1-002713d60030

Error: (03/13/2019 10:52:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program iexplore.exe verze 11.0.9600.19267 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1aa4

Čas spuštění: 01d4d9e6e64ba52b

Čas ukončení: 16

Cesta k aplikaci: C:\Program Files\Internet Explorer\iexplore.exe

ID hlášení:

Error: (03/07/2019 08:00:57 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {6a63e848-72d7-4f90-898c-1aba155587e0}


System errors:
=============
Error: (03/22/2019 11:46:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP ProtectTools Service neuspěla při spuštění v důsledku následující chyby:
Svazek tohoto souboru byl zvnějšku změněn, tudíž otevřený soubor není nadále platný.

Error: (03/21/2019 09:03:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP ProtectTools Service neuspěla při spuštění v důsledku následující chyby:
Svazek tohoto souboru byl zvnějšku změněn, tudíž otevřený soubor není nadále platný.

Error: (03/21/2019 07:58:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP ProtectTools Service neuspěla při spuštění v důsledku následující chyby:
Svazek tohoto souboru byl zvnějšku změněn, tudíž otevřený soubor není nadále platný.

Error: (03/21/2019 03:07:55 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (03/21/2019 02:21:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP ProtectTools Service neuspěla při spuštění v důsledku následující chyby:
Svazek tohoto souboru byl zvnějšku změněn, tudíž otevřený soubor není nadále platný.

Error: (03/21/2019 01:03:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP ProtectTools Service neuspěla při spuštění v důsledku následující chyby:
Svazek tohoto souboru byl zvnějšku změněn, tudíž otevřený soubor není nadále platný.

Error: (03/21/2019 12:00:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP ProtectTools Service neuspěla při spuštění v důsledku následující chyby:
Svazek tohoto souboru byl zvnějšku změněn, tudíž otevřený soubor není nadále platný.

Error: (03/21/2019 11:58:12 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Instalační služba modulů systému Windows byla ukončena s následující chybou:
%%16405


Windows Defender:
===================================
Date: 2018-08-07 04:35:17.069
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:1.273.806.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:1.1.15100.1
Kód chyby:0x80070070
Popis chyby:Na disku není dost místa.

CodeIntegrity:
===================================

Date: 2016-09-30 21:35:16.522
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\ZERYK\Programy\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-09-30 21:35:16.476
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\ZERYK\Programy\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-09-30 21:35:16.429
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\ZERYK\Programy\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-09-30 21:35:16.382
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\ZERYK\Programy\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-09-30 21:35:16.335
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\ZERYK\Programy\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-09-30 21:35:16.273
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\ZERYK\Programy\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-09-30 21:35:16.226
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\ZERYK\Programy\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-09-30 21:35:16.164
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\ZERYK\Programy\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 63%
Total physical RAM: 2997.88 MB
Available physical RAM: 1082.5 MB
Total Virtual: 5994.12 MB
Available Virtual: 3576.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.47 GB) (Free:166.52 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.2 GB) FAT32

\\?\Volume{cba762ef-5423-11e6-8ae6-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS
\\?\Volume{cba762f1-5423-11e6-8ae6-806e6f6e6963}\ (HP_RECOVERY) (Fixed) (Total:15 GB) (Free:6.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 58054A99)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End of Addition.txt ============================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39523
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Zobrazení lokálního hosta - změny nad vlastníkem PC

Příspěvekod jaro3 » 22 bře 2019 18:14

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Task: {2C8F8D5F-52A8-4CF3-A1BB-8814123D079B} - \CCleanerSkipUAC -> No File <==== ATTENTION

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

čisto...

https://support.kaspersky.com/14227#block2
https://support.kaspersky.com/14229

co ty složky?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Hastalda
Level 2.5
Level 2.5
Příspěvky: 272
Registrován: květen 12
Bydliště: Český Šternberk
Pohlaví: Žena

Re: Zobrazení lokálního hosta - změny nad vlastníkem PC

Příspěvekod Hastalda » 23 bře 2019 11:40

Tak jsem fixla a výsledný log z FRST vkládám zde:

Fix result of Farbar Recovery Scan Tool (x86) Version: 17-03-2019
Ran by Žeryk (23-03-2019 11:08:11) Run:1
Running from C:\Users\Žeryk\Desktop
Loaded Profiles: Žeryk (Available Profiles: Žeryk)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Task: {2C8F8D5F-52A8-4CF3-A1BB-8814123D079B} - \CCleanerSkipUAC -> No File <==== ATTENTION

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C8F8D5F-52A8-4CF3-A1BB-8814123D079B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C8F8D5F-52A8-4CF3-A1BB-8814123D079B}" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 118743566 B
Java, Flash, Steam htmlcache => 1698 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 0 B
NetworkService => 12958 B
Žeryk => 373838529 B

RecycleBin => 0 B
EmptyTemp: => 477.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:10:03 ====

Uživatelský avatar
Hastalda
Level 2.5
Level 2.5
Příspěvky: 272
Registrován: květen 12
Bydliště: Český Šternberk
Pohlaví: Žena

Re: Zobrazení lokálního hosta - změny nad vlastníkem PC

Příspěvekod Hastalda » 23 bře 2019 11:41

Když se podívám na složky na disku C, tak je stále většina složek a podsložek se zámečkem, a ty, které tam na začátku přibyly jako nové, zůstaly.
Odzkoušela jsem také změnit vlastní složku, v níž mám dokumenty, ale po chvíli se vrátí do původního stavu. Zajímavé je, že když z ní vyjmu dokument a vložím ho do podsložky, uzavřu a znovu otevřu, je zpět ve složce, nikoli v podsložce. V ní se mi stále tvoří "desktop.ini", který nejde odstranit a který se vyskytuje ve většině složkách, ale nevím oč jde.

Taky si myslím, že to bude mít zřejmě opravdu spojitost s tou aplikací CCleaner, když jsem on-line, občas mi problikne hláška, kterou nikdy nestihnu buknout, ale něco ve spojitosti s win32/temp/ccleaner..., tak nějak...

Uživatelský avatar
Hastalda
Level 2.5
Level 2.5
Příspěvky: 272
Registrován: květen 12
Bydliště: Český Šternberk
Pohlaví: Žena

Re: Zobrazení lokálního hosta - změny nad vlastníkem PC

Příspěvekod Hastalda » 23 bře 2019 11:42

Tak já se teď pustím znovu do boje s tím BIOSem..., z toho mám teda strach. Mrkla jsem na odkazy, které si mi vložil a zkusím podle nich nějak provést. Ale jak je třeba uvedeno na skenu, druhá obrazovka, první odkaz, žádná taková lišta, kde potvrdím BOOT, mi nenaskočí... Mnoo..., zkusím se s tím poprat, snad se vrátím zpátky...

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39523
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Zobrazení lokálního hosta - změny nad vlastníkem PC

Příspěvekod jaro3 » 23 bře 2019 18:46

https://wintip.cz/413-jak-skryt-soubor- ... e-slozkach
https://www.bleepingcomputer.com/forums ... ini-virus/
Desktop.ini is a text file used by Windows for configuration settings that allows you to specify how folder will be viewed, displayed and handled. This file can be added to any Windows folder to store information about customized folders. Desktop.ini allows programmers and advanced users to customize the properties, attributes and appearance of a folder.

přeci jen můžeš některé soubory desktop.ini dát na virustotal:
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

otestuj na https://www.virustotal.com/#/home/uploadVirustotal

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.


Nebo na:
http://www.virscan.org/

zkusit ještě odinstalovat CCleaner , poslední verze dělají možná paseku , správná verze je nyní jen placená.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Hastalda
Level 2.5
Level 2.5
Příspěvky: 272
Registrován: květen 12
Bydliště: Český Šternberk
Pohlaví: Žena

Re: Zobrazení lokálního hosta - změny nad vlastníkem PC

Příspěvekod Hastalda » 24 bře 2019 18:31

Moc děkuju za informace k souboru "desktop.ini" (podle popisu, který přikládáš, bude zřejmě opravdu v pořádku). Mě bylo divné, protože tento soubor se mi na disku, v žádné složce, ani podsložce nikdy nevyskytl a objevil se mi teď poprvé. Pro jistotu jsem tedy nechala projekt v rámci VirusTotal a přikládám scan v příloze (viz Obr. A1). Protože se mi spousta složek a podložek pozamykala, tam nemůžu nechat projet kontrolou, protože vždy vyskočí hláška "Přístup odmítnut". V přístupných složkách se vyskytla spousta neznámých souborů (třeba jsou v pořádku, nevím, ale nikdy jsem je tam neměla), zkusila jsem mimo souboru "desktop.ini", projet VirusTotalem namátkově např. "cpqdl.ini" a "ntuser.ini" (viz Obr. A2 a A3). S výsledkem OK. Každopádně děkuju za popis a postup.
Nemáte oprávnění prohlížet přiložené soubory.


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 8 hostů